Risk Management Agenda: 9 Steps to Success in '09

Amidst the Turmoil, be Sure to Manage Your Institution's Risk - and Your Own Career
Risk Management Agenda: 9 Steps to Success in '09
OK, welcome to the first full work week of the New Year.

Holidays are over, 2008 is behind us, everyone is back at work this week. What's on the agenda?

Following is a list of seven key priorities - your Risk Management Marching Orders for 2009.

1. Be Ready for Change. And lots of it, given the year we just experienced with the industry, marketplace and some of our largest institutions changing drastically. Change will happen in a moment's notice. No longer can a banker think that change is measured in months or weeks. Now expect it to happen overnight, or even in hours. It won't be easy, but be ready to be nimble and quick on your feet to meet the challenges.

2. Be Ready for Regs. Your compliance team has to be ready to shift and roll with regulatory changes that we know are coming with the new Administration. This includes audit teams and board member briefings on the changes that are going to be happening within the industry after the dust settles and the new administration begins its work. Remember that your regulators won't only be reviewing your practices, but will also look to see if you've got stringent processes to review the companies and vendors your institutions does business with. (The biggest breaches in the recent past occurred not at institutions but at their vendors.) Key words of the New Year: Vendor management.

3. Restore Your Customers' Confidence. Don't argue about how the subprime mortgage crisis is not affecting your institution, or that you weren't the cause of it. The damage is done, we're all impacted, and so now you've got to have a plan to fix it and fast. Build the confidence because everything hinges on this one thing.

4. Shore up Your Business Practices. Review and audit everything. Make sure there are no holes in your risk management approach. You need to build your business, you need those depositors, and in this new landscape the battle of 2009 will be about who has the most deposits. The frenzy of marketing your product lines will begin now. It's either attracting and keeping depositors, or lining up behind the other institutions in the TARP lines at Treasury.

5. Watch for the Insider Threat. With all the whirl of changes going on, M & A activity and the rest of what's happening with regulatory changes and other events, don't take your eye off what matters inside your institution. You are a target, don't forget it. During drastic times, a disgruntled, downsized employee may try to take advantage of the opportunity and with their pink slip take with them valuable data. Tough times don't build character, remember; they reveal it. You might not like some of the characters you employ when you see how they respond to financial stress.

6. Know Your Business Partners. It gets back to vendor management, but beyond information security processes. At the same time you're reviewing your own business practices, check on those you're depending on for your bottom line. Unless you do check, those at the other end may be at the same ethical level of Mr. Madoff. Who wants to explain that relationship to the board?

7. Follow Your Own Best Instincts. Forget following the Wall Street risk management best practices. Take a page from community banking institutions. Go back to your father's old risk management tomes and look to take a back to basics approach. This approach is working well for some of the most successful independent banks and credit unions in the country. Yes, it is hard work, but nobody said it would be easy.

8. Manage Everyone. This means you cover your bases and manage up, down and even sideways. Communicate clearly every step you're taking with shareholders, senior managers and your board. If you're the person on the board or one of them responsible for attesting to the institution's financials, let regulators know everything when it happens. Learn from the mistakes you saw played out very publicly in 2008. And remember: When a knife is falling, it's a lot easier to catch a knife by the handle than trying to catch it by the blade.

9. Manage Your Own Career. Keep your skill sets sharp. No one cares about your future more than you do. In these times of economic uncertainty, your job may be in question, no matter where you are or how much experience you have. Be ready for anything to happen, and if it does occur, then you won't be caught by surprise.

About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.