Transcript Slide 1

New Product Oversight and
Strategic Initiative Oversight
Dolores Atallo
Firm Director, Deloitte
April , 2011
1
Today’s Discussion
 Introduction and Session Objectives
 New Product Oversight
 New Product Regulatory Guidance and Industry Perspective
 Critical Success Factors for the New Product Approval Process
 Drivers of New Product Opportunities
 Strategic Initiative Oversight
 Strategic Risk Oversight Considerations
 Tools for Strategic Risk Oversight
 The Role of Enterprise Risk Management (ERM)L
 Q&A
2
Introductions and Session Objectives
 Financial Institutions are facing more pressure than ever before from new
Financial Regulatory Reform and more stringent standards and limitations on
certain business activities.
 Part of that increased scrutiny focuses on the new product and strategic initiative
oversight processes, including:




Consideration of regulatory compliance requirements
Creating/enhancing a robust new product process
Drivers of new product opportunities
The role of risk management practices in strategic and new product initiatives
3
New Product Governance
4
Defining a “New Product”
New Product Quiz
A New Product is defined as a product or service…….





A: never before provided by the institution
B: previously provided but with changes, enhancements and/or modifications
C: previously provided but ramping up due to market opportunity
D: currently/previously offered but now subject to a change in regulation or policy
E: all of the above
5
New Product Regulatory Guidance and Industry Perspective
Remarks by Federal Reserve Board Governor Susan Schmidt Bies (2004)
•New products include products or services being offered to, or activities being
conducted for the first time in, a new market or to a new category of customers or
counterparties. For example, a product traditionally marketed to institutional
customers that is being rolled out to retail customers generally should be reviewed
as a new product.
•Significant modifications to products, services, and activities or their pricing warrant
review as a new product.
Defining New
Products
•Small changes in the terms of products or the scope of services or activities can
greatly alter their risk profiles and justify review as a new product.
•When in doubt about whether a product, service or activity warrants review as a new
product, financial firms should err on the side of conservatism and route the proposal
through the new-product approval process.
•Cutting short a new-product review because of a rush to deliver a new product to
market, or because of performance pressures, increases the potential for risk.
Source: Remarks by Governor Susan Schmidt Bies, At the Bond Market Associations Legal and Compliance Conference, New York, NY February 2004
6
New Product Regulatory Guidance and Industry Perspective
Standard & Poor’s Rating Criteria and Best Practices ERM For Financial Institutions
•The NPA process should be clearly documented in the risk management policy
handbook and should clearly articulate the steps required for approval.
Industry
Practices for
New Product
Oversight/
Approval
•There should be a specified time period of no longer than six months after the
transaction is initially approved for trading, after which its reviewed for consistency.
All transactions that go through the NPA process should be documented and tracked
through secure databases and electronic media.
•No proposed transaction should be expected to trade without a model validation and
vetting by Risk Management and a clear understand of the risk profile of the
transaction and its implications on the overall risk appetite of the firm and its
reputation.
•The CRO must be a member of the NPA committee and should be granted the
authority to sign off on all transactions. The NPA committee should include senior
individuals from all the decision support areas, namely, Operations, Legal, Tax, Audit,
Accounting, Risk Systems, Risk Analytics, Compliance, and Documentation, as well
as the representatives of the business units.
Source: Standard & Poors, Enterprise Risk Management for Financial Institutions, Ratings Criteria and Best Practices November 2005
7
New Product Regulatory Guidance and Industry Perspective
NASD and FINRA Complex Product Guidelines
Guidance For
Complex
Products
•
A new product committee may condition approval for a complex product on
specific limitations, such as limiting the sale of the product to customers meeting
certain characteristics and sophistication thresholds; or restricting the right to
market or sell the product to representatives who have completed certain
product-specific training courses.
•
Products approved on the basis of these restrictions, or based on critical market
assumptions, should be subject to a formalized, ongoing review of the conditions
of approval for up to one year. Customer complaints relating to the product
should also be tracked and monitored.
