Computerworld

Wall Street meltdown may drive risk-management investments

Competition, regulation after crisis likely to increase interest in technology to manage risk

The ongoing chaos on Wall Street could hold an upside for vendors of risk-management technologies and practices, as well as sellers of compliance management products.

Analysts expect an increased interest in these products from financial companies for competitive reasons, and to comply with the new regulations that many predict are inevitable following the meltdown.

One area many agree is likely to see much greater interest is risk-modeling and financial risk management.

There are some "core tenets" for effective risk management highlighted by the current crisis, said Dave Hoag, director of clearing technology at US-based derivatives exchange the CME Group.

The biggest of them: The need for fair and transparent visibility into the models, data and analytics that go into calculating the risk associated with different financial transactions, Hoag said. Expect to see greater investment in risk management technologies as companies seek, or are driven to, implement this greater transparency in their risk calculation processes, he said.

Even though the current problems on Wall Street have more to do with an absence of regulatory oversight than with faulty risk management practices, expect to see a greater focus on accounting for risk at least for some time, said Glyn Holton, an independent financial risk management consultant.

"Financial risk management makes a wonderful scapegoat [for the current crisis]," Holton said. "This is a cycle we go through when we have losses. We trot out the back-office risk management guys. There will be some more focus on strengthening risk management, some technology will be purchased and probably monitoring will be increased."

Dennis Santiago, CEO of professional services firm Institutional Risk Analytics, said the Wall Street crisis has exposed some fundamental shortcomings in the risk modeling technologies and analytics being used currently. "We have been pretty much using the same tools now for a decade. One of the things that is clearly beginning to show itself at this stage is that the techniques that worked in the last business cycle for managing risk don't work as well anymore," Santiago said.

Looking for clarity

One example is the way risks associated with structured finance transactions are modeled, he said. Many of the statistical averaging that is applied in these models are done in "an almost blind fashion on the assumption that it has worked all this time," said Santiago. That has turned out to be a completely wrong assumption, resulting in people losing confidence in these transactions or betting against them, he said.

What's needed now is a greater investment in analytical techniques and systems that is closer to how the financial sector actually operates, Santiago said. "Ultimately you are talking about a combination of hardware, combination of software or analytical techniques and a combination of business practices and culture. The two that are the ones that are greatest need of treatment are the analytical techniques that are encoded in the software and the business practices."

Page Break

There is almost universal recognition that further investment in risk-modeling is going to be needed in the wake of this week's turmoil, said Suzanne Duncan, financial markets industry lead for the IBM Institute for Business Value, a think tank that focuses on the financial industry.

In June, the Institute, in conjunction with the Securities Industry and Financial Markets Association (SIFMA), surveyed about 500 IT professionals in the financial market, including 200 from Wall Street firms, about their technology spending priorities amid all of the billion-dollar write-downs and consolidations.

At that time, most of those surveyed had surprisingly indicated that technology spending was unlikely to be reduced despite all the financial troubles, Duncan said. It's unclear how that view has been impacted by the developments over the last few days that lead to Monday's spectacular 777 point sell-off, she admitted.

The end of risk 'partitioning'?

But at a high level, there continues to be a heavy emphasis on tweaking risk management programs, for business reasons and to meet likely regulatory needs, she said. There appears to be a growing effort to enable a more holistic view of risk as opposed to segmenting risk into separate buckets such as operations risk, credit risk, equity risk and market risk, she said.

"You cannot partition risk any more," Duncan said. Increasingly, financial companies are aiming to integrate the different slices of risk to get a better understanding of their exposure to the sort of problems that led to the current crisis, she said. One area financial companies look likely to spend on is gaining a better understanding of the risk that one of the parties in a financial transaction will default, called counterparty risk.

IBM expects the focus on risk management will eventually drive significant interest in high-performance computer systems capable of crunching huge risk models and complex scenario analyses that are being envisioned. Where companies don't have the resources or the desire to buy such systems outright, they may either outsource such modeling or tap Service Oriented Architectures (SOA) for the computing horsepower.

Security vendors not left out

Meanwhile, security vendors selling compliance and regulatory control products also see a silver lining in the clouds now hanging over Wall Street. Their optimism reflects a broader feeling in the technology sector that it will remain largely immune from the turmoil in the financial sector.

Market leader Symantec, for instance, is predicting greater interest in some products it sells, such as its suite of data-leak prevention (DLP) tools.

Page Break

Historically the risk of insider theft and sabotage has proved to be the greatest when companies are engaged in massive layoffs and consolidations, such as those in the financial sector these days. Symantec expects financial companies to implement more of DLP products to mitigate the threat. Steven Roop, a marketing manager at Symantec, says here has been acceleration in the implementation of DLP products at some of the company's financial clients. "If they were doing a three-month rollout of the products they are setting themselves new deadline," these days. And its not just acceleration in project implementation that Symantec has been noticing but acceleration in demand for these products as well, Roop said.

Phil Neray, vice president of marketing at database security vendor Guardium, expects increased regulatory oversight that will result in more demand for compliance monitoring and enforcement tools such as database monitoring tools available from Guardium, as well as identity and access management products and electronic discovery tools.

Neray said that investment banking firms such as Morgan Stanley and Goldman Sachs converting to commercial banks would also add momentum to technology to manage risk because while they received protection from the Feds with the conversion, they would come under their regulations as well.