از شمارش ریسک تا تعداد دفعات ایجاد ریسک : کار مرزی در مدیریت ریسک
کد مقاله | سال انتشار | تعداد صفحات مقاله انگلیسی |
---|---|---|
752 | 2011 | 20 صفحه PDF |
Publisher : Elsevier - Science Direct (الزویر - ساینس دایرکت)
Journal : Accounting, Organizations and Society, Volume 36, Issues 4–5, May–July 2011, Pages 226–245
چکیده انگلیسی
For two decades, risk management has been gaining ground in banking. In light of the recent financial crisis, several commentators concluded that the continuing expansion of risk measurement is dysfunctional (Power, 2009 and Taleb, 2007). This paper asks whether the expansion of measurement-based risk management in banking is as inevitable and as dangerous as Power and others speculate. Based on two detailed case studies and 53 additional interviews with risk-management staff at five other major banks over 2001–2010, this paper shows that relentless risk measurement is contingent on what I call the “calculative culture” (Mikes, 2009a). While the risk functions of some organizations have a culture of quantitative enthusiasm and are dedicated to risk measurement, others, with a culture of quantitative scepticism, take a different path, focusing instead on risk envisionment, aiming to provide top management with alternative future scenarios and with expert opinions on emerging risk issues. In order to explain the dynamics of these alternative plots, I show that risk experts engage in various kinds of boundary-work (Gieryn, 1983, 1999), sometimes to expand and sometimes to limit areas of activity, legitimacy, authority, and responsibility.
مقدمه انگلیسی
Risk management has been gaining ground in banking for the last two decades (Mikes, 2009b and Power, 2009), fueled by regulators’ and market participants’ long-held dream of taming uncertainty. This dream, in itself, is a manifestation of the “quantificational spirit” of our age, in which a “tyranny of numbers” (Boyle, 2001) brings uncertainty and complexity to heel. In particular, developments in financial economics have organized market uncertainty into recognizable categories of quantifiable risk (Bernstein, 1996 and Millo and MacKenzie, 2009). But is this growth of risk management in banking inevitable? Is it dangerous? And is it really “risk management” that is steadily staking out new territory—or is it a variety of risk managements? Paradoxically, the growth of risk management is often stimulated by what appear to be its failures. The two-decade history of modern risk management in banking has been punctuated by corporate failures (Barings Bank), large-scale one-off losses (often associated with fraud, such as those suffered by Allied Irish Bank in 2002 and Société Générale in 2008), relatively localized systemic crises (such as the Asian bank crisis of 1996 and the Russian bond crisis of 1998), and, last but not least, a systemic financial crisis on a scale never seen before. Each of these events was cast as a risk-management failure, yet the ideal of risk management has survived. The financial crisis of 2007–2009 led regulators and industry observers to call for firms to have executives exclusively devoted to enterprise-wide risk oversight, particularly since it emerged that one of the victims of the subprime credit debacle, Citigroup, had ineffective risk oversight and another, Merrill Lynch, had no chief risk officer (CRO) at all (Dobs, 2008). Many argue that the chief risk officer’s role in corporate governance is going to grow. As National City’s CEO, Peter Raskind, argued in a 2008 issue of The American Banker: “This environment has absolutely underscored the need for that person. But it’s not just credit risk. It’s operational risk, reputation risk, and so on. Nobody wants another 2007” (Dobs, 2008). In response to the proliferation of the measurement imperative in economic life, Power (2004a) proposes an explanatory framework which postulates that the evolution of performance management is a cyclical recursive process of “counting, control, and calculation,” punctuated by innovation, crisis, and revision. These two sequences are intertwined: Controlling experts develop methods of counting (each of which is an innovation) and use them for control until there is a crisis, which forces them either to (re)calculate in order to intensify their control or else to subject their counting methods to revision or reform. What makes Power’s “metrological dramas” cyclical is that, in the face of crisis and criticism, proponents of “counting” do not abandon their measurement efforts but, rather, intensify them (Power, 2004a), something which made Power himself uneasy. Having modeled organizations’ relentless drive to expand performance measurement into hitherto uncontrolled areas, he began to warn against the consequences of that expansion (Power, 