Banks and other financial institutions always operate in an uncertain environment, and, between business challenges and regulatory constraints, risk management is a major part of what they do. Increasingly, executives in charge of risk need to think creatively about these issues. Creativity enables managing risk as the volume of information and innovation in the industry exceeds human abilities to manage it. Breaking free from traditional thinking in a highly regulated environment is a challenge, but it can definitely be done and can be liberating and energizing for teams that achieve it. In this Leaders episode, Shelly Liposky will talk about her experience using creativity to solve specific challenges in her role as a risk management executive, moderated by Chana Schoenberger, Editor-in-Chief of American Banker.
Transcript:
Chana Schoenberger:
So I have with me here today Shelly Liposky, who is the global head of business risk and solutions at BMO capital markets. Thanks for joining us, Shelly.
Shelly Liposky:
Thanks for having me.
Chana Schoenberger:
So just to kick us off here, can you tell your story briefly? How did you get where you are in your career?
Shelly Liposky:
All right. So I started in the industry doing mergers and acquisitions and then moved into COO roles. And now, as you said, lead our global business risk and solutions team here at BMO. The mandate of our team includes a bunch of different risk areas, including trade floor supervision, compliance, anti-money laundering, operational risk and resilience, and then some newer types of risk like algorithm and automation, risk and ESG risk. I'm not sure I could have planned my career path and most us come to that conclusion at some point. But I've learned a lot from the diversity of work and collaboration with colleagues across capital markets, wealth, retail businesses, jurisdictions, and in the lines of business. So I think that I think I'm wired to get excited about building and fixing and leading teams that help our businesses grow. And that's really been my career to date.
Chana Schoenberger:
So you're an M&A banker by training, which is the hardest of the hardcore.
Shelly Liposky:
Some would say.
Chana Schoenberger: Definitely. Okay. So what are some of the big problems that banks are facing today in terms of business risk?
Shelly Liposky: So I think there are four things. There's the business context vulnerabilities that we're exposed to, our ability to manage risk and then the glue that holds all of those things together. So when I think about the business context, from a finance perspective, we've got margin pressure, we've got competitive pressure. We're trying to offer innovative value added products and services to our clients in an integrated way, through channels that they want. Right. So we're doing that in a dynamic market, economic and geopolitical, and also with extreme competition for high performing talent. So that's the context that we're all operating in. The vulnerabilities that that presents. I think the biggest one is an incongruity of risk-taking versus the ability to manage risk. So if you think about the sophistication of our businesses using AI, using machine learning, developing products that are at such a fast pace, the interconnectedness has never been greater.
Shelly Liposky: Our teams have never been stressed, I think, with as much change as they're facing today. And we have to have the ability to see the real risks and be able to manage them. And so the question is, are we sophisticated enough to do that? Are we at the level of sophistication to manage risk as our risk-takers are, and I would say we have to be more sophisticated to manage risk, and then we're doing all of that on aging infrastructure, manual processes, right. And resilience and cyber being required. So I think those are our vulnerabilities operating in that business context. And then, and then how do we manage that risk? Right. So we have this business context, if we're going to, I like to say we're gonna drive fast and take chances. We, in order to increase profits, then we're going to have to have the right airbags and the right guardrails.
Shelly Liposky: And the ability to see around the bend and then the ability stop on a dime when something's happening. Right. So just a really different way of managing risk than traditionally we have done in this industry. So what does that look like? We have to have a laser focus on our business priorities. We have to understand our processes and sure we have effective controls in place, and then have some ability to predict when losses are likely so that we can get ahead of them and prevent them. So the business context, the vulnerabilities and the ability to manage risk all has to hang together. And I kind of picture in my head this three-dimensional cube that has you know, all of our board and governance committees and structures on the top face. On the front face it has all of our policies and procedures and frameworks and guidelines. And then the side face that connects to both of those is our execution of processes with the right controls, aligned with those control documents and supported by systems with evidence of, you know, to regulators and everybody else that needs to see the governance. And that's, it's hard to make that all hang together. Right. But if we are going to operate in this business context with these vulnerabilities and manage risk, it all has to hang.
