how data analytics can help risk management
DESCRIPTION
Data analytics in the context of risk management•Background: What is data analytics•Applying data analytics to risk management•Case studies•Closing thoughtsTRANSCRIPT
How data analytics can help with risk management
Darren James, Partner, Deloitte
Thursday, February 24, 2011
Business Risk Management Seminar Series
2010/2011 Toronto sessions
© Deloitte & Touche LLP and affiliated entities.
Discussion items
• Data analytics in the context of risk management
• Background: What is data analytics
• Applying data analytics to risk management
• Case studies
• Closing thoughts
Business Risk Management Seminar Series 2010-20111
© Deloitte & Touche LLP and affiliated entities.
Data analytics in the context of risk management
Business Risk Management Seminar Series 2010-20112
© Deloitte & Touche LLP and affiliated entities.
Opportunity for using data analytics in managing risk
• Explosive data growth means more raw materials
• Innovation in data generation and capture
• Data supports fact-based decision making
• Already used extensively in many areas of business
• Data analytics focusing on risk are primarily used in the areas of credit
risk, anti-money laundering and fraud
Business Risk Management Seminar Series 2010-20113
Data analytics has significant potential to be exploited in the
risk management space
© Deloitte & Touche LLP and affiliated entities.
What will the future hold
• Will boards be asking us to back up our gut feel on risk with hard data?
• Will the C-Suite want to understand the key risk factors and their relative
importance in real numbers?
• Will management have even greater responsibility to foresee future
risks long before they manifest themselves?
• Will data analytics be a core competency for all risk professionals?
Business Risk Management Seminar Series 2010-20114
Data analytics is a business tool that will be pervasive in our
organizations
© Deloitte & Touche LLP and affiliated entities.
Background: What is data analytics
Business Risk Management Seminar Series 2010-20115
© Deloitte & Touche LLP and affiliated entities.
What is data analytics
“A practical definition, however, would be that analytics is the process of
obtaining an optimal or realistic decision based on existing data.”
(Wikipedia)
“Data analytics is the science of examining raw data with the purpose of
drawing conclusions about that information.”
(whatis.com)
“Analytics leverage data in a particular functional process (or application) to
enable context-specific insight that is actionable.”
(Gartner)
Business Risk Management Seminar Series 2010-20116
Data analytics is the use of raw data to produce insights or
conclusions that can be acted upon
© Deloitte & Touche LLP and affiliated entities.
How can we categorize data analysis methods
Business Risk Management Seminar Series 2010-20117
Descriptive Statistics
Exploratory Data Analysis (EDA)
Confirmatory Data Analysis (CDA)
Rules-based
(Human Intelligence)
Supervised Learning
Unsupervised Learning
Inference-based
(Machine Learning)
© Deloitte & Touche LLP and affiliated entities.
What types of questions can analytics answer
Business Risk Management Seminar Series 2010-20118
Future Perspective
What if these trends
continue?
What will happen next?
What’s the best that can happen?
Current Perspective
Where is the problem?
What actions are needed?
Why is this happening?
Historical Perspective
What happened?
How many, how often, where?
© Deloitte & Touche LLP and affiliated entities.
Some sample data analytics techniques are...
• Clustering
• Predictive Analytics
• Association Rule Learning
• Regression Analysis
• Visualization
• Decision Tree Learning
Business Risk Management Seminar Series 2010-20119
© Deloitte & Touche LLP and affiliated entities.
How does data analytics apply to risk management
Business Risk Management Seminar Series 2010-201110
© Deloitte & Touche LLP and affiliated entities.
How can data analytics be applied to risk management
Business Risk Management Seminar Series 2010-201111
Historical perspective
• Error detection and quantification – Targeted analytic applications to detect errors (e.g., business unit reviews or internal audits)
Current monitoring
• Risk Dashboard/Continuous Monitoring – How are we currently doing? What is our current risk profile?
Forward-looking
• Key Risk Indicators (KRIs)
• “What-if” – How will this decision affect our risk?
© Deloitte & Touche LLP and affiliated entities.
Some examples of historical-type questions...
Business Risk Management Seminar Series 2010-201112
• How many stock-outs did we have?
• Which stores were they in?
• What caused them?
• What could have prevented them?
Historical perspective • Error detection and quantification
© Deloitte & Touche LLP and affiliated entities.
Some examples of things we might monitor...
Business Risk Management Seminar Series 2010-201113
Current monitoring • Risk Dashboard/Continuous Monitoring
• How are our stock-outs trending?
• Where do we continue to have problems?
• Where are inventory controls failing?
• What is our current opportunity cost from empty shelves?
© Deloitte & Touche LLP and affiliated entities.
Some examples of proactive questions...
Business Risk Management Seminar Series 2010-201114
Forward-looking • “What-if” and What will happen next?
• Where will the next stock-out occur?
• What if we increase our minimum holding levels?
• What changes do we need to make to reduce the number
of stock-outs?
• What are our optimum stock levels to balance the risk of
stock outs with holding costs?
© Deloitte & Touche LLP and affiliated entities.
Data analytics can enhance our existing KRIs
Business Risk Management Seminar Series 2010-201115
• Develop more sophisticated multi-dimensional KRIs
• Identify KRIs that more closely correlate with desired
outcomes
• More accurately determine the contribution of a given
indicator to overall risk
• Provide a more fulsome picture of risk profiles by
monitoring and trending a more comprehensive range of
indicators
Forward-looking • KRIs
© Deloitte & Touche LLP and affiliated entities.
