02: Risk theory and risk management (2) Flashcards
What is risk management?
- Risk management is a discipline for living with the possibility that future events may cause adverse effects
- Involves: Identifying, measuring/assessing, managing, and controlling risk
What are the two domains of risk management?
Ex ante: Before a risk materializes
- The overall goal is to change the distribution of future outcomes (e.g., cash flows) in such a way as to align the level of risk (however measured) to the desired risk appetite
- Risk appetite: The amount of risk a firm is willing to accept
– Ex post: After a risk has materialized
- “Firefighting”
- Crisis management
Why manage risk? (Contra)
Argument against manage risk:
- ## Example: If one buys all stocks in the S&P500 index, exposure is only to index movements.->Contrast: Buying a single stock exposes to both index movements and stock-specific fluctuations.
- DIY Alternative: Investors can diversify portfolios and hedge independently.
- Perception: Shareholders may not prioritize managing nonsystematic or firm-specific risk.
- Value Creation Doubt: Risk management may not appear to add significant value.
Why manage risk, pro?
arguements for manage risk:
- Diversification is not always feasible for owners (e.g., owners of family businesses) or therre stakeholders (employees, customers, suppliers, etc.)
- Costs of financial distress (loss of credibility, loss of reputation, etc.), i.e., “deadweight costs”
- Without risk management, firms might be forced to pursue suboptimal investment policies (if we assume a strong link between health of a firm and financing costs)
–>Contra arguments do only hold under rigid model assumptions (i.e., perfect market conditions) – but (usually) not in reality
What can risk management do?
- Identify and assess risks faced by a firm
- Communicate these risks to senior management
- Manage and monitor these risks in a way that ensures the firm bears only the risks its management wants exposure to
- Create a culture of risk awareness in a firm
What risk management cannot do?
- Predict the future
- Identify business opportunities
- Define a firm’s risk appetite
- Prevent losses for sure
What are risk management failures?
1.Failures in risk identification
- Important risks are ignored, either because they were not identified or
- falsely viewed as irrelevant
2.Failures in risk assessment
- Application of inappropriate risk metrics
- Wrong application of risk metrics (➔ wrong measurement)
3.Failure in communicating risks to senior management
- Wrong or insufficient communication of risks to senior management
4.Failure in monitoring and managing risks
- Not updating methods, checking the continued appropriateness of models
What are the 5 generic risk management strategies?
- Avoidance
- Mitigation
- Retention
- Prevention
- Transfer, insurance, sharing
What is the generic strategy: risk avoidance?
Risk avoidance is a conscious decision not to expose oneself to a particular risk:
The goal is to decrease the exposure and/or probability to zero
What is the issue with risk avoidance?
Risk avoidance is common, particularly among those with a strong aversion to risk
Issue: However, avoidance is not always feasible or may not be desirable even if it is possible
What is the generic strategy: risk prevention?
(goal, outcome)
Prevention aims to safeguard risky activities to reduce the likelihood of severe events
- Goal: Not to avoid risk activities but to make them safer.
- Outcome:Reduction of uncertainty and probability of adverse events.
Example:Preparatory safety and security initiatives as a form of “imperfect avoidance.”
What is the generic strategy: Risk mitigation? (Describe, outcome)
Risk mitigation: Engaging in operations with recognized risks but making conscious decisions to limit or mitigate negative consequences of these risks
Outcome: Reduction of exposure by addressing the severity of adverse events without necessarily affecting the probability of their occurrence.
Alternative Term:Also known as “precaution,” involves activities to reduce the severity of adverse events given that they occur.
What is the generic strategy: Risk transfer, insurance, sharing?
Insurance: Involves transferring risk from one party (transferor) to another (transferee) through mechanisms like insurance
- Most widely used form of risk transfer, with the transferee assuming a risk that the transferor wants to escape
- Often termed as “hedging,” it doesn’t eliminate risk but transfers it to those more willing and capable of dealing with it (confront risk)
What is the generic strategy: Risk retention - what are the two forms?
- planned retention
- Unplanned retention
What is the generic strategy: Risk retention: planned retention?
Planned retention:
- Involves a conscious and deliberate assumption of recognized risk: Risk is judged to be acceptable
- Often occurs because it is the most convenient risk handling technique
* Or because there are simply no alternatives available short of ceasing operations
