Operational risk: the STP mantra?

Sabyasachi Bardoloi

The article spells out how operational risk is becoming a critical aspect in risk capital allocation in the financial services industry. It explains how STP helps firms to mitigate operational risk. It charts out the growth of STP and indicates the road ahead. It further discusses the role of STP in tracking the loss data of firms in the context of Basel II. Finally it brings out the correlation between Web Services and STP, which in turn is set to revolutionize the exchange of data and information.

Introduction
Over the past several years, financial institutions had focused on developing sophisticated tools to measure market risk and credit risk. Today, operational risk has become another critical aspect in risk capital allocation. The proposed new Basel II Accord initiated by the Bank of International Settlement is heralding a major effort to radically increase the quantification of operational risk. Operational risk as the most recent area of risk management is therefore all set to face formal quantification through the regulatory process.

The financial service industry (FSI) has been closely investigating and discussing the proposed guidelines for measuring operational risk capital as portrayed by Basel II, which is designed to establish a broader structure for determining the capital sufficiency necessary to counterbalance risk.

Operational risk is fundamental in the actual processing of financial transactions, which can include risks caused by deliberate actions, non-deliberate actions, or by errors and gaps in trading systems. Basel II defines operational risk as “the risk of direct or indirect loss resulting from inadequate or failed internal processes, people, and systems or from external events.”

Behind the veil
Firms across the FSI are on the constant lookout to adopt a ‘straight through processing’ (STP) solution to manage the processing of their financial transactions. STP is the execution, management and control of a business process from inception to completion, without the need of any routine human intervention. Firms are seeking to implement STP primarily for two reasons. Firstly, it helps to reduce operating costs and secondly, and most importantly, it helps to reduce inefficiencies in the securities operations.

According to a study conducted by Tower Group, financial institutions would have to spend an approximate $19 billion over the next four years while trying to introduce the STP solution. STP is about using a single system to process or control all elements of the work-flow of a financial transaction, including what is commonly known as the front, middle and back office, as well as the general ledger.

Recent trends within the banking industry clearly indicate that STP is not merely “nice to have,” but in fact involves their very existence. Basel II is set to penalise banks with low STP rates if their operational risk is higher.

Fund managers are getting more concerned about operational risk. Their worries have surmounted due to the occurrence of several high profile incidents involving financial instruments in the recent past. It’s safe to say that no firm would wish to be the next Barings or Metallgesellschaft - cases which have occurred due to the failure to identify and control operational risks effectively. Fundamentally, the message is this: The greater the effort a firm adopts to comprehend and mitigate operational risk, the safer its business is considered to be, and the capital charge lowers accordingly.

Mitigating the risk factor
STP has historically been linked with trades and, more recently, corporate actions, as far as investment management is concerned. Using STP, a transaction flow or workflow of any or all business processes can be defined. The scope of STP therefore, expands to the application of processes and activities such as data collection, collation and analysis, which are all vital for any risk analysis. A true STP system is one that is fully integrated and operates from a single architectural platform. A system that can mitigate operational risk would have:

• One illustration of each data item, such as a security definition;
• No needless movement of data;
• No reconciliation of data;
• Data treated in a stable manner;
• A stable user interface;
• Data stored in one database, thereby condensing reporting for both clients and internal auditing processes;
• One technology, thus avoiding the need of multiple operations.

Changing trade messaging standards and the development of the GSTPA (Global Straight Through Processing Association) - an industry association for investment managers, broker/dealers and global custodians, and Omgeo are all putting pressure on banks to gear up their drive to achieve STP.

Since STP has been introduced, many financial institutions have realised its potential but few have taken the final plunge. And due to the lack of critical integration technology over the last decade, the deployment of STP within financial institutions has been rather sluggish.

Although the financial industry has reduced its T+5 trading cycle i.e. settlement within 5 days after the actual trade has been done, to a T+3 approach, it has been really slow in any kind of business process management and technological advancement as far as trade settlement and processing are concerned. Outdated manual and unnecessary operational processes are still in place without any sort of automation.

The story thus far
In the recent past, the methods to achieve STP and indeed its very definition have been subjected to a lot of brouhaha. The focus has shifted from internal STP (front, middle and back office systems) to STP between various counter parties.

Furthermore, the concept of eSTP has emerged, which centres on Internet trading. A majority of financial institutions have some level of STP internally, so initially most are looking out for what they should be concentrating on next. The answer clearly lies in being more focused on end-to-end integration between clients and suppliers and from trade orders to settlement. The recent changes in capital markets are making these goals even more profound.

The most compelling benefit of STP with regards to operational risk lies not in the front-end business, but rather in the back-end post-trade activities that still remain surprisingly archaic even today. Here lies the real possibility for significant effectiveness, thus reducing operational risk.

