Open Platform: New Rules, New Risk Management Strategies

In addition to internal risk management and accounting practices, regulators and market participants have identified data management as a key challenge to effectively managing risk and exposure. For example, the Lehman Brothers examiner found that the firm stored key data on a “patchwork of over 2,600 software systems and applications,” many of which were “arcane, outdated or non-standard.”

Lehman’s decentralized infrastructure is far from unusual—at many firms, multiple systems perform the same function, leading to duplicated and fragmented processes. In other cases, systems do not—or cannot—interface with one another, making it easy to overlook key information and miss inconsistencies. Many legacy systems are batch-oriented and require manual intervention, so reports can be run only at the end of the day, or even less often.

It is generally difficult to extract data from such systems, so a report may only cover a small slice of a firm’s activity or business. This makes it tricky, if not impossible, to calculate up-to-date and accurate figures on risk and exposure. This challenge is often exacerbated by a lack of communication between departments and lines of business. Even when a business group discovers valuable information, it may not be shared with others.

Firms will need to report in near–real-time on a wide variety of points across geography and asset classes. They will also have to track and analyze a huge array of data, from trades and quotes to phone calls, instant messages (IMs) and earnings reports. In addition, regulators will likely request much more granular data—down to the transactional level. Firms will need to track unsettled transactions, for example, in order to understand counterparty risk.

Right now, firms may not be collecting this data or even know where to find it, much less be able to provide real-time reports on it. One study found that 61 percent of risk managers believe that they do not effectively collect, store or aggregate data.

Planning
What can firms do—strategically and tactically—to prepare themselves for new and future regulations and market developments?

The Enterprise-Wide Approach
By taking an enterprise-wide approach, firms can promote communication and access to information across the organization. This will help them quickly obtain accurate information about their total risk exposure, understand the scale of the risks that they face, and adjust their strategies accordingly.

Flexible Technology
Systems must not only be open and easily integrated with one another but must be dynamic as well, because models and analytics will continue to evolve. Firms will also need to be able to collect a vast range of data types at a variety of levels of detail from numerous legacy systems.

The Right Data Management Strategy
Developing the right approach to data management will underpin the success of any response to market events and new regulations. Some firms may already have a data management strategy—in which case, they will need to re-evaluate it in light of the latest events and upcoming changes. Others may need to start from scratch. Either way, a few key questions to ask are:
•    What is our current data management strategy?
•    Does it reflect the post-crisis changes and the expected regulatory requirements?
•    Is it consistently followed across the enterprise?
•    Is it flexible enough to be effective even as regulations change?

The data management infrastructure should be able to aggregate data from multiple source systems from across the organization, normalize it and consolidate it into a real-time stream that can feed any downstream system. Firms can then create a real-time view to show their risk and exposure across the firm, feed whatever data is required to the regulators, and be able to answer requests from senior management quickly and accurately. This approach also supports compliance with future regulations as well as new internal strategies as market conditions change.

Evaluating the Technology
In order to meet these goals, firms need to determine how to get to the data the regulators might need. This involves evaluating all the relevant systems, after which firms can answer the following questions:
•    What data management systems are in place?
•    What businesses and products do they touch?
•    What data is contained within each system, and how easily can it be accessed?
•    Can systems extract data in real time from source systems and deliver real-time data to downstream systems?
•    Are the systems integrated with one another or isolated within business units?

It may not be possible to access real-time data within some platforms, given their age or design. In that case, firms need to plan for the retirement of those systems and the migration to their replacements.

Opportunities
In addition to identifying technological gaps, developing or updating the data management strategy can reveal new opportunities. With an IT infrastructure that can produce real-time, enterprise-wide risk reports, firms can understand their true position and exposure at any point in time. In addition, they can make more informed decisions about investments, trades, and other activities, which may lead to new business opportunities for the firm and its clients. Other benefits include the ability to more quickly add new products and services and upgrade or replace legacy systems with minimal disruption. As firms begin to break down internal barriers, they can share vital information and become aware of both risks and opportunities. Senior management will want the same information and measurements as the regulators—possibly sooner than regulators will require it. The right strategy will provide executives with the tools they need to respond.

The process of mapping the existing environment can reveal operational inefficiencies, out-of-date systems, and manual processes. Updating or consolidating these systems, or migrating to new ones, can greatly increase efficiency and help reduce errors through automation and straight-through processing.

Acute Challenge
As financial services firms and regulators analyze current approaches to internal and systemic risk management, data management has become an important element. If a firm can’t collect and aggregate key data—down to the transactional level—then the value of any risk management strategy is reduced and reports may not be accurate. Firms need the right models, flexible systems and access to up-to-date data on an ongoing basis.

There is no doubt that the challenge is massive—the data and systems that a firm deals with on a daily basis are complex and growing. In the past, data management projects have largely been driven by efforts to improve data quality. Today, firms are also motivated by new regulations. But they will also find that there are many additional benefits to implementing a flexible, enterprise-wide data management strategy.

This article is based on a SunGard white paper. To request a copy, please e-mail Rosanne Arnet at Rosanne.arnet@sungard.com". Tony Scianna is executive vice president of SunGard’s brokerage and clearance business.