Tuesday, October 7, 2014

Is Risk Management a Science or an Art?

The discussion of whether Risk Management is really an art or a science has become a popular debating subject over the last few years as practitioners try to place it within a specific faculty of study.  Today we deliberate on this very subject again and on the G31000 forum [LINK].

Risk management can of course be an art or a science depending on one's point of view, taking features from both schools to become a craft.

Monday, September 29, 2014

Operational Risk Ten Stories

A decade ago, plus a couple of months, the banking community was thrown a new mandate from the Bank for International settlements titled Basel II. For the world of Basel this was the first time regulation had included operational risk as part of the capital regime program.

Ten years on, I have decided to take stock and pull together a presentation on what has worked for the banking community in operational risk management and what remains a stubborn challenge.

Sunday, September 28, 2014

Networked Risk Factors

Rieks Joosten has recently released an excellent paper and concept for assessing networked risks which has spawned on a debate for measuring such risks on the G31000 forum.

Friday, September 5, 2014

Funds Transfer Pricing Foundations

In this quick blog posting I am sharing the Funds Transfer Pricing presentation I delivered at the 7th Annual Risk and Liquidity Conference in Singapore.

Wednesday, August 6, 2014

Unraveling Extreme Value Theory

An interesting request came through from one of our customers today and is worth sharing on the Causal Capital blog because a lot of risk practitioners struggle with some of the more complex areas of modelling uncertainty. This is especially the case when risk managers are attempting to assess the size of impacts from catastrophes.

Monday, July 21, 2014

Risk Appetite In Operations

Assessing and measuring risk appetite away from an investment portfolio is perhaps one of the most difficult risk management initiatives practitioners have to entertain, it is also discussed often on risk forums and written about avidly by many consulting firms.  Yet, very few subject matter experts actually delve into the semantics required to measure risk appetite and this is kind of frustrating. I personally have plenty of clients that have expressed their sentiments around how difficult the entire risk appetite program is and many managers out there struggle to take this important aspect of risk management to completion.

In this article we release a white paper that steps through the entire process of measuring and assessing risk appetite, dealing with the numbers specifically rather than just top level summaries and catch phrases on what risk appetite is.

Monday, July 7, 2014

The Near Miss

In section 2.17 of the ISO 31000 standard, an event without consequences but an event all the same can be classified as a "near miss", "near hit" or "close call". Yesterday morning at Barcelona airport did such an event take place?

Monday, June 16, 2014

Why 5000 iterations in Monte Carlo

For those risk analysts out there using Monte Carlo in their analysis, have you ever wondered why the industry standard for simulation sample sizes in Monte Carlo is set at five thousand iterations?

So many Monte Carlo systems I see in use today run a standard five thousand simulations but why five thousand, why not ten thousand, why not five thousand and one?

How many samples should we have in our simulation sample size and when is the number of iterations insignificant?  To be concise, if you were to add another sample to your Monte Carlo simulation, when doesn't it make a difference to the result?

Saturday, June 14, 2014

Gigantic Catastrophes - Fukushima Daiichi

Recent investigative journalism has turned out some pretty horrifying developments and realizations at the Fukushima Daiichi Nuclear Facility ... The video from Vice is nothing less than deeply concerning.

Friday, June 6, 2014

What to do with KRIs? [Part 2]

So to follow up on Part 1 of our Key Risk Indicator network or system which can be found here [LINK], perhaps the most important consideration we should ponder on is what do we actually do with the KRI data we capture?

In reality, why bother tracking Key Risk Indicators if we aren't going to do anything with them?  Yet, so many risk managers do go through this very exercise without bringing it to full conclusion.

In this article I would like to describe at a top level what we can use our KRI data for and outline what holds us back from that objective.

Wednesday, June 4, 2014

What to do with KRIs? [Part 1]

Over a typical month a lot of risk practitioners in my network pose various technical questions to me. Today is no different but this month we certainly have an interesting query that goes along the following lines:
"I am creating a data model for KRIs and Op Risk Loss Events and would be curious to know how the metadata model and tables could work, how can I simulate or model Key Risk Indicators?" | US Banker
A good question without any doubt and from what I observe in general risk management practice, Key Risk Indicators are rarely modeled in coherent manner. Let's address the database design first, then we can investigate various ways in which Key Risk Indicators can be modeled. 

