28 - Risk Measurement & Reporting Flashcards
Two key features to be assessed wrt any risk:
- The probability of risk occurring
- The expected loss if the event occurs
Methods to quantify risk are:
- Subjective assessment
o Score freq/severity of event on scale of 1-5 or 1-3
o Product of the two scores for risks gives an approach to ranking the risks
o If risk controls are placed, the score should reduce by an amount that justifies the cost of the control - Using a model
o Need to assign a dbn to both the probability of event occurring & loss if the event occurs
o Need to define the risk event clearly to quantify it
o Need sufficient quality data to choose what type of model to use and to parameterise the model
What are the methods available to evaluate risks?
- Scenario Analysis
- Stress testing
- Combination of stress/scenario testing
- Reverse stress testing
- Stochastic modelling
Methods to quantify operational risk:
- Adding a percentage to total aggregated risks other than operational risks
- Scenario analysis: divide operational risk into different categories and assessing the cost of a plausible adverse scenario
In which situation is scenario testing useful to evaluate risks?
When it is difficult to fit full probability dbns to risk events (hence a stochastic model would be inappropriate)
- Used to evaluate operational risks and impacts of global recessions for example
What are the steps to follow when scenario testing?
- Group risk exposures into various broad categories
- Develop a plausible adverse scenario representative of all risk in each group
- Translate the consequences of the scenario into assumptions for various risk factors in the model
- Total costs calculated are taken as the financial cost of all risks represented by the chosen scenario
** One drawback of scenario analysis is that it only models the severity of the scenario and not the probability of it occurring
Outline stress testing:
- Deterministic projection of the financial condition of a company under a specific adverse event over a period of time
- Risks incurred by extreme events can be identified & investigated using stress testing
Outline the combination of stress & scenario testing:
- Stress testing can be coupled with scenario testing to determine a stress scenario
- Stress test is conducted by considering the impact of a set of related adverse conditions that reflect the chosen risk scenario
- When constructing a stress scenario, decisions need to be made about how various aspects of business will react to the stress event
e. g. Unit-linked investment bonds experience lasting reduction in mkt values which affects:
- Income from management charges
- New business volumes
- Persistency of existing investment bonds
- Value of shareholders interests
- Probability of guarantees biting
- Regulatory capital requirements going forward
- Scenarios should also be tailored to reveal weak areas of the portfolio in terms of risk exposure & sensitivity
o Should thus focus on risk factors to which business is most vulnerable.
Two types of stress test:
- Identify weak areas of the portfolio & investigate the effects of localised stress situations by looking at the effect of different combinations of correlations & volatilities
- Gauging impacts of major market turmoil affecting all model parameters, while ensuring consistency between correlations while they are ‘stressed’
Describe reverse-stress testing:
- It is about identifying a plausible scenario that would be just enough to stop the company from fulfilling strategic business plan
- Business plan failure needs to be defined by the firm for both short-term & long-term
eg.
- Having insufficient capital to meet statutory requirements or to cover minimium risk appetite
- Non-financial external event causes company to lose access to its major mkt.
Outline stochastic modelling:
- Variables give rise to being incorporated as probability distributions
- Full set of dynamic interactions b/w variables are specified
- The model can then determine the amount of capital needed to avoid ruin over a specified time horizon at a desired probability level
How to limit the scope of the stochastic model to accommodate computing power limitations:
- Limit the time horizon being modelled
- Limit the no. of variables being modelled stochastically eg. make variables that have one way adverse or favourable effects deterministic.
- Carry out a number of runs w different single stochastic variables followed by a single deterministic run using all the worst case scenarios together
o This will determine the interactions b/w various variables
Diversification benefit defn:
The extent to which the overall capital requirement is less than the sum of the capital requirements for each individual risk
What are the asset risks that need to be measured?
