Risk management in the financial industry (Chapter 4)
Since the crash of Barings Bank in 1995 through the actions of a single rouge trader the topic of operational risk has been bolstered into the spotlight as the severity of this risk was exposed. This chapter analyses the failings of Baring Bank that led to its’ collapse and the steps that the financial industry has since taken to meet the challenges of managing this risk. It is then considered whether these lessons learnt can be applied to the construction process.
The analysis is made from three perspectives. Following the collapse of Barings Bank the Bank of England investigated the causes and produced five lessons to be learnt from the event. The British Banker Association and Coopers & Lybrand conducted a survey on operational risk a few years after the Barings Bank collapse which provides an indication of the feelings of the industry at the time and their views on the problems the industry faced in respect of operational risk. Consideration is given to both these sources and their views on the Barings Bank collapse and managing operational risk. Finally, the Canadian Bank was one of the first banks to respond to reports and the threat of operational risk. Therefore consideration is given to the resultant actions taken by the Canadian Bank to meet these challenges.
Bank of England Report into the collapse of Barings Bank
The report indicated that the collapse of Barings Bank would not have occurred if there had been an effective system of management, financial and operating control within Barings. The report detailed a number of failings as follows:
“The money required to fund the losses came primarily from London (the banks headquarters). It was advanced to Singapore with no independent check on the validity of the requests or any attempt to reconcile them to any known trading position. If management in London had sought to examine the information from Singapore to support the requests for funds, it should have discovered that the information was meaningless.”
"Barings management in London seems generally to have believed that the money being sent to Singapore was being lent to clients to facilitate their trading. However, the credit aspects of these advances were never formally reviewed or considered by the credit committee. Barings' management did not question why it was apparently lending over £300 million to clients to trade when it had collateral of only some £31 million from clients for those trades”.
"The management of Barings did not question the extraordinarily high levels of apparent profitability of supposed arbitrage dealings in Singapore, which were regarded as being without risk. In the Board of Banking Supervision's view these profits should have been viewed as abnormal and questionable, and the extraordinary profitability reported in 1994 should have attracted the close and thorough attention of the management, long before the collapse.”
"Despite Leeson's (the rogue trader who was responsible for the collapse of Barings Bank) efforts at concealment, some information on the account he used to hide his losses was available to London, but it was never analysed. No one within Barings accepted responsibility for Leeson's activities for the whole of 1994. Leeson's deception was made easier as he was not just a trader but also in charge of the so-called 'back office' which processed the paperwork associated with trading. In 1994 Barings' internal auditors recommended that as a trader he should not have this responsibility for the back office. Barings failed to implement this recommendation.”
The report indicates that information was available that could have prevented the incident from happening and the failings were due to the systems of the bank that did not identify the problem. The retrospective analysis made by the Bank of England highlighted the failings. It is questionable whether real time analysis would have saved Barings from collapse. The Bank of England suggests that it would have and should have saved Barings.
The report produced five lessons that could be learnt through the bankruptcy of Barings as follows:
• Firstly, management teams have the duty to understand fully the business they manage.
• Secondly, responsibility for each business activity has to be clearly established and communicated.
• Thirdly, clear segregation of duties is fundamental to any effective control system.
• Fourthly, relevant internal controls, including an independent risk management function must be established for all business activities.
• Fifthly, top management and the audit committee have to ensure that significant weaknesses are identified to them by internal audit and are resolved quickly.
Furthermore it was stated that at least one and usually several of these points was the reason why firms lost large sums of money within the derivatives market.
British Banker Association and Coopers & Lybrand Survey on operational risk
Subsequent to the Barings Bank collapse the British Bankers Association (BBA) and Coopers & Lybrand conducted a survey among the BBA members in 1997. The results reflect the views of directors and senior bank management of the banking industry in the United Kingdom and provides their view on operation risk.
More than 67 percent of banks thought that operational risk was one of the most important areas of risk that required management and 24 percent thought that they had experienced a significant loss through operational risk in the last three years before the survey was conducted.
The report indicated that many banks had some way to go to formalize their approach in terms of policies and generally accepted methods and it is difficult for banks to manage their operational risk without some kind of formal infrastructure in place. The report indicated that it was easy for a bank to inadvertently duplicate efforts in operational risk management or conversely for such risks to fall through gaps because no one has been made responsible for them.
