Asset Managers have been subjected to significant changes in the way that they are
required to manage risk within their business. Some of these relate to Basel 2, but there is
a responsibility to implement and evidence an enterprise wide risk framework that
supports ICAAP. This can be complicated by the evolving approach to regulation of
complex groups resulting in changing regulatory relationships for asset managers. This
talk will address the issues involved in achieving this wider risk framework.
Neil Brown
Managing Director
NoteWell Associates Ltd.
[email protected]
Mitigating Risk by Evidencing Risk Control
“ …..we will scrutinise proposals for new UCITS III funds and
conversions of existing funds and will engage in a thematic
review of the risk management of firms that are proposing to
operate or are operating UCITS III funds.”
Hector Sants, 19th September 2005
Slide 1
Mitigating Risk by Evidencing Risk Control

….financial services regulators around the world are rightly concerned
that the business and affairs of financial services firms are responsibly
and effectively organised and controlled at senior management level and
that firms’ senior management take responsibility for this

a firm is required to establish, implement and maintain adequate risk
management policies and procedures which identify and set the tolerable
level of risk relating to its activities and effectively manage those risks.

A firm also has to have a separate risk control function, where this is
proportionate depending on the nature, scale and complexity of its
business. This function will be responsible for assessing the risks that
the firm faces and for advising the firm's governing body and senior
managers on these risks.
Christine Sinclair 15th May 2006
Slide 2
Generic Risk Process

Define Risks the firm is prepared to take (Risk Appetite)

Identify risks the firm owns (to capital, reputation, earnings, brand….)

Categorise and identify the drivers of these risks (investment performance, market,
credit, operational, event….)

Agree measurement techniques (attribution, VaR, stress testing, scenarios, other…)

Agree limitations of these techniques (Correlations, Fat Tails, model validity under
stress…)

Design / Build / Implement systems and processes to capture this information

Set and operate appropriate controls (limits, delegated authorities, escalation
processes

Apportion responsibility for managing these risks
— Business management to own them
— Risk management to provide oversight
Slide 3
Objective of the ICAAP

How much and what composition of internal capital the firm
considers it should hold as compared with the capital
resource requirement (CRR) ‘pillar 1’ calculation , and

the adequacy of the firm’s risk management processes
…with respect to capital adequacy….
Slide 4
Risk Framework
What are the risks?

Strategy

Earnings

Reputation (Brand?)

Investment Performance

Failure to deliver mandated product
— Includes TCF, Advertising…

Operational Risks

Legal & Compliance Risks
Slide 5
What Risks Should Be Considered for ICAAP?
Slide 6
Other issues?

Group Structures – strengths and weaknesses….

Outsourcing (and insourcing!)

Where applicable, details of any other business-unit-specific or
business plan stress tests selected

Differentiation between ICAAP requirements and good business
management….
Slide 7
ICAAP

Annual?

Risk types considered to justify “exclusion”?

Capital required to mitigate worst case occurrence

Not a process to manage the business….
Slide 8
An Appropriate Risk Management Infrastructure
Who owns this and why will it happen?

Senior Management
— CEO/SEO / Apportionment Officer
— SIAPs

If you don’t understand it, you shouldn’t be responsible!

Others
— Line Management
— All staff
Slide 9
What Is Involved?
Company Risk Framework
TABLE OF CONTENTS

Overview

Governance
— Roles and responsibilities
— Definition of risks and risk appetite

Risk Management Framework
— Risk and Control Assessment processes
— Incident Management processes

Reporting and Monitoring
Slide 10
Example: Roles and Responsibilities

Senior Management are responsible for implementing
— An effective and appropriate operating structure that has transparent
and formal responsibilities including:
—implementing risk management frameworks within their part of
business.
—developing and implementing processes and procedures for
measuring and managing risk in all of the material products,
activities, processes and systems of their part of the business.
—understanding and evaluating the risk profile and ensuring
appropriate risk mitigation within their part of the business.
—producing reporting to demonstrate the effectiveness of the risk
mitigation they have applied
Slide 11
What Does This Mean?

