Credit risk is a crucial financial consideration for companies of all shapes and sizes. Organizations aren’t going to thrive if they can’t rely on customers to pay what they owe, can’t depend on their supply chain to move materials and components in a timely manner, or fear for the stability of their banking partners.
It’s a timeless topic, but with many new wrinkles, as today’s technology tools make a world of information and powerful analytics capabilities available to credit managers. To learn more about how companies today are managing the myriad credit risks they face—and to identify opportunities for improvement—Treasury & Risk undertook the “2016 Credit Risk Management Survey,” sponsored by Moody’s Analytics.
Conducted this summer, the survey received responses from 110 professionals who work in treasury (43 percent), finance (40 percent), risk management (10 percent), or line-of business management (6 percent). They hail from businesses of all sizes, across a wide swath of industries.
What we found is that counterparty credit risk is, indeed, top-of-mind for treasury and finance teams. More survey respondents said they are very concerned about currency volatility or about third-party payments fraud, but credit risk is not far behind. Nearly two-thirds of respondents (63 percent) said they are either concerned or very concerned about the credit risk posed by their organization’s trading partners and/or financial counterparties. That makes credit risk a more pressing concern than interest rate risks (about which 38 percent are concerned or very concerned), commodity price volatility (39 percent), or payments fraud perpetrated by employees (28 percent).
Drivers of Credit-Risk Concerns
A major driver of corporate anxiety about credit risk is that many of the surveyed companies have large exposures to a few specific businesses. When asked to rank seven different sources of credit risk, in order, on the degree to which they’re causing concern, more than a quarter (26 percent) of respondents chose credit risk of a few large companies, to which we have a lot of concentrated exposure as their number-one issue. Another 31 percent rated this option second or third. Just 10 percent of respondents rated the alternative scenario, credit risk of a large number of companies, to which we have smaller exposures, as their top concern. Most of those do business in either retail/distribution or the technology sector.
Along the same lines, the survey shows that more treasury and finance professionals are losing sleep over customers failing to pay at all than over customers paying slowly. Forty-three percent of respondents—many in retail/distribution, telecommunications, and transportation/logistics—rated customer non-payment among their top two concerns, while only 26 percent gave the same rating to customer slow payment. (See Figure 1.)
Corporate treasury and finance professionals are afraid that a single large customer will fail to pay. They worry that problems at a crucial supplier or distributor might wreak havoc with their supply chain. And they fret that if a financial counterparty failed, they might lose capital or lose access to credit. These concerns are justifiable. Any of these events could have significant ramifications for the bottom line of companies up and down the supply chain.
What, then, are survey respondents doing to mitigate the credit risk they face?
To start, almost three-quarters of companies represented in the survey (73 percent) are managing the credit risk posed by their customers. This is good news, considering that 38 percent identified either customer slow payment or customer non-payment as their single most important credit-risk concern. Customer credit risk management is common across all industry sectors, although businesses in financial services and real estate/construction are somewhat less focused on mitigating exposures to customer credit issues than are companies in other industries. (See Figure 2 on page 2.)
Our survey also indicates that the vast majority of companies in the energy, real estate/construction, technology, and telecom sectors proactively manage the credit risk posed by their banks. This makes sense, since respondents from these industries also showed the most concern about the chance that one of their financial counterparties might fail. Half of telecom companies, and 40 percent of businesses in transportation/logistics, ranked loss of access to credit in the event of a financial counterparty failure as either first or second on their list of primary concerns. In addition, almost a third (29 percent) of tech companies, and 20 percent of those in the energy industry, gave first or second billing to loss of capital in the event of a financial counterparty failure.
Companies in the manufacturing, energy, and tech sectors are most likely to actively manage the credit risk of their suppliers. This gibes with the fact that 40 percent of respondents who work in manufacturing, and 30 percent in the energy industry, rated supply chain disruption in the event of a supplier/distributor failure as one of their top two concerns. Organizations in the retail sector are a bit more likely than the typical company to manage credit risk for their distributors, but a bit less likely than average to do so for their suppliers. Among companies that do manage distributors’ credit risk, almost all (87 percent) also proactively manage suppliers’ credit risk.
