In light of ongoing events in global banking, it is fitting to explore what scope there is for further change in the management of commercial bank credit risk.
Commercial banks are in the business of lending money and exposing themselves to credit risks. Over the years, banks operating in the middle-market have developed sometimes sophisticated but often rudimentary approaches to the management of these risks. The fundamental and ongoing question for a bank’s top executives is whether risk management is about ‘regret management’, or whether risk management activity is expected to be a contributor to the value of the firm. The most overt manifestation of value is when a bank can steal a march on its competition as a consequence of its investment in risk management activity.
Invest Today or Tomorrow?
Too often, the answer to the question above is that the board views risk management as regret management: the chief risk officer (CRO) is held accountable for avoiding material levels of credit risk provisions and/or significant increases in the level of credit risk provisions — so that the CRO’s primary aim is to ensure that nothing regrettable happens on his or her watch.
Traditionally, the drivers for risk organisational design range from prudence, to regulatory considerations, to the desire to maintain consistent shareholder returns. However, risk value-added is typically not a driver.
If a bank is to change from these more traditional approaches to one in which risk management is expected to be a contributor of value, a change in organisational design is necessary. This requires investment. Inhibitors on investment in risk management activity have typically been cost, resource constraints, staff constraints and limited investment budget, the latter often caused by an over-riding desire to maximise the next period’s financial results announcement. The final inhibitor is often a lack of transparency regarding the benefits that would arise from the change.
This is the crux of the problem. Investment in risk management is often seen as a soft option, something that can be avoided unless or until the bank has a problem, or until changes in the regulatory environment force the pace of modification. The expectation is that if investment in risk can be postponed, it will reduce current period spend, and/or enable investment to be targeted at unrelated income-producing and customer-facing needs that tend to be seen as the best means of delivering early increases in profitability.
So why change organisational risk management design, and why do it now? Beyond the obvious increase in market volatility, the answer to this question depends on whether or not senior management perceives an opportunity for using risk competencies as a source of competitive advantage. The reality is that, not only should financial institutions endeavour to ensure that their risk activity does not damage them in any way — they should also leverage their investment in risk and use it to enable them to gain an advantage in the market.
Put another way, whatever the market conditions, there are opportunities for all banks to invest in changing risk management to improve their financial performance, without compromising prudential or regulatory considerations.
Historical Flaws
From the middle-market perspective, the branch manager model epitomises all that is wrong with the historical model: local risk management. A typical branch manager might be accountable for everything that goes on within his local geography. If anything is outside his discretion, summary information goes to either a regional office or the head office for approval.
This is a model that has worked adequately for decades in many countries because local managers have been trained in the ‘art’ of credit risk management, and banks have developed tools to monitor local performance, bank account behaviour and compliance. Reporting mechanisms and audit processes are in place to identify exceptions and problems, and good governance is generally designed to ensure that local management adheres to credit policies and procedures. So what is wrong with this model?
Such a distributed network approach is flawed in two main respects:
- It is relatively labour-intensive, inefficient and therefore costly.
- It deprives central management of the information and data needed for marketing, strategic planning, performance enhancement and portfolio management. In short, by changing the approach to risk management, it should be possible to use this as the foundation for both improving the cost/income ratio and for improving the performance of the portfolio, in terms of volumes and manageability.
What can be changed? The basic principles are partially evident in the world of retail credit risk management. The three main ingredients for a more efficient process are data, systemisation and centralisation.
Data gathering
Risk data is needed to power the organisation’s various credit grading (and similar) models and portfolio analysis. The better the data capture — both more comprehensive and more accurate — the more efficiently process change can be embedded. This means risk data can also be used in ways that have not been generally exploited by banks.
Banks can become far more focused in their marketing campaigns by combining good internal risk data with, for example, available vendor-provided external data. Similarly, if banks had better databases on their clients, the lending products being used by them, and the purposes for which these lending products are used, this information could be better adapted for cross-selling purposes.
There is also the question of whether or not limited insight into the riskiness of the portfolio undermines the quality of strategic decision-making. Common sense alone tells us that poor data and information must lead to poor decisions. There are so many moving parts within a lending book that it is impossible for crude high-level data to accurately inform the strategic planning process. That is not to say that planners need to be swamped with information — but the tools used by a bank should be sufficiently dynamic to be able to cope with, for example, all the correlations and concentrations within the portfolio.
Moreover, the ability to measure risk-adjusted performance is increasingly critical. Without such measures, driving the right behaviours becomes a lottery, not least because the bank cannot know what performance is value adding and what is value destroying. Ultimately, defining competitive advantage is about defining those areas where an organisation can win business from the competition and at the same time deliver better returns for the shareholders, all without putting the balance sheet in jeopardy.
