29. Risk measurement and reporting Flashcards
(30 cards)
Describe how the risk identification ‘brainstorming’ approach can be extended to obtain a subjective assessment of risk exposure
Subjective assessment of risk exposure
- Estimate probability and severity of each risk separately
- Assign a number from the scale 1-5
- The product of probability and severity=> ranked 1-25
- Allows risks to be ranked and prioritised
- Carried out with and without possible risk controls
How can a model be used to assess a risk event/exposure?
- Distribution assigned to both Frequency and severity of a risk event
- Define an event (e.g. 25% fall in equity price over a year) AND
- Use historic events to calculate a probability distribution for that event
- Alternatively - Frequency of the event could be defined and used to determine the loss parameter
- Decide stochastic vs deterministic model
- Availability of data=> Influence which model is used and this is
- Important when considering rare events
What the different ways of EVALUATING risk?
5
SRC
- Scenario analysis
- Stress testing
- Stochastic modelling
- Reverse stress testing
- Combined stress and scenario testing
What steps should be involved in a scenario analysis to evaluate operational risk?
4
- Group risks into categories. Involve input from senior individuals
- Develop a plausible adverse scenario of risk events for each group of risks, which is representitive of all risks in the group
- Calculate the consequences/costs of the risk event occurring for each scenario. Involving input from senior staff.
- Calculate the total costs of all risks represented by the scenario
- (Scenario analysis quantifies severity but not prob of scenario)
What categories may operational risk be divided into for the purpose of scenarios analysis?
6
- Fraud
- Loss of key personnel
- Mis-selling of financial products
- Calculation error in the computer system
- Loss of business premises
- Loss of company e-mail access
What is stress testing? How is it used in market risk? What is it designed for?
- Deterministic method of modelling adverse event over a period of time
- Commonly used to model extreme market events but can be applied to other risks.
- It models the impact of event, but not probability
In relation to market risk:
* It involves subjecting a portfolio to extreme market movements by:
1. by radically changing the underlying assumtions and characteristics
2. Change asset class correlations and volatilities
Designed to:
* Identify weak areas=> investigate effect of localised stress situation
* Different combinations of correlations + volatilities => Impact of major market turmoil=> all parameters
* Ensure consistency between correlations while they are stressed
A provider of unit-linked investment bonds has constructed a model to investigate the stress scenario of a sustained reduction in equity market values.
List factors that would need to be built into this model
7
The model would need to allow for the impact of the sustained reduction in equity market values on:
* Income received from fund management charges
* Persistency of existing bonds
* New business volumes
* Regulatory capital requirements
* Value of shareholders’ interests
* Probability of any gurantee biting
* Other economic conditions=>interest rates, inflation + investment returns on other assets
What is reverse stress testing?
- Construction of a severe stress scenario
- Only just allows the company to continue
- To fulfil its strategic business plan
- Financial or non-financial
- Although extreme, MUST BE PLAUSIBLE
How can a stochastic model be used to evaluate a particular risk?
- Variables that give rise to risk => treat as RV with probability distributions
- Model must be dynamic- with full interactions and correlations between variables
- Model run to determine amount of capital to just avoid ruin
- With a given probability
A stochastic model used to evaluate risk may become impractical to run.
Outline three approaches to limiting the ideal scope of a stochastic model in order to make the model more practical
- Restrict the time Horizon that the model projects
- Limit the number of variables that the model models stochastically
- Carry out a number of runs each with a single different stochastic variable
- Followed by a single deterministic run using all the worst-case scenarios together
Why can the phrase 1 in 200-year event be misleading, in relation to risk and setting risk based capital requirements?
- Misleading to non-experts
- If the risk event has just occurred=> will occur again in 200 years
- Rare events in practise such as stock market crashes are occurring more frequently than the assumed probability indicates
- 1 in 200-year combined event not the same as combining individual 1 in 200 year events
How does the overall capital requirement relate to the individual capital requirements of a group of risks?
