Ch 25: Risk Governance Flashcards

1
Q

List the 6 stages in the risk management control cycle.

6

A
  1. Risk identification
  2. Risk classification
  3. Risk measurement
  4. Risk control
  5. Risk financing
  6. Risk monitoring

Risk management: Process of ensuring risks organisation is exposed to are risks it thinks it is exposed to and prepared for

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The risk identification stage

2,4

A
  • Risk identification is seen as the hardest aspect because the risks to which an organisation is exposed are numerous and their identification needs to be comprehensive.
  • The biggest risks are unidentified ones, as they will not have been appropriately managed.

The following should be determined / identified:
1. Whether each risk is systematic or diversifiable
2. Possible risk control processes that could be put in place for each risk.
3. Opportunities to exploit risks to gain a competitive advantage
4. The organization’s risk appetite or risk tolerance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Risk Classification Stage

3

A
  • Classifying risks into groups aids the calculation of the cost of the risk and the value of diversification.
  • Systematic or Diversifiable
  • It also enables a risk ‘owner’ to be allocated from the management team.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Risk Measurement stage

2

A

The two quantities estimated are:

  1. The probability of the risk event occurring
  2. The likely severity
  • Knowing whether a risk is high, medium or low probability and severity helps in the prioritization of risks and deciding what control measures should be adopted.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risk control stage

1,4

A
  • Decide whether to reject, fully accept or partially accept each identified risk and any mitigation options.

Risk control measures are identified to mitigate the risks or consequences of risk events by:
1. Reducing the probability of a risk occurring
2. Limit financial consequences of risk
3. Limiting the severity of the effects of a risk
3. Reducing the consequences of a risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk financing stage

3

A
  • Risk financing is the determination of the likely cost of each risk
  • Ensure that the organization has sufficient financial resources available to continue to meet its objectives.
  • The likely cost of a risk includes the expected losses, the cost of risk mitigation measures such as insurance premiums, and the cost of capital that has to be held against retained risk.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Risk monitoring stage

4

A
  • The regular review and re-assessment of existing risks
  • The identification of new or previously omitted risks

Aim:
* Determine exposure to risk
* Identify new risks/changes to existing risks
* Report on Risk management process
* Assess effectiveness of RMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

List 7 perceived benefits of risk management to the provider

A

SAMOSAS

Stability and quality of business improved
Avoid surprised
Management and allocation of capital improved
Opportunities exploited for profit
Synergies identified (and related opportunities taken)
Arbitrage opportunities identified
Stakeholders in the business given confidence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

List 5 objectives of the risk management process

A
  1. Incorporate all risks, both financial and non-financial
  2. Evaluate all relevant strategies for managing risk, both financial and non-financial
  3. Consider all relevant constraints, including political, social, regulatory and competitive
  4. Exploit the hedges and portfolio effects among the risks
  5. Exploit the financial and operational efficiencies within the strategies.

ICEEE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Give an example of a portfolio effect (or portfolio hedge) in a life insurance context

A

A life insurer may sell both whole life assurance contracts and immediate annuity contracts. The two risks have an offsetting effect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Explain the difference between “risk” and “uncertainty”

3

A
  • “Uncertainty” means that an outcome is unpredictable.
  • “Risk” arises as a consequence of uncertain outcomes, but there may be some certainty about some components of the risk.
  • For example, the provider of a whole life assurance policy is exposed to mortality risk. There is certainty that the policyholder will die - but the timing is uncertain.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Systematic risk

2

A
  • Risk the affects an entire financial market or system, and not just specified participants.
  • It is not possible to avoid systematic risk through diversification.

Systemic risk: impact particular industry and trigger wider collapse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Diversifiable risk

2

A
  • Risk that arises from an individual component of a financial market or system.
  • An investor is unlikely to be rewarded for taking on diversifiable risk since, by definition, it can be eliminated by diversification.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Does a fall in the domestic equity market represent systematic risk or diversifiable risk?

A

It depends on the context.

To an investor that is constrained only to invest in the domestic equity market, this risk cannot be diversified away and is systematic.

To a world-wide investment fund that can invest in many markets, the risk is diversifiable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does it mean to manage risk at the business unit level and what are the key disadvantages to this approach?

3

A
  • The parent company would determine its overall risk appetite and then divide it among the business units.
  • Each business unit would then manage its risk within the allocated risk appetite.
  • The key disadvantages of the approach are that it makes no allowance for the benefits of diversification or pooling of risk, and the group is unlikely to be making best use of its available capital.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What does it mean to manage risk at the enterprise level?

List six benefits of risk management at the enterprise level.

1,6

A
  • Enterprise risk management means that risks are managed at the enterprise or group level rather than by each business unit separately, with all risks being considers as a whole.

Benefits include:
1. Diversification, including being able to identify undiversified areas of risk
2. Pooling of risks
3. Economies of scale in terms of the risk management process
4. Capital efficiency as capital can be targeted
5. Providing insight into risk in different parts of business, including identification of unacceptable concentrations.
6. Understanding the risks better and so adding value by exploiting risk as an opportunity

17
Q

Internal Stakeholders

3

A
  1. Employees - all members of staff are stakeholders in risk governance. Responsible for looking out for risks and suggesting controls.
  2. Chief Risk Officer - Enterprise level role. Responsible for allocating the risk budget to business units, monitoring group risk exposure and documenting risk events.
  3. Risk managers - Often within each business unit. Responsible for making full use of the allocated risk budget, risk data collection, monitoring and reporting.
18
Q

External Stakeholders

3

A
  1. Customers - Could be encouraged to note and report risks they find when using the company’s products or premises.
  2. Shareholders - Can drive risk governance, e.g. through development of the risk appetitie
  3. Regulators and credit rating agencies - interested in the quality of risk governance; may impose minimum standards.
19
Q

3 Lines of defence model

3

A
  1. Risk managers in units: manage and measure risks within units. ERM structures should allow for engagement,systems for classifying risk,incentives,monitoring
  2. CRO/RM team: Est policies for RM and support risk managers
  3. Board/Audit: Govern the ERM framework at a group level and set risk strategy and ensure it is effective
20
Q

Central risk function (RMT)

5

A
  • Give advice on risks
  • Assess overall risks taken
  • Comparison to risk appetite
  • Accept reporting of new risks
  • Monitor experience

GACAM

21
Q

Central risk officer

8

A
  • Systems to monitor/analyze/manage risk
  • Communicating with stakeholders
  • Risk policy development
  • Allocation of capital across units
  • Manage risk functions
  • Report to board
  • Design and implement ERM framework
  • Risk reporting

SCRAM MRDR

22
Q

Relationship between 1st 2 lines

1,3

A
  • Offence vs Defense: Units (max income) and RMT (min losses) setup in opposition to each other
  • Policy & Policing: Units operate by rules created by RMT and they are also policed by RMT so potential issues are:
    1. Policies out of date
    2. Failure to indentify problems with process
    3. Lack of incentives to report risks
23
Q

Partnership Model

1,5

A
  • RMT intergrated into units and shared measures of performance:
    1. Business strat: RMT considered
    2. NUB development: Risk of assumptions not being met. Set trigger points
    3. Pricing of products: Costs of all risks accounted for
    4. Measuring performance: Use Risk adjusted measures
    5. Incentive Compensation: For reporting and managing risks, disclose salaries

BNPMI