Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

πŸ¦‹πŸ¦‹πŸ¦‹ > Ch 25: Risk Governance > Flashcards

Ch 25: Risk Governance Flashcards

1
Q

The risk management process

A
  • Process of ensuring that the risks which an organisation is exposed to are the risks
  • To which it thinks it is exposed
  • To which it is prepared to be exposed
  • General framework
  • Not linear - all stages can impact and feed into other stages of the cycle
  • Process is consistent with the ACC
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Risk identification

A
  • Recognition of the risks that can threaten the income and
    assets of an organisation
  • Identify risks that represent
  • Material threats to business objectives
  • Opportunities to exploit risk to gain competitive advantage
  • Identify possible risk controls – reduce likelihood / impact
  • Systematic / diversifiable
  • Update risk register regularly - main operational aspect of
    ongoing risk identification
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Why is risk identification the hardest
part of risk management?

A

Because the risks to which an
organisation is exposed are numerous
and because risk identification needs to
be comprehensive. Biggest risks are the
risks not identified.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Risk classification

A

Risk classification helps with:
* Calculation of cost of risk
* Value of diversification
* Allocation of β€œrisk owner” - control processes for relevant risk category

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risk measurement

A
  • Estimation of probability and severity
  • Carried out before and after application of risk controls
  • Cost of risk controls included in assessment
  • Basis for evaluating and selecting methods of risk control
  • Declined
  • transferred
  • mitigated
    -retained with / without controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk control

A
  • Determining and implementing methods of risk mitigation
  • Decide whether to reject, fully accept / partially accept risk
  • Aim to reduce probability / severity / financial and other consequences of a loss
  • Risk appetite is key consideration for approach - quantitative and qualitative components
  • Management actions to be taken when certain trigger points are reached
  • Compare options, identify optimal one and implement it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Risk financing

A
  • Determining likely cost of each risk
  • Cost of mitigations
  • Expected losses
  • Cost of capital from retained risk
  • Ensuring adequate financial resources available to cover losses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Risk monitoring

A
  • Regular review and re-assessment of risks
    together with an overall business review to
    identify new / previously omitted risks
  • Establish clear management responsibility for
    each risk
  • Assess accuracy of underlying assumptions
  • Identifying β€œnear misses”
  • Leads back to risk identification
  • Objectives
  • Determine if exposure to risk / risk appetite has
    changed over time
  • Identify new risks / changes in nature of existing
    risks
  • Report on risks that occurred and how they were
    managed
  • Assess whether existing risk management
    process is effective
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Through an effective risk management process, a provider will
be able to:

A
  • Avoid surprises
  • Improve stability and quality of their business
  • Improve their growth and returns
  • By exploiting risk opportunities
  • Through better management and allocation of capital
  • Identify opportunities arising from
  • Natural synergies
  • Risk arbitrage - situations where provider may have
    different view on price of risk relative to another party
  • Give stakeholders in their business confidence that the
    business is well managed
  • Price products to reflect the inherent level of risk
  • Improve job security and reduce variability in employee
    costs
  • Detect risks earlier meaning they are cheaper and easier to
    deal with
  • Determine cost-effective means of risk transfer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Risk management process should:

A
  • Incorporate all risks, both
    financial and non-financial
  • Evaluate all relevant strategies
    for managing risk
  • Consider all relevant constraints -
    political, social, regulatory,
    competitive
  • Exploit hedges and portfolio
    effects among the risks
  • Exploit financial and operational
    efficiencies within the strategies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Example of natural synergies in life
insurance:

A

May sell term assurances with
mortality risk and annuities with
longevity risk. Risks naturally hedge
each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

RISK

A
  • All possible outcomes and their
    probabilities are known / can be
    estimated
  • Can usually be managed
  • Typically choice as to whether to take it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

UNCERTAINTY

A
  • Possible outcomes and / or their
    probabilities are unknown
  • Cannot be measured / controlled
  • Typically no choice as to whether it is
    faced
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

UPSIDE RISK:

