You are currently browsing the category archive for the ‘Information Management (IM)’ category.
Our benchmark research on enterprise spreadsheets explores the pitfalls that await companies that use desktop spreadsheets such as Microsoft Excel in repetitive, collaborative enterprise-wide processes. Because people are so familiar with Excel and therefore are able to quickly transform their finance or business expertise into a workable spreadsheet for modeling, analysis and reporting, desktop spreadsheets became the default choice. Individuals and organizations resist giving up their spreadsheets, so software vendors have come up with adaptations that embrace and extend their use. I’ve long advocated finding user-friendly spreadsheet alternatives.
One of the first adaptations was for application vendors to use a spreadsheet (either a grid format or Excel itself) as a user interface. In these products users seem to be working in a familiar spreadsheet environment, but the interface is tied to an application that has controlled business logic, formulas and workflows, and the data is held in a relational or multidimensional database. This approach can give organizations the best of both worlds: the familiarity of a spreadsheet but in a structure that addresses most of the technological flaws inherent in desktop spreadsheets. Yet this approach isn’t always enough. It is fine for business processes in which a third-party application is the appropriate choice, but in many other situations where people collaborate using the same model, analytical methods and data, a spreadsheet – not an application – is the better choice. Moreover, our research finds multiple reasons why companies continue to rely on spreadsheets. More than half (56%) of participants pointed to user resistance to change, and many others cited a business case that wasn’t strong enough (that is, the benefits of switching did not merit the costs) and a related issue: that alternatives are too expensive.
In collaborative processes where a spreadsheet is the most practical tool, another alternative is a technology developed by Boardwalktech. The company’s Collaboration Platform (BCP) products support a secure, two-way exchange of data between multiple users.
Instead of having to collect multiple spreadsheets through the email system and then combine them, BCP users can automatically share information at the individual cell level when they want. For instance, working offline in a spreadsheet model individuals can enter actual results and evaluate changes to a forecast or plan, playing with whatever what-if scenarios they see fit. When finished, they can connect to the Boardwalktech server and click to share the updated information with others in the organization. Those people will have immediate access to the changed data.
This approach offers advantages to the way most organizations collaborate with spreadsheets. For example, the exchange of data between spreadsheet users is immediate and takes place at the cell level rather than replacing the entire spreadsheet. Thus, unlike when spreadsheets are exchanged through email, updates can be automatic and far more secure. When spreadsheets are connected through a server, contention (that is, two people trying to change the same data at roughly the same time) is an issue. Most server-based spreadsheets (such as applications built on an Excel server) deal with contention by controlling changes at the file or record-object level, employing a check-in and check-out methodology or record locking to control concurrency. This means that an entire spreadsheet or large portions of it cannot be altered until one person has finished making changes. This process can cause substantial delays. In contrast, BCP enables concurrent, multiuser collaboration at the cell level. Especially in larger spreadsheets shared among multiple users, that can cut down on delays in updates and changes because multiple people can be making updates to different parts of the spreadsheet at the same time.
Another attractive feature of Boardwalktech’s approach – especially when compared with collaborating on spreadsheets over email – is that individuals can share only a portion of their spreadsheet (even just the contents of a single cell) with other individuals. Adam, for example, may want to share only a few lines of summarized information from his forecast with Betsy, who needs it to drive some – but not all – of her projections in her part of the business. Adam and Betsy have different spreadsheets with different row and column structures, yet the shared data remains synchronized regardless of the changes they make to their individual spreadsheets. Colleen, a business analyst, may have a complex formula that every other analyst must use, and this formula will evolve over time because of changing business conditions. David and Ed will always be using the same, correct and up-to-date formula in their own, individual spreadsheets that used by others in the organization without having to check for updates.
Boardwalktech offers several prebuilt templates that support inter- and intra-business collaborative processes. For the latter, one area in which a third-party application often is not a viable solution is where analytical models of data and reports must be shared between companies. Cost, implementation times, existing software environments and licensing issues often make that impractical. Browser-based solutions may be more difficult for people to navigate through compared with a spreadsheet, especially if substantial amounts of data must be updated and people need to enter data across multiple dimensions. As well, people in different organizations may use incompatible approaches to modeling that reflect the different needs of their organizations. The ability to share only essential elements of spreadsheets without having to homogenize models and data structures eliminates serious barriers to collaboration. In addition, even within companies these issues can come into play, especially for cross-functional processes or among different business units.
Boardwalktech’s products include configurations for processes where spreadsheets are heavily used today. These include sales and operations planning (S&OP), trading partner collaboration, supply and demand planning and sales and revenue forecasting. For finance organizations the company offers treasury and cash management and tax planning as well as budgeting and planning. There is also a project and portfolio management offering, which can be used by IT organizations, facilities management, R&D and others to plan, assess and forecast projects and project-like efforts. These can be deployed singly or in combination. One of the advantages of implementing, say, a sales and revenue forecasting application along with budgeting and planning is that the sales forecasting can easily tie in with the budgeting, meaning that these top-line numbers, which are managed by the sales organization, can be updated instantly in the budget and at whatever level of granularity is necessary. As well, Boardwalktech’s IT Process Platform allows companies to take any spreadsheet-driven collaborative process and eliminate many of the inherent defects.
