Eighty-five percent of corporate executives told Accenture they need to overhaul their approach to risk-management if the lessons of the economic crisis are to be used to improve business results. Accenture's 2009 Global Risk Management Study is based on a survey of 260 chief financial officers, chief risk officers and other executives with risk management responsibilities at large companies in 21 countries. Seventy-four were financial services firms, of which more than three-quarters have annual revenues greater than $5 billion.
In addition to acknowledging the need to remake how they look at risk, respondents also said they are increasing or plan to increase their investments in risk management capabilities in the next six months (40 percent). Nearly another third (31 percent) of respondents said their companies are currently considering increasing their future investment in risk management capabilities.
There were some areas in which the financial services participants stood out from those in other industries, according to Eva Dewor, head of Accenture's risk management practice within finance and performance management based in Munich.
"A greater proportion of financial services industry executives expressed strong feelings about the need for change in their risk management operations compared to executives in other industries," Dewor told BS&T. "For example, 54 percent of financial industry respondents felt their companies needed to make significant changes to improve enterprisewide risk awareness, compared to only 38 percent of overall respondents. Half of financial industry respondents cited a significant need to improve alignment of their companies' business strategies and risk appetites, compared to 40 percent of overall respondents."
The general findings that most financial services firms felt they needed to reform their risk management operations were in line with what Accenture expected, based on its experiences with its clients throughout the year.
"In general, banks' risks must be better aligned to their business strategies and their risk management needs to be better integrated with their cultures and across the various types of risk," Dewor explains. "They need to bolster their risk management capabilities, which are not sufficiently responsive to meet regulatory demands. Risk systems must become more flexible, as regulators increasingly require specific and detailed information on a firm's risk profile, as has been shown with recent stress-testing initiatives."
Expect a corresponding increase in tech spending around risk too, Dewor comments. She says that issues such as the great complexity of the business, poor data quality and fragmented internal processes and IT systems will drive banks to spend more to better comply with new and existing regulations.
"That is why we expect firms to fundamentally change their risk architecture," she explains. "Simplifying redundant front-office systems, creating a single source of position and market data, and standardizing valuation models is critical. Also, moving analytics to the front office—rather than moving data to the middle office—is essential. Firms will increasingly need to leverage front-office analytic technologies and more advanced data management capabilities. Standardized technologies will improve the ability of firms to get a consolidated view of their aggregate asset bases and consistent valuations of those assets. Better data management will give firms much needed clarity on securities master information, and allow for more consistent internal pricing and extracts of market prices. In addition, regulatory reporting platforms, which have traditionally been report-based, will need to be revised so they can provide underlying data on all positions in order to accommodate the flexibility required to run regulatory stress tests."
Still, there were some surprises for the report's researchers. For example, Dewor says they found a large gap between the risk management vision that companies have set for themselves and the role that their risk functions actually play in practice.
Although 48 percent of respondents said that their company's risk management function is involved to a great extent in strategic planning or in investment and divestment decisions (45 percent), only 27 percent said the risk management function was involved to a great extent in objective-setting and performance management.
"A large majority of companies said that they want their risk management functions to contribute to sustainable profitability and better decision-making," she notes. Yet the survey also revealed that these functions are not very involved in key strategic areas like setting objectives, defining incentives to get the desired behaviors and performance management."