6 minute read
A risk manager’s journal of the plague year by Elisabeth A. Wilson & Sunil K. Kansal
a risk manager’s journal of the plague year
by Elisabeth A. Wilson & Sunil K. Kansal
Advertisement
abstract
how it all begins
risk challenges presented by the situation
The aim of this article is to share the key learning experiences from the challenges presented by COVID-19 that Risk Managers have had to accept and live through.
Last New Year’s Eve, one of us proposed a toast, a final farewell message to 2020. It was brief and succinct. It was heartfelt. And it was worded in the strongest possible terms. Our grandmothers would have blushed. But like everyone (who may have toasted out the old year in a similar fashion), we despised 2020—a year so terrible it felt like it actually encompassed two years, with the month of March serving as the great divide between the normal, daily grind and the dissent into a dystopian hell.
Great change often fosters great upheaval. The COVID-19 Pandemic has not only ushered in the most striking physical and mental health crisis of our age, but it has caused widespread concern and economic hardship for consumers, businesses, and communities across the world.
One of the immediate effects of the pandemic felt by the banking industry triggered from retail clients, and then, slowly, credit risk stemming from corporate clients materialized. The pandemic necessitated that banks make liquidity assistance available quickly and readily to their clients to keep them afloat. The challenging task was how to ensure related processing times were kept at a minimum, customers did not face any hardship, information could be exchanged electronically, all while ensuring internal controls were not bypassed.
As we mentally prepared for ever more depressing news to come on the television, it struck us that, suddenly, we all now had to conduct our day-to-day work from home. Abruptly, the banking operating model was in dire need of change, such as the re-configuration of tasks, processes, and management of the remote workforce, to address and meet the services customers expected banking institutions to deliver.
Now the entire banking industry had to rely heavily on technology. Of course, all those institutions that had already invested heavily in technology had far less to worry about than those that were now repenting their past reluctance when it came to financing technological solutions. The quickest possible adoption of technology was the only way to make this transition happen, while simultaneously ensuring that revised operating models and processes were risk-secured.
how we fought through
All risk managers live in constant anticipation of risks and their interconnected repercussions. But while our role may be to predict and minimize potential impacts, a large part of that job is also to harness the lessons of the past—and right now, the present—to build more comprehensive and effective risk management frameworks.
At the outset of 2020, risk managers across the banking industry faced the following challenges:
• Internal digital coordination (including risk reviews) to ensure internal controls were not weakened
• Rapid risk analyses to support online exchange of documents submitted by customers (including review, analyses, processing, and credit re-ratings in the back office)
• Establishment and expansion of application and processing routes for the effective use of subsidy programs
• Online resources to support retail customers who needed to restructure their loans
• Online analyses of the impact on customer creditworthiness and the extent of loans
• Online review and adjustment to overdraft/drawdown limits
• Setting up digital communication offerings to retail customers.
The advent of these rapidly installed technology solutions has introduced new and evolved vulnerabilities to banks’ operating models. Risk Managers must now reevaluate heightened cyber security risk exposures and assess potentially more nuanced business process failures—and determine the extent of reputational ramifications one or both might entail. Predictive models and other control designs need to be restructured to account for unanticipated gaps. Automation, always a double-edged sword, must be balanced against a robust, clearly defined risk culture to ward off pitfalls stemming from lack of manual intervention and detection.
In addition to newly introduced technology risks, operational breakdowns and errors may start cropping up right and left. If these remain unchecked, en masse they could pose broader financial, legal, regulatory, and reputational ramifications, while generating increased employee fatigue and burnout, fueling a vicious cycle. Empathy is needed more than ever as risk managers struggle through current upheavals.
It is easy in times of economic downturn for companies to remain focused on the balance sheet and stock prices while forgetting the humanity making the hamster wheel turn. The more company employees and consumers (and Risk Managers) endure, the more they can suffer from heightened fatigue and burnout that can lead to missteps, misstatements, and misalignment.
lessons learned
With 2021 slow to show some promising improvement, we have been tempted to compose an equally succinct epitaph for this year as well. Writing this article, we realized that trying to seek answers to the trials we face today simply breeds more questions. But these are questions that we, as risk managers, are equipped to help solve.
Risk managers’ perspective of the world has always been tinged with a little pessimism because we are paid to think endlessly on what potentially could go wrong. Ironically, this mode of thought should fuel optimism. Because, like the mythical phoenix rising from the ashes, from great catastrophes come comprehensive and well documented risk studies. Because risk managers have studied great downfalls and failures of the past, we implicitly understand how to remain resilient and how to rebuild. Living through the challenges of today will make us a little stronger and a little wiser when it comes to predicting the next black swan event. And it reminds us that we need to be ever vigilant—not just in preparing for the next pandemic—but in ensuring our institutions are agile and dynamic enough to pivot from one crisis to the next as the challenges mount in the years ahead.
authors
Sunil Kansal
Risk Manager at Atlantic Union Bank, Virginia, USA Sunil heads the Consulting and Valuation division at Shasat Consulting and has been leading several IFRS, US GAAP, Risk Management, Valuations, IBOR Transition, and technical advisory projects. He has over 20 years of industry experience working with ING Group and Bank of America as well as with all the big four accounting firms in several jurisdictions. Sunil has authored many technical articles and books touching on the most pressing, accounting, risk management and industry issues (Banking and Insurance) including credit risk in the valuation of derivative instruments (CVA, DVA, FVA and XVA). He is a regular speaker through various forums. Sunil is a fellow of the Institute of Chartered Accountants in England and Wales (ICAEW).
Elisabeth Wilson
Head of Consulting at Shasat, Chartered Accountant, and a Fellow of the Institute of Chartered Accountants in England and Wales Elisabeth Wilson has worked for over 13 years in the financial industry. She was recruited to Atlantic Union Bank’s Enterprise Risk Management Department in 2016 to support development of the company’s then-burgeoning risk management framework. She continues to build, implement, and manage key risk programs, driving regulatory alignment and promoting bank-wide engagement while simultaneously supporting business line risk oversight. Elisabeth is based in Richmond, Virginia.
Disclaimer: All views expressed in this article are our own and do not represent the opinions of any entity that we may be associated with.
VIRTUAL EVENT CYBER RISK MANAGEMENT FORUM
