Dangerous games

Working out how far risk management had yet to be developed in the legal sector used to be easy. As a rule of thumb, law firm risk managers would look at the processes being employed in the banking and accountancy sectors and then try to emulate them. When it came to managing risk, bankers and accountants were usually regarded as being light years ahead.

Nowadays, the picture is a little more complicated. Though the accountancy profession is as yet unscathed, 2008 proved that bankers, at least, were anything but aware of the true magnitude of the risks they were running. The sophisticated technologies and processes they had in place to mitigate risk actually seemed to have the opposite effect. Complacency regarding their ability to manage risk may have blinded them to the dangers.

In large part, this was because financial institutions collectively failed to recognise one of the biggest drivers of their risk: that the aggregate effect of their individual risks mattered. None of the institutions operated entirely independently because they all relied on the same money markets. The risk profile of any one institution therefore had an impact on the risk profile of the rest. Excessive risks taken by some saddled entire markets with a heavy burden, which ultimately led to catastrophe for everybody.

Risk management mechanisms that should have identified the dangers were either ignored or inadequate for the task, as Lord Stevenson, former chairman of HBOS, admitted in his testimony to the UK’s Treasury select committee on 10 February. He said: ‘It’s a fact that very carefully arranged risk management systems were developed… which regrettably did not spot scenarios coming up that have come up. Stress testing did not stress test adequately.’ Clearly, the idea that the financial sector had some bulletproof approach to risk management was a chimera.

To read the rest of this article subscribe to Legal Business.