According to the report, modeling and quantifying operational risk generated the most interest of all areas of operational risk. The report emphasized that this may well be because banks do not have the relevant data required to manage risk effectively. The report revealed that data collection was an area that banks are gearing up to focus on in the future.
For banks that do not have sufficiently developed operational infrastructures they sometimes use internal audit recommendations as the sole method to manage operational risk. Finally most banks were not complacent and expected to make changes to their approach.
Case Study of Canadian Imperial Bank
The Canadian Imperial Bank of Commerce was one of the first institutions to implement a plan to counter the newly exposed threat of operational risk. The bank recognized that operational risk is wide and arises from the failure in the course of operating the business.
It was recognized that a “beginning to end” approach had to be taken into account for all the stages where operational risk occurs. As an example the operations of a derivatives desk is used to demonstrate the approach. Risk begins to accumulate even before the design of the potential transaction gets underway. It is present during negotiations with the client and continues after negotiation as the transaction is serviced. Several things have to be in place before the transaction can be negotiated and each exposes the firm to operational risk. First, sales may be highly dependant on a valued relationship between a particular sales person and the client. Second, sales are usually dependant on the highly specialized skills of the product manager who comes up with both a structure and a price that the client finds more attractive than competing offers. This means that the institution is exposed to “people risks”. For example there may be uncertainty as to whether these key people will continue to be available. In addition do they have the capacity with any increase with the sophistication of clients, or are they dealing with too many clients to be able to handle these demands? During the processing of the transaction, the firm is exposed to several further risks. First, the sales person may knowingly not disclose the full range of the risks of the transaction to the client. The risk might be associated with periods when staff are under intense pressure to meet bonus targets for their desks. Similarly the sales person might persuade the client to engage in a transaction that is totally inappropriate for the client exposing the firm to potential lawsuits and regulatory sanctions. Another aspect and potential risk is a sales person may rely on sophisticated financial models to price the transaction. This creates what is commonly called model risk. Model risk can arise because the wrong parameters are input to the model or because the model is used inappropriately. Once the transaction is negotiated and a ticket is written, errors can occur as the transaction is recorded in the various systems or reports. An error here may result in a delayed settlement of the transaction which in turn can give rise to penalties. Furthermore an error in market risk and credit risk reports might lead to the exposures generated by the deal being understated. In turn this may lead to the execution of additional transactions that would otherwise not have been executed.
In essence the list can go on, however each type of risk can be captured either as a people or process risk, each can be analyzed in terms of capacity, capability or availability and are capable of being identified by analyzing data created through the business process.
The bank recognized that to be able to manage these risks the relevant data is required and systems need to be in place to prevent the risk occurring. For this to be effectively achieved a data and technological infrastructure is required to be able to implement an integrated risk management system that considers all aspects of the operation.
The bank identified the need for a holistic risk management system that was supported by information technology architecture that is employed in all of the company’s processing. The logic behind the system must be generated by the business principles and functions. The design of information technology architecture would be a collection of sub-systems that supports each functional department. Banks have many business units which are engaged in different products. The design of the information infrastructure is required to optimize the exchange of information between each unit within the firm. All should be operating within this unified information technology framework. In this way data is collected and stored in a central data warehouse and organized into a common format. The data would also be capable of being used to manage functions and analyze risk etc.
The system would use tiered risk sub-systems to integrate the front, middle and back office enabling segregation of responsibilities managed through interactive data exchange. Managers are provided with live data and risk software applications and reports that can be used to make decisions.
However it was recognized that the integration of legacy systems with the new system could be challenging. It was further recognized that a significant investment would have to be made in their computer technology to implement the system.
Conclusion
There are significant lessons to be learnt from the financial industry reform resulting from the Barings Bank collapse. Although the processes involved in construction are considerably different to those in the banking there are principles in the management of risk that are transferable.
The processes in both industries produce masses of documentation and it is in this documentation where the information and data is needed to manage operational risk. In the financial industry complicated models are used to price transactions and in the construction industry complicated programme and cost models are used as a base to price the execution of the scope of work. Essentially to manage the operational risk it is the data that is produced in the execution of the business operation that requires to be reconciled with these models.
The report on the collapse of Barings Bank revealed that there was information available that would have revealed the problems however the information was not analysed. The question regarding the construction industry is to what extent will real time data and the analysis thereof help to improve on efficiencies and resolve differences before they develop into a dispute? On this matter an experienced claim consultant was of the view that if quality information existed, parties could more readily demonstrate to the other why there is a legitimate entitlement. He held the view that the best way of resolving differences was by sharing information with a proactive attitude and then dealing with the matters before they escalated out of control.
