Quick credit line

DEVELOPMENTS IN THE FINANCE SECTOR

admin — Mon, 26 Oct 2009 10:59:30 +0000

Risk is an everyday hazard that faces banks, funds and insurers. It can usually be mitigated, but it is rarely eliminated completely. There are some cases where a positive “hazard” is a very good thing to have – each business faces a risk or probability of making profits. Millions of people buy lottery tickets each day facing the small risk that they will become instant multimillionaries. Business always encounters some form of risk.
It is good that we recognise that operational risks are present in our company. It is better when we can predict the risk event that will happen. It is best when we have reinforced the general resilience of our system through risk management countermeasures. The business operational risk shock is going to be absorbed by our company, so the company has to respond.
Not all banks have put operational risk firmly on their corporate radar. Few banks seem to have detailed an operational risk map by making provisions for expected operational risk. Basel surveyed 89 banks, and only 33 had designated expected operational risk loss measures.
Therefore, we need a management structure to plan the continuing and increasing system resilience of the company.
Doing risk management, rather than merely talking about it, will separate the banks from the boys for Basel II implementation. The measures of pricing, reserving and expensing for OpRisk are already one significant step ahead of risk managers simply answering:
We are risk-compliant because we have already submitted the Risk Compliance Report.
This reporting for the sake of reporting is a risk-ignorant form of control activity in a mindless ticking of boxes in a questionnaire. Will reporting and complying with the regulations catch out the next Enron?
The above techniques get us closer, may be, to a real-life model of risk management that we call ‘organic’. Basel II reaches for some risk silo integration, but real life is messier. Messy problems can be handled in a project management control structure, such as RAMP.
An investment company, with its people and processes, its clients and their investment needs and preferences, is like a living organism. It can encompass every type of business risk, instead
of just the ones we would like to handle. We see that there are many organic risk stakeholders at play in the market.

NEW RISK FOCUS

admin — Mon, 19 Oct 2009 10:54:05 +0000

Risk management is a sequential series of tasks: analyse, forecast, investigate and mitigate against risk. Risk reporting alone is just fine for appearance – this is where many lax financial companies ran into trouble in recent years. Any reaction to a threat in such firms is likely to be ineffective because the risk management function will be underfunded and understaffed. Lack of training and proper risk management procedures result in a haphazard counter-attack against risk. Organic risk management takes the human and team factors into account to build a risk-managed corporation. This means an active risk outlook, not a passive one.
RAMP is a project methodology that has in-built self-checks to counter bias or project deviation. It should be considered for managing financial projects. This way we can have a real audit check that goes beyond simple numbers on the balance sheet, towards monitoring the fundamental sources of business risk. RAMP provides a design template for implementing a project.

FACTS, NOT FIGURES

admin — Mon, 12 Oct 2009 10:52:26 +0000

Corporate cover up works most of the times. When it does not, it boosts the impact. Covering up transforms a high-probability low-impact risk into a low-probability high-impact risk. Accounting analysis is generally the prior step before making the investment. Other proposals are to invest where:
1. Accounting standards are strong enough to link reporting to reality. .2 Accounting statements from publicly quoted companies are accurate and timely, and a regulatory framework exists to enforce the accounting principles.
There are other tell-tale signs to spot within the increasing onslaught of corporate PR and white-wash:
Too optimistic sales forecasts – take your risk analytical Kalashknikov and shoot the balance sheet apart. Does the overall balance sheet “feel” right – too rapid a turnaround? If the balance sheet is that good – then why are directors dumping their shares?
Do we have a good balance of voices on the board, or are they all in unison trying to get into some scam? Were there a few too many “balancing items”?
Which period were the majority of revenues booked and received (no receipt means no revenue). What sort of products and services were called revenue-producing? Are they disposing of a lot of assets from the group?
Is the auditor also employed in another fee-paying activity within the company? Another view for detecting cooked accounting books:
1) Record revenue too fast or too much. 2) Registering false revenue. 3) Increasing income with once-off gains. 4) Shifting expenses back or forwards into another period. 5) Reducing liabilities or completely omitting them.
6) Shifting current revenue forwards into a future period. 7) Shifting future expenses back or forwards into another period.
How long can this go on? It is not acceptable corporate behaviour, but if we are to believe the regulators, it will continue as long as companies grow or change.
In each of the cases involving banks, management seemed to be content with the loss of vigor in the process and the external auditor was apparently satisfied to simple collect a fee. This is totally unacceptable. Further, as the organization evolves by offering new products, changing processes, outsourcing services, complying with the new regulations, or growing through mergers, the controls need to be modified to reflect the changes in risks. In some case, the controls failed with respect to the newer risk exposures that were not identified, or growth put strains on existing control processes that were not suitable for a larger organization.
Risk management means not sleeping on the job.

