Current Entries  |   RSS Feed  |  

The pressures of Dodd-Frank are not just directed at the banks but also regulators, insurers, and of course consumers.   The US Court of Appeals ruled just two weeks ago* that the SEC acted "arbitrarily and capriciously" in failing to fully assess the financial impact of a new proxy rule.  Clearly the challenge of demonstrating a new rule's impact on efficiency, competition, and capital formation is daunting for the regulators and will surely continue to stall the development of the 400 rules required by the new law.

Coincidentally, MetLife announced about the same time that it would take action similar to competitors such as Allstate and divest its depository business, thereby avoiding the risk of regulations and capital standards on the development of its core insurance business.** The regulatory pressure and the past experience of Metlife's participation in the stress test, likely gave the leadership the impetus to reexamine the risks associated with keeping the bank holding company that recently accounted for only 2% of their earnings.

Of course the day-to-day pressures are also on the chief risk officers and managers of financial institutions to navigate their businesses toward more effective and efficient risk management.  To that end the starting point is really to examine the current organization maturity, and contrast it with the objectives and climate of the organization.

In last week's blog we outlined the first two levels of maturity – the Incomplete and Reactive level and the Managing and Filling Gaps stage.  The figure below frames the rest of the maturity model with contrasts between the limited and mature ERM characteristics, but here are the next two stages along the way:

Once the basic systems are in place which ensure at least minimal risk avoidance and compliance, an organization can begin re-designing its risk management systems and structures to fit with the existing cultural disciplines – the Redefining and Re-architecting phase.  These organizations identify and assess risk both functionally but more importantly along customer service delivery lines.  (e.g. consumer lending, consumer deposits, cash management, etc.)  The goal is to begin embedding risk management as part of the current or needed mechanisms for improving and managing a service.  It is critical with this stage that one outcome be a shared alignment and vision by leadership that risk management is everyone’s job just like cost and service delivery.

Measured, Optimized, and Strategically Performing – In this phase, the vision is less about risk management and infrastructure but more about completely embedding it in the culture and shifting toward real-time, data-based, and risk-informed decisions.   The ability to edge out the market is seen as a competitive advantage but also understood to be a core competency not just of a few, but of many.   The leadership is able to balance demands and is well prepared for churn and change.  This organization is not often taken by surprise and is equipped to manage effectively forward.

Regardless of your organization's current circumstance and vision, one core question that needs to eventually be addressed is how much value is being generated based on the investment in risk—and what can you do to improve the value-for-cost ratio.  We'll explore that topic next week.

(*) Source: American Banker, 2-Aug-11 "Appeals Court Ruling Likely to Delay Dodd-Frank Regs"
(**) Source: American Banker, 21-Jul-11 "Regs Push MetLife Out of Banking, into Shadow System"

Click here to view our recent webinar with IDC Financial Insights on Enterprise Risk Management