•
Some products may be approved by a new products committee subject to
certain restrictions, such as: “No more than X percentage of a customer’s net
worth may be invested in Y product, or any product similar to Y.”
•
A new product committee should not approve a product based on such a
condition unless it has determined, prior to approval. that the limitation is
feasible from the perspective of training, supervision and operations
•
Bright line Suitability Tests for Complex Products.
•
Certain “bright line” tests relating to the suitability of new products have emerged
through regulatory guidance,
Sources: 1 NASD Notice to Members 05-59, “Structured Products - NASD Provides Guidance Concerning the Sale of Structured Products,” September 2005
2 FINRA Regulatory Notice 10-09, “FINRA Reminds Firms of Their Sales Practice Obligations With Reverse Exchangeable Securities” February 2010
8
New Product Regulatory Guidance and Industry Perspective
US Treasury Department Report on Financial Regulatory Reform
•
•
•
CDOs and
Financial
Regulation
•
•
Federal banking agencies should promulgate regulations that require originators
or sponsors to retain an economic interest in a material portion of the credit risk
of securitized credit exposures.
Regulators should promulgate additional regulations to align the compensation
of market participants with longer term performance of the underlying loans.
The Securities and Exchange Commission (SEC) should continue its efforts to
increase the transparency and standardization of securitization markets and be
given clear authority to require robust reporting by issuers of ABS.
The SEC should continue its efforts to strengthen the regulation of credit rating
agencies, including through measures to promote robust policies and
procedures that manage and disclose conflicts of interest, differentiate between
structured and other products, and otherwise strengthen the integrity of the
ratings process.
Regulators should reduce their use of credit ratings in regulations and
supervisory practices, wherever possible.
Source: US Treasury Department Report on “Financial Regulatory Reform–A New Foundation: Rebuilding Financial Supervision and Regulation” in June 2009
9
New Product Approval Policy: Setting the Tone
• Set new product definition for the institution
– Define parameters and exceptions
• Define roles and responsibilities
– Submission, approval and ratification
• Provide a common language and approach for new product assessment
–
–
–
–
Articulate new product risk appetite
Describe acceptable and prohibited products
Define the exception process
Define an escalation protocol
10
New Product Approval Policy
(Illustrative)
Illustrative
Board of Directors
Risk Committee
CRO
New Product Committee
Approve/Ratify
Policy
Objectives
Policy Requirements
Scope/ Description
(Policy Statement &
Scope)
Definition of a New
Product
Establish
New Product
Approval Policy
Roles & Resp.
*New Product Approval Process
Policy
Exceptions*
Policy
Admin.
*Related
Polices
Definitions*
Appendices
**
Glossary
NPA Form
Listing of
Approved
Products
11
The Role of the New Product Approval Committee (NPA)
The NPA Charter should reflect the objectives, scope of authority, duties and
practices of the Committee and can include the following components:
•
•
•
Committee Authority
Decision vs. Information
Duties
• Committee Protocols
• Agenda
• Minutes
• Meeting frequency
• Membership (Voting and Non-voting)
• Examples New Product Committee practices can include:
• Review and perform an assessment of the New Product
• Make Recommendations on New Products to Enterprise Risk Committee.
• Oversee the New Product Approval Process, i.e. ensuring documentation is
collected and analyzed prior to recommendation
• Maintain and update the New Product Form, NPA Policy and NPA Process as
frequently as significant changes occur
• Monitor new product performance
.
12
New Product Committee (NPC) Protocols
Illustrative
Board of Directors
ERM
Function/CRO
Risk Committee
Approve/Ratify
Establish
NPC Charter
Constitution, Membership and Meetings
Authority
Duties
Quorum/
Voting
Agenda
Meetings
Minutes
Members
Comm
Chair
Committee
Secretary
Charter
Administration
13
New Product Approval: Supporting the Business Case
• Define sponsorship process for submission
– Who can submit a new product for approval?
– What documentation is required?
