A New Approach to Risk Management

Andrew Gray, DTCC’s Group Chief Risk Officer, explains why building resilience is essential to protecting against risk

As head of DTCC Core Businesses Management for 5 years, Andrew Gray witnessed and helped respond to the evolution and transformation of risk management. As he moved into his new role as Group Chief Risk Officer in 2015, he brought a unique perspective to the job.

“My experience running our SIFMU businesses shaped my understanding of risk and gave me insight into just how complex, diverse and broad risk has become in recent years,” he said. “In the past, risk management primarily focused on credit, market and liquidity risk. But today, financial institutions are vulnerable to a much wider variety of threats. In response, we need to have a holistic view of risk and a consistent approach to measuring and managing it across multiple risk types.”

As an example, Gray cited interconnectedness risk, an area of significant importance to policymakers globally because of the potential for financial contagion that can occur due to the failure of a critical interconnected entity or service. Gray explains that DTCC’s role as the centralized infrastructure for the U.S. capital markets demands that it understands the risks that arise from its clients and key entities to whom it is connected or reliant upon for essential services, such as settlement banks, clearing banks and other financial entities, as well as the clients of their clients.

“We can no longer restrict the scope of our risk monitoring to what happens within our own four walls,” Gray said. “Firms have to understand the impact of exogenous risks as well if they are going to successfully protect against the array of risks they face.”

This new way of thinking has prompted a transformation in the remit and responsibilities of risk managers – a point Gray emphasized during his keynote speech at the annual SIFMA Operations Conference last year. In his remarks, Gray also explained that firms need to think about the unthinkable and take a more forward-looking view that will enable them to place greater emphasis on mitigating extreme but plausible risks.

“Risks are coming at us more quickly and with greater complexity than ever before,” Gray said. “We need to be better prepared to manage a wider range of systemic risks – and that begins with expanding and evolving the traditional risk management framework to keep pace with these changes.”

For Gray and his team of risk management professionals at DTCC, the key to successfully mitigating risk lies in building resilience – a top takeaway from DTCC’s most recent systemic risk white paper, which focused on interconnectedness risk. It’s a unique twist to the traditional approach to risk management, but Gray believes it is essential in an environment in which the financial system is more open and interconnected than ever before and in which breakdowns are inevitable. As recent history has demonstrated, a systemic shock in one part of the world has the potential to ripple across the entire system very quickly.

“Measuring and analyzing risk will always sit at the heart of risk management, but we also need to expand our capabilities to detect problems sooner and recover from them faster,” he said. “And just as important, we must learn from these events so that we are all better equipped to withstand potential systemic shocks in the future.”


Agostino CapponiAssistant Professor and member of the Institute for Data Science and Engineering at Columbia University

“The recognition of the expanded risk environment and DTCC’s approach to meeting its challenges constitutes a base for risk management in today’s interconnected ecosystem. DTCC’s efforts to identify and quantify those interconnectedness risks in the global financial marketplace provide useful tools for regulators and the industry.”