Finally, a little over one-fourth of all respondents (27 percent) said their organization manages the credit risk posed by its partners in joint ventures and other business partners. The companies most likely to do so are those that are most concerned about loss of capital in the event of a financial counterparty failure, as well as those most worried about customer slow payment and about the credit risk of a large number of companies, to which we have smaller exposures.
Tools and Techniques for Credit Risk Management
Participants in the Treasury & Risk survey use a variety of tools and techniques to analyze the credit risk of their trading partners and counterparties. Almost half consolidate data centrally from all business units companywide. Exactly half have financial analysts examine trading partners’ or counterparties’ financials, and even more generate an internal risk score or credit rating. Many survey respondents also run scenario analyses on the possible effects of external events on their trading partners or counterparties; use predictive analytics to project the future behavior of trading partners or counterparties; and/or use other statistical modeling tools to project future payment behavior. (See Figure 4, on page 3.)
Although nearly two-thirds of respondents (63 percent) said their company uses an external model from a rating agency as part of its credit-data analysis, a quarter (26 percent) use a market-based external model, and 12 percent use an econometrics-based external model. Just over half (51 percent) use an internal model driven by expert judgment, and 45 percent use an internal quantitative model.
Businesses that use an internal model are more than twice as likely to consolidate data centrally, and are nearly four times as likely to generate internal credit ratings, as are companies that use either a market-based or econometric-based external model. Likewise, companies that use internal models are more likely to use scenario analysis, and nearly four times as likely to use predictive analytics.
The companies represented in our survey use data from fairly predictable sources to populate these models. Three-quarters use credit reports from credit bureaus. Seven in 10 use their trading partners’ or financial counterparties’ SEC filings and financial statements. And nearly that many (69 percent) include in their credit analyses their organization’s internal data on transaction history, such as a customer’s payment history with the company doing the credit analysis.
Sixty-one percent of survey respondents said their company uses credit risk scores developed by a third party to estimate the probability of default. More than half (51 percent) of represented organizations’ credit-analysis processes incorporate bank references; 38 percent include industry or geographic data from a third party; and 32 percent use external data on the trading partner’s or counterparty’s transaction history. Several respondents also wrote in additional information sources that their organization uses, including insurance companies, industry credit associations, and unaudited financials for the data underlying credit-related decisions.
Where Credit Management Authority Resides
One of the largest determinants of the credit risk management tools and techniques that a particular company uses is which group within the organization has responsibility for corporate credit management. The most common structure described in the Treasury & Risk survey gives credit management to a centralized corporate treasury function. That’s how 41 percent of all organizations are structured, including 53 percent of manufacturing companies and 50 percent of businesses in the retail/distribution sector. The companies that operate in the largest number of countries are also the most likely to use a centralized treasury function for credit management—including 45 percent of organizations doing business in 10 or more countries, and more than two-thirds of companies operating in five to nine countries.
Overall, the second most popular location for credit-management responsibility is within a separate corporate credit department. About a third of survey respondents have a corporate credit function. This option has the most traction among the largest organizations, as well as in the transportation/logistics sector (80 percent) and among financial services firms (40 percent).
In 10 percent of all companies—including 20 percent of those doing business in only one country—credit management resides in a corporate financial planning and analysis (FP&A) function that falls under the purview of the corporate CFO. In contrast, 13 percent of survey respondents said their organization gives credit management responsibility to decentralized treasury functions within the business units. Additionally, several survey respondents reported that their companies use other solutions, including outsourcing credit management and placing credit management in an enterprise risk management (ERM) function.
The companies that have a corporate credit department are the most likely to generate an internal risk/credit score (78 percent, vs. 50 percent of other businesses) and to have financial analysts examining the financials of organizations they do business with (70 percent, vs. 43 percent of other companies). Corporate credit functions are also most likely to consolidate all credit data from across the organization (61 percent), followed closely by companies in which a centralized treasury team handles credit management (58 percent). Just 22 percent of other companies consolidate credit data from all their business units. (See Figure 4, below.)
