During a recent discussion in a risk forum, it was posed that many companies simply engage in risk management exercises to meet a regulated standard. Outside that achievement, the business value of these risk and audit practices is limited.
This is not the first time such criticism has been made and it probably won’t be the last. The US regulation on financial reporting known as Sarbanes Oxley was labelled by many risk analysts as an expensive box ticking exercise. It certainly did drive firms offshore to raise capital and encouraged others to delist off a regulated exchange and into the pink sheet domain to avoid the huge cost burden of compliance.
This is not the first time such criticism has been made and it probably won’t be the last. The US regulation on financial reporting known as Sarbanes Oxley was labelled by many risk analysts as an expensive box ticking exercise. It certainly did drive firms offshore to raise capital and encouraged others to delist off a regulated exchange and into the pink sheet domain to avoid the huge cost burden of compliance.
Making regulations useful
One of the issues with regulation is that it can be prescriptive and that may only suit a narrow range of firms required to meet a specific mandate. Some time ago, the FSA in the UK started an initiative to break this overly prescriptive approach to regulation by introducing Principles Based Regulation.
Their original paper can be found at this address: FSA Principles Based Regulation
The idea as written in the FSA paper is to “give firms the responsibility to decide how best to align their business objectives and processes with the regulatory outcomes the FSA have specified”. Sadly the global financial crisis has been blamed in part on the downside of principles based regulation, especially in a UK context. Papers have been written to defend or bring blame on the UK’s role in the Global Financial Crisis as being fueled in part by Principles Based Regulation. We argue that the lacking of interconnected oversight by banks before the crisis meant that they were due to fail given any kind of pre Basel regulation which didn't include 'inter-connectedness'.
Even with the Global Financial Crisis it still stands, for regulation to be useful for each unique business it needs to be applicable to each single entity individually. There is no regulatory advantage by a firm stating it is compliant with a market risk measurement for FX instruments by simply ticking the Not Applicable Box – we don’t trade them.
Heat Map
In the draft paper found by following this link, we are going to extend on from this concept to show one method for making Enterprise Risk Measurement that might be useful to a business.
So many audit departments are rebadged as ERM risk based audit because the term happens to be in vogue. We want to look at how ERM can actually live up to its name and how risk or audit departments can present the cost of operational risk to executive management.
So many audit departments are rebadged as ERM risk based audit because the term happens to be in vogue. We want to look at how ERM can actually live up to its name and how risk or audit departments can present the cost of operational risk to executive management.
The draft paper will address how to price operational risk at a top level and it highlights the dangers of using Heat Maps to present risk information to management.
No comments:
Post a Comment