Data analytics can enhance our early warning capabilities
Business Risk Management Seminar Series 2010-201116
• Components of an early warning system
‒ Sensors to collect data
‒ Systems to accumulate and process the data
‒ Analytics to provide insights from the data
‒ Something/someone to interpret the results
‒ Something/someone to action the interpretation
Forward-looking
• Early warning systems
© Deloitte & Touche LLP and affiliated entities.
Increasing range of sensors creating raw data
Raw Data
Business Systems
Network Systems
Operations
Systems
Security Systems
Surveys
Phone Calls
Video
Business Partners
Social Media
Customer
Data Vendors
Business Risk Management Seminar Series 2010-201117
© Deloitte & Touche LLP and affiliated entities.
An increasing variety of innovative sensors are becoming available
Business Risk Management Seminar Series 2010-201118
© Deloitte & Touche LLP and affiliated entities.
Innovators are developing new sensor deployments
Business Risk Management Seminar Series 2010-201119
The Quake-Catcher Network is a
collaborative initiative for
developing the world's largest, low-
cost strong-motion seismic network
by utilizing sensors in and attached
to internet-connected computers.
© Deloitte & Touche LLP and affiliated entities.
Generating good quality data from sensors
• Text mining
• Audio analysis
• Video analysis
• Entity resolution
• Data enhancement
– E.g. Census data, postal data
Business Risk Management Seminar Series 2010-201120
© Deloitte & Touche LLP and affiliated entities.
Computers are being developed to handle Big Data
• Big Data is a term used for data sets that are too large for existing
standard software to be able to process within a workable time frame
• New computing systems have needed to be developed to handle Big
Data including massively parallel processing (MPP) databases, cloud
computing platforms and data mining grids
Business Risk Management Seminar Series 2010-201121
© Deloitte & Touche LLP and affiliated entities.
Case studies
Business Risk Management Seminar Series 2010-201122
© Deloitte & Touche LLP and affiliated entities.
Large retail bank• Objective:
• Identify high risk branch locations for branch
audit visits
Self Organizing Maps were used to analyse all relevant
data from the client’s national branch network. This
allowed analysis of a broader array of key risk
indicators than usual under traditional approaches
• Data Analysed:
• Financial – P&L, delinquency, compliance,
average holding size, credit quality, portfolio
risk
• Branch Staff Data – turnover, bonus payments,
leave balances, trends and staff demographics
• Customer/Sales Data – number of products per
customer, accounts opened/closed, source of
new customers, account profitability
• Other – suspense account activity, audit
findings, fraud incidents
• Output highlighted outliers within the branch network
and allowed for a purely risk-based branch audit
selection approach
23
Analysis of branch data highlight s behavioural outliers, and helps
direct audit activity. From this analysis, branch 122 had
exceptional characteristics relating to a combination of: higher than
average no. of loans; higher than average loan value ($); large no.
of loan defaults combined with 5 other above average parameters
Further analysis highlighted activity by quarter in relation to
opening new accounts. We can direct audit effort to investigate
into what is driving this behaviour
Bank branch network analysis for audit selection
© Deloitte & Touche LLP and affiliated entities.
Type A - Number of events Type B - Number of events
Large resources companyTraditional safety analytics defined scale of the safety
problem, but lacked insight to why events occurred.
Using a strategic safety profiling analysis we:
• Objectively identified the key factors and behaviors
that impacted safety related incidents and then
designed measurable interventions to minimise
safety risk
• Used the profiling model to predict the most likely
next person(s) at risk to get hurt
Data Analysed:
• Permanent records, Payslips, Leave history
• Rosters (including FIFO), training history / results
• Performance reviews
• Access card history
• Injuries sustained / near misses / hazards
• Severity of injuries
• Equipment involved
• Location of event
• Weather observations at time of event
24
Type A staff are almost eight times more likely to have
suffered a safety event. Impact is 240% more severe than
average, exclusively male, 20% older than average, unionised
and residential at the mine site. Tend to get hurt in the
beginning of their roster (1st or the 2nd day), through an object
causing them harm and have not completed a required safety
training unit.
Type B staff are six times more likely to have suffered a safety
event with an impact almost 300% more severe than average.
Their accidents are expensive tending to be sprains or soft
tissue damage. In contrast to type A, these employees
generally get hurt on the 7th day of a 7 day roster – just before
they roll off.
Safety analytics diagnostic
© Deloitte & Touche LLP and affiliated entities.
Closing thoughts
Business Risk Management Seminar Series 2010-201125
© Deloitte & Touche LLP and affiliated entities.
Closing thoughts
• Data analytics requires innovative thinking about sourcing data and
identifying sensors
• Data analytics is as much, if not more, about asking the right questions
as it is about the mathematical contortions going on behind the scenes
• Data analytics can be applied to more aspects of risk management than
just credit risk, AML and fraud
Business Risk Management Seminar Series 2010-201126
© Deloitte & Touche LLP and affiliated entities.
For more information
If you would like more information about Data Analytics or how Deloitte
can help your organization, please contact:
Business Risk Management Seminar Series 2010-201127
Darren James
Partner
Enterprise Risk
416-601-6567
© Deloitte & Touche LLP and affiliated entities.
Next Business Risk Management Series session
Session 7:
Internal audit – Ensuring strategic relevance
Date: Thursday, March 10, 2011
Venue: Toronto Board of Trade
RSVP: [email protected]
Business Risk Management Seminar Series 2010-201128