Chana Schoenberger: I'm just picturing a Rubik's cube that you twist.
Shelly Liposky: Right. Probably this isn't as sexy as that, but important nonetheless.
Chana Schoenberger: Right. There are just so, so many risks, what you were saying about integrations and tech and stuff. One of our editors interviewed a bank executive who said in 50 countries where that bank is operating, I want to say, they have something like 38 different tech stacks. Right. And they all have to, and that's not even an unusual story, right? Pretty common.
Shelly Liposky: Right. Well, in the tech stacks, even you have you know, version one, version, two version three of the same systems. Oh yeah. We're not at that version yet. It's complicated and interconnected for sure.
Chana Schoenberger: Yeah. That is a lot. So this brings us to this interesting project you did, the OLI project. Can you tell us about it, how it came into being and what happened?
Shelly Liposky: Yeah, so OLI is our operational loss intelligence tool. As I said, operational risk is one of the areas I'm responsible for and in my past roles as a banker or COO, I would have these interactions with operational risk. It's always backward-looking, right? An event would happen. Somebody would write it down on a piece of paper that would end up in a PowerPoint deck with a red-amber-green status on it, and would talk about it three months later in a committee meeting. Right. And it's very painful to have to go through that process. And it's a very backward look. And so when I became responsible for operational risk, I thought, well, there's gotta be a way to be forward-looking to be predictive, especially with the technology that's available today. And so the problem I was solving for was getting predictive, being able to anticipate or predict when losses are likely so that we could change the behavior that causes that to happen and ultimately prevent the loss.
Shelly Liposky: So we created OLI. OLI is a machine learning, a series of machine learning models that ingests internal and external data, that generates then a signal, which is a percent likelihood of an event happening on a given day. Signal below a threshold, you do nothing with. Signal above a threshold, you can provide a specific behavioral prompt to change behavior. So we see in trading and operations and payments really anywhere where people are executing a manual step in a process, we see people make mistakes. We see a process break, we see a system fail. And so when we know there's a higher likelihood of that happening, we can prompt an actor in a process to change their behavior. In trading, we might have a trader that makes an input error, forgets to book a trade or miscommunicates. And that can happen in, at the client, in the trading, on the trading desk or in operations.
Shelly Liposky: So now we know why those losses happen, and if we can predict the days when they happen, instead of telling traders or operators, "Be careful, be careful, be careful," which is what we've been saying for years. And they go, "Yeah, yeah, we're trying." We say, "Today, you have a higher risk of an event happening, slow your input, clear your queue, confirm your communications." So that's the very specific prompt that you get. And you can do that for fraud with clients, you can do it in operations, any really anywhere there are people making mistakes. That's how OLI was working.
Chana Schoenberger: So how does, how does that work? Right. So I'm a trader. I sit at my desk, I talk to clients all day long. They ask me to place trades. I place them. How is my risk different from one day to the next?
Shelly Liposky: So if you think about the factors that are at play, we talked about the context we're operating in. We talked the vulnerabilities. There are an infinite number of variables that move on a given day. They could be market driven variables. You could have changes in volume, you could have changes in rates. You could have changes in a lot of market ergonomic factors, but you can also have, it could be Super Bowl Monday. It could be the World Cup. It could be Thanksgiving. You know, it could be, I'm tired because, you know, I have six kids at home and I'm, you know, whatever the person's thing is that is affecting them that day. We don't know that, but it's a factor in their ability to absorb a change in a process or be able to think and pivot and pay attention to a detail that they might not pay attention to.