APPROPRIATE RISK MANAGEMENT STRUCTURE (part 2)

admin — Mon, 05 Oct 2009 10:50:00 +0000

A US survey concluded that 6 % of business revenue or $400 billion is lost within the UK economy as a result of fraud, and a most of this loss comes from internal staff. Furthermore, KPMG estimated that only 4 % of these fraud incidents were spotted during external audit. The reasons for this huge damage comes from a lack of internal corporate controls and poor stock-control/accounting.
Many shareholder interest groups exist to protect the rights of the smaller investor. Grouped together, they command a huge pension fund and influential voice. Calpers, Teachers, NAPF and PIRC are among many. PIRC (Pensions and Investment Research Consultants) was vocal in its criticism of arrogant boards that do not press forward to embrace corporate governance recommendations0 PIRC has called for more transparent and accountable directorships to
make UK boards more geared towards increasing shareholder value and socially responsible investment.
PIRC is an agency committed to SRI (socially responsible investment). It encourages investors to monitor how companies are managing their stakeholder relationships. One byproduct is FTSE4Good as an index of SRI stocks that such investors can choose from. PIRC gives investors relevant information and SRI advice, particularly on corporate governance, including:
shareholder rights best practice compliance suitable board structures remuneration schemes investor relations.
PIRC has called for a series of changes to make UK board of directors more effective.
Encouraging more boards to have more non-executive directors than executives. Making sure non-executives are genuinely independent rather than chums of the chief executive. PIRC says only 20 % of FTSE 100 boards have a majority of independent non-executives. Independent appraisal of board members. A widening of the pool of non-executives. Companies could advertise for new recruits.
Better resources for non-execs, including secretaries and researchers as well as access to independent research and advice.
More contact between non-execs and shareholders.
NAPF (National Association of Pension Funds) operates with a similar mission. Its priority is to ensure an efficiently regulated market for the provision of employer-sponsored pensions. It advocates sound governance of pension fund assets as NAPF represents pension funds that cover about 10 million UK employees. These funds control 20 % of the shares of the London Stock Market. NAPF also opines that independent directors articulate the wishes of their investors, while the non-executive directors fully understand the shareholders’ expectations of them. One role could be for them to exercise effective restraint over the sympathetic remuneration committees that are inclined to pay the top executives too much (“fat cats”).
Fat cats are blamed for skimming off the cream from the corporate milk, so impoverishing their investors. Executives have to be charged with the duties of wealth creation and safeguarding it through risk management, not for sleeping on the job. The risk management directors’ duty is listed in the Basel II banking document that prescribes a healthy environment for business. It states that the function of risk management should go all the way to the top:
The board of directors should be aware of the major aspects of the bank’s operational risks as a risk category that should be managed, and it should approve and periodically review the bank’s operational risk management framework. The framework should provide a firm-wide definition of operational risk and lay down the principles of how operational risk is to be identified, assessed, monitored and controlled/mitigated.
Invest within companies where there is a culture of openness and risk management. The new Basel II banking regulations encourages corporate transparency. One’s conscience is better put at rest than by a superficial report that white-washes the remaining dangers.
We have looked at sensing for top management errors and lack of ethics deep down the company – see AEW: advanced early warning.
Your sixth sense can save you a lot of money!

