Second-order derivative
In which the JC has made up some risk-management jargon, inexpertly cribbing from actual terms used in actual calculus, about which the JC knows 0. So, apologies in advance, but don’t be upset if I’ve made a balls-up of this.
|
A warning light does not solve a human error problem, it creates new ones. What is this light for? How do we respond to it? What do we need to do to make it go away? It lit up yesterday and meant nothing. Why listen to it today?
So if an event “ƒ” is an event happening out there in TV land — for example, a customer failing to pay — then in risk management terms the first-order derivative of ƒ is the effect ƒ would have, were it to actually happen in the practical world. E.g., someone in credit or market risk going, “Oh, my days! Oh, my lungs and liver! Oh, my hair’s on fire! Oh, Legal what should I do??!”
This much we all understand. This is part of the ordinary, irrational panic that boils over in any sizeable institution should any of its risk controllers be asked, without sufficient warning, to deal with a situation that appears to require controlling some risk.
The second-order derivative of that function ƒ is more subtle. This is a derivative of the first-order derivative of that function, and it sits in the hands of the management layer. It manifests only in wing-dings and traffic lights on PowerPoints. So, for example, the warning light on a control panel, the RAG status indicator on a management PowerPoint, or the numerical quantity of an item (completed ISDA negotiations); reviewed legal netting opinions) whose quality one doesn’t have the subject matter expertise to assess. The PowerPoint that advises management of a warning light on a control panel that says the main reactor has scrammed because there is a fault in the coolant system and the uranium rods are exposed.
It is at the point of this second order derivative that management might sit up and take notice. But their chief concern will be not ensuring that the coolant system is working, or that the rods are no longer melting down, but that the RAG status on the PowerPoint reporting the light on the control panel has gone back to green.
Operations people deal with actual risks; legal eagles and fellow controller subject matter experts deal with first-order derivatives of those actual risks — what the consequences are if the risk comes about — and middle management and internal audit deal with second-order derivatives, being derivatives of those first-order derivatives of the underlying risk: what the RAG status on the opco dashboard should look like if a NAV trigger is hit; whether the template confidentiality agreement as been reviewed within the six-month time limit arbitrarily prescribed by some policy for the review of standard form legal agreements — that kind of thing.