Shelly Liposky: And so what OLI is looking for is those factors, what have we learned about when mistakes happen or when losses happen and the factors that contribute to that? So you could say trader makes a mistake, input, input, error, and you say, why did that happen? I don't know, I just, there was so much going on. There was so much volume and we say, Hmm, why was there volume? And maybe the VIX changed and that changed the volume on that desk. They're just, you keep going concentric circles away and you find that there are usually a handful of factors that can move collectively in a certain way that contributes to an error happening on a given day on a given desk, in a given jurisdiction, same for process, right? A process can break because certain things happen. Certain factors are moving a certain way and our little brains could never analyze the vast terabytes of data required come up with when there's a higher risk, that's what you need machine learning to do. And that's what OLI does for us. It's finding those patterns and alerting us so that we can alert the actors in the processes.
Chana Schoenberger: So for instance, you had told me when we discussed this, a story about a, it was a process involving, I think, foreign exchange, where you got the clients to actually behave differently. Do you want to tell that story?
Shelly Liposky: We talked about it on the fraud side, I know. On the client side, yeah. We can have, if you think about, I think I used the example of a coffee bean provider right? Or coffee maker. Right. And so the coffee maker is going to send 10 million to a coffee bean provider, some in some country. And so every month, somebody from the company logs into a portal, a payment portal and says, I wanna send 10 million to, or 10 million of a certain currency to a certain beneficiary. And it's muscle memory. They go in every month, 10 million X currency to this company. What they don't do is look at the 17 digit account number, because we just don't do that even personally. Right. We just know if it's the currency, the name of the beneficiary and the amount should be okay, but fraudsters will either in some way change the account number through business, email compromise, or hacking or some other way, they'll change the account number.
Shelly Liposky: And so they've already routed the funds to go somewhere else. But as a client, you're just going in and saying 10 million, certain currency to the name of vendor, but you're not looking at the account number. So now your fraudster has your money and they're somewhere sunny and warm. So using OLI, we would anticipate that we would be able to identify when certain clients have a higher risk of fraud so that we can yell at them through the portal when they only, when they log in to send the payment, "Hey, you have a higher risk of fraud today. You must check your account number, like don't, or the beneficiary number. Don't just look at the name, don't just look at the currency, make sure those funds are going to the right place. Right. So that's changing client behavior, right? And on the process side, I can really get excited.
Shelly Liposky: I'll never admit it. I guess I did just publicly, but about, you know, about process, right? I mean, we think about the metadata in processes, right? We can pull metadata out and that metadata is the number of steps in a process, the number of handoff points, the number of the asset classes that flow through that process, the currencies, the flow, the jurisdictions, I mean, types of controls, types of systems, all of that comes out as ones and zeros and numbers that go into a model. Couple that internal process data with terabytes of external data and other internal data we have, we can probably, and we're working on this right now, identify which processes, steps and processes controls have a higher likelihood of breaking when they're stressed, right. When certain factors happen, that stress, that process, if you know that, and you know, you're growing that part of your business now, you know where to invest, 'cause we can't straight-through process. Everything is too expensive. Right? So these having this operational intelligence helps us to not only prevent loss, not only change behavior, but it helps us to actually operate our businesses more efficiently and aligned with business growth.
Chana Schoenberger: So, how do you think about what to automate versus what should be done by humans when you're re-engineering a process there are the people to think about, but then there's also efficiency and then there's the cost of the programming.
Shelly Liposky: Yeah. The automation of I think about it as human plus machine. We should have machines crunching numbers. We should have machines analyzing. There's arguably --machines can think, but not use judgment. They're not going to be able to explain. So if you think about the continuum of activity that we do, we have, you know, people pulling information out of a system, typing it into an email, adding names to the to field, putting a subject line in and hitting send to do monthly reporting, right, about risk or about any other topic. Machines can do all of that. Right. And then what people can do is look at the trends in the data, add judgments, add conclusions about what's the impact of what we're seeing on our business and how should we be adjusting in order to manage our risk better.
