3 Steps to Better Risk Management Through Organizational Design

By: Andrew Waxman

Breaking down Information silos, closing the distance gap between managers and employees and avoiding the use of technical jargon are three ways to structure an effective risk organization.

Firms may be able to educate their traders into wanting to do the right thing, but employees still may be stymied from playing their part unless the organization enables them to do so. This is why firms must be concerned with organizational design as they develop effective risk management practices.

The first problem an employee with good intentions encounters is his or her inability to get an accurate picture of current risks across the firm. Management consultants and leaders of firms often talk about the problem of silos, by which they mean business units or information systems incapable of exchanging information with other parts of the business.

This is a particular issue when one is attempting to fix things that have failed in one part of the firm but could potentially impact other businesses, too. One example of this would be when a fat finger error occurs in one part of the firm -- say, Institutional Equities Trading. The Equities leadership team and risk then do an excellent job of analyzing the system controls that could have prevented such an event from occurring and then puts them in place. Problem solved and no re-occurrence likely.

Unfortunately, the Equities group does not share this analysis or mitigating actions with other lines of business. A year later an incident occurs in Wealth Management, which could have been prevented by putting in place the same control just put in on the institutional side of the business. Unfortunately, the incident was never discussed with Wealth Management and so the control enhancements that were made in Equities were not made in Wealth Management, and so a known flaw was allowed to persist elsewhere in the firm. This type of problem illustrates the difficulties in getting the information that would be helpful to a risk manager or just an employee trying to do the right thing.

The second way that organizational structure can stymie effective risk management activities is the distance of leadership from those they are leading. The challenge for any leader in a globally distributed organization is maintaining a real time view of activities going on in the group for which you have responsibility. The challenge for the employee is maintaining a relationship that facilitates sharing of information in an open and honest way. The requirement for inter-continental reporting relationships is often unavoidable but there is nothing natural about such relationships and they do not come without risks.

The person heading up the CIO -- Ina Drew at JP Morgan -- was responsible for managing such a global group. Obviously there were some extremely strong individuals and networks in the London CIO under her oversight and in her testimony before the Senate she acknowledged that there were a number of things that were going on that she was not aware of at the time. No need to recount all those things here -- you can watch the testimony for yourself -- but the list of items illustrates the distance that can exist between a manager in one continent and the team in another, something with much inherent risk when a volatile trading portfolio is at stake.

[Motivating Traders to Think Beyond Themselves]

As talented, experienced and as strong a manager as Drew no doubt was, the distance seems to have been a significant obstacle to knowing or understanding what was really going on in London. There is no silver bullet here. It is simply the case that, organizations and managers with global responsibilities need to be aware of the issue and build in strong management processes and other compensating mechanisms to address the inherent limitations of the situation.

The third issue is one of language. The language employed by traders can be hard for folks in control and leadership functions to understand. The Senate Report commenting on a proposal by the London CIO team in January 2012 to the CIO Risk Committee argued that the proposal contained “jargon that even the relevant actors and regulators could not understand”. Floyd Norris also commented on this, rather hilariously, in his article in the New York Times Business Section on March 22 2013.

Many times such jargon simply reflects the way traders speak to one another, similar to the technical jargon that doctors use with one another or other technical professions. When listening to such a presentation, members of the audience may limit their desire for clarification by a competing desire not to show ignorance. The higher up a person is in the chain of command, psychologically, the more protective he will tend to be of his all-knowing status.

However, reticence to ask questions tends to limit understanding. Limited understanding prevents real involvement in the decision making process and a greater likelihood to simply let things go and the risk to grow. This language problem is not that unusual across banks and trading firms, for instance, in new product approval committees and risk committees. Unless a concerted effort is made to avoid it, the language contained in the product proposal and the language and terms that get batted around can quickly reduce the number of people able to take part in the conversation.

Firms that follow best practices try to combat the use of jargon, by for instance, mandating the use of commonly understood terms and language in new product approval or large trade approval meetings. This can save blushes of those who would rather not ask. Such an approach could likely prevent proposals from moving forward without proper discussion and limit setting. Who knows if that could have helped in the London Whale case but it is possible. Certainly it could help in other future cases.