• New product risk assessment
– Consider impact to the institution’s risk profile
– Leverage existing risk management practices
• Risk categories, Metrics/Key Risk Indicator
• Assess profitability
– Key Metrics
• Cost to market, Capital impact, Projected P&L
• Approval authority
– Role and responsibilities
• NPA Committee, Senior Management, Board of Directors
14
New Product Approval Form
(Illustrative)
New Product/Initiative Approval Form
Instructions for completing the New Product/Initiative Approval Form:
1.
The Sponsoring Business Unit (“SBU”) should complete New Product/Initiative Summary Worksheet (pages 1 and 2) authorize it, and provide to
the Head of ERM for review
2.
The SBU should complete the New Product/Initiative Detailed Worksheets in consultation with the appropriate Risk Owners (see Appendix A - List
of Risk Owners )
3.
Risk Owners should sign off on their appropriate sections within the New Product/Initiative Detailed Worksheets
4.
The New Product/Initiative Approval Form must be approved by the Head of ERM and the Chief Risk Officer
5.
The New Product/Initiative Approval Form will be provided to the Enterprise Risk Committee for their review and approval
New Product/Initiative Summary Worksheet
Product/Initiative Information
Name of Product/Initiative:
SBU:
Cost of Initiative ($):
Planned Launch Date:
Target Approval Date:
Product/Initiative Description
Describe the product/initiative:
Describe the Strategic Objectives of the product/initiative?
What process changes are being impacted by this product/initiative?
What people changes are being impacted by this product/initiative?
What technology changes are being impacted by this product/initiative?
Risk Summary
#
1.
2.
3.
4.
5.
6.
7.
Risk
Category
New Material Risk?
Credit Risk
Market Risk
Liquidity Risk
Operational Risk
Compliance, Regulatory and Legal Risk
Strategic Risk
Reputational Risk
Risk?
No
No
No
No
No
No
No
Provide brief explanation below for both No and Yes:
Yes
Yes
Yes
Yes
Yes
Yes
Yes
15
New Product Approval Form
New Product/Initiative Profitability Analysis
New Product/Initiative Profitability Analysis
Please Provide assumptions related to the Product/Initiative Analysis
(Term Capital allocation, Cost of funds, etc.):
Estimated Volume:
Volume
Estimated Profitability:
Pre-Tax Income
Net Income
ROA
ROCE
Net Margin
Risk Adj Margin
Non-Spread Revenue
Total Revenue
Non-Spread % To Total
Revenue
Credit Quality:
Net Charge-Offs
% to AFR
Provision
Estimated Expenses
Expenses
% to AMA
Efficiency Ratio
(cont’d-Illustrative)
Yr. 1
Yr. 1
$
$
%
%
$
$
$
$
$
Yr. 2+
Yr. 2
$
$
%
%
$
$
$
$
$
%
$
%
-
$
%
$
$
%
%
%
-
$
-
$
%
%
Sponsoring Business Unit Approval
Authorized by:
Name:
Signature:
Date:
Approval
Head of Risk Management:
Name:
Signature:
Date:
Product Cancelled/Deferred:
Chief Risk Officer:
Name:
Signature:
Date:
Date of Cancellation/Deferral:
16
New Product Approval Process
• Final Approval
 Upon the recommendation of the New
Product Committee, approves new
products and services to be offered
• Recommendations for Approval
 Oversees the New Product Approval
Process/Policy
 Reviews New Product documentation
to ensure full evaluation of risk is
performed.
 Makes Recommendations on New
Products to Enterprise Risk Committee.
 Risk leaders sign off after vetting of
new product and New Product Committee
meeting is complete.
Executive Management Committee
(Approval)
BOD
Final
Approval
New Product Recommended for Approval For Some
New Products
New Product Committee
(Review and Approval)
• Completion of New Product Form
 Works with business line to solicit input
on potential benefits and risks of new
product.
 Should ensure that all necessary
documentation is collected and
researched to complete New Product
Form.
