Held to Ransom(ware)

by Michael Arbow MBA

Partner, RSD Solutions Inc.

www.rsdsolutions.com

info@rsdsolutions.com

 

Recently my computer was hit with some ransomware while downloading a file. Ransomware is a computer program that holds a computer system, or the data it contains, hostage against its user by demanding a ransom for its restoration. In my case this was $60 to a company that seemed to be spoofing one of the major software houses except for the poor grammar, washed out colours and their insistence I tell my boss, children and spouse about the computer invasion. Luckily I have a back-up computer: slightly different in set-up, workable and it was aquired for free (thank you @dougestey). In the mean time I have restricted my operations slightly, communicated my situation to the Partners of the firm and business contacts and re-arranged work activities while I get the ransomware sorted out.

This personal incident has some interesting corporate risk management applications. What are your backup plans for operational hiccups, including communications to others both internally and externally? Is your backup affordable and not over-spec'd so that you won't hesitate to use it? And finally, what plans to you have in place for recovery?

Political Risk

by Rick Nason PhD, CFA

Partner RSD Solutions Inc.

www.rsdsolutions.com

info@rsdsolutions.com

 

I had a guest speaker in my capital budgeting class last week. They were explaining to my students the various capital budgeting techniques that they used at their firm. The speaker then stopped and said – in a moment of frankness – that in reality a lot of capital budgeting decisions were premade for political reasons long before a calculation was even begun.

All organizations involve people, and whenever people are involved so will politics be involved. As much as we in academia and the consulting fields like to think of ourselves as being purveyors of great rational concepts, the reality needs to be explicitly recognized that politics more often than not trump rational decision making.

When you read the title of this blog, I suspect that you thought I was going to blog about governmental politics. While changes in government policy are definitely risks to be managed, they are risks that are relatively easy to manage due to their transparency and openness. We expect elected officials to act in their own political interests.

I conjecture that the far bigger political risk is the internal political risk that affects the rationality of risk decision making within an organization. These are risks that are not discussed for (wait for it) principles of political correctness or politeness. We are starting to get some rumours out that internal political decisions in the crippled nuclear reactor in Japan may have made the crisis worse – against rational decision making. Are political risks influencing risk decision making in your organization potentially leading to a melt-down?

My Car is a Fraud

by Rick Nason PhD, CFA

Partner RSD Solutions Inc

www.rsdsolutions.com

info@rsdsolutions.com

 

There has been a whole lot of writing lately about how Value at Risk (VAR) is a fraud as a risk measure. Not quite sure what all of these writers are complaining about so I thought I would try out some of their reasoning. To do so I tried to make a latte with my car. You know what – the people who claim that VAR is a fraud are right – I could not make a latte with my car – although it is what I consider to be quite a nice car.

After reading that paragraph you are probably thinking that I have gone loco. Of course I cannot make a latte with my car. My car (any car) is for driving, not for making lattes. Even a child knows that. However those who argue that VAR is a fraud because it did not allow financial institutions to see the crisis coming are missing the point – just as I am missing the point thinking that my car could make a latte.

VAR and other risk measures and tools are actually quite good at what they are designed for. VAR however is not a prediction tool for a crisis, and VAR is not a great tool for assessing systematic risk.

All too often in risk – as in other fields – we have a temptation to use whatever tools we have for whatever purpose. It is just like the old saying that “to the inexperienced builder holding a hammer that everything looks like a nail.” Just because you have a specific tool or metric that some smart people developed, does not mean it is appropriate in all cases and for all situations. That is simply common sense.

Meanwhile I have to go get into my car so I can go get a latte at Starbuckys.

Reputational Risks

by Stephen McPhie, CA

Partner, RSD Solutions Inc.

www.rsdsolutions.com

info@rsdsolutions.com 

 

In late December 2010, Bank of Montreal (BMO) agreed to acquire Marshall & Ilsley, a Wisconsin bank, in an all stock deal at a premium of around 34% to M&I’s share price which had been on a downward trend since early 2010.  M&I had been bailed out, mainly due to bad real estate loans and BMO also agreed to purchase $1.7BN preferred shares from the U.S, government issued under the Troubled Asset Relief Program or TARP. 

The transaction appears to have strategic logic in extending BMO’s Chicagoland subsidiary through Harris Bank into a contiguous area and was welcomed by some analysts at least.  It also illustrates how Canadian companies can take advantage of the strong Canadian dollar in looking at strategic acquisitions in the U.S. and how Canadian financial institutions have the double advantage of depressed prices for many U.S. businesses in the sector. 

