By Lev Zaks, Head of Multi-Asset Class Business Development, Axioma
The inadequacies of risk management were laid bare by the global financial crisis in 2008. As a result of that experience, we now live in a world in which Chief Risk Officers carry big sticks. A world of mandated periodic reporting by regulators, detailed reporting for management and easy-to-understand client portfolio reports is the new norm. It’s an environment in which we attempt to manage risk across the entire enterprise and in every facet of day-to-day operations.
|Three years ago, Axioma began having conversations with a group of its clients in an attempt to understand what was needed to improve risk management.
These were the top 10 features identified:
1. The ability to decompose risk into meaningful factors, not just numbers.
2. Correlations that are updated daily to keep pace with the market.
3. The ability to conduct “what-if” analyses to test hedges or re-allocate resources to reduce risk.
4. Multiple views of risk to capture risk trends quicker.
5. A system that captures non-linear payoffs in tail risk or stress tests.
6. Accurate coverage of all assets, not just proxying.
7. Trend analytics to determine if a portfolio is riskier or the market is more volatile.
8. The ability to conduct interactive analysis, without being batch dependent.
9. The flexibility to add new stress tests quickly, in response to geo-political events.
10. Portfolio and pre-trade analysis confidentiality.
Much has changed, at least from an oversight and monitoring perspective. And yet, enhanced risk vigilance does not necessarily equate to better risk management. What about the tools we use to identify and mitigate risk? Are those tools any better today, six years after the collapse of Lehman Brothers?
In 2011, Axioma began having conversations with a group of its clients in an attempt to address these issues. The substance of these conversations was essentially this: what can be done to improve the effectiveness of risk management, especially given the accelerating growth of multi-asset class investing? What are the fundamental challenges and how do we begin to overcome those challenges?
Out of those discussions came a number of conclusions.
First, it became clear that a crucial disconnect exists between middle office risk functions and frontline traders and portfolio managers. In the middle office, Chief Risk Officers (CROs) have two main jobs: (1) managing risk across all portfolios and (2) reporting any vulnerabilities to the firm itself, clients and asset holders, and regulators. In contrast, the front office takes a more narrow view, with managers focusing specifically on the risk in the portfolios under their management.
The disconnect arises from the fact that each uses different tools to measure risk. The middle office typically opts for simulation-based systems that are suited to a broad range of asset types, market scenarios for stress testing, and complex portfolios. Portfolio managers, in contrast, use factor-based risk models to measure and manage portfolio-level risk. The upshot is that in most institutions, risk departments and portfolio managers speak different languages when it comes to risk.
Without a common language of risk that informs everything from asset allocation to investment strategy, from portfolio construction to trading, it is difficult to create a fully integrated, firm-wide approach to risk management.
Our panel of clients also agreed on one other vital point. While existing methods applied by risk departments can be effective at detecting problems, they have little impact on the way risk is managed. In other words, risk management in the middle office is primarily a diagnostic tool, when it ought to be preventive medicine. The focus in the middle office must shift from “what happened” to “what if” by simulating and addressing the outcomes of potential scenarios. “What if” this position is over-weighted? Or, “what if” I buy into this position? To take the idea one step further, the implementation of firm-wide frameworks for stress tests and “what if” scenarios would put powerful new tools in the hands of both the middle and front offices—tools that by design would speak a common risk language.
Plenty of other issues were put on the table, as well. What about the granularity at which the risk is viewed? Can the risk be decomposed, for example, into meaningful attribution? Are systematic factors taken into account? The ability to decompose into systematic factors not only points to where the risks are coming from, but allows the potential to hedge some of that risk. Does the risk system truly capture the risks of the portfolio? Can it capture the non-linearity of some of the instruments in the portfolio? Can it cope with emerging market debt denominated in local currency? Can it provide a consistent view across a firm’s portfolios and, at the same time, provide meaningful and granular data for each of the asset classes? And what about the proliferation of multi-asset class investing? Asset owners and their managers are increasingly concerned about risk in all asset classes and how those risks interact.
After three years of development, we introduced Axioma Risk, a multi-asset class risk management platform, in November of 2013. Predictably, the response from those clients with whom we collaborated has been positive. Those clients have seen pain points disappear; a relatively smooth transition of processes; and the introduction of a framework for extending the risk-control function across the entire enterprise. But financial institutions in general tend to be wary of innovation, and rightly so. They want to fully understand the implications of introducing any new product and are nervous about disrupting existing processes.
Having introduced a number of innovations in the portfolio optimization and risk-model spaces over the past decade, Axioma recognizes the challenges of such transitions better than most. That said, the need for better risk management and measurement solutions is acute, and forward-thinking institutions are actively and aggressively pursuing solutions that are up to the challenge.