APPROPRIATE RISK MANAGEMENT STRUCTURE (part 1)

admin — Tue, 29 Sep 2009 10:48:24 +0000

Effective counter-measures have to be put in place and tested. We have outlined some of the Basel II guidelines for effective risk management. The trouble is: “Do you have the corporate influence and the budget to get the proper risk management in place?”
Where advice and plans fall on deaf management ears, nothing concrete is likely to be done. Budgetary constraint, as an opponent, is no stranger to the champion of risk management.
The financial world is set on cutting costs and automating business processes; risk management systems are just one facet of this drive. Yet, the quest for lower costs and automation can blind us to the fundamental areas for error. Human intervention and room for exercise of staff initiative can become stifled.
This is partly why human error is cited as the source of most operational failures. However, this is often just an excuse for poor management and badly designed systems and processes that remove checks and controls in an effort to improve efficiency by lowering costs.
Much of this corporate culture against disclosing the truth stems from the top of the financial institutions. Switzerland, for example, makes whistle-blowing a crime. Therefore, unfavourable financial assessments can remain hidden from the investors. Whistle-blowing really saves investors money in the long run. It pinpoints the perpetrators of economic crimes and reduces the period during which they could be removing or destroying economic capital of the company and its shareholders. Whistle-blowing reduces the time-lag after which auditors and investigators can look for relevant evidence.
Whistle-blowing works on a raising series of red flags. When there is no visible recourse, or for major crimes, resort to an escalation of whistle-blowing. Alert the press and media, then report to regulators, police and other supervisory authorities. A proper whistle-blowing methodology can be set within the staff contract to lift the lid on fraud and crime. For minor transgressions: keep the dissent internal initially and keep an account of all errors, crimes and relevant data. Consult the ombudsman or newspaper if the company refuses to act.
Whistle-blowers must be protected and encouraged. Right now, the downside risk is being fired or shunned in the professional for “squealing” on the company or colleagues, while the upside potential is not much. Immediate risk is being questioned for technical competence, political competence, sanity, naivete ́; onus is on the whistle-blower to understand the
whole of the story; first managerial reaction is often “you do not have a view on the whole picture”.
Many corporations do not encourage whistle-blowing. Certainly, discouraging the leaks of information is an overt attempt to block all events that present a corporate reputation risk. Enron did not support whistle-blowing, but preferred to hide or shred the facts. Fraud and concealment of the truth were deep-rooted in the structure of the company. Worse, the fraud was perpetrated at the top. A company has to have a structure that is rooted in business and risk management.
Risk ignorance does not work, especially if the top management is ignorant or crooked. What an open risk-managed structure does is to open the corporation to the control function of the risk managers. They actively let the company be open to the idea that “squealers” can inform on the company if something wrong or fraudulent is suspected.
An internal company “fraud hotline” should be set up, where anonymous whistle-blowing can be channelled and processed for action. Nowadays, whistle-blowing is possibly anonymously through setting up temporary email accounts that access the regulatory website.

