John MacDonald has a word of caution for those who would claim that, London Whale aside, banks have become overly conservative since the financial crisis and unwilling to lend.

"There's a lot of risk still around," says MacDonald, director of risk and analytics at IBM. "Many banks have reduced their trading and derivative risk but they still loan money. They've got significant amounts of credit risk in their corporate, SMB and retail lending."

Determining the bank's risk appetite — "Where should they make capital available to the business units? Should they be in mortgages? Should they be in retail cards? Should they be primarily taking deposits and lending out on the margin on loans?" — falls increasingly under the purview of the chief financial officer, MacDonald says.

To give the CFO an enterprise-wide view of business credit risk, IBM has remade software it acquired with its purchase of Algorithmics two years ago, Algo Credit Administrator, into a product called IBM Signature Solution — risk management. The software provides dashboards and reports for risk managers and CFOs alike.

Liquidity risk and capital costs have come to the forefront of many banks' risk agendas, MacDonald says, partly due to rules stemming from Basel and the Fed's annual Comprehensive Capital Analysis and Review. "The CCAR regulations and a whole group of other regulations from multiple regulators require the CFO, chief compliance officer and chief risk officer to be able to identify very quickly the individual large exposures they make and the totality of exposure to an individual borrower, country or industry," MacDonald. "The onus is on them to do more stress testing — what would happen if exchange rates or interest rates moved? They've got to look at all the different scenarios that could happen and make sure they've got enough capital to survive."

During the financial crisis, one question MacDonald and his colleagues at Algorithmics faced often was: You measure this risk, so why didn't you know?

"The answer is, we did actually know there was significant risk in some scenarios," he says. "What happened in many banks was they said those scenarios [at the end points of risk model distributions] aren't credible, that's not going to happen. One good thing that's come out of regulation is banks have to understand what their risk appetite is, and put in policies and controls to make sure that throughout the organization they truly understand the risks in the business, and not just discount something as not probable or not possible." The new IBM software also provides stress testing — on a balance sheet or on loan portfolios.

The CFO wants to see the impact of interest rate movements on not just the loan portfolio, but the overall cost of capital and on earnings, which affect stock price, he notes.

The software can also be used by risk relationship managers to conduct assessments and build reports for internal credit committees, and run the credit committee process, including voting, MacDonald says.

It provides a view of total credit exposure, which can be broken down by industries, counterparties and business units.

It pulls in data from loan software, but can also accept feeds from social media, news media, and other unstructured data sources, MacDonald says. "They want to be able to factor those sources in as fine tuning because lending relationships still have elements of subjectivity as well as the hard objectivity that goes with measurement and control."

IBM says one large bank has used this software to manage credit risk for its wholesale lines of business. Prior to installing the software, the management of credit risk often required four to five business days to aggregate more than 150 systems for a single entity. The complex process comprised the accuracy of risk reporting.

With the global deployment of the IBM solution, 1,000 users in multiple processing centers have a unified view into the bank's credit risk management data, which has reduced errors.