Much of this will exist, some is documented….

Document from the top down, pull all existing frameworks
together……

Quality not Quantity (substance not form)

Ensure that Management Information produced by all areas can
support the risk framework (evidences management control)
Slide 12
Reporting Structure
Board of Directors
Management / Board / Risk Committee
Business area Heads / Senior Management
Monthly / Quarterly Reporting
Chief Executive
Officer
Risk Management
Monthly / Quarterly reporting
Line Management
Monthly / Quarterly Reporting
Business Activity
Daily/ Weekly/Monthly /Quarterly Reporting
Slide 13
Example - New Product Process Risks?

Strategy

Earnings

Reputation

Investment Performance

Failure to deliver mandated product
—Includes mis-selling,TCF, advertising…

Operational Risks

Legal & Compliance Risks
Slide 14
Example - New Product Process

Initial idea - (Marketing?)
— product, marketplace, competition, asset target, costs, profitability....

Management support

Front Office design (Portfolio Management?)

Middle/Back Office ability to support proposal

Legal/Compliance/Risk review
— Is the proposal legal and are we allowed to build/distribute?
— Do all areas of the business understand what is required of them?
Slide 15
Product – Marketing Responsibilities
Internal

Clearly defined product characteristics
External

Compliant marketing materials
— objectives,
— Brochures / Applications
— sources of alpha / absolute return
— IFA materials
— risk controls & characteristics
— Advertising
— fees and commissions

TCF considerations

Clearly defined target marketplace
— Place in market

Clearly defined target sales and
timescales
— Place in portfolio

— Family/friends…..
Clearly defined product review process
Slide 16
Product Investment Management Responsibilities

Through what clearly defined investment process and risk controls &
characteristics will they capture the alpha / absolute return to deliver
the clearly defined fund objectives ..........

Credibility of how they will deliver consistent product/performance….

Ability to explain/demonstrate sources of absolute and relative
performance (Attribution)

Ability to explain demonstrate current portfolio positioning/”bets” (risk
analysis)
Slide 17
Middle/Back Office Responsibilities

What new systems or people are required?

On what platform / how will you
— price
— account
— risk measure
— report

What processes change as a result of this?

What manual processes are introduced?

What processes are special/different for this product?

Ensure continuity and disaster recovery
Slide 18
Risk Management Process
Investment Risk

Review proposed product characteristics versus proposed objectives /
market / clients for “goodness of fit”

Ongoing review of the performance, attribution and risk analysis of product
using appropriately designed statistics and techniques – still “true to label”?
Operational Risk
Ensure
—specific accountability, policies & controls, reporting at launch & ongoing
—segregation of duties at launch & ongoing
—Key Risks, Key Controls, Control Enhancements identified and addressed…
—Integrate into ongoing OpRisk reporting – enhance where necessary
Slide 19
Additional/Enhanced Processes.…?

Instrument / portfolio pricing

Instrument / portfolio risk analysis

Risk Management oversight

Management oversight

Board reporting
Slide 20
Who Owns What?

Product design

Marketing / Distribution (/ Investment Management)

Investment delivery

Investment Management

Product support

Middle/Back Office

Product launch

CEO

Oversight

Senior Management/CEO
— Legal/Compliance/Risk Management

Ongoing product life

All of above
but ultimately, CEO………..
Slide 21
Conclusions

Senior Management resolve is key

Don’t build the Bugatti Veryon *
— Model Bugatti Veyron 16.4
Engine type 7993cc, 16 cylinders in a W
Power/Torque 1001bhp @ 6000rpm / 922 lb ft @ 2200rpm
Performance 0-62mph: 2.5sec / Top speed: 253mph
Price £810,345
Verdict Blows away all the other supercars

Set senior responsibilities and deliverables to drive framework down through
the business

Ensure reporting is appropriate and evidenced

Having created this framework, be ready for internal/external review…
* Source: Times Online
Slide 22