The events of 11 September will have far reaching consequences for the financial services industry. David La Bouchardiere reviews some of the implications and countermeasures

With the possible exceptions of travel and transportation, few industries have felt the shock of the World Trade Center attack as deeply as financial services. In the insurance sector, this has been the costliest disaster in its history. Many segments have been affected, especially large commercial, reinsurance and retrocession business. Although the immediate focus is on settling the huge claims involved, the more significant effect will be on the future nature of insurance terms.

In the immediate future, all securities firms will face the challenge of operating in a more volatile market, as investors wait to see how the world economy responds to the events of 11 September. In the months ahead, retail banks are likely to further review lending criteria for companies in industries traumatised by the attack, particularly airline businesses. Consumer banks may also decide to tighten lending criteria in response to a slowing economy.

The attack showed how important it is for financial services companies to back up critical IT functions. Banks that were not directly affected by the attack may have returned to business as usual, but some will decide to revisit their data recovery and business continuity plans.

Assessing the risk
Many financial services risks are intangible, but need to be assessed on a tangible basis. This can be dealt with in three steps. First, building a model of the risk will cut through the complexity. A simple example of a risk model is the street map we use to minimise the risk of getting lost in a city. The map condenses all the information we need, but it also excludes the vast amount of information that would distract us. This is what a risk model does.

Second is the process of identifying the data needed to understand the risk. In the map example, we might want to find the route with minimum risk of traffic delay. We would establish alternative routes, and so define the streets on which we needed data on traffic flows. This definition of the data is what we call a data model.

Finally, we need the actual data - in the example above, on actual traffic flows. In the operational infrastructure of financial institutions, this can be done by using the above data model as a blueprint, which guides a data mining software tool to collect the data needed.

The criticality of an up to date risk model was illustrated in the aftermath of the World Trade Center attacks. The Bank of New York’s main computing centre was only yards from the scene. Their contingency plan for cheque processing involved the use of a backup site in lower Manhattan. But this was judged too close. So they changed their risk contingency plan, and established a backup site across the Hudson river.

David La Bouchardiere works in IBM financial services department, E-mail: labouchd@uk.ibm.com

Managing Risk

Operational risk
The most evident risk is to the operational viability of the institution. The risk areas include hacking, fraud, system failure, counter-party failure or process failure.

Solutions
Assessment identifies weaknesses in the operational processes.

Information security establishes countermeasures against security threats.

Network management achieves the level of network resilience you need.

E-business infrastructure achieves the required automation of both your value and supply chains.

Capability risk
Another set of risks are to the basic capabilities which underpin the business operation. These risk areas include premises, staff, systems infrastructure and corporate knowledge.

Solutions
Business continuity aims to fail proof your disaster recovery plans.

Strategic outsourcing enables you to transfer operational risks to a specialist.

Knowledge management uses database technology to translate knowledge into tangible business value.

Infrastructure management ensures that it is as robust, scalable and secure as you need.

Financial risk
Risks to operations and capabilities can affect the financial operation of the institution. The risk areas include asset quality, cost, customer behaviour, business volumes and business case management.

Solutions
Financial market solutions include e-markets, wealth management and straight through processing.

E-enterprise solutions use web based technology to help implement enterprise-wide processes.

Customer relationship management enables you to profile your customers for rifle shot marketing.

Business value management increases customer satisfaction by raising the level of interaction with them.

Compliance risk Regulators are tightening the compliance rules. The risk areas include customer identification, counter-party identification, ‘suspicion’ analysis, transaction flagging, reporting dynamics.

Solutions
Money laundering solutions enable compliance with regulatory rules on ‘know your customer’.

Data mining solutions use artifical intelligence to spot transaction patterns that can be evidence of fraud.

Neural networks find new ways to organise information to help identify and combat the fraudster.

Smartcard solutions use chip technology to achieve high security in network based transactions.