As the tug of war between hedge funds and traditional asset managers over institutional assets increases and alternative asset managers wrangle with the risk management function in banking, the risk management role has been put under scrutiny like never before. To start evaluating a risk management structure, financial institutions need to decide where the risk officer (or equivalent) should reside. Should the risk management and corresponding quantitative modeling fall under the oversight of the chief investment officer, or should it be an independent function that supports the COO? Perhaps the risk officer should report directly to the head of the audit committee on the board of directors?
Banks also need to decide what technologies are appropriate to support the risk management team. There is no single holy grail in risk management analytic tools, so there need to be combinations, potentially consisting of internally modeled risk metrics (with desktop software), risk metrics generated by an externally hosted ASP model and risk metrics that are outsourced to a managed service. Looking closely at the positioning of the risk officer and the supporting risk-analytic technology will shed a lot of light on the effectiveness of the risk management structures within an asset manager.
Placing the risk management function under the chief investment officer can create a fluid investment process that maximizes shareholder returns. But it also has the effect of watering down the risk management function and turning the risk officer into a closet portfolio manager -- the clients get neither a true risk officer nor another focused portfolio manager. If the risk officer is independent of the investment management process, then there is a far greater likelihood that the risk analysis will be independent.
Just as the risk and investment return functions need to be evaluated as to when they work well together and when they function better separately, so do the credit functions from a retail and corporate banking standpoint. There is no such thing as a bad risk, only a poorly priced risk and credit decision. Banks are often chasing deals at pricing points that cause credit risk to be underpriced. Usually when this happens, it is a good sign that an institution needs to move the risk management function a little higher up the corporate hierarchy and with more independent status.
Too Many Technology Choices?
The number of options with regard to risk measurement and analytics further compound the confusion around risk management practices. Almost every firm has desktop software installed. But often, that is not enough to generate reliable risk analytics. The speed at which many of the derivative instruments change can be very troublesome for a small risk management team. Portfolio managers are often buying and selling the securities faster than the risk team can model the risk metrics. For some smaller firms, uploading end-of-day holdings to an externally hosted application service provider (ASP) model may be the best bet. For others, contracting a large portion out to a managed service is another viable option.
Each financial institution needs to develop a unique risk management structure based upon its investment style. Potential clients evaluating the risk management function within an asset manager or bank should ask why the combination of risk management tools were chosen. Is it a sign of problems the firm has had in the past with regulators, or is it a sign of really proactive risk management? Either way, it warrants a few good questions.