Big news in risk management this week as UBS released a report to shareholders describing the situation that has led to roughly $37 billion in write-downs so far related to the company's subprime exposures (see articles in Reuters , Forbes , the Wall Street Journal , and BusinessWeek).

Overarching causes described in the report are not surprising; control failures, an overly aggressive focus on short-term growth, and excessive risk taking are among the high level issues addressed. Also in the report, however, are scores of more detailed explanations of control failures in more than 20 different categories. Specific problems on the list include:

• Gaps in risk management expertise
• Failure to respond to wider industry concerns
• Lack of comprehensive Subprime risk assessment
• Complex and incomplete risk reporting
• Inadequate systems (related to infrastructure investment)
• Lack of strategic coordination
• Asymmetric risk/reward compensation

The list goes on, providing a substantial study guide for risk managers and auditors on problems to avoid. And because of the unfortunately massive losses due to these failures, the report also offers a bit of cost justification support for your new, broad risk management initiatives.

Update: added link to the UBS report