The separation of market risk and credit risk into silos, coupled with fragmented internal risk systems, prevented many organisations from creating the ‘big picture of risk’ they needed. As a result, they were unable to realistically assess their total exposures, maintain appropriate levels of liquidity, and quickly minimise losses in a volatile and illiquid market. By the time Lehmans had collapsed, it was very clear that risk management in many of the world’s leading financial institutions needed an overhaul. It took most organisations days, if not weeks, to realise their full exposure to the collapse. Arguably, this was caused by a retrospective, rather than proactive approach to risk management; an over-reliance on quantitative measurement tools, without a full understanding of the limitations and assumptions; and a failure to provide adequate stresstesting that would have helped institutions identify unique market events.
As financial institutions begin to take the necessary steps to improve risk management, a key lesson is the need to receive and manage risk information faster. Rather than waiting days or weeks to realise exposures, there is a real demand for risk decisions to be made in hours, minutes or even seconds – in ‘real time’. However, there are some issues associated with this. Can accurate risk information really be delivered in real time? How should institutions balance the need for speed versus accuracy? The misnomer: ‘real time’ versus ‘relevant time’ risk management It’s no surprise that the sooner risk information can be acquired, the sooner a decision can be made about how to manage risk. From this is born the common assumption that best practice risk management is the same as ‘real time’ risk management. However, for a number of reasons, this concept of real time risk management is a misnomer. Although large amounts of data can be provided to a decision maker immediately, the measurement that really matters is the time it takes to convert that data into interpretable and relevant information that can be used to make decisions. In other words, it is really an issue of ‘relevant’, rather than ‘real time’ risk management.