Lev Zaks is Head of Multi-Asset Class Business Development at Axioma
How payments can help streamline operations and boost customer satisfaction in the vending industry
By Darren Anderson, Business Development Manager, Self Service, Ingenico Enterprise Retail
The COVID-19 pandemic has had an astounding impact on the payments industry, causing cash usage to plummet as contactless and card-not-present volumes soared. Of course, this phenomenon was not unforeseen by payments professionals, who had predicted such a movement away from cash, but not at the speed the virus guidelines facilitated. In fact, due in part to the hygiene perks of contactless payment methods increasing its adoption, 50% of customers think that cash will disappear completely at some point in the future.
The unattended market was ahead of the pandemic in terms of contactless alternative payment method (APM) adoption, and it continues to upgrade its offerings to suit a wider range of industries. Nevertheless, the pain point for vending operators is that they’re often not sure exactly how these technologies work, or how to implement them. And with payments offerings constantly evolving, it’s becoming harder for vending operators to know which solution would be the best fit for their business.
As such, one easy way for vending operators to ease this load is to partner with a knowledgeable payments advisor who can not only provide the best solutions for their business, but guide them through the process and any need-to-knows. It’s also important to investigate the payments trends across the vending market, what the future might bring and what vending operators need to know about newer payments technology and the value it can bring to their unattended retail business operations.
Vending through the pandemic
Coronavirus has impacted the unattended market in various ways. In some cases, vending machine use has decreased as a result of lower footfall and closed premises. However, the nature of vending being self-service, for many it’s just been a case of upgrading systems to meet new guidelines and hygiene recommendations to start boosting their usage again. As cash usage decreased over the course of the pandemic, cards and APMs stepped in to provide a host of benefits, and as customers use and enjoy these seamless technologies, they are fast becoming the preference.
These developments have provided the opportunity for vending operators to embrace newer technologies which, although ultimately positive, can prove daunting if such retailers are not accustomed to working closely with payments. Fortunately, the vending market is in a great position to take advantage of new contactless technologies, being already low on human interaction and having 24/7 capabilities.
What’s more, the market can not only cater to consumers’ evolving needs, but it can also provide the flexibility and reliability that consumers are relying on as the world around them is changing. Many new technologies can also improve the general operations and management of vending, offering features such as easier on-the-go stock management and maintenance notification technology.
Keeping the consumer in mind
Consumers today want to enjoy the latest innovations and best-in-class customer experiences. These shoppers believe that self-service is a time-saver, and they also view cashless and contactless as faster and more seamless ways to pay – a fact which is reflected in the recent consumer demand for a wider variety of APMs. Customers now expect even more options to pay for their goods and services, from QR codes, to in-app payments and more.
Alongside the cashless trend, data-security and customer experience are two other factors driving the vending market evolution. With constantly evolving fraud developments in the online world, good security is more pertinent than ever, and has to be a central consideration to vending operators – as well as ensuring a seamless customer experience.
From a customer usage standpoint, mobile payments are becomingly increasing popular, as driven by the Gen Z market. According to our research, 63% of Gen Zers have said they would pay more for a mobile experience.
Trust and a good experience are also considerable factors across all customer groups, with 95% of customers claiming their loyalties lie with a company they trust, and 86% willing to pay more for a positive experience.
To appeal to ever-hungry consumers, vending operators need to provide the options they want. In the unattended market, this is relatively simple – not only do they provide a convenient and reliable method of payment for customers, but they also avoid face-to-face interaction. They can also supply a range of different products and accept a variety of payment methods to appeal to all customers, no matter their preference.
Using payments to drive revenue
Driving revenue is a two-pronged approach – you need to appeal to customers to keep them coming, and streamline operations to reduce overheads. In order to meet both parties’ expectations, it’s important to respond well to new vending challenges, taking note of the solutions that enable merchants to provide their customers with the payment methods they prefer.
Payments are complicated, so there’s no need to worry if you’re not hugely familiar with the offering out there, or unsure where to start – that’s where a payment service provider (PSP) can assist. With the expertise that a PSP brings, along with the technological solutions they offer, vending operators can improve customer journeys in all unattended environments.
Such technological solutions are flexible and can cater to specific business needs, while providing easy, quick, and secure payment methods that protect both the business and the customer’s personal data. They can also improve operational efficiency, increasing business performance with features such as real-time reporting and smart transaction management, to provide a best-in-class customer experience.
With smart devices, a secure gateway and advanced acquiring capabilities, PSPs can help vending operators design a flexible vending solution tailored to their individual and specific needs. To find out more about unattended retail and how your company can benefit from Ingenico’s unique expert knowledge, get in contact with Ingenico Enterprise Retail today at www.ingenico.com/smartselfvending.
