Source:Deloitte Development LLC

A specialist in risk answers five questions on the growing importance of analytics technologies in managing exposures. 

For virtually anyone working in the area of risk management, analytics isn’t new. Risk professionals have been using analytics tools for years. Yet, as any CIO can attest, there has been a resurgence of interest in the application of analytics to risk management, and with good reason: In the current regulatory and economic environments, managing risk effectively has become even more important to leaders across industries.

It can be challenging to separate hype from reality when it comes to understanding the value that analytics can potentially bring to risk management efforts. Vivek Katyal, a principal with the Risk Information Services practice at Deloitte & Touche LLP, shared his perspective on the recent surge of interest in analytics, and the potential value these technologies hold for the risk intelligent enterprise.

How do you measure and quantify risk?

There is no exact science for measuring risk, but with analytics, you can build measurement parameters that can help you establish and examine likely risk scenarios. From there, it’s easier to understand the potential impact of a particular risk and start planning around it. Along the way, analytics can help establish a baseline of data for measuring risk across the organization by pulling together many strands of risk into one unified system.

Haven’t we been using analytics for years?  Is there anything new here?

Yes, you probably have been using analytics—or some version of it—for years. On the most fundamental level, it’s the same. But when it comes to the level of sophistication, there’s a world of difference. Historically, analytics has been synonymous with business intelligence—knowing the facts and reporting past and current performance. But today, risk analytics is more focused on data exploration, segmentation, statistical clustering, predictive modeling, and event simulation and scenario analysis.

Isn’t analytics already built into the Enterprise Risk Management (ERM) function?

Having a dedicated ERM team is a huge asset that can provide a good foundation for managing risk. But, in many organizations, the ERM function operates as a standalone unit. These days, senior management and leadership require not only enterprise-wide visibility into the potential risk to their business strategy, but also the ability to use structured and unstructured data to better understand the potential impact of a range of risk. When analytics is embedded into the ERM delivery approach, leaders can monitor performance through risk sensitivity analysis, model key risk event scenarios, and become more risk intelligent in developing intervention and mitigation strategies.

Can analytics help with financial statements and reporting?

There is a lot of natural overlap between analytics and financial reporting and, as a result, they tend to feed one another. For example, analytics can offer insights into the characteristics and posting of journal entries, eventually helping identify inappropriate accounting, control overrides, or inefficient processes. Rules and controls are not the only areas that stand to benefit. Statistical methods can help create a transaction profile that detects new fraud schemes. Also, when it comes to enhancing the accuracy and quality of forecasts and improving reporting mechanisms, analytics can offer a significant boost.

Many CIOs in the financial services sector are redesigning aspects of their system architectures and data management processes so they can respond to regulator requests with greater accuracy and efficiency. What role can analytics play in this effort?

Dodd-Frank requires regular reporting on stress testing, systemic risk, and living wills (plans for dismantling banks in the event of crisis), among other focus areas. Meanwhile, regulators continue to question the integrity and timeliness of data being reported to them. As they assess the effectiveness of their data management systems and processes in managing compliance risk, CIOs and risk leaders should consider how analytics tools could help measure risk enterprise-wide, and in each business line and product.