Shelly Liposky: But what we hire people, what we have hired people to do in the past is cut, paste, pull data, send it, write it in a deck. It's the very, it's the things that machines can do. Right? Control testing is another thing that we can have bots do control testing. Compare what should be happening to what is happening. If that matches, no action. If it doesn't match, let us know. Right. And do that every day or three times a day or every month. But those are things that can be automated. So, on our, on our algorithm risk work, we are thinking about, the first bid for that work was five heads, right? Well, we ended up with two heads and having the machine do most of the monitoring and kick out alerts, but have the people actually read the code and think about an algorithm coded to do something that our people are not allowed to do.
Shelly Liposky: A machine's not gonna be able to do that. That requires thought and judgment, right. Is an algo coded to collude with another algo? Right? A machine's not going to know that. Right. So you need to have people when you're building, when you're buying, when you're changing algorithms, people need to be doing that thinking. Right. Whereas machines can be doing the scanning and the alerting. Right. So when I think about what to automate and what not to automate, it's really when you get to that middle of the continuum and you're using, starting to use judgment in explaining, that's when you want to have people doing it. Anything below that, to the extent you can automate it, it's going to free up capacity and generate more time for people to actually do the thinking. And the real risk management.
Chana Schoenberger: Right. Is an algo coded to discriminate, for instance. A person would have to know that.
Shelly Liposky: A hundred percent. Right, right. That's thinking.
Chana Schoenberger: Right. Computers can't quite think not, not quite yet. I wanted to talk also about creativity, which is really the headline of this session. People don't usually associate creativity with risk management. Risk management is about being very buttoned up, very CYA, trying to make sure that you don't make a mistake. Or if you do make a mistake, you fix it, or don't get caught. And as applied to banks, I think most people associate it with voluminous processes, which are boring, generally annoying, involve a lot of trainings that people would rather not do. You're talking about it in a very creative, design-thinking sort of way. So how does that work?
Shelly Liposky: So, you know, I keep going back, we talked about the business context vulnerabilities, you know, the risk, how we manage risk. When we think about creativity, just to be clear, you know, it's not finger painting and tie dye, , you know, this isn't art camp, right. We're actually trying to think differently. We're trying to use bottoms-up innovation, have quick decisions, execute and get results. Right. And those results need to be aligned with business priorities. That's what we're, when we say creativity, that's creativity in this context. Right. It's, and we'll talk more about how we, how to achieve that, I think a little bit later on. But you think about, even when we were talking about Ollie, there was a problem. We had an idea, did a proof of concept, created a plan, executed the plan, measured results, it's aligned with our business.
Shelly Liposky: Right. So having an idea that you can't execute, as we said before, doesn't it means nothing. It doesn't add value. So how do you get to those ideas? And I think that's creating a culture of curiosity and that's something that's seems very fluffy. So make it a little more tangible. And if you can start with asking why, why, why, why, why? Right. We want kids not to do this, but really we need adults to do this. Right. We need people to ask why and go upstream in a process, for example. And think about this. If you ask why when something's broken or when there's a risk that you're trying to mitigate in front of you, if you ask why and you go upstream, why, why that, why is that broken? Well, what about that? You end up going upstream in that process.
Shelly Liposky: Now you can fix one thing upstream that has a downstream impact of fixing 10 things in the branches downstream, or you can spin up 10 different projects. If you don't ask why you'll spin up 10 different projects to fix the 10 downstream branches. Right. So creativity and asking why and thinking differently and being curious has a real business impact. It can help us to be more efficient. It can help us to get to a better root cause and solve, you know, manage risk more efficiently, I think. Another strategy, and I live by this and I think it's very liberating in the mind, is using zero based design and asking ourselves if it was your company, how would you do it? Right. So many times, we feel like we're constrained by these big banks, in our big financial institutions and other industries as well, that are regulated.
