Risk management has come under the microscope of late, and clearly new thinking is required.  Recently Andrew Haldane of the Bank of England reflected to the weeks and months that it took to work “stress test” models within banks and how that is clearly unacceptable.  He described stress testing as being less “regulatory arbitrage” and more “regulatory camouflage”. (my post summarising Haldane)  (Haldane – BofE pdf)

The Deloitte Center for Banking Solutions has a new report out that focusses on providing for an integrated approach across the enterprise.

Integrated Compliance and Risk Management Rethinking the approach

Unprecedented market turmoil in the industry has compelled financial institutions to rethink their existing compliance and risk management programs, many of which have failed to keep pace with evolving levels of risk. As a result, financial institutions are taking a critical look at how they manage compliance and risk to gain a better understanding of how their institution is impacted by the dynamic risk environment of a global financial community.

I think this is a great start.  The thinking will need to then focus on the methodology that will accommodate the other factors that Haldane spoke of, ie, disaster myopia, network externalities, and misaligned incentives.  These are important because current risk models do not adequately address those factors for most organisations.  This gets into the methodology that will have greater chance for success and that will operate at the speed and alacrity that the real-time world requires.