As multibillion-dollar subprime losses mounted at almost every global bank and heads rolled on Wall Street as a result, financial institutions headed into 2008 with a mission to shore up their risk management practices. But just as organizations began to assess their failures and pick up the pieces, the $7 billion Société Générale fraud hit the markets.
Regulators have asserted that the Soc Gen scandal was caused by the bank's lack of internal controls. But most analysts say similar acts of fraud could occur at almost any other bank, as well.
Now, in the aftermath of the credit crisis and the Soc Gen scandal, the spotlight has fallen on the risk manager. But should we really be pointing the finger at this crucial, but often unpopular, figure?
Not according to Phillip Silitschanu, senior analyst at Aite Group, who suggests risk managers cannot be blamed directly for either the credit mess or the Soc Gen fraud. "I don't think it's fair to point the finger at the risk manager per se," he says. "The reality is that for the most part, most of the trading and events that led up to [both failures] hit and met all the necessary metrics of risk management that had been put into place."
According to most experts, any shortcomings in risk managers' oversight are only partly to blame for the credit crisis and the Soc Gen fraud. Other factors -- including insufficient data, inadequate technology and improper security procedures -- contributed equally to the current market turmoil.
Observers point out that in the run-up to the credit crisis, some institutional investors failed to weigh data that indicated some collateralized debt obligations (CDOs) were particularly risky. "It was the risk management software and systems that hadn't been properly adjusted and set up to look for the specific issues that caused these problems," says Silitschanu. "It's not as if these metrics were raising red flags and risk managers were saying don't worry about it."
Without the appropriate data, computerized models were not able to provide an objective risk analysis. It is unclear, however, whether portfolio managers hid the true risks from their risk managers in pursuit of higher returns, or whether risk managers failed to provide accurate analysis.
Eric Bass, senior managing director for banking and capital markets at SMART Business Advisory and Consulting, says risk managers often are hampered by insufficient data and/or systems. They haven't been able to gain access to "quality data that can be used for risk analytics and the databases and technology needed to perform those analytics," he contends.
"Enterprise risk systems by their nature are large, expensive and difficult to keep changing," Bass explains. "They become ineffective very quickly. Traders are trading very exotic hybrid products where the underlying data may not be available to the risk manager. So they use historical information as a proxy for the volatility and riskiness of positions and how they should be hedged. [But] history does not always predict the future, and these types of analytics are poorly suited for fast-moving markets."
In the case of the subprime market and CDOs, notes Andrew Wilkinson, director of media communications at online brokerage Interactive Brokers, risk managers didn't have a historic basis to which to compare risk exposure. "[The market] had never gone belly-up before," he says. "Generally people look at what happens if one counterparty goes down. ... But what if the whole industry has a problem?"Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio