9.6 Introduction to Risk Management Flashcards
Risk exposure
the quantification of sensitivity to a certain risk
For example, banks have assets and liabilities that are sensitive to interest rate risk.
It is possible to measure a bank’s exposure to interest rate risk by modeling the impact of a 1% change in the yield curve on its net income.
Risk exposures are dynamic, so they must be continuously monitored.
The risk management process
involves setting an optimal level of risk exposure, measuring the actual level of risk exposure, and making any necessary adjustments to reach the target level
the objective of risk management is to minimize the uncertainty of the impact of unpredictable events.
A risk management framework
the infrastructure, process, and analytics needed to effectively manage an organization’s risk exposures
A risk management framework should include the following key factors:
Risk governance
Risk identification and measurement
Risk infrastructure
Policies and processes
Risk monitoring, mitigation, and management
Communication
Strategic analysis or integration
Risk governance
This is the top-level system of structures, rights, and obligations.
It is normally done at the board level, led by a risk management committee that is tasked with overseeing the company’s risk exposures and providing an enterprise-wide perspective on risk management.
Risk identification and measurement
This makes up the main quantitative core elements of risk management.
All of an organization’s potential risk exposures should be assessed qualitatively and quantified as accurately as possible.
Risk drivers should be identified to help model changes in risk exposures under various scenarios, including periods of extreme market stress.
Risk infrastructure
This includes the people and systems needed to assess and quantify risk exposures.
Improvements in technology have allowed for greater sophistication and precision in modeling risk.
The appropriate amount of risk infrastructure will vary among companies depending on their size and the nature of their activities.
Policies and processes
The overall vision for risk management is established by the risk management committee.
This vision is implemented with policies and processes that govern day-to-day operations.
Risk management policies and processes should be integrated into business activities.
Risk monitoring, mitigation, and management
This is the most important part of the risk framework and also the most difficult. It is an active process that must be continuously reviewed.
Responsibilities of governing body (i.e., risk management committee) include:
Providing risk oversight
Determining organizational goals, direction, and priorities
Specifying risk appetite or tolerance (i.e., which risks and levels of exposure are acceptable)
Enterprise-focused risk management (ERM)
takes a holistic view of the firm
is more likely to add value than narrower, less integrated approaches to risk management
ERM can be applied to individuals as well. For example, investors can factor human capital considerations into investment decisions.
An analysis of risk tolerance should seek to identify the following:
- Internal shortfalls that would result in failure to achieve critically important objectives. Specific metrics may include the percentage drop in revenue that would trigger debt covenants or the amount of cash flow needed to fund key capital projects.
- Risk drivers, or external uncertainties to which the organization is exposed (e.g., exchange rates, commodity prices, interest rates).
Factors that should not be allowed to influence assessments of risk tolerance include:
short-term reporting pressures, company size, and management compensation.
Risk budgeting
an effort to quantify and allocate allowable risk for both business and portfolio management
It is the process of implementing risk tolerance in the everyday decisions that affect a company’s actual risk exposures.
Single-dimension measures of risk budgeting
include standard deviation, beta, value at risk, and scenario loss
Financial risks
usually stem from changes in market prices and rates
Non-Financial risks
arise from a variety of sources beyond the financial markets
types of financial risks
Market risk
Credit risk
liquidity risk
types of non-financial risks
Settlement risk
Legal risk
Compliance risk
Model risk
Tail risk
Operational risk
Solvency risk
Risks unique to individuals
Metrics
refers to the quantitative measure of risk exposure.
Probability is the most basic metric
The following metrics are used to measure the risks of derivatives:
Delta (sensitivity of the derivative price to the underlying asset)
Gamma (sensitivity of delta to the underlying asset)
Vega (sensitivity of the derivative price to the volatility of the underlying asset)
Rho (sensitivity of the derivative price to changes in interest rates)
Value at risk (VaR)
specifies the minimum loss over a given time period at a given probability
VaR measure includes three elements: a probability, a time period, and a minimum possible loss stated in units of currency.
–> For example, a given bank could be expected to lose at least $2 million in one day 5% of the time. Unfortunately, there are many ways to model the loss, so diverse estimates for VaR could occur for a given company. VaR is based on an assumed probability distribution (usually the normal distribution) that may not reflect reality.
Four broad categories:
Risk Prevention and Avoidance
Risk Acceptance: Self-Insurance and Diversification
Risk Transfer
Risk Shifting
Risk management in the case of individuals is best described as concerned with:
a) hedging risk exposures.
b) maximizing utility while bearing a tolerable level of risk.
c) maximizing utility while avoiding exposure to undesirable risks.
b) maximizing utility while bearing a tolerable level of risk.