ISO 20022 migration: full speed ahead despite recent delays, says new Deutsche Bank paper
Today, Deutsche Bank has released the third installment in its “Guide to ISO 20022 migration” series, which offers a comprehensive update on the industry shift to the de facto global standard for financial messaging: ISO 20022. This paper comes at a critical time for the ISO 20022 migration, with a number of changes to existing timelines and strategies from SWIFT and the world’s major market infrastructures having been announced this year.
The paper explores the latest developments, including SWIFT’s year-long postponement of the migration in the correspondent banking space. The decision meets industry calls for a delay and also provides ample time to build the new central Transaction Management Platform (TMP) – a core feature of SWIFT’s new strategy that will allow the industry to move away from point-to-point messaging and towards central transaction processing.
It also details the wave of action that has been seen by market infrastructures around the world – with many, including the ECB, EBA CLEARING and the Bank of England, announcing revised migration approaches.
“Now more than ever, with shifting timelines and strained resources, it is vital that banks and corporates alike do not view the ISO 20022 migration as just another project that can be put on the back burner,” says Christian Westerhaus, Head of Cash Products, Cash Management, Deutsche Bank. “The delays in the correspondent banking space, and across several market infrastructures, should not be seen as an opportunity for banks to take their foot off the pedal. The journey to ISO 20022 is still moving ahead at speed – and internal projects need to reflect this.”
The Guide also highlights the implementation issues on the migration journey ahead – most notably surrounding interoperability between market infrastructures, usage guidelines and messaging formats. This is achieved through a series of deep dives, case studies, and points of attention drawn from Deutsche Bank’s internal analysis.
“As this year has proved, nothing is set in stone, “says Paula Roels, Head of Market Infrastructure & Industry Initiatives, Deutsche Bank. “The ISO 20022 migration involves a lot of moving parts and keeping abreast of the latest developments is critical for banks and corporates alike. As the deadlines near, and the ISO 20022 story develops, this series of guides will continue to highlight key points for consideration over the coming years.”
The Psychology Behind a Strong Security Culture in the Financial Sector
By Javvad Malik, Security Awareness Advocate at KnowBe4
Banks and financial industries are quite literally where the money is, positioning them as prominent targets for cybercriminals worldwide. Unfortunately, regardless of investments made in the latest technologies, the Achilles heel of these institutions is their employees. Often times, a human blunder is found to be a contributing factor of a security breach, if not the direct source. Indeed, in the 2020 Verizon Data Breach Investigations Report, miscellaneous errors were found vying closely with web application attacks for the top cause of breaches affecting the financial and insurance sector. A secretary may forward an email to the wrong recipient or a system administrator may misconfigure firewall settings. Perhaps, a user clicks on a malicious link. Whatever the case, the outcome is equally dire.
Having grown acutely aware of the role that people play in cybersecurity, business leaders are scrambling to establish a strong security culture within their own organisations. In fact, for many leaders across the globe, realising a strong security culture is of increasing importance, not solely for fear of a breach, but as fundamental to the overall success of their organisations – be it to create customer trust or enhance brand value. Yet, the term lacks a universal definition, and its interpretation varies depending on the individual. In one survey of 1,161 IT decision makers, 758 unique definitions were offered, falling into five distinct categories. While all important, these categories taken apart only feature one aspect of the wider notion of security culture.
With an incomplete understanding of the term, many organisations find themselves inadvertently overconfident in their actual capabilities to fend off cyberthreats. This speaks to the importance of building a single, clear and common definition from which organisations can learn from one another, benchmark their standing and construct a comprehensive security programme.
Defining Security Culture: The Seven Dimensions
In an effort to measure security culture through an objective, scientific method, the term can be broken down into seven key dimensions:
- Attitudes: Formed over time and through experiences, attitudes are learned opinions reflecting the preferences an individual has in favour or against security protocols and issues.
- Behaviours: The physical actions and decisions that employees make which impact the security of an organisation.
- Cognition: The understanding, knowledge and awareness of security threats and issues.
- Communication: Channels adopted to share relevant security-related information in a timely manner, while encouraging and supporting employees as they tackle security issues.
- Compliance: Written security policies and the extent that employees adhere to them.
- Norms: Unwritten rules of conduct in an organisation.
- Responsibilities: The extent to which employees recognise their role in sustaining or endangering their company’s security.
All of these dimensions are inextricably interlinked; should one falter so too would the others.
The Bearing of Banks and Financial Institutions
Collecting data from over 120,000 employees in 1,107 organisations across 24 countries, KnowBe4’s ‘Security Culture Report 2020’ found that the banking and financial sectors were among the best performers on the security culture front, with a score of 76 out of a 100. This comes as no surprise seeing as they manage highly confidential data and have thus adopted a long tradition of risk management as well as extensive regulatory oversight.