- Tactical asset allocation error
- Strategic allocation risk
- Duration risk
- Counterparty, interest rate & equity market risk
** Need to allow for diversification benefits when measuring asset portfolio risks
Risk measurement techniques for asset risks:
ASSET RISKS:
Tactical asset allocation risk
- Historic tracking error: retrospective annualised std. deviation of difference b/w portfolio performance & target benchmark
- Forward looking tracking error: prospective equivalent to historic tracking error, determined using modelling techniques
Strategic allocation risk
- Both forward-looking/retrospective tracking error approaches can be used to find the effects of the actual strategic allocation compared to the target asset allocation
Duration risk
- For portfolio with need to closely match A&L there will be an acceptable range for the duration of fixed interest element
- Otherwise vulnerable to reinvestment & liquidity risk
- Retrospective/prospective approaches can be used to gauge this risk as used for SA risk and TA risk
Counterparty, interest rate & equity market risk
- Best proxy to quantify counterparty (default) risk taken is to use the amount of capital necessary to hold against the risk.
- Equity market & interest rate risk is assessed using VaR methods as prescribed in Solvency II wrt. an internal model or a standard formula as appropriate.
How do we measure liability risks?
By analysis of experience -> Ratio of actual occurrences of an event to the expected occurrences when the risk was expected
** Ensure that there is correspondence b/w the classification & measurement of not only risk events but also the population exposed to risk
Value at risk (VaR) definition:
VaR represents the maximum potential loss on a portfolio over a given future period with a given degree of confidence
- VaR could be measured in relative or absolute terms
VaR pros and cons:
Pros:
- Easy to interpret & very widely used
Cons:
- Does not give info on what the loss might be in extreme cases
- May be misleading if the underlying dbn is wrong
- VaR does not quantify the size of the tail
- Hence needs sufficient data within the tails of the dbn for meaningful results (may be difficult to obtain)
- VaR might give a measure of risk that ignores the sub-additivity of risk rule of investing in more than one asset. ie. It may produce a measure of risk larger than the sum of the individual risks measures
What is in a risk portfolio?
- The risk portfolio categorises the various risks to
which the business is exposed - Against each risk would be a recorded quantification of the risk’s impact and probability
- The product of the impact and the probability measures gives an idea of the relative importance of the various risks
- Risk response: records how the risk was accepted, rejected, transferred, mitigated or reduced
What does a risk register include? How does it come about?
- For risks that are retained, the risk portfolio becomes a more detailed risk register.
- It is used throughout the process to monitor and report on the risks
- Risk registers include:
o Details of CONTROL MEASURES
o REASSESSMENT of value and impact after controls are put in place (to see if mitigation measures are worthwhile)
o Risk OWNER
o Board committee or senior manager with OVERSIGHT of the risk (key strategic risks overseen by the full Board)
o Identification of CONCENTRATIONS of risk and the need for management action in these areas
What is the purpose of regular risk reporting?
- IDENTIFY any new risks faced by the business
- To better UNDERSTAND risks faced by the business in terms of quantifying:
o Materiality
o Financial impact of individual risks - Determine appropriate RISK and CONTROL systems to manage specific risks
- Proactively MONITOR and MANAGE the effectiveness of risk and control systems within its business
- Assess whether risks faced are CHANGING over time
- Assess the INTERACTION between individual risks
- Appropriately PRICE, RESERVE and determine any CAPITAL REQUIREMENTS for its business
For STAKEHOLDERS:
- Give shareholders or potential shareholders greater understanding of the INVESTMENT PROSPECTS
- CREDIT RATING agencies can determine an appropriate rating more easily
- Gives REGULATOR greater understanding of the areas within a business which could require more scrutiny
What is risk reporting cross an enterprise concerned with?
- REPORTING the risk exposures taken up by business units consistently across the enterprise
- OPTIMIZING risk appetite allocation across business units
- Additional capital may have to be held to cover UNMATCHED exposures across business units at enterprise level
What are the main issues FSPs face in assessing capital requirements at a given ruin probability?
- Time HORIZON to be used for calculation (1 year or run-off of the business)
- CORRELATION matrix used to assess correlation b/w risks is subjective
- INTERACTION effects b/w risks need to be addressed
- Some risks are highly SUBJECTIVE to assess eg. operational risk -> constructing plausible adverse scenarios that occur w low probability to assess it
- Use of past data in estimating future consequences should be undertaken w caution especially for rare events