29. Risk measurement and reporting Flashcards

1
Q

Describe how the risk identification ‘brainstorming’ approach can be extended to obtain a subjective assessment of risk exposure

A

Subjective assessment of risk exposure

  • Estimate probability and severity of each risk separately
  • Assign a number from the scale 1-5
  • The product of probability and severity=> ranked 1-25
  • Allows risks to be ranked and prioritised
  • Carried out with and without possible risk controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can a model be used to assess a risk event/exposure?

A
  • Distribution assigned to both Frequency and severity of a risk event
  • Define an event
  • Use historic events to calculate a probability distribution for that event
  • Alternatively - Frequency of the event defined and used to determine the loss parameter
  • Decide stochastic vs deterministic model
  • Availability of data=> Influence which model is used
  • Important when considering rare events
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What the different ways of valuing risk?

A

SRC

  • Scenario analysis
  • Stress testing
  • Stochastic modelling
  • Reverse stress testing
  • Combined stress and scenario testing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What steps should be involved in a scenario analysis to evaluate operational risk?

4

A
  • Group risks into categories.
  • Develop a plausible adverse scenario of risk events for each group of risks, which is representitive of all risks in the group
  • Calculate the consequences/costs of the risk event occurring for each scenario. Involving input from senior staff.
  • Calculate the total costs of all risks represented by the scenario
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What categories may operational risk be divided into for the purpose of scenarios analysis?

6

A
  • Fraud
  • Loss of key personnel
  • Mis-selling of financial products
  • Calculation error in the computer system
  • Loss of business premises
  • Loss of company e-mail access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is stress testing?

A
  • Deterministic method of modelling adverse event over a period of time
  • Commonly used to model extreme market events but can be applied to other risks.
  • It models the impact of event, but not probability

In relation to market risk:
* It involves subjecting a portfolio to extreme market movements by:
1. by radically changing the underlying assumtions and characteristics
2. Change asset class correlations and volatilities

Designed to:
* Identify weak areas=> investigate effect of localised stress situation
* Different combinations of correlations + volatilities => Impact of major market turmoil=> all parameters
* Ensure consistency between correlations while they are stressed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A provider of unit-linked investment bonds has constructed a model to investigate the stress scenario of a sustained reduction in equity market values.
List factors that would need to be built into this model

A

The model would need to allow for the impact of the sustained reduction in equity market values on:
* Income received from fund management charges
* Persistency of existing bonds
* New business volumes
* Regulatory capital requirements
* Value of shareholders’ interests
* Probability of any gurantee biting
* Other economic conditions=>interest rates, inflation + investment returns on other assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is reverse stress testing?

A
  • Construction of a severe stress scenario
  • Only just allows the company to continue
  • To fulfil its strategic business plan
  • Financial or non-financial
  • Although extreme, MUST BE PLAUSIBLE
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How can a stochastic model be used to evaluate a particular risk?

A
  • Variables that give rise to risk => treat as RV with probability distributions
  • Model must be dynamic- with full interactions and correlations between variables
  • Model run to determine amount of capital to just avoid ruin
  • With a given probability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A stochastic model used to evaluate risk may become impractical to run.
Outline three approaches to limiting the ideal scope of a stochastic model in order to make the model more practical

A
  • Restrict the time Horizon that the model projects
  • Limit the number of variables that the model models stochastically
  • Carry out a number of runs with a single different stochastic variable
  • Followed by a single deterministic run using all the worst-case scenarios together
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Why can the phrase 1 in 200-year event be misleading, in relation to risk and setting riskbased capital requirements?

A
  • Misleading to non-experts
  • If the risk event has just occurred=> will occur again in 200 years
  • Rare events in practise such as stock market crashes are occurring more frequently than the assumed probability indicates
  • 1 in 200-year combined event not the same as combining individual 1 in 200 year events
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does the overall capital requirement relate to the individual capital requirements of a group of risks?

A
  • Fully dependent=> Overall cap = sum of individual risk cap
  • Fully independent=> Overall cap< sum of individual risk cap. Under certain assumptions: Overall risk is square root of sum of squares of individual risks
  • Partially dependent=> Overall cap requirement< sum of individual cap
  • The difference is the diversification benefit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are examples of likely correlations between risks?