Shelly Liposky: And we don't ask if it was our own company, you know, how would we do it? And so typically we might say, well, let's try to do it 10% better. That's an old big-bank model. Let's try to do it 10% better. But if you asked yourself, if it was our own company, how would we do it? We would probably say, oh, I wouldn't do any of that. I'd do it completely differently. A hundred percent better. And so if you marry the two and you overlay the constraints of in financial services that a company might have, you might get 50% better. Right. Well, that's a heck of a lot better than 10% better. Right. And all you're doing is asking the question. If it was my own company, how would I do it? Right. So by asking why, and by asking if it was my own company, how would I do it? You get really tangible results. And I think, and that's what we've done and it, you know, our team, I think it's been very, very impactful to start thinking differently.
Chana Schoenberger: It's interesting because in both the financial services industry, and of course, in news, in media, there's been a lot of M&A, and what happens when you have acquisition and you integrate them and you start operating as one company is you have all of these legacies, you have legacy systems, legacy infrastructure, you have legacy people who have been taught to do one thing, and now need to be told they have to do something totally different. And, you know, everyone has a story about working at a company where you log on to one of the internal systems and what flashes for the URL is the name of a predecessor two and three integrations back because it's never been changed, or working with a system, and you say, why do we still have this? Well, we have it because we're on a contract from three integrations ago. So it's, it's hard to think about, you know, there's, what would I do if I were the owner of this company, thinking like the principal agent, but then there's also the reality is not just of budget, but of sunk costs and sort of sunk efforts. How do you get around that?
Shelly Liposky: There is, yeah, I think there is, but I also think that there is some of that, and sometimes you just can't change, but I would say 80% of things can change. We just never asked the question. Right? Some people, you know, you have people, you hear people say, to your point, why do you, why are we doing this? Oh, oh, we have to do it, got this. We got this audit finding, we have this regulatory thing, you know, you're like, oh really? When was that? Oh, 1972. You know, you're like, what? Right. You find out that it's so long ago, it's completely irrelevant. We don't even have that business anymore. Why are we holding onto these, you know, things? And so again, that's asking the why questions, but then also I think giving people per mission to let go is I do think that sometimes folks are afraid that, you know, everybody comes to work, wanting to do a good job and, and in this space wanting to manage risk.
Shelly Liposky: And I think we need to say, you have permission, you have authority to stop doing this. Really, I can stop doing this? Yeah. What's gonna happen? Nothing. You'll get 16 hours back in your day. If you stop, you know, and give people permission, that they have the authority to make the decisions on what is valuable and value added and what is not. And then put protocols around, of course you vet any big changes, but a lot of these are smaller changes that add up to pretty big changes. OLI was an example of that. When we were talking about getting forward looking, you know, my leaders said, fix it. I said, we shouldn't be doing this. And I was animated about it. This is a waste of time. And they're like, so fix it. I was like, yeah, you know, let's fix it. It's exciting. And when people give or given that authority, like I said, it's pretty, it's pretty energizing.
Chana Schoenberger: So how do you deal with the trader who is annoyed with the alert flashing up on his screen every time he's at a higher risk day?
Shelly Liposky: I think it's across the board. Whether it's a trader, whether it's somebody in operations, payments, wherever it is, there's work to do to refine the signal, to make it as meaningful as possible. Right. And there is work to do that. And we continue to work at that in all the models that we're running, because the inputs are always changing, right? So for one desk, a threshold or one operations group or group, whoever it is, one group of people, the threshold could be 50%. And if there's a 50% signal, we prompt people to change the behavior. If there's not, then we don't. On another desk, it could be 35% right. On another desk, it could be 70%. Right. And the more data we had, some of the groups say, well, it really matters who's off the desk.
Shelly Liposky: Right. And so we tried to bring in some leave data. Another group said, well, issuances matter for us. And so we tried to bring in issuance data. When we look at the fraud space, I mean, there's so much external data that impact about clients, products, jurisdictions, that we have to bring in that it takes time to refine the signal and make it meaningful. And, no doubt about it, that takes time. And we have to partner with the folks whose behavior we're trying to change these processes. We're trying to change in order to make that meaningful. If there are too many alerts, it's not meaningful. If there are too few, it's not meaningful. If it, the alerts are too generic, what we're prompting them to do behaviorally is too generic. It's not meaningful. But it's hard to find the sweet spot. And so partnership with whoever the actors are in the process is critical to making it work.
