Is Risk Management a Source of Risk?
I recently responded to a question about risk management failure on one of the LinkedIn groups I subscribe to. Jacek Marczyk, a risk management consultant, responded to a CNN article entitled "The risk fallacy" by asking whether risk management is itself a source of risk.
Jacek's view, reflected in his article (here), seems to be that the Big Financial ferms failed because they neglected to factor market complexities into their risk models; and, moreover, that we all need to get better at modeling complexity. Although I agree with the second point (with a tip o' the hat to the quants out there), I disagree with the first. Now that government investigations, referenced below, and a heap of anlysis have exposed many of the factors behind The Fall, it seems fairly clear that AIG, Lehman, Morgan Stanley, and Bear Sterns suppressed risk management from the top down. Not only did they not go the extra mile with their risk models, they never really left the bench.
For those of us who support the quantification and qualification of risk, this is good news: the Big Financials' risk management failures cannot be taken as indicative of the futility of risk management, managerial or operational. Their chief indication is simply bad board oversight and excecutive accountabiility at the afflicted firms.