Interestingly, the companies that are most likely to use scenario analysis to project the effects of external events on their credit counterparties are those in which credit management is handled by decentralized business units, followed by companies in which corporate treasury handles credit management. Organizations in which credit management resides with FP&A are not any more likely to engage in predictive analytics—and are actually less likely to run scenario analyses—than are other businesses. However, FP&A functions are more than twice as likely to use other statistical modeling tools to project future payment behavior.
While not statistically valid, it’s worth noting that the one organization represented in our survey that outsources credit management uses all of these techniques.
Credit Risk Analysis Refresh Cycle
Across all companies represented in the Treasury & Risk survey, 16 percent refresh their counterparty credit analysis once a month, and 8 percent refresh even more frequently. Businesses that consolidate all their data centrally, and those that generate an internal risk rating, are most likely to refresh more than once a month. Two in five companies that use predictive analytics (42 percent) refresh their analyses monthly, compared with 13 percent of companies that don’t use predictive analytics. In contrast, 37 percent of all survey participants said their company refreshes credit analyses only once a year, and 11 percent perform a credit analysis only once for each organization; they do not monitor on an ongoing basis at all.
The majority of companies that have a corporate credit function (57 percent) update credit analyses on an annual basis; only 17 percent of these organizations refresh monthly or more frequently. Annually is also the most common refresh cycle for organizations in which decentralized business unit treasury teams handle credit management (33 percent of these companies).
But in companies where centralized treasury has responsibility for them, credit analyses are most likely to be refreshed quarterly (35 percent), monthly (14 percent), or more frequently (10 percent). And in companies where FP&A manages counterparty credit, 72 percent update their credit analyses quarterly or more often.
What Is Limiting Credit Management Effectiveness?
The survey also asked respondents to rank the degree to which different issues limit their organization’s ability to effectively manage credit risk. On a scale of 1 to 5, where 1 means “does not affect” and 5 means “severely impairs,” close to a third of respondents (28 percent) rated insufficient modeling capabilities—i.e., analytical accuracy either 4 or 5. These problems with analytical accuracy are egalitarian. More than any of the other challenges we identified, insufficient modeling capabilities cuts evenly across all industries and all degrees of complexity in organizational structure (see Figure 6, below).
That isn’t to say all companies struggle equally with all aspects of data analysis. Twenty-nine percent of respondents rated lack of analytical and quantitative resources to build a model as either 4 or 5 on the scale of limiting risk management effectiveness. But analytical and quantitative resources are especially problematic for organizations that proactively manage the credit risk they face from their banks (31 percent of these respondents rated lack of analytical and quantitative resources to build a model either 4 or 5) and/or business partners (33 percent). And among organizations that are gravely concerned about losing access to credit in the event of a financial counterparty failure, 55 percent gave either a 4 or 5 to lack of analytical and quantitative resources to build a model.
Even more challenging for the organizations represented in the survey is a lack of standardized financial data—i.e., data accuracy, missing financials. Among all respondents, 44 percent assigned this issue a score of 4 or 5. As might be expected, standardization of data is most problematic for companies that consolidate data centrally from all business units companywide; 74 percent of these organizations gave high-impact ratings to lack of standardized financial data, compared with only 44 percent of companies that do not consolidate data centrally. This challenge also becomes more problematic the more complex the organization becomes. Sixty percent of respondents whose company operates in 10 or more countries cited lack of standardized financial data as severely impairing their ability to effectively manage credit risk.
Another data issue, insufficient ability to identify and manage counterparty dependencies—i.e., data governance, received a score of 4 or 5 on the limiting-effectiveness scale from 29 percent of respondents, although very few (3 percent) rated it “5 = severely impairs.” Data governance is most problematic for companies that use statistical modeling tools to project future payment behavior, and for companies that refresh their credit analyses on a monthly basis; 40 percent and 45 percent of these businesses, respectively, rated insufficient ability to identify and manage counterparty dependencies at 4 or 5.