The analysis is made from three perspectives. Following the collapse of Barings Bank the Bank of England investigated the causes and produced five lessons to be learnt from the event. The British Banker Association and Coopers & Lybrand conducted a survey on operational risk a few years after the Barings Bank collapse which provides an indication of the feelings of the industry at the time and their views on the problems the industry faced in respect of operational risk. Consideration is given to both these sources and their views on the Barings Bank collapse and managing operational risk. Finally, the Canadian Bank was one of the first banks to respond to reports and the threat of operational risk. Therefore consideration is given to the resultant actions taken by the Canadian Bank to meet these challenges.
Bank of England Report into the collapse of Barings Bank
The report indicated that the collapse of Barings Bank would not have occurred if there had been an effective system of management, financial and operating control within Barings. The report detailed a number of failings as follows:
“The money required to fund the losses came primarily from London (the banks headquarters). It was advanced to Singapore with no independent check on the validity of the requests or any attempt to reconcile them to any known trading position. If management in London had sought to examine the information from Singapore to support the requests for funds, it should have discovered that the information was meaningless.”
"Barings management in London seems generally to have believed that the money being sent to Singapore was being lent to clients to facilitate their trading. However, the credit aspects of these advances were never formally reviewed or considered by the credit committee. Barings' management did not question why it was apparently lending over £300 million to clients to trade when it had collateral of only some £31 million from clients for those trades”.
"The management of Barings did not question the extraordinarily high levels of apparent profitability of supposed arbitrage dealings in Singapore, which were regarded as being without risk. In the Board of Banking Supervision's view these profits should have been viewed as abnormal and questionable, and the extraordinary profitability reported in 1994 should have attracted the close and thorough attention of the management, long before the collapse.”
"Despite Leeson's (the rogue trader who was responsible for the collapse of Barings Bank) efforts at concealment, some information on the account he used to hide his losses was available to London, but it was never analysed. No one within Barings accepted responsibility for Leeson's activities for the whole of 1994. Leeson's deception was made easier as he was not just a trader but also in charge of the so-called 'back office' which processed the paperwork associated with trading. In 1994 Barings' internal auditors recommended that as a trader he should not have this responsibility for the back office. Barings failed to implement this recommendation.”
The report indicates that information was available that could have prevented the incident from happening and the failings were due to the systems of the bank that did not identify the problem. The retrospective analysis made by the Bank of England highlighted the failings. It is questionable whether real time analysis would have saved Barings from collapse. The Bank of England suggests that it would have and should have saved Barings.
The report produced five lessons that could be learnt through the bankruptcy of Barings as follows:
• Firstly, management teams have the duty to understand fully the business they manage.
• Secondly, responsibility for each business activity has to be clearly established and communicated.
• Thirdly, clear segregation of duties is fundamental to any effective control system.
• Fourthly, relevant internal controls, including an independent risk management function must be established for all business activities.
• Fifthly, top management and the audit committee have to ensure that significant weaknesses are identified to them by internal audit and are resolved quickly.
Furthermore it was stated that at least one and usually several of these points was the reason why firms lost large sums of money within the derivatives market.
British Banker Association and Coopers & Lybrand Survey on operational risk
Subsequent to the Barings Bank collapse the British Bankers Association (BBA) and Coopers & Lybrand conducted a survey among the BBA members in 1997. The results reflect the views of directors and senior bank management of the banking industry in the United Kingdom and provides their view on operation risk.
More than 67 percent of banks thought that operational risk was one of the most important areas of risk that required management and 24 percent thought that they had experienced a significant loss through operational risk in the last three years before the survey was conducted.
The report indicated that many banks had some way to go to formalize their approach in terms of policies and generally accepted methods and it is difficult for banks to manage their operational risk without some kind of formal infrastructure in place. The report indicated that it was easy for a bank to inadvertently duplicate efforts in operational risk management or conversely for such risks to fall through gaps because no one has been made responsible for them.
According to the report, modeling and quantifying operational risk generated the most interest of all areas of operational risk. The report emphasized that this may well be because banks do not have the relevant data required to manage risk effectively. The report revealed that data collection was an area that banks are gearing up to focus on in the future.