SBU Introduces New Product
Sponsoring Business Unit
(Pitches New Product)
17
Drivers/Triggers for the New Product Approval Committee
• New Regulation, i.e.:
– Dodd-Frank Act
• The “Volcker” Rule
– Will cause banks to exit certain proprietary businesses/products
• Compensation and Governance
• Living Wills/Basel III
– Capital Impacts of products and services
• New Regulators, i.e.,
– Dodd-Frank Act
• Systemic Oversight Council
• Consumer Financial Protection Bureau
• Migration of OTS oversight to OCC
• Changes in market conditions
– Changes in market conditions can drive the need to for new products including hedging
strategies for risk mitigation purposes or new products to capitalize on shifting consumer
market demand
.
18
Critical Success Factors for a Robust New Product Approval Process
• The definition of what is considered a New Product should be socialized across
the company to ensure accountability and compliance.
• There should be clear delegations of authority for approval, review by
constituents of business plan, and agreed materiality thresholds.
• The New Product Committee should have disciplinary authority in place to
address non-compliance.
• The Board of Directors should ratify product changes and in cases of changes in
strategy have approval authority.
19
Strategic Initiative Oversight
Strategic Risk Oversight Key Considerations
• Recognize strategy, strategic planning and assessment as an on going cycle
– Build in touch points
• Integrate existing risk practices into the strategic planning and assessment
process
– Consider risk by category
– Establish metrics/limits for on going monitoring
– Align strategic initiatives with committee oversight
• Determine protocols for assessment of risk to achieving strategic objectives:
– Role of Board, Management and Risk/Chief Risk Officer
– Articulate risk appetite and limits
• Timing and escalation protocols
21
Strategic Risk Management Considerations
Component
Risk management
culture
Evaluation criteria
 High level of involvement throughout the organization
 High-quality, well-structured risk management
practices
 Accuracy of risk identification and monitoring
Risk control
Extreme event
management
Strategic risk management
Risk
control
proces
ses
 Availability and effectiveness of programs for
compliance and post loss remediation
Extreme
event
manage
ment
Risk &
econo
mic
capital
model
s
Risk management culture
 Use of scenario analysis and stress testing which flow into an early warning system and a
disaster and contingency plan
 Ability to mitigate risk and keep an adequate amount of catastrophe reinsurance
Risk and economic
capital models
Strategic risk
management
 Capacity to develop and use accurate risk and economic models
 Capability to validate the data and results of these models
 Processes to ensure proper alignment of retained risk profiles
 Maintenance of metrics for strategic asset allocation and risk-adjusted return
22
Risk Assessment of Strategic Business Objectives and Initiatives
Strategic
Planning
Risk identification
Risk assessment and
prioritization
Key activities
 Review 3-5 year business plan,
business objectives, company goals
and strategies
 Based on information gathered, create
customized and company-specific risk
profile
 Gather research, documents, to identify  Develop risk ranking criteria (impact,
potential strategic initiatives
vulnerability, speed of onset)
 Document and prioritize strategic
initiatives
 Develop likely and worst case
scenarios from key external
risks
 On going discussion to
prioritize key strategic and
emerging risks for scenarios
 Develop monitoring roadmap
for tracking strategic initiatives
milestones and periodic status
reporting
On going cycle of planning, assessment and prioritization
23
Tools For Assessing Strategic Risk
• Peer Benchmarking
•
Consider performing a benchmarking analysis against industry peers
• Executive Workshops
•
•
•
Identify risks against strategic objectives
Critically evaluate strengths and weakness and target weakness
Reassess regularly
• Top down risk assessment
•
Identify and prioritize top 10 risks to the organization to achieving objectives
• Scenario analysis
•
•
•
•
Stress test business plans for relevant threat scenarios (e.g., economic downturn, cat and large losses,
competitive pressures, etc.)
ERM’s should focus on preparation of risk mitigation strategies that are designed to support senior
management’s business plan
Work closely with the finance and investment and functions to demonstrate the sensitivity of business plans to
external factors, underlying assumptions and unanticipated variance in assumptions.
