RISK MANAGEMENT FORTUNE TELLING

Allow us to read your past and future...let's see, we are focusing on your mind, catching your aura, channeling your soul...we got it. We would say that you are mostly quiet, but when the mood strikes you, you can easily become the center of attention. We see a problem with a father-figure in your family. Wait, there is more, you are also having a problem with a friend or relative. Our advice is to be the bigger person and settle. Finally, we are sensing you have more risk around you than you know. This risk will present itself soon and if not handled right, will go from an opportunity to an event that will cost you. How did we do? Statistically, we are accurate for about 66% of you. How did we do it? Simple, we Shotgunned you, hit you with a Barnum Statement, gave you a little Forer action and then finished with a Rainbow Ruse. If we saw you in person we could pull out another set of techniques that would be keyed off your age, how you dress and your level of confidence. While we don't want to trample on anyone's spirituality, we can tell you that most fortune tellers utilize techniques made famously public by Ian Rowland in his book The Full Facts Book of Cold Reading. A good fortune teller picks up information, frames it and then spews it back to the subject in order to make them believe something supernatural is at work. Sometimes risk managers do the same thing when they take the pulse of the crowd and regurgitate what the crowd (board, management, etc) wants to hear. If the CEO likes a project, for example, risk will be found to be acceptable. The same thing often works in reverse as well. These days, everyone is more susceptible to a risk story and that is part of the problem. New product development, for example, is in amazingly short supply in the industry. Banks notoriously lack an "innovation process," which often prevents them from solving one the largest risks in banking - the lack of fee income and customer-oriented products. We hear story after story of not being able to approve online account opening, mobile banking, electronic invoice management, etc.; all because of some risk aspect. If objectively thought about, the risk is probably less than the risk of not innovating. In defense of risk managers, handling bank risk is a fairly new field so things are in flux. Most of the problem with risk management is that risk can mean different things to different people. Even worse, it is often hard to understand what risk is even being talked about. The current best practice for banks starts with trying to create a definition of risk and then goes on to define a methodology and framework (on how to measure and monitor a specific set of exposures). The important point here is to come up with a common language to discuss risk internally, so everyone has tools to use. If the board were to say they want to take a "medium" level of risk, managers must ask what that means and how will it be measured. Does that mean medium credit risk and low interest rate risk? Is a certain amount of reputational risk acceptable, but regulatory risk is not? If the board says to "maintain the current level of risk," how do they know that the current level of risk is acceptable? This year, the trend is for the board to say they want to reduce risk, but grow loans! These are two largely diametrically opposed statements. Another problem comes when setting priorities. When a management team talks about risk it is important to know whether they are referring to the risk to capital, earnings or reputation and which is more important?. What about the tradeoff between employees and customer performance? By ranking your risks, everyone in the organization should know when you talk about "undue risk," what you are really talking about. In order to move risk management away from the realm of false divination, risk committees should spend time developing definitions, priorities and an understanding of what risks they seek to control. In addition, management teams should know that controlling risk is everyone's responsibility and an ongoing issue to measure, manage, monitor and control. By incorporating a rigorous approach, risk management moves from the realm of the supernatural to science.