Chana Schoenberger: Is there something else you can do with this technology? Is there a way to turn this into a trading algo? It sounds like you are bringing in a lot of different signals and making a decision one way or the other.
Shelly Liposky: Yeah. There's so much you can do with it. It's, you know, the intent is to manage risk, um, and to prevent loss. Um, but you know, I was talking to, as, as you know, this is something that we're offering to clients. Now, I was talking to clients and peers in the industry and the whole process process model is probably one of the most, um, talked about model that, that, um, that I have seen. And it's because we really don't have information about our processes. You know, there's a lot of stuff that people come to work and do every single day. Um, and, and we don't, sometimes they're not even documented when they are documented. What does that mean? Right. What do we do with that, with that, with those, uh, process maps or flows, um, and where do we spend our money? Every single year, every bank in the industry, every financial institution has a limited budget, is growing their business and needs to spend on people processing systems.
Shelly Liposky: So there has to be better information available to make those decisions. And so actually the process model is something that has been talked about a lot. But also if you think about other applications, you know, and if you think about a contact center or call center, I was talking with one, one group of folks and they were saying, you know, we just get hit with calls and we don't know what happened. And then we find out that there was a new product launch that we didn't even know was coming. And when it launched, you know, it directed people to call. So we get hit and we don't have the staffing support. And so, right. You know, that's communication in some ways, but being able to map scenarios of the impact of a new product launch on a downstream system or a downstream group of people, that's valuable because then you can staff properly, right?
Shelly Liposky: You can see the relationships between trading desks and operation groups, and know that if flow on a trading desk increases, then we need to make sure we have enough people available in operations downstream. We can then see what the relationship is between the volume across trading desks in operations groups. And instead of hiring people to sit around and wait for the volume to increase, we can cross-train, right? And then you're not having bodies sitting around. You're able to redeploy staff, which is much more efficient, right. But we never had that information before. So a lot of uses of being predictive for sure, in the way we run our business.
Chana Schoenberger: So someone from the audience wants to know how many banks do you think, understand the need for data management and analytics? I'm guessing the answer is very few.
Shelly Liposky: Well, I think that, I think that many banks understand that there's a need. I think folks are trying to figure out how to do it. We go back to the context we're operating in, you know, we're operating on old infrastructure. So how do you take terabytes of data or even more? I mean, all the value, just so much data sitting around our organizations, our banks, we know we need to do something with, we probably know it's there, but we don't know how to get it. You know, we don't know how to get, we don't know how to normalize it. We don't have the infrastructure to make, in a cost-effective way, to make that happen. And then even when you have the data, putting tools in people's hands, we have the tools. We might not have the people that know how to use the tools.
Shelly Liposky: Well, that's a talent change. It has to happen. Then when you make the talent change. So now you have the data and you have the right people and you've given the right people, the tools now they need a place to play, right? So now they need, you know, I don't even like the word sandboxes, cause it's so old, but really a cloud environment where they can play around with data, drive insights, save it because they only have an hour or something a day to do it and then come back to it. So now we've got another infrastructure album. So I think, I think there's an understanding that data and analytics can help, but being able to operationalize that in the current infrastructure that our industry has been built on, it's a challenge in our, you know, that's why you see fintechs, right. In the evolution of fintech. Right. But it's a challenge. And I think that in partner with, there's a lot of innovation labs and a lot of partnerships going on across the industry. And I think that will drive the ability to operationalize what I think folks have like understood as a need around data and analytics.
Chana Schoenberger: So how do you get yourself and your organization to think differently about problems?
