About a-team Marketing Services
The knowledge platform for the financial technology industry
The knowledge platform for the financial technology industry

A-Team Insight Blogs

Virginie’s Blog – More Than a Question of Technology

Subscribe to our newsletter

This afternoon I conducted my first ever twitterview (a twitter interview conducted via my handle @virginieateam) with Marcus Cree, director of risk solutions for SunGard’s capital markets and investment banking business (@MarcusCreeRisk), and Michael Versace, director of global risk at analyst firm IDC-Financial Insights (@versace57). Amusingly, given the format, the topic of conversation was the challenges facing the risk function beyond technology: governance, profile raising and general cultural changes. It included lessons that could equally be adapted to the data management function, as well as risk.

The risk function (and data managers for that matter) is being asked to do much more to meet the incoming onerous requirements of new regulation, with the same resources as ever. Not only that, but many are not being granted the power to effectively carry out the sea changes required to meet this much more intense scrutiny. Cree and Versace chatted to me about how this governance challenge is shaking out and what can be done to tackle it.

For those of you that missed the #riskchat, here it is for you in full:

Are firms waking up to the need to adopt enterprise risk management (ERM) infrastructure?

Cree: Slowly, since the crisis hit, the crosshairs have moved between models and incentives, but as normality resumes, the lack of risk as a cultural imperative has been recognised. This is also reinforced by Dodd Frank and the new Basel rules (see more A-Team commentary on the subject stemming from SunGard’s recent City Day in London here).

Versace: More than 75% of the financial firms we speak with have a chief risk officer (CRO) – that’s waking up, I guess.

The challenge beyond technology is cultural for ERM to work, how are firms tackling this?

Versace: By linking risk vision and accountabilities to performance, and from performance to compensation.

Cree: It comes down to looking beyond calculations, and focusing on credibility of results, and distribution of those results. Asking traders to use risk strategically demands that they be given numbers, in context that can be trusted!

How could they improve their risk governance accordingly? Is a CRO the solution?

Cree: To an extent, but only an empowered CRO. If CRO reports directly to CEO then you have platform for better governance. The language of the firm has to evolve to include risk context, to make risk cultural.

Versace: Measuring CRO performance is crucial but data shows compensation committees are not involved yet in ERM programmes – this is a big missing link.

Where do the biggest challenges lie on a day to day basis?

Versace: Talent, demonstrating breadth and depth of understanding in ERM functions, and selling ERM competitive advantages.

Cree: The biggest challenge is cultivating a risk culture, at the expense of absolute profits. It’s easy to talk risk in a crisis, less so when it means reducing (non-risk adjusted) profits. This is why the context of success must include risk, which is the cultural rather than mathematical part.

Regulators have stepped in to mandate certain risk governance guidelines (check out A-Team coverage of recent US led op risk guidelines for example) – is this the right approach?

Cree: It is probably the only approach, given the backdrop. But be cautious. Capital regulations provide a buffer between a firm blowing up and the potential systemic effect. They’re not there to insulate the firm from itself. This requires internally driven governance.

Versace: Regulators set expectation, but businesses hold accountabilities and compliance obligations to shareholders, customers and the market.

Have the regulators gone far enough to ensure firms change their approach to risk management?

Versace: Far enough for what? In certain areas like capital adequacy and liquidity, I think so. Security, yes. Defining understanding the economic impact of Dodd Frank, probably not.

Cree: At this point, we can’t tell. They have the mandate and implied power, but until the full regulations are in place and supervision is set against them, we won’t know whether or not they’ve used their full firepower.

How could firms leverage technology to this end? If at all?

Cree: Don’t get hamstrung by bad technology choices. Calculation/production and control/distribution require specific tech solutions. Keep focus on end point goals and choose technology for each. Take an infrastructural approach to join the dots. Think about it as a risk ecosystem, rather than an application.

Versace: There are many examples: asset liability management, financial crime, credit and portfolio risk. You need the people, policy and technology to manage risk.

What would be your advice to risk management teams struggling with a lack of empowerment?

Cree: Take the bull by the horns. Be willing to expose errors and gaps, and generate firm-wide participation. Empowerment is borne from credibility, which involves evolving from a regulatory capital report into a strategic tool. Be willing to debate and validate or change your approaches. No one will empower you without you first proving why they should.

Versace: Be business people, demonstrate returns from effective ERM, and the costs of the ‘wait and see’ approach. You’ve got to be thinking this way, because your competitors are.

Subscribe to our newsletter

Related content

WEBINAR

Recorded Webinar: Best practice approaches to data management for regulatory reporting

Effective regulatory reporting requires firms to manage vast amounts of data across multiple systems, regions, and regulatory jurisdictions. With increasing scrutiny from regulators and the rising complexity of financial instruments, the need for a streamlined and strategic approach to data management has never been greater. Financial institutions must ensure accuracy, consistency, and timeliness in their...

BLOG

Data Readiness is No Longer Optional for Banks

By Stuart Harvey, Chief Executive of Datactics. In a landscape marked by increasing regulatory scrutiny and accelerating digital change, data has long since shed its role as a by-product of banking operations and is now a critical strategic asset. The speed at which institutions must demonstrate data integrity, quality, and accessibility has made compliance not...

EVENT

AI in Capital Markets Summit London

The AI in Capital Markets Summit will explore current and emerging trends in AI, the potential of Generative AI and LLMs and how AI can be applied for efficiencies and business value across a number of use cases, in the front and back office of financial institutions. The agenda will explore the risks and challenges of adopting AI and the foundational technologies and data management capabilities that underpin successful deployment.

GUIDE

The DORA Implementation Playbook: A Practitioner’s Guide to Demonstrating Resilience Beyond the Deadline

The Digital Operational Resilience Act (DORA) has fundamentally reshaped the European Union’s financial regulatory landscape, with its full application beginning on January 17, 2025. This regulation goes beyond traditional risk management, explicitly acknowledging that digital incidents can threaten the stability of the entire financial system. As the deadline has passed, the focus is now shifting...