Good data is also at the heart of any portfolio management model. All banks are active portfolio managers to some extent. However, decisions on changes in portfolio shape which are made without consideration for the impact on the underlying within the portfolio are inevitably poor decisions. So portfolio management needs a catch-all metric reflecting standalone risk, concentration risk, correlation risk and migration risk, commonly regarded as economic capital. Without the means to measure economic risk, banks have no idea whether their active management is adding value or destroying value. To inform all these opportunities, banks need very good, clean, granular data.
Tailored processes
Armed with good data and appropriate metrics, the next step is to use that information to improve efficiency and cut costs.
To some extent banks tend to adopt a one-size-fits-all approach for each customer segment. Traditionally this means the highest cost/least efficient approach, irrespective of the underlying. But it need not be like this. By tailoring processes that are flexible between various dimensions — such as customer sophistication, product sophistication, term, size of customer and size of facility — it is possible to materially reduce costs at the same time as improving process and efficiency.
As regards the benefits of improved efficiency, it becomes possible to leverage origination capabilities, such as by ensuring slick processes so that turnaround times are as short as possible, there are minimum queries and there is single point of entry for data. This will result in increased customer satisfaction, as well as more competitive pricing and more competitive products.
Therefore it is possible to reduce costs not only without compromising the quality or volume of income, but also with the potential to increase income. Systemisation, which means minimising human intervention and maximising the use of tools, can achieve much more for banks. By adopting a more sophisticated approach to processing credit it is possible to:
- Give each originator the tools to manage more client relationships.
- Reduce reporting and credit approval layers — for example, through one-stop credit sanctioning.
- Automate a whole range of support processes, including monitoring and control, and data management.
All of which means, for example, operating with a smaller headcount and/or accommodating balance sheet growth and a larger client base on the same headcount.
Centralisation
Having ensured improved data and reduced costs through systemisation, the next step is to further improve processes and the manageability of the bank through centralisation. There are a number of areas which lend themselves to centralisation.
First, relationship management. Historically, local management for local customers has been seen as being both in the best interests of the customer and, to a certain extent (as regards local knowledge) in the best interests of the bank. However, in the same way as aspects of retail asset management have been centralised (such as through call centres) and wholesale teams tend to be located in the money centres despite the location of their clients, advances in technology and communications mean there is plenty of scope for centralisation in the middle market.
For example, call centres are a realistic proposition for bottom-end small and medium-sized enterprises (SMEs), and many banks have identified opportunities for restructuring, reconfiguring and slimming down their branch networks, with middle-market relationship managers relocated to a distributed network of more centralised offices.
Some banks have gone as far as making their relationship management fully mobile, taking advantage of home working and periodic visits to centralised regional hubs. This presents opportunities for centralising the support infrastructure, so that documentation management, data management and loan administration can all be consolidated in the same regional hubs.
Improved data and information transfer means the opportunities for enhancing the efficiency of the credit approval process are considerable. Local or even regional risk management is no longer seen as necessary or even desirable. In turn, with greater central control and all the other benefits of improved data and systemisation, discretions can be increased, the need for ‘management by [credit] committee’ is reduced (other than at the top end), and the whole process, including training, succession planning and performance management, becomes more efficient. Most importantly, increased centralisation greatly improves the whole management of the bank. Regional fiefdoms no longer control data and information, and head office management is in a much better position to determine and execute optimal strategies.
Making the case for change
The business case for each aspect of the changes needed to improve the contribution that middle-market risk management makes to the profitability of the organisation will be tailored to each bank’s circumstances. However, evidence from banks that have gone down this route suggests that the payback on the investment made can be many times the cost of that investment, making this a truly worthwhile opportunity.
The challenge relates to timescales, particularly in connection with data collection. It takes time for changes in systems and processes to be implemented, and it can then take years for the data to build to a point where it is consistently usable.
Importantly, it is never too late to start making the necessary changes. It is inevitable that each generation of management regrets the lack of foresight among their predecessors. In turn, there is an opportunity for the current generation of management to put in place a lasting legacy for their successors.
It is always a good moment to explore how a bank can change the way it undertakes middle-market credit risk management, so it can reduce costs and become more efficient and competitive, and generate higher, more sustainable and better quality returns for its shareholders.
Ultimately, this is about placing risk management at the heart of the business, so that the risk management function is valued as an integral part of the planning and strategic management process. Banks that can increasingly compete on their risk product set will be the longer-term winners.
Risk management is often seen as a loss leader for deposit products, money transmission activity and other fee-based lines. However, it does not have to be that way. It is not as if there is a trade-off to be had between cost, income and risk — it is quite possible for a bank to reduce cost and increase income without increasing risk and, more importantly, to better manage its credit risk.
Charles Stewart is senior director at Moody’s Analytics.