Indeed, the security culture posture is reflected in the sector’s well-oiled communication channels. As cyberthreats constantly and rapidly evolve, it is crucial that effective communication processes are implemented. This allows employees to receive accurate and relevant information with ease; having an impact on the organisation’s ability to prevent as well as respond to a security breach. In IBM’s 2020 Cost of a Data Breach study, the average reported response time to detect a data breach is 207 days with an additional 73 days to resolve the situation. This is in comparison to the financial industry’s 177 and 56 days.
Moreover, with better communication follows better attitude – both banking and financial services scored 80 and 79 in this department, respectively. Good communication is integral to facilitating collaboration between departments and offering a reminder that security is not achieved solely within the IT department; rather, it is a team effort. It is also a means of boosting morale and inspiring greater employee engagement. As earlier mentioned, attitudes are evaluations, or learned opinions. Therefore, by keeping employees informed as well as motivated, they are more likely to view security best practices favourably, adopting them voluntarily.
Predictably, the industry ticks the box on compliance as well. The hefty fines issued by the Information Commissioner’s Office (ICO) in the past year alone, including Capital One’s $80 million penalty, probably play a part in keeping financial institutions on their toes.
Nevertheless, there continues to be room for improvement. As it stands, the overall score of 76 is within the ‘moderate’ classification, falling a long way short of the desired 90-100 range. So, what needs fixing?
Towards Achieving Excellence
There is often the misconception that banks and financial institutions are well-versed in security-related information due to their extensive exposure to the cyber domain. However, as the cognition score demonstrates, this is not the case – dawdling in the low 70s. This illustrates an urgent need for improved security awareness programmes within the sector. More importantly, employees should be trained to understand how this knowledge is applied. This can be achieved through practical exercises such as simulated phishing, for example. In addition, training should be tailored to the learning styles as well as the needs of each individual. In other words, a bank clerk would need a completely different curriculum to IT staff working on the backend of servers.
By building on cognition, financial institutions can instigate a sense of responsibility among employees as they begin to recognise the impact that their behaviour might have on the company. In cybersecurity, success is achieved when breaches are avoided. In a way, this negative result removes the incentive that typically keeps employees engaged with an outcome. Training methods need to take this into consideration.
Then there are norms and behaviours, found to have strong correlations with one another. Norms are the compass from which individuals refer to when making decisions and negotiating everyday activities. The key is recognising that norms have two facets, one social and the other personal. The former is informed by social interactions, while the latter is grounded in the individual’s values. For instance, an accountant may connect to the VPN when working outside of the office to avoid disciplinary measures, as opposed to believing it is the right thing to do. Organisations should aim to internalise norms to generate consistent adherence to best practices irrespective of any immediate external pressures. When these norms improve, behavioural changes will reform in tandem.
Building a robust security culture is no easy task. However, the unrelenting efforts of cybercriminals to infiltrate our systems obliges us to press on. While financial institutions are leading the way for other industries, much still needs to be done. Fortunately, every step counts -every improvement made in one dimension has a domino effect in others.
Local authorities and business networks play a key role in small business success, and must be protected during COVID rebuild
23% of UK’s top performing businesses have been supported by local enterprise partnerships and growth hubs Similarly, 30% of Britain’s...
What Does the FinCEN File Leak Tell Us?
By Ted Sausen, Subject Matter Expert, NICE Actimize On September 20, 2020, just four days after the Financial Crimes Enforcement...
Investment Roundtable: Live with Jim Bianco
With Q4’s macro picture still looking grim amid the return of exponential coronavirus waves in Europe and the U.S. and...
Equity markets react to a rise in Covid-19 cases, uncertain Brexit talks and the upcoming US election
By Rupert Thompson, Chief Investment Officer at Kingswood Equity markets had another choppy week, falling for most of it before...
October furlough changes – what you need to know
By Alan Price, employment law expert and CEO of BrightHR The Job Retention Scheme is coming to an end on...
Do we really need banks? Yes, but digital transformation industry-wide is vital
By Charley Cooper is Managing Director at enterprise blockchain firm, R3 The Coronavirus crisis has taught us that we are...
Turning a Critical Eye on Impersonation Scams
By Mike Kiser, security strategist and evangelist at SailPoint “The criminal is the creative artist; the detective only the critic.”...
How can financial services firms keep pace with escalating requirements?
By Tim FitzGerald, UK Banking & Financial Services Sales Manager, InterSystems Financial services firms are currently coming up against a...
What Investors are Looking for in the Next Fintech
By Shaun Puckrin, Chief Product Officer, Global Processing Services Are investors getting pickier when it comes to fintech? It’s hard...
How payments can help streamline operations and boost customer satisfaction in the vending industry
By Darren Anderson, Business Development Manager, Self Service, Ingenico Enterprise Retail The COVID-19 pandemic has had an astounding impact on...