RiskManagement

in FinanceSix Sigma and Other

Next-Generation Techniques

ANTHONY TARANTINODEBORAH CERNAUSKAS

WILEYJohn Wiley & Sons, Inc.

Contents

Preface xv

Acknowledgments xix

About the Contributors xxi

CHAPTER 1Introduction 1

Organization of This Book 3Why Read This Book? 4Note , 4

CHAPTER 2Data Governance in Hnancial Risk Management 5

Introduction 5Data Governance Center of Excellence 6Data Governance Assessment 8Data Governance Maturity Model 8Best Practices in Data Governance 10Conclusion: Next-Generation Techniques to Reduce Data

Governance Risk 12Notes 13

CHAPTER 3Information Risk and Data Quality Management 15

Introduction 15Organizational Risk, Business Impacts, and Data Quality 15Examples 17Data Quality Expectations 19Mapping Business Policies to Data Rules 21Data Quality Inspection, Control, and Oversight: Operational

Data Governance 21Managing Information Risk via a Data Quality Scorecard 22Summary 24Notes 24

vii

Viji CONTENTS

CHAPTER 4Total Quality Management Using Lean Six Sigma 27

Introduction 27Performance Targets 28Process for Excellence 30Process Improvement 31Summary 35

CHAPTER 5Reducing Risk to Financial Operations through Information Technologyand Infrastructure Risk Management 37

Introduction 37The Problem 37Risk Source and Root Cause 42Risk Management 43Closing Comments 45Global IT Standards Matrix 47Links to IT Risk Associations and Agencies 49

CHAPTER GAn Operational Risk Management Framework for All Organizations 53

Introduction 53Definition and Categorization of Operational Risk 54How Auditors and Regulators Approach Risk Management 56How Rating Agencies Evaluate Operational Risk 57An Operational Risk Framework for All Organizations 57Conclusion 59

CHAPTER 7Financial Risk Management in Asia 61

Introduction 61Risks in Asian Supply Chains 63Risks in Asian Financial Markets 67Conclusion 73Notes - 73

CHAPTER 8Doing Business in Latin America: Lessons Learned and Rest Practicesfor the Protection of Foreign Investors 75

Introduction 75The World Bank Indicators 76Protection of Debt Investors 79Protection of Minority Owners 82Conclusion 85

CHAPTER 9Mitigating Risk Exposure in TransiHoning to the IFRS 87

Introduction 87Revenue Recognition Risks (IAS 18) 90

Contents IX

Derivatives (IAS 39) and Hedging Risks 91Share-Based Compensation and Pension Risks 93Nonfinancial Asset Risks 94Off-Balance-Sheet Risks (Financial Assets) 94Tax Liability Risks 96Other Liability Risks 96Financial Liabilities and Equity Risks 97Business Combination Risks (Mergers and Acquisitions) 97Financial Services Industry Risks 99Conclusion: Suggestions to Reduce the Conversion Risks 100Notes 101

CHAPTER 10Quantitative Operational Risk Management Methods 103

Introduction 103Operational Risk Overview 105Quantitative Methods 106Modeling Approach Operational Risk 107Operational Value at Risk 107Multifactor Causal Models 108Regime Switching Models 109Discriminant Analysis 110Bayesian Networks 111Process Approach to Operational Risk 111Business Process Modeling and Simulation 111Precursor Analysis in Operational Risk Management 112Agent-Based Modeling 113Six Sigma Approach to Quality and Process Control: Failure

Modes and Effects Analysis 113Conclusion 115Bibliography 115Notes -> 116

CHAPTER 11Statistical Process Control Integrated with Engineering Process Control 117

Introduction 117Control Schemes 118Statistical Process Control 119Engineering Process Control Systems 121Finance Example 125Conclusion 130Bibliography 130Notes 130

CHAPTER 12Business Process Management and Lean Six Sigma:A Next-Generation Technique to Improve Hnanciai Risk Management 131

Background 131Historical Perspective 133

CONTENTS

BPM in Financial Services—Functionality to Look For 134Survey of Cross Industry Deployments of BPM Solutions 135Benefits of BPM over Traditional Process Development - 136Pulte Mortgage Case Study 136Ameriprise Financial Case Study 136Lean Six Sigma's SIPOC Approach to BPM 137Conclusion 139Notes 142

CHAPTER 13Bayesian Networks for Root Cause Analysis 143

Introduction: Risk Quantification in Finance 143Causal Knowledge Discovery 144Bayesian Networks 147Conclusion 151Bibliography 151