Shelly Liposky: Yeah. I think that leaders have to model it. I think we talked before about problem idea, proof of concept plan execute measure. Right. So how do you get from problem to idea? You ask if it was your own company, how would you do it? Right. You ask why that that's the first step in getting people to think differently. Then when you go problem idea to proof of concept. Well, you're not gonna do a proof of concept on everything because we don't have the bandwidth do that. So there's gotta be a methodical process to review opportunities, validate alignment with the businesses, um, do the proof of concept quickly and either fail fast or move on, take it to the next step. If you take it to the next step. Now we're into, we went problem, idea, proof of concept.
Shelly Liposky: Now we're into the planning, right. And that's the planning, the people, the process, the roles, the systems, the communications, stakeholder alignment ,to get ready to execute. Really tactically speaking, open up a spreadsheet, put a list of verbs that have to be done, right? Put names next to the verbs and put dates next to them. Right. If you don't have that, if it's a PowerPoint deck, it's not gonna be executed, it's gotta be action, verbs, names, dates. right. And nobody's too cool to plan, right? You and I were talking about this before, you know, the best coaches in sports, the best military leaders, most accomplished people plan, right. It's required to generate, and be able to operational ideas. And now your problem, idea, proof of concept, you've got a plan and now you have to execute.
Shelly Liposky: And that requires laser focus, end-to-end ownership. No bandwidth, you know, for people that are the idea people or the thought leaders, you know, we've moved beyond that, I think, in the industry, to doers. And so we've gotta get to execution mode there. You will do that if you have a plan and then measuring the outcome. So how do you get your organization to think differently about problems? It's giving them the authority and the culture to think about if it was their own company, how would they do it to own innovation, bottoms-up. Innovation doesn't come top-down. It comes bottom-up by the doers in the businesses today. And then create structure that enables them to go from idea to proof of concept, to plan, to execute and then measure.
Chana Schoenberger: No, that makes a lot of sense. I love the idea of Excel equals execute. Can't do it with a PowerPoint deck. Exactly.
Shelly Liposky: Yes, yes.
Chana Schoenberger: Right. Yeah. Okay. If you're a leader of another organization, say you don't run a bank, you run something else. Is there a way to think about this that isn't strictly in the regulatory sphere?
Shelly Liposky: Oh, absolutely. Everything that I've just said applies across. I think it across industries, I mean, doesn't matter if you're in a, take healthcare, take government, take a fintech, take a less mature company to a more mature company. I think that structure still holds. Is there a business problem we're trying to solve? Yes. Do we have an idea? Yes. How do we get the idea by asking, if this was our own company, how would we do it? But bringing the other thing is bringing diverse groups of people together, right. We're not gonna generate ideas by having everybody that looks and thinks the same in a room. Right. And so you, we have, you know, I think about my team and what it has become, you know, we've got people from all industries, all ages. We've got people who think differently, who can code, who can write, who can do architecture, who understand the detail of products, who understand just all walks of life ,in the team.
Shelly Liposky: And so, if it was my own company, that's the kind of team I would want. When a problem comes up, I would want to bring that team together and know that I don't want to have to call a vendor every time I need to solve a problem. We can bring a diverse group of people together. And because it's a diverse group of skills, knowledge, and talent, we can solve problems. So I think for, I think the structure holds across industries. And I think it holds across businesses within financial services. Even sometimes we think, oh, well, that's a capital markets thing, oh, that's a wealth thing. That's an asset management thing. It really isn't. The structure holds.
Chana Schoenberger: Great. Okay. We have another question from the audience: in your experience, what area of a company do you feel is the riskiest and should be automated first?
Shelly Liposky: Good question. I actually almost want to separate those two because automating things creates capacity for us to manage risk better. Right. So I think that that where we're taking the most risk, we should free up capacity to manage it, right. And that capacity might not come from that area that's taking the risk. We might need 10 heads in a trading desk, or we might need 10 heads in wealth or in operations, where we have a very complex product that is a mix of manual and automated processes. There are a lot of moving parts with that process. And so it's very risky and if it goes wrong, which is a good question to ask, what's the worst thing can happen if something goes wrong, I would want to spend a time managing risk there.
