ARCLogics Sword Blog

In Financial Services we are all familiar with the idea that the financial system is so interdependent that the failure of a relatively small firm has the potential to cause larger failures and, possibly, complete meltdown of the system. There is a general principle at work here, that of tightly coupled networks. Basically, this says that if a network is highly efficient, redundancy has been removed and therefore an apparently insignificant failure in one location can lead to a total failure. One of the classic cases of this was the electricity blackouts experienced in North America in 2003, as a result of the failure of apparently unimportant nodes in the grid.

This same concept can be applied to business processes within a global financial enterprise. As financial services organisations become more highly organised and (hopefully) more efficient, redundancy is removed. The question is, where should redundancy be retained, and how do we identify when lack of it might become a threat? Risk managers identify individual risks in business processes across the organisation and put controls in place to mitigate them. The difficulty is that risks are usually managed in silos across the organisation, so the correlation between, say, credit risk and liquidity risk may not be known and won’t therefore be controlled. Even within a silo, there is rarely much attention given to the inter-relatedness of risks. And correlation also applies to controls; if a control fails or is not run this may have an impact not just on the related risk(s) but on other controls as well. There can be several consequences of this, all of them undesirable: in the best case scenario, the impact and likelihood of risks may be underestimated and the ability of controls to mitigate those risks may be overestimated, in the worst case risks are not recognised at all and are therefore completely uncontrolled.

I have blogged before about the EU’s MUSING project and one of the key benefits that MUSING aims to deliver is in this area of correlation. How does this work? Firstly, MUSING uses ontologies to describe the risk management domain. The use of ontologies has the advantage over simple Object Oriented domain modelling in that it has a logical inference capability that allows us to model not just the relationships between elements (e.g. risks and controls) but the rationale behind those relationships. Once we have that information, we can start to assign quantitative information to those relationships and, here, bayesian networks can help us not just to understand and measure the impact of correlation but to model it on an ongoing basis. By combining this technology with an enterprise-wide view of risk and its mitigation, financial services organisations can start to understand the impact of tightly coupled networks in their business processes and ensure that it is managed.

Mike MacDonagh

I have spent the last two days at a meeting of the Governing Body of the MUSING project (www.musing.eu). This EU project is dedicated to investigating ways “to integrate Semantic Web and Human Language technologies and combine declarative rule-based methods and statistical approaches for enhancing the knowledge acquisition and reasoning in Business Intelligence applications towards industries with a deep socio-economic impact”.

What this means in reality is a group of academics, technologists and business people combining leading edge research and practical experience in projects that will result in the building of a platform that can be deployed in real businesses and, most importantly, to deliver real business value. I will write more on this in the coming weeks but the key areas of interest include:

- Semantic-based Knowledge Management - taking unstructured data in different forms and using new techniques to turn this into data and thence into knowledge. This has links to the drive towards the Semantic Web, aiming to exploit the vast amount of unstructured information on the internet.

- Ontology Engineering - is a key element of the ability to understand unstructured information. Ontologies allow us to describe the kinds of entities that exist in a domain and to describe the relationships they have with each other. This goes further than an XML schema or a data or class model, in that it represents what we know about a domain and not just that entities are related but the reasoning behind those relationships.

- Bayesian Statistics -  in the real world, most situations involve a mixture of qualitative and quantitative information and the use of Bayesian analysis and Bayesian networks enables us to bring these together in more effective ways, in order to arrive at a more accurate view of the real world around us.

So what does this mean for Risk Management? - well rather a lot. The issues that we are addressing in MUSING can improve our ability to manage many of the key elements of Risk Management:

- Risk Identification - it can be the risks that are missed completely that cause the greatest damage. Semantic methods, linked to well defined ontologies can play a major role in improving the identification process.

- Risk Assessment - risk assessment is often not quantitative and, where it isn’t, these techniques can be used to find the key assessment data from a wide range of sources and bring them together more accurately than currently possible.

- Loss Management - loss data comes in a wide range of forms; formal and informal, quantitative and qualitative, structured and unstructured, internal and external. The MUSING technology will help to find more information and to make better use of the information that can be found.

- Risk Mitigation  - in the same way that Bayesian networks can be used to assess correlated risks, they can also be used to make sure that the benefits gained through mitigation of one risk are reflected in correlated risks.

- Key Risk Indicators - the ability of Bayesian analysis to help us find the correlations between apparently unrelated data and then measure its significance is sure to prove of great value in avoiding risk events.

Mike MacDonagh