Risk management should be more than a necessary evil

Most senior bank managers live in fear of a major reputational or organisational scandal tarnishing their establishment and career. Yet they need not worry - that is, if a fully integrated approach to risk management is adopted.

by The McKinsey Quarterly
Last Updated: 23 Jul 2013

Between 2001 and 2005, risk-related losses in financial services at the top 12 US banks made up 4-5% of their net income. And in 2005, at least two establishments had operational losses that wiped out 10% of their pre-tax net income.

But the impact of such operational losses on shareholder value can also be severe. Research found that although the decline in market capitalisation was roughly equal to financial losses in the short-term, three months later, it was about 12 times the reported loss, with the worst cases involving embezzlement, loan fraud, deceptive practices and other skulduggery.

Companies have traditionally approached risk management - whether operational, reputational, credit, market etc - as damage limitation. But using risk management as part of a business strategy can enhance performance by creating new competitive advantages or freeing up capital normally forsaken by risk-related losses.

Financial institutions should also focus more on actually mitigating risk rather than simply measuring it. Issues of company culture, shareholder value and ownership of the problem should be addressed to infuse a sense of risk responsibility at every level of the organisation.

To achieve this 'zero tolerance' attitude to risk, companies should train their staff adequately. Managers should set up incentives that reward caution rather than daring operations. Centralised risk functions should also work more consistently with managers to share insights on operational day-to-day reality.

Whichever way they do it, whether risk specialists work as partners, advisers, service providers or a separate entity to the business units, banks should place risk management at the fore of their activities, and not treat it as an after thought.

Source: Better operational risk management for banks
Cindy B Levy, Hamid Samandari, Antonio P Simoes
The McKinsey Quarterly, web exclusive August 2006

Review by Emilie Filou

Find this article useful?

Get more great articles like this in your inbox every lunchtime