According to a Security Industry Association panel convened in New York recently, STP initiatives in the securities industry back offices are moving slowly due to the lack of any industry-wide compliance deadline. The panel skeptically heard the securities industry executives spell out how the assumed cost-benefits of STP and the scrapping of the SIA-mandated T+1 deadline had slowed progress in back office automation projects

Gartner and SIA recently involved 184 financial service providers in 21 countries worldwide, in a joint survey about their STP initiatives. This brought to light that two-thirds of respondents have launched at least one STP initiative or are planning one by the year-end 2003. Also, forty-two percent of all transactions continue to be paper-based and almost 40 percent of the firms manually enter data at least twice for the same transaction.

Despite a let-up in the pace of reform, STP investments are continuing. The survey portrayed that some organisations, particularly in Europe and Asia/Pacific, will have spent one-quarter of their total IT budgets on STP in 2003, and a majority of respondents anticipate STP-related spending will increase by 21 percent in 2004.

Tracking loss data
Several big financial institutions have already established internal rating systems and methodologies along with capital allocation and regulatory reporting procedures. But they still need to achieve more advanced database technology and significant integration within front-office-decision making tools in order to adhere to Basel II requirements.

Basel II clearly lays down that financial institutions need to focus on loss data collection of three to five years varying according to different lines of business. It also stresses on more effective ways to track, monitor, analyse and report operational risk data. Thus operational risk management has been placed high on the agenda for financial institutions. Under the Basel II three-pillar framework, operational risk management has gained recognition as a separate risk discipline of its own.

The need for a reasonable software solution to support the management of operational risk has now become a necessity and financial institutions are faced with the option of either developing tailor-made solutions or procuring and customizing off-the-shelf products. Definite examples of operational risk management procedures required to comply with Basel II, may include:

• Technology to spot and assemble key risk indicators;
• Databases for both internal and external current and historical data;
• Apparatus and processes for gathering loss data;
• Methodologies to identify and estimate frequency of losses; and
• Management information reporting technologies.

Financial institutions need to substantially invest to adopt suitable technology solutions to meet these requirements. Loss data is likely to come in a variety of formats – either as internal text based reporting, external third party reports, internal transaction processes or MIS system databases. This will require the capture of vast volumes of easily interchangeable data. Here, STP is set to play a key role. A globally accepted standard is therefore crucial, based on XML or any other appropriate technology.
According to Srinivasan Rajasekaran, offshore head, Capital Market Excellence Center (CMEC), Pinnacle Systems Inc. - a US-based business solutions provider to Capital Markets firms, “STP will reduce the operational inefficiencies in the securities operations. STP will certainly help the capital marker players in their drive to measure and manage operational losses. Data collection is one of the major obstacles in operational risk measurement and STP will ease the firms in managing the risk data.”

The Web services angle
With commission rates diminishing and profit margins decreasing, automation is the only answer. STP is the most obvious way to take cost out of the system, to improve profit margins and to offer a better and more competitive service to customers, based on flexible pricing. But to deliver, STP web services is very important.

Web services is the automated interaction between different applications and is crucial these days because the Internet has changed the way we do business. The automation of the entire trade cycle requires communication between buy side and sell side, market utilities as well as clearing and settlement entities. It requires fluent system-to-system communication, and that can only happen when common standards are in place.

There can be little doubt that STP is set to revolutionise the exchange of data and information in the FSI. However, in order to achieve effective STP rates, financial institutions need to attune their information and transaction systems to support industry standards such as Society for Worldwide Interbank Financial Communication (SWIFT), the Financial Information Exchange protocol (FIX) and Extensible Markup Language (XML).

Standards like the SWIFT and FIX are intended to help standardise messaging services for securities transactions among financial institutions, stock exchanges and dealers/brokers. However, as of today, XML (and FpML for derivatives proposed by ISDA) is clearly emerging as an upcoming ‘standard’ for sharing and exchanging data through web services since it is proving to be less expensive, more flexible, and is based on open global standards while being platform-independent, thereby having wider usage and availability.

Conclusion
Investment managers today are becoming more concerned about operational risk for many reasons. These concerns seem to be escalating as the FSI is coming under closer regulatory scrutiny. Regulation is forcing the industry to be more proactive about curtailing operational risks.

Some of these concerns may be countered by basing the business around a truly integrated system, which has at its core a single database, used by all departments instead of the current multiple systems and integrated trade flow. STP can thus effectively help combat operational risk and reduce operational costs by eliminating the problems and procedures inherent in multiple systems. Over and above this, STP provides the user with the tools necessary for controlling operational risk, thereby leading to lesser headaches and higher profits.

Sabyasachi Bardoloi , manager, Pinnacle Research Group, Pinnacle Systems, Inc.

Pinnacle Systems, Inc. is a technology consulting and solutions provider to Capital Markets firms. The company is headquartered in Piscataway, New Jersey, with offices in New York City, and development centres in Chennai, India.

For more information, log on to www.pinnacle-sys.com or you may contact Mark Engelhardt at: Pinnacle Systems, Inc., 275 Madison Avenue, 6th floor,
New York, New York 10016, USA, Tel: 1 (212) 880-3737. E-mail Mark at: mark@pinnacle-sys.com

•Date: 19th December 2003 •Region: Worldwide•Type: Article •Topic: Op.risk
Rate this article or make a comment - click here