- Fully dependent=> Overall cap = sum of individual risk cap
- Fully independent=> Overall cap< sum of individual risk cap. Under certain assumptions: Overall risk is square root of sum of squares of individual risks
- Partially dependent=> Overall cap requirement< sum of individual cap
- The difference is the diversification benefit
What are examples of likely correlations between risks?
- Inflation risk = expense risk
- Equity markets inverse to inflation rates
- Equity market falls= higher withdrawal rates on unit linked savings products
- Operational risks correlated to other risks
- Longevity risk strongly negatively correlated to mortality risk
List three methods for aggregating partially dependent risks?
- Stochastic model
- Correlation matrices
- Copulas
What is a correlation matrix and how can it be used in the assessment of risk?
- Specifies the correlations between all pairs of individual risk factors being modelled
- The aggregated risk will combine the individual risks in a way which will reflect the diversification benefits between the individual risk factors
What is a copula and how can it be used to model risk?
- F(Marginal CDFs)= Joint CDF
- Method of calculating joint probabilities of risk
- e.g P(R_Bonds>L,R_Equity <M)= Joint probability
- Different copulas are used to describe different degrees of dependence between RV
- Including dependence in the tails of the distributions
- USEFUL for modelling tail risk=> Capital requirements for extreme events
How can liability risk be measured?
- Analysis of experience- A / E
- NB consistent classification and measurement of the risk event+ exposure to risk
What is Value at Risk (Var)?
- Maximum possible loss
- On a portfolio
- Over a given time period
- With a given degree of confidence
- Absolute amount or relative to a benchmark
What are the disadvantages/drawbacks of using VaR as a measure of risk?
3
- Calculated assuming a normal distribution of returns. NOT TRUE IN PRACTISE
- VaR can be used with a different distribution. Data is sparse particulalarly in the tails=> difficult to fit accurate distribution
- VaR does not quantify the size of the tail=> loss might be past VaR confidence level
What is tail VaR or TVaR?
- Expected shortfall below a certain level, given that shortfall has occurred
- e.g. if average loss on the worst 5% of possible outcomes is 5 mil, then the TVaR is 5 mil for the 5% tail
What is a risk portfolio and describe the contents of it?
- Means of categorising the various risks to whcih the company is exposed
- E.g. Risks may be divided into Financial (credit, liquidity, market, business) and non-financial (operational and external)
- For each risk=> likely severity + probability
- This may be done through a brainstorming approach
- subjective assessment on a scale of 1 to 5 for each risk
- Product=> idea of relative importance of the various risks
- Extended to explain how each risk was dealt with
- Avoided
- Accepted (and amt capital to support)
- Diversified => revised assessment of remaining combination of risks
- Mitigated=> revised assessment of risk remaining AND
- where internally or by transfer
- The assessment carried out with and without risk controls
- Retained risks=> Details of control, risk owner, need for management, reassessment of value and risk controls, identification of concetrations of risk and related actions
- Regular production and update of risk rigister can help business to:
- Understnad better
- change over time
- identify new risks
- determine appropiate controls systems
Why is regular risk reporting important within a business?
FRAUD CRIME
- Financing
- Rating agencies
- Attractive investors
- Understand better
- Determine appropriate control systems
- Changes over time
- Regulator
- Interactions
- Monitor effectiveness of controls
- Emerging risk identification
Explain why, if risk is being managed at the enterprise level, it is necessary to have a coherent system of risk reporting across the whole enterprise.
- Each unit given risk exposure allocation
- Benefits of diversification rely on each business unit taking on exposure allocated
- Necessary each unit report on exposure they are taking on
- NOT done in a consistent way= more capital required
What are the two modelling steps of the determining the amount of capital to hold?
- A model used to determine risk event at the required level of probability
- Stochastic model used to determine this
- Second model=> determine the consequences/ costs of the risk event determined
- Deterministic model likely to be used