A
  • Inflation risk = expense risk
  • Equity markets inverse to inflation rates
  • Equity market falls= higher withdrawal rates on unit linked savings products
  • Operational risks correlated to other risks
  • Longevity risk strongly negatively correlated to mortality risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What methods exist for aggregating partially dependent risks?

A
  • Stochastic model
  • Correlation matrices
  • Copulas
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a correlation matrix and how can it be used in the assessment of risk?

A
  • Specifies the correlations between all pairs of individual risk factors being modelled
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a copula and how can it be used to model risk?

A
  • F(Marginal CDF)= Joint CDFs
  • Method of calculating joint probabilities of risk
  • P(RBonds>L,REquity<M)= Joint probability
  • Different copulas are used to describe different degrees of dependence between RV
  • Including dependence in the tails of the distributions
  • USEFUL for modelling tail risk=> Capital requirements for extreme events
17
Q

How can liability risk be measured?

A
  • Analysis of experience- A/E
  • NB consistent classification and measurement of the risk event+ exposure to risk
18
Q

What is Value at Risk (Var)?

A
  • Maximum possible loss
  • On a portfolio
  • Over a given time period
  • With a given degree of confidence
  • Absolute amount or relative to a benchmark
19
Q

What are the disadvantages/drawbacks of using VaR as a measure of risk?

3

A
  • Calculated assuming a normal distribution of returns. NOT TRUE IN PRACTISE
  • VaR can be used with a different distribution. Data is sparse particulalarly in the tails=> difficult to fit accurately
  • VaR does not quantify the size of the tail=> loss might be past VaR confidence level
20
Q

What is tail VaR or TVaR?

A
  • Expected shortfall below a certain level, given that shortfall has occurred
  • e.g. if average loss on the worst 5% of possible outcomes is 5 mil, then the TVaR is 5 mil for the 5% tail
21
Q

What is a risk portfolio and what might it contain?

A
  • Means of categorising the various risks to the company
  • Against each risk=> likely severity + probability
  • Product=> idea of relative importance of the various risks
  • Extended to explain how each risk was dealt with
  • Details for mitigated risks=> revised assessment of risk remaining
  • Retained risks=> Details of control, risk owner, need for management.
22
Q

Why is regular risk reporting important within a business?

A

FRAUD CRIME

  • Financing
  • Rating agencies
  • Attractive investors
  • Understand better
  • Determine appropriate control systems
  • Changes over time
  • Regulator
  • Interactions
  • Monitor effectiveness of controls
  • Emerging risk identification
23
Q

Explain why, if risk is being managed at the enterprise level, it is necessary to have a coherent system of risk reporting across the whole enterprise.

A
  • Each unit given risk exposure allocation
  • Benefits of diversification rely on each business unit taking on exposure allocated
  • Necessary each unit report on exposure they are taking on
  • NOT done in a consistent way= more capital required
24
Q

What are the two modelling steps of the determining the amount of capital to hold?

A
  • A model used to determine risk event at the required level of probability
  • Stochastic model used to determine this
  • Second model=> determine the consequences/ costs of the risk event determined ❖ Deterministic model likely to be used
25
Q

What are the issues when assessing risk-based capital requirements?

A
  • Ruin P expressed over single year or entire run off of the business?
  • Modelling more than 2 varaibles stochastically impractical => method of identifying correlation between varibales is needed = Correlation matrix
  • Effect of multiple risk events influenced by diversification and their interactions
  • Operation risk is highly subjective => Look beyond past events for risk scenarios
  • Past data used with caution => censequences of rare events
26
Q

Describe the key considerations when designing risk reporting, including typical contents of such reports.

A
  • Risk reporting should be clear and relavant, linking to company’s risk appetite/tolerances in order to allow effective decision-making
  • Split according to risk types and operating units, and include:
    1. Key Risk Indicators (KRIs)
    2. Summaries of main risk areas in tables/graphs, showing likelihood and severity of each risk.
    3. Traffic light systems to highlight areas of concern.
  • Must contain the appropriate level of detail for the audience, balancing completeness with clarity and simplicity.