However, there has also been some criticism and bad press concerning both the acquisition of M&I and M&I itself.  Repaying the TARP funds to the U.S. government allows a number of executives of M&I to be enriched by the deal under change of control clauses.  In fact the CEO of M&I gets $18 million and a bigger job – he will become CEO of Harris.  Otherwise, conditions under the TARP program would not have allowed such a payout. 

Now there’s some further news.  In Wisconsin, as in other states, inevitable government cut backs are starting to be felt.  Also inevitably a lot of people that are being hurt feel very aggrieved that the mess was not their fault and that a lot of those responsible got rich.  Now there is a campaign to punish companies that helped the governor and one of those businesses happens to be M&I Bank.  Seems that a number of people have been withdrawing their funds from the bank.  Fortunately for BMO this does not seem to have become a fully fledged run on the bank but I’m sure there were a few anxious moments high up in First Canadian Place in Toronto (BMO’s main office). 

Will this hurt BMO’s business in the Midwest?  Probably not much in the long run - and it is a long-term investment.  Nevertheless, it would have been interesting to see the internal risk assessment done by BMO when evaluating this deal.  Would these factors have made it onto the list of known unknowns or unknown unknowns (to borrow a phrase from a former high U.S. government official)?  How much foresight and imagination do you put into your risk assessments for your business?

For more on this story, click the link to a Huffington Post article:

http://tinyurl.com/4rbtlfy

Prestigious Risk Management Association Journal publishes article by Rick Nason

by Michael Arbow MBA

Partner RSD Solutions Inc

www.rsdsolutions.com

infor@rsdsolutions.com

 

We at RSD Solutions are proud to announce that Rick Nason (Partner) has an article published in the March issue of the prestigious RMA Journal.  Entitled "It's not Complicated", Rick suggests and applies three frameworks used in science as new ways of thinking about problems and on how applying these framework would provide opportunities for make the risk industry more effective in dealing with future crises.

The Risk Management Association (RMA) is a world wide recognized association that specializes in promoting effective and prudent risk managment practices for institutions of all sizes across the entire financial services industry.  The Association has approzimately 3,000 institutional members including banks and non-financial instituitions and consist of 18,000 risk management members who work in financial centres thoughout North America, Europe and Asia/Pacific.  The RMA Journal is recognized in the industry as a platform for risk specialists to put forward leading edge ideas on risk and corporate risk management focusing on the areas of finance.

Congratualtions to Rick and a special thank you and acknowledgement to the RMA for permitting us to share Rick's article.

 

To learn more about the RMA follow the link:

http://www.rmahq.org/RMA/

To read Rick Nason's RMA Journal article in full, click on the link then open the pdf:

http://tinyurl.com/4abuawb

 

 

On Vacation

by Rick Nason, PhD, CFA

Partner, RSD Solutions Inc.

www.rsdsolutions.com

info@rsdsolutions.com 

 

Just got back from vacation.  Had a great time thank-you –- with the exception of one major event.  While tooling around Curacao on scooters, the couple my wife and I were traveling with flipped their scooter in a pothole at one of the island’s busiest intersections.  No long term serious injuries thankfully, but it did require an ambulance ride for both of them (and became a front page story). 

As we were following behind them when the accident occurred, both my wife and I got off of our scooters and went into action – as did many by-standers.  (The people of Curacao by the way are some of the friendliest people you will ever meet.) 

Later that night at our resort, after the hospital trip, the police reports, and the confirmation of no long term injuries (although it will be a bit before one of our friends is out of a wheelchair) I had a bit of time to debrief.  Here’s the interesting part.  As I am replaying the events in my head I could not help assessing things as (a) any normal person on vacation would, and (b) as a risk management professional.  I will leave it to you dear reader to figure out what the differences (if any) were between my two different sets of analysis were, but I think it does raise an interesting question: “Do you as a manager think of things differently when you have your ‘manager-hat’ on than you do when you have your ‘risk-manager’ hat on?”  Should you be thinking differently?

How Bad

by Rick Nason, PhD, CFA

Partner, RSD Solutions Inc.

www.rsdsolutions.com

info@rsdsolutions.com

 

In my Enterprise Risk Management class I always assign a situation to my students and ask them to come up with the greatest imaginable risk scenario. This exercise is to get them to think creatively, expansively and outside of the box – three thinking traits that I strongly believe that risk managers must have, but seldom do.

I received an e-mail this week from one of my former ERM students. His e-mail was wondering that if I had assigned a Japanese nuclear power plant as the situation, would the class have come up with a situation as bad as what is currently happening?

It is a good question. Have the events in Japan got your risk team thinking if their scenario analysis is as creative, expansive and outside of the box as they should be?