Provide research and analysis on external trends that would inform senior management decision making
regarding areas of growth or investment
• Risk Selection
•
•
•
Assess and react to short term and long term market conditions to choose which risks to take and which to retain:
Consider using Risk Reward analysis or just combined ratio targets
Cycle Management (Credit, Interest Rate or Equity Market Cycles)
• Strategic trade-offs in Investment Selection
•
•
Assess risks based on risks embedded in products
Recognize long term view of risk adjusted returns of investment choices
24
Enterprise Risk Management can Facilitate Strategic Risk
Oversight and the New Product Approval Process
Management actions
Risk/Reward frontier
Reward
•
Risk
= same reward with lower risk
= higher reward with same risk
= higher reward with appropriately
higher risk
Capital allocations
•
ERM provides a framework for assessing the
benefits and risks of various strategic decisions:
– Identifying the potential risks inherent in a new
strategy
– Determining the changes in control frameworks,
governance, and reporting required to support a
new strategy
– Measuring the impact of strategic decisions on
company value on a risk-adjusted basis
Management can use ERM to determine the most
efficient allocation of capital across the organization:
– Using models to determine necessary levels of
capital to support each business and its risk
Strategy
•
ERM processes can be used to assess how specific
management actions move the company on the
risk/reward frontier:
– Providing a cost benefit analysis of specific risk
mitigation activities
– Determining the set of activities to be deployed
in the event of an extreme risk event
Communication
•
The insights gained through robust ERM practices
allow management to communicate more effectively
about risk:
– Designing clearer and more informative risk
disclosures that go beyond the minimum
requirements to better inform stakeholders
– Developing more robust risk reporting
frameworks
25
Questions & Answers
Presenter Biography
Firm Director
Financial Services Industry
Governance Risk & Regulatory
Deloitte & Touche LLP
New York, NY
+1 212 436 5346
[email protected]
Experience: Over 20 years experience assisting clients in
building, enhancing and integrating their risk management
practices.
Education: Rutgers University B.A. Information Management, M.B.A.
Finance
Dolores Atallo is a Firm Director and a tenured leader in the Governance Risk And Regulatory Strategy financial services
practice focusing on Enterprise Risk Management (ERM), Corporate Governance, Enterprise, Credit and Operational Risk.
Currently, she is the Co-Lead of the Deloitte Financial Reform Center of Excellence and the US Leader for Living Wills. She
also serves as the National Relationship Leader for the Federal Home Loan Bank System.
Dolores has extensive experience assisting clients in building, enhancing and integrating their risk management practices
from the Board of Directors to the business process level. She advises the firm’s financial services clients on full life cycle
risk management projects, by designing and enhancing ERM programs that assess risk as business impact and analyze
opportunities to efficiently leverage risk, control and compliance initiatives. In this role, she advises board members and
senior management in matters of governance practices, committee charters and structures, articulation of risk appetite,
thresholds, metrics and risk program branding, linkage to strategy, cultural integration and program implementation,
including training and facilitation.
Prior to joining Deloitte & Touche in 1996, Dolores was a charter member of Coopers & Lybrand’s In-Control Services
Practice, an early adopter among the Big Four to focus on the linkage between governance, risk management, internal
controls and regulatory compliance. She specialized in risk management and regulatory services for the financial services
industry and also served as the global leader for COSO training.
Dolores speaks and publishes extensively on topics related to enterprise risk management most recently for the Federal
Financial Institutions Examination Council (FFIEC), Fiduciary Investment Risk Management Association (FIRMA), the
Professional Risk Managers International Association (PRMIA) and International Financial Services Association (IFSA).
27
This presentation contains general information only and Deloitte is not, by means of this presentation, rendering
accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a
substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may
affect your business. Before making any decision or taking any action that may affect your business, you should consult a
qualified professional advisor.
Deloitte, its affiliates and related entities shall not be responsible for any loss sustained by any person who relies on this
presentation.
Copyright ©2011 Deloitte Development LLC. All rights reserved.
A member firm of
Deloitte Touche Tohmatsu
28