SAS Institute: Banks Lack A Comprehensive Risk Management Strategy
Among the challenges identified by the survey's respondents were data management and company culture, which hindered implementation of "comprehensive" risk approaches.
Business technology managers have long talked about the problem of "information silos," in which a business lacks the culture and infrastructure for sharing knowledge and data company-wide. Could that have been a fundamental problem of financial firms hit by the mortgage crisis?
That's one conclusion by SAS Institute, which counts banks and insurance companies as among its biggest customers of business intelligence software, including risk management. The company sponsored a survey of 316 financial services executives in July, in which 70% of respondents said that the losses stemming from the credit crisis were due to failures to address risk management issues.
Fifty-nine percent of survey respondents said the credit crisis had prompted them to scrutinize their risk management practices in greater detail, partly due to anticipation of closer scrutiny from regulators.
Among the challenges identified by respondents were data management and company culture, which hindered implementation of "comprehensive" risk approaches, said SAS Institute. Some financial services execs cited access to relevant, timely, and consistent data as a major obstacle. Almost half of the respondents said fostering a culture of risk management was the most widely encountered challenge.
SAS concludes from the survey and customer discussions that many banks have "very good siloed risk management, but not a true enterprise view of the risk," said David Rogers, SAS's global product marketing manager for risk, in an interview Tuesday.
A more strategic, company-wide approach to implementing risk management software and business processes, with dashboard views of company-wide risk issues for executives, would help protect financial firms against future miscalculations, he said. But it's not the only answer. Too many banks have made the mistake of focusing on profit and treating risk management as an afterthought, and haven't done enough to educate employees on the topic.
"You can't take risk management out and treat it as a separate thing," Rogers said. "It has to be part of the business and have the respect of the business unit managers."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.