For banks that do not have sufficiently developed operational infrastructures they sometimes use internal audit recommendations as the sole method to manage operational risk. Finally most banks were not complacent and expected to make changes to their approach.
Case Study of Canadian Imperial Bank
The Canadian Imperial Bank of Commerce was one of the first institutions to implement a plan to counter the newly exposed threat of operational risk. The bank recognized that operational risk is wide and arises from the failure in the course of operating the business.
It was recognized that a “beginning to end” approach had to be taken into account for all the stages where operational risk occurs. As an example the operations of a derivatives desk is used to demonstrate the approach. Risk begins to accumulate even before the design of the potential transaction gets underway. It is present during negotiations with the client and continues after negotiation as the transaction is serviced. Several things have to be in place before the transaction can be negotiated and each exposes the firm to operational risk. First, sales may be highly dependant on a valued relationship between a particular sales person and the client. Second, sales are usually dependant on the highly specialized skills of the product manager who comes up with both a structure and a price that the client finds more attractive than competing offers. This means that the institution is exposed to “people risks”. For example there may be uncertainty as to whether these key people will continue to be available. In addition do they have the capacity with any increase with the sophistication of clients, or are they dealing with too many clients to be able to handle these demands? During the processing of the transaction, the firm is exposed to several further risks. First, the sales person may knowingly not disclose the full range of the risks of the transaction to the client. The risk might be associated with periods when staff are under intense pressure to meet bonus targets for their desks. Similarly the sales person might persuade the client to engage in a transaction that is totally inappropriate for the client exposing the firm to potential lawsuits and regulatory sanctions. Another aspect and potential risk is a sales person may rely on sophisticated financial models to price the transaction. This creates what is commonly called model risk. Model risk can arise because the wrong parameters are input to the model or because the model is used inappropriately. Once the transaction is negotiated and a ticket is written, errors can occur as the transaction is recorded in the various systems or reports. An error here may result in a delayed settlement of the transaction which in turn can give rise to penalties. Furthermore an error in market risk and credit risk reports might lead to the exposures generated by the deal being understated. In turn this may lead to the execution of additional transactions that would otherwise not have been executed.
In essence the list can go on, however each type of risk can be captured either as a people or process risk, each can be analyzed in terms of capacity, capability or availability and are capable of being identified by analyzing data created through the business process.
The bank recognized that to be able to manage these risks the relevant data is required and systems need to be in place to prevent the risk occurring. For this to be effectively achieved a data and technological infrastructure is required to be able to implement an integrated risk management system that considers all aspects of the operation.
The bank identified the need for a holistic risk management system that was supported by information technology architecture that is employed in all of the company’s processing. The logic behind the system must be generated by the business principles and functions. The design of information technology architecture would be a collection of sub-systems that supports each functional department. Banks have many business units which are engaged in different products. The design of the information infrastructure is required to optimize the exchange of information between each unit within the firm. All should be operating within this unified information technology framework. In this way data is collected and stored in a central data warehouse and organized into a common format. The data would also be capable of being used to manage functions and analyze risk etc.
The system would use tiered risk sub-systems to integrate the front, middle and back office enabling segregation of responsibilities managed through interactive data exchange. Managers are provided with live data and risk software applications and reports that can be used to make decisions.
However it was recognized that the integration of legacy systems with the new system could be challenging. It was further recognized that a significant investment would have to be made in their computer technology to implement the system.
Conclusion
There are significant lessons to be learnt from the financial industry reform resulting from the Barings Bank collapse. Although the processes involved in construction are considerably different to those in the banking there are principles in the management of risk that are transferable.
The processes in both industries produce masses of documentation and it is in this documentation where the information and data is needed to manage operational risk. In the financial industry complicated models are used to price transactions and in the construction industry complicated programme and cost models are used as a base to price the execution of the scope of work. Essentially to manage the operational risk it is the data that is produced in the execution of the business operation that requires to be reconciled with these models.
The report on the collapse of Barings Bank revealed that there was information available that would have revealed the problems however the information was not analysed. The question regarding the construction industry is to what extent will real time data and the analysis thereof help to improve on efficiencies and resolve differences before they develop into a dispute? On this matter an experienced claim consultant was of the view that if quality information existed, parties could more readily demonstrate to the other why there is a legitimate entitlement. He held the view that the best way of resolving differences was by sharing information with a proactive attitude and then dealing with the matters before they escalated out of control.
posted by Will at 19.10.06
Links to this post:
Create a Link
<< Home