Reading 55: Risk Management - Introduction

Risk Management

For organization

Is the process of

Identify and measure risks

Modify and monitor risks

Risk management framework features

  1. Identify and measure existing risks
  1. Determine the organization's overall risk tolerance
  1. Establish the processes and policies for risk tolerance
  1. Manage and mitigate risks to achieve the optimal bundle of risk
  1. Monitor risk exposure over time
  1. Communicate across the organization
  1. Perform strategic risk analysis

Risk Governance

Definition:

Sequences

  1. Risk tolerance

is determined by top management.

  1. Risk budgeting

Risk budgeting is the process of allocating the total risk the firm will take among assets or investments, based on

Risk budgeting consider the risk characteristics of each assets and how they can be combined to best meet the organization's goals.

  1. Risk exposures

Sources of risk

Financial sources

Non-financial sources

risks from the operation of the organization and from external sources.

Interaction among risks are frequent and can be especially significant during period of stress in financial market.

arise from exposure to financial markets

Measures of Risk Exposure

Derivative risk measures

Tail risk is measured with (VaR) or conditional VaR

Risk of assets is measure by standard deviation, beta, or duration.

Some risks must be valued subjectively

Risk Exposure Modification

Management may choose to

Organization may use multiple methods of risk modification after considering the cost and benefit of the various methods.

The end result is a risk profile that match the organization's risk tolerance and includes the risks that top management has determined match the organization goal

Goal:

Managing risk to support organization's goals within its risk tolerance

Should be done at enterprise level by senior management

Risk management committee identifies specific risks that should be pursued, limited or avoided

Factors

Expertise in specific business lines

Ability to respond to external events

Financial strength

Regulatory environment

Weigh risk exposure against their expected benefits

Organization's goal and risk tolerance

Risk characteristics of assets or investments

Risk budget may be a single metric such as VaR, portfolio beta, or portfolio duration

Credit risk: Counterparties might not fulfill their obligations

Liquidity risk: May receive less than fair value when selling an asset

Market risk: Uncertainty about asset prices and interest rates

Operational risk: Human error, faulty processes, business interruptions, IT security (cyber risk)

Solvency risk: running out of cash

Regulatory risk: Regulations impose costs of restrict activities

Political/ governmental/ tax risk: Government actions beside regulations

Legal risk: exposure to lawsuits

Model risk: Incorrect asset valuations

Tail risk: Underestimating probability of extreme outcome (e.g., incorrectly assuming normality)

Accounting risk: policies and estimates may be judged to be incorrect

Value-at-risk (VAR): Minimum loss over a period with a specific probability

Conditional VaR: Expected value of loss, given that loss exceeds a specific amount

Delta: Sensitivity of derivative value to price of underlying asset

Gamma: Sensitivity of delta to price of underlying asset

Vega: Sensitivity of derivative value to volatility of underlying asset

Rho: Sensitivity of derivative value to risk-free rate

Accept a risk (i.e., self-insurance) and bear it efficiently, for example through diversification

Avoid a risk: by not engaging in activities that expose the organization to it

Prevent a risk, with stronger security for example

Transfer the risk: to another party, via

Insurance

Surety bond (third-party obligations)

Fidelity bond (employee dishonesty)

Shift a risk: change the distribution of outcomes, typically with derivatives contracts

For individual

Determine organization's risk tolerance

how to maximize utility while bearing a tolerable level of risk

not to avoid or minimize risk, but to identify which best able risk to take on

Investor can control risk

Risk tolerance is the overall amount of risk that an organization will take in pursuing its goals.

Risk management infrastructure:

is the people or system required to track risk exposure, and perform quantitative risk analysis to allow assessment of risk profile

activities

Risk identification

Risk measurement

Risk monitoring