Shelly Liposky: It doesn't necessarily mean that we wanna automate that thing. It just means that I need, may need more bodies available to help manage risk in that risky area. Right. And so I might need to, if either I'm gonna hire more, 10 more people, which is costly, or I can automate something over here that is actually less risky, but sapping 10 heads. Right. And so by automating that thing over there, I'm actually freeing up the heads to manage real risk over here. Right. So I almost wanna separate those two, you know, if it's really clear and you, and there is a high risk area that can be automated. Sometimes we see processes that can handle a lot of volume, like electronic trading, millions of trades going through a day, the systems and processes were built to handle that. But they weren't built maybe to handle bespoke trades. And so a process that's handling bespoke trades, if that process starts getting a lot of volume, that would be very risky. Right. And so you might wanna look at some automation, but it's not, I don't think it's as black and white as sometimes we think, and freeing up capacity is critical. Right.
Chana Schoenberger: Definitely. So what's next for you? What's the next thing you're gonna take on in a creative way?
Shelly Liposky: Well, I think that I may have mentioned this process work. Just pretty exciting. Just because it impacts everything. The ability to stress figure out how to stress our processes is critical. In this environment of cyber and resilience, we've never had to think about before, we probably should have, but, you know, if some cyber attack brings down a utility grid, what would we do? You know, like that we're in this geopolitical environment right now that's forcing us to think differently. We never would've thought about the working from home for two years during the pandemic , you know, and so, it's prompting us to think differently about how we can apply automation. We're digitizing voice. So we used to have people listen to voice recordings, for regulated employees, what a horrible thing to have to do.
Shelly Liposky: You know, we can digitize that voice and there are machines that can tell us, based on our configuration, when we have a conduct issue. We can then take that digitized voice and marry it with our internal transaction data. We can marry it with our loss data, our event data, we can marry it with external data, and now we get a holistic view of our potential conduct issues we might not have seen before, right. Because the machine is crunching all that information. I think third parties, if we think about, you know, we're responsible for the execution, think about before our organizations used to execute our processes end to end. In the age of outsourcing and using third parties, we've taken chunks of those processes and we've given them to vendors to do. Right. And so I hear people say, well, we've given this chunk of this process, outsourced it to a vendor. And they're making the same mistakes that our people used to make. Right. Because the process hasn't changed, we've just lifted it up. We have another group of people doing it. And so I think that third party risk management is something we definitely need to be thinking differently about, and applying the same predictive and preventative measures there. And the other thing that I was gonna say, and I lost it, so I might have to come back to it. I'll let you move on.
Chana Schoenberger: Okay. That was really my last question. So that's a great end to this.
Shelly Liposky: The other thing that I would, if I can just jump in, the other thing that I would say about, you know, some of the participants today might think, you know, how can, what can I, as a leader in my organization, do you know, to make some changes, um, and think differently and, and drive change. And I think I would just say a couple things there, and that is to model the behavior that you want to see. You know, if we're asking people to ask why, let people ask why and ask why yourself, right? And using zero based design, make people think about what would they do if it was their own company and model that like verbally out loud yourself, "It's my company. Would I be doing this?" Second thing I think is focus on where you're going to get the biggest return, can't automate everything. Once we begin to, for example, reduce operational losses that can create capacity, financial and human capacity, to do more work and automate more, being methodical, solving problems with people closest to the problem. And then failing fast, I think, are the kind of top five things that I've learned throughout the work that we've been doing. And, if I could leave folks with those five, I think that would be helpful.
Chana Schoenberger: Great. Wonderful. Well, thank you so much, Shelly. I really appreciate you coming on with us today, to the Leaders Forum, and that's it. I hope you'll all join us next time.