The issue that is problematic for the largest proportion of survey respondents is lack of access to private company information—i.e., data availability, coverage. A quarter of respondents rated this problem a 5, and more than two-thirds (68 percent) gave it either a 4 or 5. Meanwhile, less than 3 percent rated it 1 or 2. Private company information is most problematic for manufacturing (79 percent rate it 4 or 5) and transportation/logistics companies (75 percent). It’s a particularly notable challenge for all organizations in which customer slow payment is a leading concern; 80 percent of these respondents ranked lack of access to private company information either 4 or 5.
The final two issues pose the least challenge, although each was given a score of 5 by 3 percent of survey respondents. Turnaround time for credit reviews/approvals—i.e., workflow is considered a serious barrier to efficiency (rated 4 or 5) by 22 percent of all respondents. Its impact is especially acute in the financial services and energy industries, while it has almost no impact on respondents in the services and manufacturing sectors.
Constantly changing counterparties or inconsistencies in counterparty exposures and limits received a score of 4 or 5 from 17 percent of respondents overall. Among companies that do not consolidate data centrally, 22 percent gave changing/inconsistent counterparty information top billing, compared with only 13 percent of companies that do centralize credit information. Not surprisingly, changing counterparty information is a top issue among 33 percent of companies that perform credit analyses only at underwriting, without continuing to monitor on an ongoing basis.
Credit Risk Management Best Practices
What can companies learn from this research about how to improve their credit risk management processes? An obvious place to start is by reconsidering the model their data analysts use. Survey respondents from companies that rely on a market-based external model were more likely to select “severely impairs” to describe the impact on their credit risk management of every single challenge they were asked about. In contrast, companies that use internal models are less likely to be impacted by the challenges identified in the survey.
In addition, companies should look hard at consolidating corporate credit information in a central location. Although respondents who said their company consolidate[s] data centrally from all business units companywide are much more likely to consider lack of standardized financial data a serious problem, they are less likely to face the other challenges identified in the survey—in many cases by a differential of more than 10 percentage points. For example, a lack of analytical and quantitative resources to build a model inhibits credit management success (rating of 4 or 5) in 34 percent of companies that do not consolidate credit data centrally, compared with 19 percent of companies that do. Similarly, respondents whose companies fail to centralize credit data are more likely to feel their ability to identify and manage counterparty dependencies [is] insufficient (33 percent, vs. 25 percent of companies that do centralize data). They are also more likely to feel that constantly changing counterparties or inconsistencies in counterparty exposures and limits have a serious impact on their credit risk management capabilities (22 percent, vs. 13 percent of companies that centralize data).
As they consider consolidating credit data, companies looking to improve their credit management should also think about centralizing those responsibilities within the corporate treasury function. Across almost every issue addressed in the Treasury & Risk survey, respondents in companies where credit risk is managed outside of corporate treasury were more likely to identify the problem as severely impairing their ability to manage credit risk. (See Figure 7.)
This discrepancy is particularly acute in terms of workflow and data governance. In companies where corporate treasury handles credit management, 15 percent gave insufficient ability to identify and manage counterparty dependencies a rating of 4 or 5—so problems managing counterparty dependencies either impair or severely impair credit risk management among 15 percent of these companies—compared with 38 percent of companies in which a different function manages credit risk.
Finally, companies that want to bulk up their ability to mitigate the various credit risks they face should reconsider the frequency with which they refresh their analyses. Among survey respondents whose businesses update credit analyses only annually, 33 percent believe their modeling capabilities—and so their analytical accuracy—is insufficient. That number drops to 22 percent among those that refresh credit analyses quarterly, and to just 9 percent among those who refresh monthly.
There is no silver bullet for credit risk management, no solution that optimally fits every diverse business’s management of the risks presented by each of its counterparties. But our research indicates strong correlations between organizations' ability to minimize the impact of specific problems on credit management effectiveness, their consolidation of companywide credit data, and their centralization of credit management activities within corporate treasury. Organizations looking to make better credit decisions should give these correlations careful consideration.
Meg Waters is the editor in chief of Treasury & Risk.