CHAPTER 14Analytics: Secrets to Deriving Business Value and Insightsout of Information 153

Abstract 153Introduction 154Information Technology and Service Evolution 155Information Analytics Technology Landscape 156Future Analytics Technologies 166Conclusion 167Notes 167

CHAPTER 15Embedded Predictive Analytics: Transforming Risk Management fromReview Function to Competitive Advantage 171

Introduction 171Execution Risk in the Financial Services Industry 171Business Processes 172Predictive Analytics: Technology-Enabled Analytic Methods 173Conclusion: Managing Risk Competitively 180

CHAPTER 16Reducing the Financial Risks in Litigation and Legal Discovery 183

Background 183The Sedona Conference and the New Rules of Civil Procedure 184U.S. Court Rulings under the New FRCP 189U.S. Rulings Impacting Businesses Outside the United States 192Best Practices and Next-Generation Techniques 193Conclusion 195Notes " 195

Contents XI

CHAPTER 17The Circle of Trust 197

Introduction 197Is Three Sigma Good Enough? 198Economic Value of a Sigma 199The Six Sigma Audit 200Conclusion 202Notes 202

CHAPTER 18Reducing Liability Risk through Best Environmental Practices 203

Introduction 203The Economy and the Environment 205Environmental Risks: Risks and the Securities and Exchange

Commission (SEC) 206Impact of Industrial Environmental Management on Firms

Competitive Advantage 208Shift in Industrial Ecosystem toward Sustainability 210Industrial Profitability and Sustainable Development 212Pollution Trading and Firms Financial Performance , 214Conclusion 215Notes 215Bibliography 218

CHAPTER 19Beyond Segregation of Duties: Next-Generation Techniques inEvaluating User Access Control Risks 219

Introduction , 219User Access Controls, Not Just Segregation of Duties 219Risk Assessment Methodology 220The Next Generation of Segregation of Duties: User Access Controls 221Current State and Future Direction of Risk Advisory and Audit Firms 227Current State and Future Direction of ERP Software Vendors 230Conclusion 231Notes 232

CHAPTER 20Transaction-Based Cross-Enterprise Risk Management 233

Overview 233Background 234Basel II and Current U.S. Implementation 235Current State of Enterprise Risk Management 236Financial Accounting versus Risk Accounting 24010 Principles of Effective Enterprise Risk Management 240A Transactional Approach 241Cross-Enterprise Solution 244Predictive Risk Models 250Conventional Solutions versus Cross-Enterprise Process 251

XII

ConclusionNotes

CHAPTER 2 1Throughput Accounting

BackgroundThe Five Focusing StepsThroughput AccountingElements of Throughput AccountingEvaluating Financial DecisionsRole of a ConstraintApplying T, I, and OE to Traditional Business MeasuresProduct Cost—Throughput Accounting versus Cost AccountingAnalyzing Products Based on Throughput per Constraint UnitHow Can a Company Increase T/CU?Key Decisions Areas to Apply Throughput AccountingSummaryAppendix: Common Questions and AnswersNotes

CHAPTER 22Environmental Consistency Confidence: Scientific Method in HnanciaiRisk Management

IntroductionParadigms Applied—Values, Control, Reengineering, and CostingEnvironmental Consistency Confidence—Statistical Head,

Cultural HeartWhat Is a Key Risk Indicator (KRI)?Case Study: Global Commodities FirmPredictive Key Risk Indicators for Losses and Incidents

(PKRIOLI) IssuesCase Study: European Investment BankWhat Is Current Practice?Bigger Canvases for Scientific ManagementConclusionBibliographyNotes

CHAPTER 23Quality in the Front Office: Reducing Process Variationin Trading Firms

Introduct ionDevelopment Methodology for Quanti tat ively Driven Projects

in FinanceWaterfall Process for Cont inuous Improvement (Kaizen)ConclusionNotes

CONTENTS

254255

257257258259260261262263264266268269270271272

273273275

276277278

280280283285286287287

289289

290296296296

Contents Xiii

CHAPTER 24The Root Cause of the Global Hnanciai Crisis and Corporate BoardReforms to Prevent Future Failures in Risk Management 299

Introduction 299Background to the Global Financial Crisis of 2007-2009 299Why This Crisis Deserves Close Scrutiny 300The Root Cause of Catastrophic Failure in Financial Risk

Management 301How to Prevent Future Failures in Financial Risk Management 303Conclusion 318Notes 319

Index 321