The world’s largest banks have made a lot of progress revamping how they handle risk in the wake of the financial crisis, but they keep bumping up against the limitations of their own technology.
That’s one of the more interesting conclusions from a report that came out this week from Ernst & Young and the Institute of International Finance, a global association of 400 financial institutions and agencies. This latest report is the second to monitor changes the group recommended in July 2008.
It’s a little less sexy than the issue of bank CEO pay, but still pretty important in light of the last few years of financial pain. How are the world’s biggest, most complex financial institutions able to understand the risks posed by their own balance sheets and do something about them?
Ernst & Young conducted the survey of the group’s membership between October and December of last year, resulting in 60 online survey responses and 35 interviews with bank executives at firms such as Bank of America, PNC Financial Services and the Royal Bank of Canada, among others.
The survey identified areas of the greatest “progress” in banking: 83 percent of banks surveyed said they increased board oversight of risk and strengthened the role of the chief risk officer, for example. (Most chief risk officers now actively participate in business strategy and planning).
Ninety-two percent of banks surveyed have made changes to liquidity risk management in the last two years and 93 percent have implemented new stress testing.
But more than 80 percent of respondents cited “problems with inefficient, fragmented systems that can’t ‘talk to each other’ to extract and aggregate the accurate, quality data needed to conduct stress testing across the enterprise,’’ the report said.
Many are struggling with the demands on the resources needed to execute what is often a manual process of conducting tests and gathering results across the portfolios and businesses. One executive told us it takes 150 people across the businesses to analyze the scenarios mandated by both the regulators and the board risk committee.
Ugh. The problems associated with risk management don’t get much better:
More than 50 percent of those interviewed rate their ability to track adherence to risk appetite as moderate. The reasons cited range from the lack of clarity around which metrics align with risk appetite, to ill-defined methodologies for capturing and reporting information, to poor data quality and inadequate systems.
Poor data quality and inadequate systems? These are the largest banks in the world, remember. Perhaps this is an issue that will take only a few years to iron out. This is definitely one of those problems that won’t get a lot of publicity, but will really matter in preventing the next financial crisis.