In 2013 Boardwalktech had couple of key steps forward with new integration framework using its ‘SuperMerge’ technology and advancements to configuring templates that are used for access and input. Both of which help further embrace and extend use of spreadsheets. For most organizations, spreadsheets are an indispensable tool but they are not always the appropriate technology, especially when used in repetitive, collaborative enterprise-wide processes. It’s important to understand their limitations and not abuse them. In some cases, third-party or internally developed dedicated applications are the right choice. In others, embracing and extending existing spreadsheet-driven processes is the most practical approach. If your organization is currently using desktop spreadsheets for some collaborative business process, it probably is putting up with a host of issues that are the inevitable result of the spreadsheet’s inherent shortcomings. If so, I recommend evaluating Boardwalktech’s collaboration platform.
Robert Kugel – SVP Research
Integrated risk management (IRM) was a major theme at IBM’s recent Smarter Risk Management analyst summit in London. In the market context, IBM sees this topic as a means to differentiate its product and messaging from those of its competitors. IRM includes cloud-based offerings in operational risk analytics, IT risk analytics and financial crimes management designed for financial institutions and draws on component elements of software that IBM acquired over the past five years, notably from Algorithmics for risk-aware business decisions, Open Pages for compliance management, SPSS for sophisticated analytics, Cognos for reports, dashboards and scorecards, and Tivoli for managing all of this in a Web environment. Putting its software in the cloud enables IBM to streamline integration and maintenance, offer more flexible deployment and consumption options and potentially lower the total cost of ownership.
From a competitive standpoint, IRM is an attempt to change today’s highly fragmented financial services software market by emphasizing an integrated approach to managing risk and the often intertwined regulatory compliance. Although in concept this could apply to any risky, highly regulated business, the greatest payoff today is in financial services. IRM focuses the value proposition at a high level in the organization and shifts the objective from a narrow functional or business silo-based approach to a more strategic one. Beyond fully exploiting its applications portfolio, IBM is trying to capitalize on an important trend in global finance: the need to optimize the use of capital to achieve a higher risk-adjusted return on equity than one’s competitors. This has several implications:
- Deploying bank capital in areas that offer the best risk/return characteristics in a way that matches the organization’s strategy. Since business and financial market conditions are in constant flux, optimization must be an ongoing process and the systems that support it must be fast and efficient.
- Striving for fewer “unforced errors” in trading and lending and mitigating the impact when loss situations develop. According to IBM’s tracking of incidents, 45 percent of the biggest losses incurred by financial institutions in 2013 occurred at the boundary between credit and operational risks – an area that unintegrated risk management systems may not be able to track.
- Integrating regulatory compliance into the risk management environment. Our research shows that financial services companies are far more regulated than other businesses. Nearly eight in 10 participants from this industry sector described themselves as heavily regulated compared to 58 percent of government, education and nonprofits, 40 percent of services companies and just 19 percent of those in manufacturing according to our benchmark research on governance, risk and compliance. Today, because the economics of managing financial services business are shaped by a micromanaged regulatory structure, it’s increasingly valuable to incorporate compliance into risk management systems.
More effective risk management will be among the three top strategic objectives of all financial institutions in open financial market systems for the next decade. The ability of these organizations to balance risk and return across their entire asset portfolio in a way that matches their institutional strengths, minimizes avoidable losses and responds quickly to changing market conditions will be a critical determinant for long-term success. The importance of optimizing trade-offs between risk and return in structuring financial institution assets – in daily trading-desk decisions as well as longer-term strategic portfolio ones – reflects a fundamental change in the financial services environment. For the three decades leading up the 2008 financial crisis, capital was relatively more abundant (in the sense that regulators permitted higher leverage), and in a relatively benign, liquidity-driven environment returns were high enough to compensate for mistakes. That has not been the case since the crisis. Rather, returns on capital have been constrained by a systematic deleveraging of financial institutions, increasing regulation and constraints on how these companies operate, especially in deposit-taking institutions. Given the severity of the crisis and its aftermath, it’s unlikely that this stringency will lessen soon.
To be sure, other strategic elements – such as having sufficient critical mass in one or more segments of the capital markets or retail brand equity – will continue play roles in differentiating individual companies’ strategies. In many instances those may be more important than integrated risk management, but the latter will be a capability essential to ensuring the competitiveness of all banking, capital markets and insurance organizations for at least the next decade. As well, the full impact of this sea change has not yet taken effect. In the United States, for example, the fiendishly complex Dodd-Frank Act is still a work in progress. Some of the provisions of new regulations have altered the economics of business and rendered some seemingly plain-vanilla offerings unattractive or even unprofitable. New rules governing risk capital and liquidity (such as the Net Stable Funding Ratio) have yet to go into effect. It now appears that under the Volcker Rule bank executives may be responsible for attesting to their compliance environment. This means at the least that U.S.-regulated institutions must have sufficiently effective enterprise-wide compliance monitoring and reporting that goes a step beyond a plausible deniability standard. As well, over the past five years governments in many developed nations have been coddling the balance sheets of local financial institutions (directly or indirectly) to preserve and/or rebuild their balance sheets. This period is coming to an end, and the pressure on senior executives to eke out even basis-point measures of performance will intensify.