2004a, Power, 2004b and Power, 2009). He argues that, as risk management continues to evolve through cycles of innovation in measurement, crisis, and revision, it pushes metrics into more and more areas which are properly the domain of human judgment, with results that are “at best ambivalent and at worst dysfunctional” (Power, 2004a: p. 771). In light of the recent financial crisis, Power concluded that the risk management of everything turned out to be the risk management of nothing (Power, 2009; see also Taleb, 2007). While Power’s framework of “counting, control, and calculation” and his expectation that pushing risk-management practices ever further is likely to be dysfunctional have provoked much thought and discussion, both still await empirical scrutiny. This paper is a first attempt to apply his framework in the field. Based on two detailed case studies (first reported in Mikes, 2009a) and 53 additional interviews with risk-management staff at five major banks over 2001–2010, I show that Power’s cycle is contingent on what I call the “calculative culture.” Controllers who display “quantitative enthusiasm” would do what Power’s model suggests, but there is another control style which takes a very different path. One of my in-depth field studies fitted Power’s cyclical conception. In this organization (referred to as Fraser Bank), risk metrics gradually colonized hitherto uncontrolled areas of uncertainty, even in the face of recurring internal organizational crises when risk methodologies came under scrutiny from external and internal constituencies. The other field study (in an organization referred to as Goethebank), however, suggested an alternative style of risk management which resists the urge to push metrics into carefully protected areas of judgment. In this style of risk management, the emphasis is on using “softer” instrumentation1 to frame and visualize non-measurable uncertainties. To understand how some organizations displaying a particular calculative culture come to be so committed to risk measurement while others with a different calculative culture do not, I draw on sociological studies of expertise to argue that risk experts engage in boundary-work (Gieryn, 1983). That is, for a variety of reasons, experts try to define what is and is not their remit, often with respect to competing or complementary fields of expertise. My field studies suggest that the boundary-work of risk experts furthers two different approaches to risk management, depending on the calculative cultures they display. Some risk controllers who adopt quantitative enthusiasm expand first-order measurements2 (initial risk quantification) into new domains of risk, and use these measurements to create second-order measurements (risk aggregation), which not only demarcate an aspect of performance (risk-adjusted performance) but also signify a distinct expertise which entitles the controller to a degree of organizational control. Other risk experts (displaying quantitative scepticism) combine initial risk measurements with “envisionment” practices based on the controller’s experience and intuition, and expand “softer” instrumentation into the domain of non-measurable strategic uncertainties. By focusing risk quantification to first-order measurement, controllers in this group lack the analytical mystique wielded by those in the first group and they appear to have deliberately left the boundaries between themselves and the rest of the organization blurred and porous in order to influence decision makers in the business lines. But what might be a hindrance to creating a distinct expert group—one kind of boundary-work—can be a help in crossing organizational boundaries in order to “get things done” in the business lines—another kind of boundary-work. While the first approach appears to be more effective in creating an independent and distinct expert function, its practitioners seem to have limited relevance to (or lack the ambition to participate in) the discussion of non-measurable strategic uncertainties. This paper is organized as follows: The first section introduces risk management and outlines four major themes that guide its technical development: first-order measurement, second-order measurement (or risk aggregation), control (risk-based performance measurement), and remedial calculations. The second section introduces the notion of boundary-work in order to focus and structure my analysis of the field cases. In the next sections, I apply this framework to the cases of Fraser Bank and Goethebank and show how the five additional cases shed further light on the characteristics and conditions of possibility for the alternative pattern of risk management—risk envisionment. The final section concludes and outlines further avenues for research.
