Risk Management: Knowing When It’s Time to Start Again
Once again the U.S. Government Accountability Office is warning that the “fragmentation, overlap, and duplication” within the financial regulatory system poses a risk to efficient and effective oversight on institutions.
It’s all part of its biennial report, High-Risk Series: Substantial Efforts Needed to Achieve Greater Progress on High-Risk Areas. Every two years the watchdog reports on high-risk federal programs and operations, including the U.S. financial regulatory system. As in previous reports, the agency expressed concerns that “the U.S. financial regulatory structure remains complex, with responsibilities fragmented among a number of regulators that have overlapping authorities. We have noted that this fragmentation, overlap, and duplication introduce significant challenges for efficient and effective oversight of financial institutions and activities.”
The agency encourages Congress to consider changing the financial regulatory structure to increase oversight efficiency and effectiveness. “For example, Congress could consider consolidating the number of federal agencies involved in overseeing the safety and soundness of depository institutions.”
Is this likely to happen? I think not. It’s not the first time the GAO has made this recommendation, and it probably won’t be the last. I just don’t think there’s an appetite for reinventing financial regulation right now. Dodd-Frank is still settling in.
Signs Your ERM Program Needs a Refresh
The report also reminds me of a question I frequently get: How can you tell if a risk management program needs to be totally reinvented?
Trashing an existing program is a bold step. It’s disruptive and expensive in the short-term, but like any new system the benefits of a complete overhaul can often outweigh the inconvenience.
If you are experiencing several of these issues, it’s probably worthwhile to consider rethinking your FI’s approach to enterprise risk management:
- You suspect multiple people are doing the same work because no one is tasked with connecting the dots.
- Blind spots. Poor communication means one area doesn’t know what the other is doing.
- The current system is unwieldy and requires substantial manpower to keep organized. No one has an overarching view of what needs to be accomplished.
- Different departments and business lines use their own approach to conducting similar activities, resulting in conflicting assessments.
- Unintended consequences. The FI is gob smacked when strategic decisions don’t work out as planned.
- Playing catch up. The board and management are making decisions, and the rest of the FI is scrambling to keep up and understand the impact.
A few minor issues can often be addressed by tweaks. After all, any good risk management program is constantly evolving. But if this list looks like your daily list of fires to put out, a reinvention of your ERM approach could be seriously worthwhile.
Not only will it save money by improving work product efficiencies, it will give your board and management better data and insights into decision making.