Module 7: Risk frameworks (proprietary) Flashcards Preview

Private: Enterprise Risk Management (IFoA ST9) > Module 7: Risk frameworks (proprietary) > Flashcards

Flashcards in Module 7: Risk frameworks (proprietary) Deck (19)
Loading flashcards...
1
Q

Proprietary risk framework

A

A proprietary risk framework is one used by an organisation for a specific purpose, eg to determine a credit rating.

2
Q

Credit rating agency

A

A credit rating agency provides ratings on both

  • specific debt issues, and
  • issuing company.

Purpose is to:

  • enable the issuer to borrow more cheaply.
  • be a broad indication of the CREDIT-WORTHINESS of a company.

They use a combination of quantitative and qualitative assessments relating to

  • the COUNTRY,
  • the INDUSTRY
  • the COMPANY
  • the DEBT ISSUE itself.

A company’s ERM capability is becoming an increasingly important component of the ratings process.

3
Q

3 Major credit rating agencies

A
  • Fitch
  • Moody’s
  • Standard and Poor’s (S&P)
4
Q

3 Analyses carried out by Standard and Poor’s

A
  • SOVEREIGN risk analysis
    eg taxation, currency control
  • BUSINESS risk analysis
    e. g. industry prospects, lack of diversification, diseconomies of scale, competitive strength, operational risks, management quality and structure.
  • FINANCIAL risk analysis
    eg profit level, cashflow, capital structure and flexibility.
5
Q

The S&P framework categorises an insurance company’s ERM capability as being (4)

A
  • weak
  • adequate
  • strong
  • excellent
6
Q

The contribution of S&P’s ERM framework classification to the overall credit rating depends on (2)

A
  • complexity of the risks faced

- amount of AVAILABLE CAPITAL and ease of access to (ie capability to absorb risks)

7
Q

5 Main areas that are evaluated by S&P to assess the ERM capability of a company

A
  1. risk management culture
  2. risk control
  3. extreme event management
  4. risk models and capital models
  5. strategic risk management
8
Q

Key strength of the S&P ERM framework

A

Encourages good ERM practices, such as

  • analysing risks HOLISTICALLY,
  • linking STRATEGIC decision making to risk management and
  • TRANSPARENCY.
9
Q

Key weakness of the S&P ERM framework

A

It applies to (re)insurance companies only and represents only the opinion of S&P.

10
Q

Outline what is meant by a credit rating

A

A credit rating is issued by a credit rating agency as an indication of CREDITWORTHINESS (or lack thereof).

Investors often use these credit ratings to assess the security of debt.

Ratings may be assigned to both:

  • the ISSUER of the debt (an individual, company or country), and
  • the particular ISSUE itself.
11
Q

Outline the shortcomings of credit ratings

A

Ratings agencies are paid by the debt issuer.

There is thus a potential conflict of interest.

12
Q

Two features of an insurer’s business that determine the significance of the categorisation of ERM

A
  1. COMPLEXITY OF THE RISKS that the insurer accepts
    (where a complex risk is one that can change significantly in a short period, such as long-term contracts that cover multiple contingencies)
  2. The amount of available capital and ease of access to it, ie capability to absorb risk (as has been seen in the banking sector recently, this access to capital can dry up quite quickly in poor market conditions).
13
Q

Outline how S&P assess risk management culture

A

There are a variety of indicators of positive risk management culture, such as

  • the COMMUNICATION of risks through all levels of the company,
  • the DOCUMENTIN and analysis of past errors
  • the CONSISTENCY of risk management across all parts of the business
  • the INCENTIVISING of good risk management practices within the firm

S&P also evaluate

  • governance structure
  • risk tolerance statements
  • capabilities of individual risk managers
14
Q

Outline 6 positive features S&P will look for in an organisation’s approach to strategic risk management

A

S&P will look for 6 positive features:

  1. Clear DECISION-MAKING with regards to the retained risks within the company and whether the company’s business should be refocused to avoid or diversify these risks.
  2. A clear STRATEGY for investing assets owned by the company, with particular focus on the allocation across broad categories (equities / bonds) and across countries.
  3. PRICING of products that reflects the risk / return payoff and clear standards set for the risk / reward profiles that are acceptable to the company.
  4. Appropriate CAPITAL ALLOCATION between the different business units based on the capital model.
  5. An appropriate DIVIDEND POLICY, which is influenced by the level of risk-adjusted return on retained capital - a strong company will be able to discuss how the dividend decision was made.
  6. Good RISK-ADJUSTED RETURNS should be rewarded within the company.
15
Q

Outline what S&P consider when assessing an organisation’s control mechanisms for key risks

A

The control mechanisms for key risks will be assessed, considering:

  • how well the company’s risk identification procedures are carried out
  • how well risks are monitored on an ongoing basis
  • the limits set for retained risks, how these limits will be adhered to and the consequences or actions taken when limits were not met
  • the execution of the risk management processes.
16
Q

Outline what aspects of an organisation’s models S&P will review

A
S&P will review the 
- models used, 
- inputs,
- assumptions and 
- modelling formulae 
when assessing a company's capabilities in this area.

S&P regard a good model as being one which is consistent across all business areas, and all business regions.

S&P looks at modification of any standard formulae used for appropriateness to the particular business lines in which the company operates.

17
Q

Outline how S&P will assess an organisation’s extreme event management capability.

A

Extreme events are low frequency, high-impact events that can seriously affect the company’s financial health.

The company must prove that it considers various possible events such as terrorism, natural disaster, reputational incidents, etc, then adopts an appropriate course to measure the potential impact and prepare for the event.

Stress testing and scenario analysis may play a part in measuring such events.

Early-warning indicator reporting and catastrophe insurance are potential risk mitigators.

18
Q

8 Strengths of the S&P criteria

A
  • overall emphasis on Enterprise Risk Management, ie doing risk management of all important risks together, rather than having a separate silo for each risk.
  • focus on the use of economic capital or “risk capital” measures
  • consideration of operational performance in light of the risk choices and tolerances
  • useful breakdown into components of ERM analysis, which can be helpful to organisations when implementing their own ERM processes
  • encouragement of greater transparency of ERM practices
  • introduction of a classification system that should make the outcomes of the rating agency analysis easier to communicate
  • same criteria applied to all insurance companies, but also tailored to each one (although details on how this is done are limited)
  • the paper argues that a high rating may help organisations attract and retain increasingly sophisticated customers.
19
Q

8 Weaknesses of the S&P criteria

A
  • Only to the view of Standard & Poor’s, not credit rating agencies generally.
  • It is limited to insurance and reinsurance companies.
  • The document is part of the company’s marketing literature, and the tone could be argued to be overly optimistic.
  • Limited description is given on the actual procedures, or details of how the investigations will be carried out and how certain aspects will be measured.
  • There is no explicit mention of agency risk.
  • There is reference to “complicated and powerful simulation models”; this is highly subjective and can cause problems in itself.
  • Risk management was already considered by S&P when rating companies; it is unclear whether this additional formalised approach had a significant impact on their views of insurance and reinsurance companies.
  • Reliance should not be placed solely on the opinion of rating agencies; they may miss risks that a company takes, and that the company itself may also have missed.
    It may well also be the case that the company has a better understanding of its risks than the rating agency.

Decks in Private: Enterprise Risk Management (IFoA ST9) Class (48):