Today, most financial services organizations achieve a unified view of risk and make determinations of how to deploy bank capital by cobbling together information from multiple systems. The process consumes a great deal of employee time, is slow and uses data that is not always trustworthy. While the process integrates data and analyses, it is far from integrated. In today’s environment for financial services organizations, IBM’s challenge is to create a market for integrated risk management largely from scratch. It’s a concept likely to get enthusiastic endorsement at the executive level but then founder on the practical problems of rolling it out – especially in the sort of complex organizations that could utilize it best. Two sets of issues – one related to data and the other to people – are key obstacles.
For the former, IBM is advocating the adoption of an integrated risk platform (IRP) to better address risk management. The platform integrates three broad pieces: A data repository with data management capabilities, a unified risk modeling approach supported by risk information governance to ensure commonality in performing planning and analysis to be able to frame risk policy and highlight issues on an enterprise-wide basis. These must be supported by reporting and other communications capabilities.
Integrating risk data is a significant challenge for financial institutions. Historically, risk data has been collected and managed close to its source. Consequently, financial services firms have multiple silos of risk processes, risk systems and risk data. Our research on information management shows that data fragmentation is a bigger issue for financial services than other businesses: On average, they source data from about twice as many systems as manufacturing and services companies (39% vs. 22% and 19%, respectively) according to our information management benchmark research. On top of that, each part of the business may use different terminology, apply its own rules for quantifying and qualifying risk and have different governance procedures. Those operating in multiple jurisdictions must conform local operations to local regulations but also at parent levels that may be in different regulatory regimes. Thus companies have multiple risk management systems and data stores, each structured for the specific needs of individual business silos. It’s therefore difficult for them to aggregate risk data into an enterprise view in a meaningful way and report on risk in a comprehensive and timely fashion. Similarly, like many businesses, few financial institutions have a unified view of their customer data. Parts of the organization may be dealing with different legal entities of the same organization, and this can have an impact on risk and compliance issues. From both risk management and compliance standpoints, it’s vital that the organization maintain accurate master client data that contains data hierarchies that reflect the structure of the clients’ business.
As for people issues, IBM insists on the need to have an integrated risk management platform and broad, cross-functional compliance management capabilities to support an effective chief risk officer (CRO). Our research finds that two in three (66%) financial services companies have a CRO. Yet this person often lacks a strategic mandate to manage and quantify the full spectrum of risk and returns from front-office risk intelligence, to operational governance processes and strategic capital planning. Instead, the CRO acts as a point person who has responsibility for overseeing a wide array of atomized, silo-based sets of risk management operations. It’s an aggregation of administrative responsibilities rather than a reimagined, integrated approach that transforms what today is a cost-minimization effort into something that promotes long-term competitiveness. To be truly strategic, a CRO must have an accurate, unified view of risk and compliance. It’s essential that financial services companies be able to automate the assembly of this information to facilitate rapid risk management cycles, enable full drill-down and drill-around analysis and increase the reliability the data and analyses while reducing the amount of staff time required to do all of this.
The data and people issues are mutually reinforcing. Support for IRM is essential to developing a truly strategic CRO position for financial services companies. Such a CRO will be able to drive improvements in managing risk and compliance in an integrated fashion that produces data and analyses that are reliable and timely. This approach is necessary to provide more trustworthy risk and compliance information to senior executives to enable them to confidently make consistently good decisions faster. Thus, establishing a more effective CRO role and the systems to support that function will be essential in the industry’s new environment. Having this connection recognized at the most senior levels of an organization is important because absent a top-level mandate for a CRO, the process of achieving a unified view of risk and compliance probably will be painfully slow. And unless they address their fragmented systems and data, financial services companies will find it increasingly difficult to manage risk and compliance well in the challenging business and regulatory climate.
Making major changes to enterprise data structures and making the role of a CRO more strategic are not going to happen overnight. IBM executives are well aware of that, describing the process of getting to integrated risk management as a journey. Fortunately, this is not the sort of initiative that requires a “big bang” to produce results. Data management and data integration efforts can produce measurable results if they are handled in a piecemeal yet steady fashion. Assembling a unified risk management platform can be performed on a step-by-step basis, allowing financial services companies to minimize deployment and disruption risk while developing skills for managing the implementation process. Risk and regulatory management are more important than ever to the success of financial services companies. They should being their journey to an integrated view of both as soon as possible.
Robert Kugel – SVP Research