10 Feb 2009, David Benyon, Operational Risk & Regulation
LUXEMBOURG - Tightening IT and compliance budgets will cause firms to make tough cost-benefit calls between outsourcing risk engines and maintaining expensive in-house or bespoke control over IT development. Compliance, audit and risk management software firm Fernbach says a holistic approach to improve inputs into existing systems can improve enterprise-wide risk management while providing greater efficiency.
Fernbach is planning to launch FlexFinance Analytix as a platform to bring together disparate inputs and work together to feed existing systems more efficiently. The importance of developing a more holistic approach to risk - across traditional boundaries of market, credit and operational risks and inclusive of current blind spots such as liquidity, counterparty and reputational risks - was underlined in the January 2009 list of proposed enhancements to Basel II published by the Bank for International Settlements (BIS).
There was consensus among panelists at the Finexpo 2009 - Risk and Transaction Management conference in London on February 5, that declining budgets will hit in-house development as much as it may limit the potential for new software to address new regulatory challenges as they surface.
Jeremy Gibbs, a fixed-income IT professional who formerly ran Merrill Lynch's fixed-income electronic trading technology division, said: "In-house development will always have a place, but I do not think in five years' time firms will necessarily be able to have large in-house software development factories. It is just not going to be financially viable."
Xavier Bellouard, London-based managing director of Quartet financial systems, said: "Firms will think twice now before building internally as they used to, but that will wait a little because in the cost-cutting phase, it is much easier to cut external providers - whether they be consultants or vendors - rather than cut deeper into your own force. However, there is a strong need for re-using components that may have been built internally by some banks or else provided by vendors. We will see now that banks will be willing to change the way they address the deployment of systems. For example, typically, the banks would build or buy a market risk system that would have within it a lot of features, calculations and processes that exist in many of their existent systems. Can they really afford that duplication?"
"What inevitably occurs is what has happened to Basel II compliance," says Suhas Nayak, product director for Basel II, Icaap, and economic capital at Fernbach. "You have a complex requirement that requires multiple parts of the bank to co-ordinate to a common goal. The problem is that a credit risk system from vendor X, is designed to do one thing very well, with one set of models and calculations planned into it, and as a consequence it requires information to do that one thing. What banks end up having to do is to find the data from many sources and bring it together and then feed the system. Organisations have done this consistently for years as new requirements have surfaced, and as a result have perhaps a dozen systems lying around doing different things."