Once an unsexy, compliance-driven, back-office function, enterprise risk management has risen to the halls of c-suite offices. ERM’s value proposition is not just in quantifying risk, but also in identifying potential opportunities and strategic thinking from the top down. When selecting an ERM system, technology and risk officers should look internally first – identifying the key operational and business risk factors is essential to choosing the right fit.
Global businesses transacting across currency, legal, and country lines can create disparate perspectives on enterprise risk. At the heart of an ERM system, data is centrally deposited across the firm to create risk profiles which enable management teams to make decisions – irrespective of geography. Dashboard reports should be made available, so brief overviews can be generated.
Oracle, the US-based conglomerate offers NetSuite, the solution for global enterprises. NetSuite aggregates data from across all jurisdictions into meaningful trends and the platform’s dashboard can yield real-time data on budgets, forecasts, incoming receipts, bank balances, and cash projections. At any given time, the platform is able to give an exact view of the financial position of large firms. Sweeping perspectives can be seen across the business landscape with NetSuite. The platform’s ability to chop and change financials across currency and geography means the risk-reward analysis can be applied across the whole organisation, and also at the counter-party level.
Narrowing ERM software geographically also teases out intricacies for firms facing ongoing regulatory changes. Basel III rules include capital adequacy requirements, stress testing and market risk liquidity. The problem for many banks and those in management positions is how to manage risk and reward appropriately. Keeping cash is not efficient for shareholder return on equity, but a requirement for regulators. ERM software makes the maintenance of these ratios easier – automated systems like Calypso can be used to check funding, hedges, and issue structured balance sheets for reporting. For those facing capital adequacy requirements, systems that immediately generate correctly calculated ratios is of considerable importance. In name-and-shame exercises, breaches in Basel III may be reported publicly.
A maturity assessment may be needed when fitting an ERM software solution. Deployment of an ERM system typically ranges from SaaS (software as a service), on-site, or a blend of both. Most commonly used, SaaS deployment is ideal for firms looking to use ERM software over the internet, or cloud-based. SaaS deployment has distinct advantages. Cost-conscious firms looking for out-of-the box solutions, lower upfront costs, easy set-up, and user accessibility should look for internet based providers. Web-based services have an added advantage of scalability – additional features and users can be supplemented to existing services without site visits or physical intervention. Pricing for SaaS fixes can depend on number of users, cloud-based hosting, or the type of system (enterprise or application based etc). Care needs to be taken for larger organisations here – some SaaS providers may also charge for data storage, which will certainly bump fees up. Further to deployment, firms can expect on-going contractual fees to maintain the ERM service.
UK-based SAS offers flexible solutions for capital markets firms. SAS can determine aggregate positions, value-at-risk, current and potential exposures (PFE), and other risk calculations. While seemingly simple, cloud-based solutions require slightly more infrastructure than just internet access. Like many SaaS software providers, SAS requires a software deployment tool to be integrated into IT systems – as such, SAS is compatible with open source platforms Cloud Foundry, Open Stack and Amazon Web Service. Essentially, web-based applications require some internet infrastructure which may not be available to start-ups or growing businesses. However, with basic IT support systems and architecture, SaaS can provide powerful ERM suites to businesses.
For more mature organisations with ingrained IT systems and infrastructure, on-site management of ERM systems may have an advantage over SaaS. Crafting bespoke organisational fixes and quicker response times are some benefits of on-site hosting. Large, complex firms may opt for on-site hosting and would likely consider adding on IT contractual professionals to assist in the integration. European giant Murex has been delivering site-based ERM systems since the 1980s, and remains one of the stalwarts of the industry. Mainly involved with capital markets ERM, Murex proves to be a powerful partner creating and implementing systems. In an environment of formidable regulation and oversight, Murex has adapted processes to cater to many shapes and sizes. While Murex systems are able to handle EMIR, Basel, Dodd-Frank, and UCITS requirements, it can replace or transform legacy systems.
In a high-profile replacement, German bank UBS hired Murex to upgrade and replace older trading and risk management platforms. Murex’s partnership with client organisations goes beyond typical buyer-seller relationships. The French software company’s embedded approach takes partner teams within client firms to guide the journey, taking a powerful approach to both technology and people. This approach has been taken up by many banks. Transforming its cost structure, UBS outsourced most of the support and IT functions associated with the change, migrating costs away from its operating expenditure. Significant cost savings can be seen on the bottom line when large clunky systems are done away with – however, the upfront cost of such improvements are significant and out of reach to smaller businesses.
Building on its partnership approach, Murex also has a strategic relationship with Accenture. As a ‘Global Alliance Partner’, both firms enhance each other’s product offering. As partner, Accenture’s expertise can be built around Murex software, to produce holistic ERM procedures, risk mitigation and opportunity identification.
Many risk managers dedicate time, energy and resources to IT upgrades to mitigate financial risk. However, worth noting is that a true enterprise risk framework includes reducing operational risk. Core pillars of an ERM framework also includes marketing, client management and human resources. Client risk management (CRM) is a vital part of ERM. Platforms can act as a storage facility for client data and also as a mechanism to identify potential risks and opportunities.
Cloud-based Salesforce has over 25% of the total CRM market share. Salesforce’s ease-of-use and accessibility with just an internet browser makes it attractive to cost-conscious firms, and monthly customisable subscriptions are available from £240 per month.
Salesforce's capabilities in managing client profiles takes institutional knowledge to a new level. The platform takes inputs from various users and builds a complete client profile based on the company’s interactions – from telephone conversations, deal tracking and progress, to fee generation. Furthermore, the platform captures personnel details for future contacts and exposes opportunities from previous interactions which may have been overlooked. Essential for new risk and operation managers, Salesforce allows for risk to be assessed from quantitative and qualitative data.
Scrutinising the plethora of software options available for effective ERM, decision-makers need clarity. Maturity of the organisation, financial, regulatory, technology and customer risk should all be taken into account. The implementation decision can be costly: thought and care around what business risks are acceptable should be considered before engaging in spending.