نتیجه گیری انگلیسی
Despite similarities in their structural arrangements and risk-management techniques, risk functions in different organizations play out their own characteristic metrological dramas. Table 1 illustrates this point for Fraser Bank and Goethebank. Both banks introduced risk-management functions in the wake of a crisis. In both banks, those functions gained formal status and visibility through the appointment of senior risk officers and the establishment of reporting channels to the board. Both functions were successful in introducing new first-order risk measures (e.g., value-at-risk) and both regularly produced specialist risk information for top management and the board. At Fraser, economic capital, a second-order risk measure, filled a gap in value-based management by offering a risk-based measure of capital charges. Nevertheless, economic capital calculations had to be made to work by balancing the reliability and relevance of risk calculations with the fairness and internal legitimacy of the process. The legitimacy of risk measurement was thus not immediately self-evident; it was constructed. The idea at Fraser that economic capital numbers reflected the true risk profiles of business units may have been a myth, but that did not make it any less powerful. Risk managers had constructed the legitimacy of risk-based performance management. They fostered and reinforced a culture of quantitative enthusiasm, which was shared by a host of external onlookers: risk-management peers who advocated economic capital as a best practice and bank regulators who actively encouraged the expansion of risk quantification into new realms of uncertainty. Although risk calculation effectively redefined performance measurement at Fraser, the influence of the risk function stopped short of key strategic decisions, which (theoretically) were in the realm of the unmeasurable and (in practice) were claimed by the planning function. By declaring its remit to be the quantifiable risk universe, the risk function was excluded from top managerial discussions of strategic uncertainties. In contrast, the language of economic risk at Goethebank failed to redefine the planning and performance-measurement processes. In that management environment, risk calculations (second-order risk measurement such as economic capital modeling) were not seen as having the administrative objectivity of profit-and-loss accounts and statutory solvency metrics. Goethebank’s senior risk officers concerned themselves less with the measurable risk types than with the unmeasurable. Searching for critical data that could not be readily quantified, they secured relevance in the discussions preceding major strategic decisions. Their role, at the time of the case study, was to regularly set the discussion agendas for top management and to informally collect, share, and distribute information. The mode of questioning and investigation they brought to top management discussions was not diagnostic. Instead it was interactive (Simons, 1991) and these senior risk officers positioned themselves as “self-reflective and self-improving” organizational actors (Power, 2007: p. 23). They shifted the concept of risk management from a disciplinary and backward-facing practice involving narrowly defined technical expertise for the counting of risks to a forward-looking and anticipatory practice providing knowledge leadership and strategic advice to top management, proving that, even without elaborate calculations, risks can count. The regulatory imperative should not be underestimated as a driver of coercive isomorphism in the banking sector. Due to the compliance imperative, the risk functions I observed at seven banks between 2001 and 2010 were engaged in similar risk-management projects, which included developing risk measurements for market, credit, and operational risk and an economic capital approach for the internal allocation of capital. The senior risk officers I interviewed had divergent opinions on the benefits and limitations of the available risk-modeling initiatives. CROs at Fraser Bank and Banks A, B, and C were committed to extensive risk modeling and fostered a culture of quantitative enthusiasm in which risk models were regarded as robust and very relevant decision making tools, particularly for planning and performance management. In these banks, “risk-counting” experts gradually expanded the modeling infrastructure to uncover the natures and distributions of hitherto unknown uncertainties and classified and measured these as part of the operational-risk category. Once these additional risk assessments became part of the risk-measurement framework, they influenced the aggregate risk calculations (economic capital). But linking these risk calculations to planning and performance measurement was not automatic. Senior risk officers were aware that their numbers had to be made to work—a political rather than a technical challenge. There was an alternative approach to risk control that did not privilege risk measurement but rather focused on the envisionment of decision-relevant risks. Risk officers at Goethebank and Banks D and E attempted to mobilize judgment and soft instrumentation to provide top management with alternative future scenarios and with expert opinions on emerging risk issues. Their quantitative skepticism de-emphasized risk models in decision making; they saw their roles as devil’s advocates, searching for relevant intelligence and channeling it to the apex of the organization.