There's little question the financial industry needs a way to accurately gauge, predict and price operational, market, credit and even systemic risk, for regulatory and institutional use and for the accurate pricing of assets and insurance products like CDS.
At a time when some legislators are calling on the Federal Reserve to begin regulating systemic risk in the U.S., IBM data guru Steve Adler has become the leading evangelist for an effort to create a global standard for reporting loss events to regulators. The hope is that the standardized data could be aggregated, and then fed back to the industry to improve institutions' trending and forecasting, and to enable a viable insurance market for some kinds of risk. "The challenge is getting people to agree on what things are called," says Adler, chair of IBM's Data Governance Council. "Just the term 'risk' itself is charged."
The IBM proposal calls for the creation of a risk taxonomy based on XBRL that would act as a tool to allow standardized loss reporting from financials to regulators, and the creation of a mammoth repository of loss data from thousands of institutions that after a few years could be used to give financial regulators a "risk pulse" on the system, Adler says, and also allow institutions to compare their own experience to that of peers.
The logical extension of this repository would be its use by insurers or re-insurers to price coverage for operational risk, allowing banks to transfer this risk off balance sheets into insurance products. This approach would be infinitely more efficient than institutions self-insuring for this kind of risk, Adler notes, especially given that today "the taxpayer is providing catastrophic insurance coverage for banking failures, and that is the most inefficient coverage in the world!"
The Council, scheduled to hold a kickoff meeting for the effort at the end of February, is looking for industry input on the creation of the taxonomy. The effort has significant support from a number of industry groups and influential vendors, including the Operational Riskdata eXchange Association, The Financial Services Technology Consortium, the Enterprise Data Management Council, and XBRL International. "The whole area of risk management, reporting and metrics, is not terribly standardized upon," notes Dan Schutzer, executive director of the FSTC. "It would seem to me that if we start getting some of these standards nailed down and some of the ambiguity taken out, it'll be easier for systems to interface with each other."
The model for the project comes from the work done by ORX, which has built a database of more than 100,000 operational risk loss events dating from 2002. ORX's 51 members - primarily non-US banks - use the data for statistical modeling and benchmarking loss performance data. Perhaps not surprisingly, ORX recently announced it had selected IBM and OpenPages to build a Web-enabled version of the organization's data capture and analytical platform.
The challenge to the effort may be in bringing two distinct constituencies together on the issue. Heads of operational risk management may be all in favor of this initiative, but the nitty-gritty of defining a taxonomy via XBRL may well be a more technical task for the IT department. "I think it's a good solution for a problem the [line of business leaders] don't know exists yet," says Luc Brandts, founder and CTO of enterprise GRC vendor BWise.
The other big players in the market - think Oracle, SAP - may be reluctant to sign on for an IBM-led initiative. And, thus far, regulators haven't weighed in on the issue. But Adler says the banking industry needs to seize the opportunity the current risk management failure brings. "This is the moment," he says. "There's an awareness there that there otherwise wouldn't be."