Thursday, May 15, 2014

Big challenges in risk

Only the other day, someone asked me what are presently the biggest challenges in risk management and while risk culture is probably always going to feature, Risk Information Technology or Risk IT has a lot of issues. When I refer to Risk IT here, this has nothing to do with computers or network connectivity but instead the analytics on these machines. Interestingly, what holds the risk community back is not the technology aspect per se but in some respects narrow mindsets. Let's take a look ...

Monday, April 7, 2014

Risk Based Audit

One of the biggest trends I am witnessing in the domain of audit is for auditors to migrate a traditional audit across to a Risk Based Audit program. This auditors' evolution or revolution if you prefer is relatively pervasive across market and industry sectors. It is actually reaching a point that in the not too distant future, a traditional audit will be seen by many as an outdated and unsatisfactory process for auditing a company.

In this blog posting we share a complete paper / presentation that leads an auditor through the various phases or steps that are required to perform a Risk Based Audit. 

Monday, March 31, 2014

Comprehensive Risk Frameworks for Reputation

Reputation risk is without any doubt a major concern for different types of entities across the planet and while risk managers recognize this fact, the methods by which many go about measuring and managing reputation risk can end up enfeebled and missing the point.

In this blog posting we share a complete and entire framework for Reputation Risk. 

Monday, February 24, 2014

The Auditor's Dilemma Part 1

Perhaps one of the largest dilemmas auditors face is being able to give stakeholders of any business they audit a level of confidence that they have captured and assessed 'all' material risks that threaten the company. A thumbs up if you prefer after an audit has taken place that the audit went well and the results are sound.

If risk is the effect of uncertainty on objectives, as the ISO 31000 global risk standard states it to be, then senior managers often expect a level of clarity or coverage to be expressed on what has been captured during a risk assessment exercise. They may also be keen to know what additional uncertainty may remain on the assessment of uncertainty:-(

In this blog posting we are going to describe the auditor's dilemma and in future blog postings we will untangle this paradox. 

Tuesday, February 18, 2014

Market Risk Implied or Inherent

To extend on from our previous article on inherent risk [ LINK ] we will dive a little bit deeper into the importance of inherent risk using an example from the domain of market risk measurement.
  

Friday, December 20, 2013

Positive Risk

It seems to be fashionable for risk specialists of all creeds to strive to become yes people rather than the no obstruction or control hurdle everyone in a business seems to detest. Yet, to truly embrace the innovation potential of risk management is going to require risk managers to chase the positive aspects, as well as the optionality in risk before risk management can evolve into a yes sport as opposed to the party pooper it often ends up being.

Thursday, December 5, 2013

The why in Inherent Risk

About a year ago I wrote an article on inherent risk versus residual risk and what the differences actually are. That preamble of a posting can be found here [LINK] but in this update we are going to look at why it is important to understand and then dimension inherent risk.

Wednesday, November 6, 2013

Contingency Theory in ERM

In Kaplan's view of the world of risk, Enterprise Risk Management needs to move towards a contingency theory, it is currently immature but at the very least an evolving discipline.

Last month, Robert Kaplan and Anette Mikes released their paper "Towards a Contingency Theory of Enterprise Risk Management" which is based on a ten year field project of over 250 interviews with senior risk officers. Their findings are quite disturbing or to cite the author's words "many organisations remain dissatisfied with existing risk management practices" and the risk management standards of ISO 31000 and COSO come under direct line of fire.

Monday, October 14, 2013

31000 Frameworks for Scenario Analysis

This week Causal Capital will be delivering a speech on how to 'stress test' an organisation for its resilience in managing catastrophes that originate from operational risk.

An associated draft white paper for this speech describes which is really an entire framework for scenario analysis has been written and can be found here LINK ].