Forensic accounting

admin — Tue, 22 Sep 2009 10:46:06 +0000

Forensic accounting is a potentially rich source of value-added in financial environments. Part of forensic accountancy is an art, part science and the rest is detective work. There are three ways in which it can provide a valuable service in organisations:
1. Investigate a case post facto to see where a loss has occurred within the investment environment; sniff out the cause or possible rats, then set up the enquiry for full regulatory/judicial process and compensation/redress where possible.
2. Examine a business to spot current areas of weaknesses that may cause future losses. Shore up, fire, retrain or recruit staff to reinforce the system.
3. Compile a list of weaknesses within the organisation and detail reasons for investment loss. This exercise is a training tool for auditing and back-office staff. Such forensic investigations must feed active front-office trading personnel, compelling them to document significant risk events for the benefit of the back office.
There is more incentive to promote this type of procedure under Basel II regulations for market transparency and discipline. Part of the Basel II philosophy of risk is predicated on the notion that top management want to grasp the nettle and actively manage OpRisk. The first thing forensic accounting can provide is a corporate health check or a company risk audit. They may use a variety of techniques to derive this audit:
Self-assessment of risk areas – running a checklist audit or workshop to identify the strengths and weaknesses of the company’s business environment, especially against potential stake-
holder lawsuits. Risk mapping – diagramming the various constituent business units and process flows. Each area and its associated risk are identified and documented, then the follow-up risk management action recommended. Risk mapping can be used within functional areas for key risk indicators (KRIs). Departments can define operational limit bands of functionality like a risk thermometer. Crossing these limits (e.g. asset-liability gaps) shows the company’s risk
exposure here is “hot”. The responsible party or group designated with the risk origination can also be flagged, and the risk management group alerted.
Business scorecards – these build on Kaplan and Norton’s seminal work in measuring and quantifying the performance of corporations. These are qualitative performance levels, but the resulting scorecard can identify areas of weakness that may be reinforced with additional
capital and training. Loss database – this keeps a historical log of above-threshold value financial losses. Statistically significant losses or high damages can be highlighted automatically for the attention of senior management.
We have developed advanced tools and techniques for:

Corporate governance. Benchmarking and measuring performance.

Identifying areas of risk or weakness.
The problem is that an investor is an irrational animal and other influences often take over the driver’s seat. This is certainly true at the top executive level, and OpRisk groups have less to say about how strategic decisions are made.
The two main risk horizons remain for financial institutions.
Strategic policy risk – the fundamental asset allocation and performance benchmark design. This has been the subject of much research, but behavioural factors do exert a strong influence. Strategic policy risk has the greatest influence upon bank and fund success. Governance and trustee defined roles working under a multilayered control hierarchy can keep a better link
between declared corporate objectives and the actions of managers. Tactical implementation risk – investment manager structure and manager selection. Investment managers are generally recruited from a narrow band of skills and social backgrounds, so they can develop a tendency to socialise and to invest as a herd. This leads to a restricted range of assets chosen for investment. Careful interviewing and screening of recruits can reduce undesired wayward behaviour.

RISK MONITORING

admin — Wed, 16 Sep 2009 10:45:52 +0000

Risk management has suffered from various forms of opposition from top management. Something along the lines of:
Expensive – the IT systems and the rocket-scientists are all too much to pay. Slow – risk groups will never deliver on time. Naive expectations – the risks will never hit us. Weak management – let’s talk about this sometime (procrastination).
Unrealistic – we’ll get the insurers and lawyers to get us out of the jam. Once we convince top management that there is a justifiable business case for risk management, then we can deploy a full range of countermeasures. We still have to be alert to market
changes, but risk management gives us a safety buffer. Everyone is trying to move ahead of the investment pack. Given so much ego and PR, there is a crying need to compare performance. There are various forms of benchmark, e.g. against the previous year’s performance, whole industry or the top rival in the sector, etc.
Benchmarks are used to handle trickier points of detecting operational risk within a company. Fine corporate PR and good-looking financial statements could have been ripped apart by organic risk red flags. One of the problems may be that the risk management reports sent to the board do not have the right information, a suitable format to understand, or the board may not have the skills to understand.
We have already detailed the Barings, Enron–Andersen, Worldcom incidents of the ships that sank. What can we say of the boats that stay afloat? MCI floats on, after its previous incarnation, WorldCom, sank.
What we need to do is to examine the living corpse that is the company CEO before they cause damage. This process may reduce or even prevent financial losses that have caused major shareholder grief in recent years. We have to conduct an adequate due diligence before the company falls apart with us locked into the investment. Part of this process comes under the investigation comprising forensic accounting.