Wednesday, January 13, 2010

Considerations when implementing a risk management system, part 1

For many people, transitioning from one year to the next is often a time of change. Consequently, I suspect that many firms and risk professionals may at this very moment be contemplating making changes to their current risk systems. Over the years, I have had a fair bit of experience aiding and abetting others who have been tasked with making decisions regarding risk systems, so I want to distill some of this experience into guidelines that may be useful should you find yourself in such a position this New Year.

Disclaimer: As a FactSet employee I am obviously biased in my views of risk providers, but my goal here will be to be present as objective a set of guidelines as possible. I have gone through this process enough times to know that the better prepared an investment management firm is (as it relates to risk systems decisions) the better off everyone involved in the process is as well.

Over the next two or three posts, I will address these questions:

  • Who are the Stakeholders?
  • Why do you need risk?
  • What are your options?
  • Where do you need to see risk?
  • How should you implement your solution?
  • When should this take place?

Who are the Stakeholders?

This is arguably one of the most important questions to answer early since in many ways it will dictate the answers to remaining questions. Common stakeholders include:

  • CIO
  • Board
  • Risk Manager/Risk Team
  • Portfolio Managers
  • Performance/Reporting Team
  • Marketing Team

Obviously the ways stakeholders will use risk data can vary dramatically across users/teams, and a good model and system should be able to provide relevant results to each type of end consumer in a meaningful way. For example, a Risk Team may care about the aggregated risk across a collection of portfolios and how each portfolio contributes to their overall equity risk exposure, whereas a Portfolio Manager within the same firm may want to determine which securities are contributing to his/her portfolio active risk.

I often think about the question of stakeholders from the perspective of how a particular stakeholder may actually think about or look at risk: at a summary level, detail level, or both.

In addition to these three vantage points, there is another dimension to risk that is often overlooked, and that is comprehension. By this I mean that the above stakeholders can usually be grouped into an additional two categories:

  • Those who understand and care about the interpretation of risk results
  • Those who do not (but this does not necessarily mean they are not a stakeholder)

Why is it important to understand these distinctions? If you care about details and comprehension, you probably need a different set of tools compared to someone who only cares about summary level information and is not bothered about the meaning of the results. An example of a risk stakeholder who needs results but doesn’t necessarily need to truly understand what the results mean would be reporting and marketing groups, many of whom need to report these numbers but are not required to really understand their meaning in depth.

Why do you need risk?

Choosing a risk model/system can be hard; why are you doing this to yourself?

Less than ideal stand alone reasons:

  • Need to be able to tick this box RFPs
  • Board reporting
  • Seems like everyone else has one

Some good reasons:

  • Determine if risks are aligned with expectations
  • Measure/manage risk across portfolios, products, asset classes in a meaningful way
  • Understand unintended exposures to factors in the market

This is probably obvious and in many ways the "why" should be an easy question to answer, but if you are part of the group looking at implementing a risk system, you need to have a good grasp as to why you are doing this in the first place. If it is simply to tick the box in an RFP or to include tracking error in some large amorphous report with little thought or emphasis on the meaning, then you are doing it for the wrong reasons and it is only a matter of time before you realize you are spending a lot and getting a little.

So my advice is to take the time to really understand why risk is important to your firm and how risk measurement and management can enhance your firm’s core competencies. There is nothing wrong with including the stand alone reasons I listed above as part of the overall answer to "why," so long as they are not the only reasons.

I will pick this up again soon with the next question in my list. Happy New Year!

To be continued. . .

Don't miss the next post in this series. Receive new blogs by e-mail.

No comments:

Post a Comment