Tuesday, June 22, 2010

Just for old times sake.......the Top 10 mistakes in Risk Management - Part 2

If the first three reasons sounded familiar........read on!
4. Employing external providers whose impartiality is impaired.

Asking your insurance agent to assess your risks and then sell you products and insurance policies to mitigate those risks creates a conflict of interest. How objective can someone be if they are paid as a result of sales of products and insurance policies, rather than by what you save? The best advice comes from independent sources, not tied to product suppliers, who are paid to make sure your risks are mitigated at the lowest possible cost.

5. Not understanding the overall costs of risk or how to reduce these costs.

Right now you may be spending 35 percent more than necessary on risk management. If you lack a clear overview of all the products and services that you are employing across your enterprise, then you are most likely duplicating efforts. Or, even if you have centralized control, you are paying unnecessarily exorbitant costs for a customized risk management information system (RMIS).

6. Allowing risk to be assessed and managed by the resources that create the risk.

Was your IT security policy created by your own IT staff? Lack of external oversight leaves open the possibility for internal attacks on your network and intellectual property. This is just one of several ways that managing risks at source can increase your vulnerabilities.

7. Not managing risk as a focused and centralized discipline.

Your systems administrator undoubtedly performs a series of actions to ensure the integrity of your network, protecting you from viruses, hackers, and crashes. But, while these measures in themselves may be effective, each can only function properly in a secure environment. This requires application of solutions and policies that are outside your system administrator’s core competencies or control. Your IT administrator’s actions are useless if you lack comprehensive internal security policies, detailed disaster recovery and business continuity planning, and ultimately the employment of effective risk transfer and insurance mechanisms.

Monday, June 21, 2010

Just for old times sake.......the Top 10 mistakes in Risk Management - Part 1

On the basis that sound theory stands the test of time - below (Part 1 of 3) was first published in a series of tade journals in 2002, before the world woke up to risk management. As I read this again and again, I cant help thinking that what we aspire to in Risk Management is nothing more than applied common sense, and that the real key to effective processes is understanding how people and risk interact.

More's the pity that so much else in life is so less clear!  

1. Assuming it wont happen to me

Within every business practice there is an element of risk, and ignoring this fact is an invitation for catastrophe. Right now your company is vulnerable in some way. Hoping that the exposure won’t eventually result in dire consequences is a gamble. Wake up and take the first step. Undergo a comprehensive risk assessment by independent experts.

2. Failing to understand the consequences and long term business impact of risk.

50 percent of all businesses that suffer a catastrophe of any kind close within a year. If this were more widely understood, you could bet that companies would be better prepared. Unfortunately, due to either naiveté or bravado, too many businesses believe they will be able to weather a storm. But for half of them, this is a fatal assumption.

3. Believing that “risk management” only means “buying insurance.”

This is a myth, and it is propagated by…surprise, the insurance industry. Certainly insurance policies are a component of what you need to protect your company, but it doesn’t stop there. There are a host of tools and services you need to manage risk, from disaster recovery plans, to anti-virus software, intrusion detection and firewall technologies, etc. Many insurance providers claim they can supply you with these solutions as well, which leads us to the next biggest mistake you can make: believing them.

Film Futures - will the markets never learn?

Federal regulators on last Monday (14th June 2010) approved a plan by Media Derivatives Inc. to begin trading futures contracts based on box-office revenue,  even though the film industry lobbied Congress to ban such film-related trading, according to Michael Cieply reporting in The New York Times.

The Commodity Futures Trading Commission approved a request to trade futures and option contracts tied to the opening weekend box-office revenue of the movie “Takers,” a crime thriller set for release in the United States on Aug. 20 by Screen Gems, part of Sony Pictures Entertainment.

The Motion Picture Association of America, which represents Sony and the other major studios, opposed such contracts, arguing that they will be easily manipulated and may hurt the performance of films, as market players begin looking for ways to affect a movie’s opening.

Stupidity is up and running once again, easily besting common sense and yet again running rings around smarts and understanding. So we will have traders using uncollateralized leverage toi create instruments that will deliver losses of multiples against core price fluctuations based upon risks in which they have no stake or interest.

Wow, I just wonder how the CFTC got to be so dumb in such a hurry! They are blessing the opportunity to create a whole new market that almost EXCATLY replicates the Credit Default Swap market which has been used effectively to destroy wealth in finacial markets over the past three years. 

When will the regulators really begin to understand that the concept of 'interest at stake' simply has to be prsent in at least one party to a risk based transaction.  Until this become the 'norm' markets will replicate the excesses and wild swings that we have seen time and again, and provide more than adequate fodder for those who would see market driven economic models cast asunder.