Accepting The Risk

Dresdner Bank AG is also building a tighter relationship with its customers, which makes it easier to sort out the bad apples that will do the bottom line wrong. Dresdner, a German bank with more than 1,100 branches in 70 countries, uses business-intelligence tools from Business Objects SA that provide a comprehensive view of its customer relationships and risk exposure. Traditionally, collecting data and then reviewing and analyzing a customer portfolio for risk could take weeks. Using the business-intelligence tools, including at the branch level, employees can create ad hoc queries and reports on a customer. The customer data is checked against 50 or more risk factors, and the results are used to calculate a credit-risk indicator. That indicator can be analyzed and aggregated along many dimensions, including customer segment, branch, and region to isolate and track credit risk over time.

Though credit risk gets most of the IT budget today, Gartner's Cournoyer predicts that by the end of the year, spending on tools to measure and mitigate operational risk should grow at a faster rate as regulators clarify Basel II guidelines and the industry develops best practices and technologies. As these three risk categories vie for attention and budget, analysts say financial institutions will need to build a holistic risk-management architecture based on real-time data that's collected on a transactional level, says Guillermo Kopp, director of financial-services strategies and IT investments at the advisory firm TowerGroup. "What [institutions] want is to integrate information from all product systems, credit systems, account systems, fund-transfer systems in a way that reflects credit, market, and operational risk at the enterprise level," Kopp says.

That's easier said than done for an industry that continually struggles with data-integration issues. But a deadline is on the horizon, since Basel II will likely require that banks be able to access three years' worth of data related to risk when the regulation goes into effect in 2006. Kopp recommends a bottom-up approach, where transaction-level data is monitored and captured in real time and a rules engine associates transactions with events and losses.

Financial-services companies will grow more dependent on business technology to keep from being overwhelmed with risks, regulations, and competition. "There are a lot of issues coming down that we have to comply with," says Raymond James' Helck. "The CIOs in the financial-services world have a great opportunity here to add value to their organizations by creating risk-management, compliance, and sales-management tools."

That value could extend beyond their companies, or even the industry. Financial services, as one of the most heavily regulated industries, often pioneers rules and guidelines that are quickly picked up by other vertical industries. "This isn't just about Basel. This is about everyone," Bits CEO Allen says. While Basel will affect the 20 or so largest U.S. institutions, with another 20 or 30 likely to opt in to the requirements because it gives them an edge in competition or reputation, it'll open the discussion on measuring and putting a value on operational risks. Regulation or, more likely, market pressures will force every institution to adopt some flavor of the policies in time. Allen believes most public companies ultimately will have documented operational-risk programs. Says Allen, "It's important to give a heads up to everyone that, whether you're manufacturing or pharmaceuticals, in your industry you have operational risks, and your business is going to be impacted by that."

Illustration by Michael Klein
Photo by Jeff Sciortino