A

risk should not be considered as only relating to adverse outcomes. Risk can be positive if the
outcome is better than expected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SYSTEMATIC RISK

A
  • Risks affecting an entire market / system
  • Cannot be diversified away
  • Not to be confused with systemic risk -
    failure of a specific system β†’ domino-effect:
    failure of one bank leads to failure of many
    more
  • Eg COVID-19, war
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DIVERSIFIABLE RISK

A
  • Risk arises from an individual component of a
    financial market / system
  • Rational investors typically hold a portfolio of
    assets as well diversified as possible
  • Strategies depend on investor’s view of the
    riskiness of the assets and risk appetite
  • Investors may opt for less diversified portfolios,
    but will require higher returns to compensate for higher risk – depends on risk appetite
17
Q

Some risks are both systematic and diversifiable

A
18
Q

BUSINESS UNITS

A

A company’s business units might:
* Carry out different types of activity within the
same company (finance/ marketing)
* Carry out activities in different industry sectors
or in different areas within the same sector
* Carry out different activities at different locations
* Operate in different countries
* Operate in different markets
* Be separate companies in a group, which each
have their own business units

19
Q

MANAGING RISK AT THE BUSINESS UNIT LEVEL

A

Silo approach to risk management:
* Parent company determines overall risk
appetite β†’ allocated to BUs
* Risk capital allocated to BUs based on each BUs
retained risk
* Each BU manages risk individually based on
allocated risk appetite
* Diversification & pooling of risks not allowed for
* Crude allowance for diversification

20
Q

MANAGING RISK AT THE ENTERPRISE LEVEL

A
  • Risk assessment at entity (entire enterprise) level
  • Allowance made for diversification / pooling / concentration of risk
  • Better budgeting for risk
  • Required risk capital minimised
  • Risk capital allocated to BUs based on each BUs retained risk
  • Facilitates insight into
  • Undiversified risk exposures and hence
  • Risk transfer needs and
  • Risk capital requirements
  • Risk reporting a cornerstone of ERM
  • Need to know if BUs comply with risk allocations
  • Non-compliance may nullify diversification benefits
21
Q

Key features of ERM:

A
  • Consistency between business
    units
  • Holistic - considers the risks of
    an enterprise as a whole,
    rather than in isolation
  • Seeking opportunities to
    enhance value
22
Q

Stakeholders involved in
risk governance of a cpy

A
  • directors/ senior management
  • risk managers & any Chief Risk Officer
  • all other employees
  • customers
  • shareholders
  • credit rating agencies
  • regulators
23
Q

Employees:in risk governance of a cpy

A
  • In efficiently run organisation, all members of staff are part of risk governance
  • Identify risks and suggest ways in which risks can be mitigated / controlled
24
Q

Chief Risk Officer:in risk governance of a cpy

A
  • All large companies and all providers of finance should have one
  • Normally at enterprise level
  • Allocate risk budgets to BUs after allowing for diversification
  • Monitor group exposure to risks and document risks that materialised
  • Should have authority and understand key stakeholders and drivers of performance
  • Roles of Central Risk Function
  • Giving advice to board
  • Assessing overall risks being run by the business
  • Making comparisons of overall risks with risk appetite
  • Acting as a central focus point for staff to report new and enhanced risks
  • Giving guidance to line managers about identification and management of risks, making
    suggestions for risk responses
  • Monitoring progress on risk management
  • Pulling the whole picture together
25
Q

3 lines of defence:

A
  1. Line management staff in business units (BU’s)
    - accountable for measuring & managing risk in individual business units on a daily basis
  2. Chief Risk Officer, risk management team & compliance team
    - accountable for establishing risk & compliance programmes & policies & reporting to the board
  3. Board & audit function
    - accountable for effective governance of risk management process, setting risk management
    strategy, approving policies & ensuring ERM is effective
    Relationship between the first two lines of defence:
    * Offence vs defence
    - BU’s focuses on maximising income and risk management on minimising losses - could be destructive
    * Policy and policing
    - BU’s operate within rules which are set by risk management function and policed by risk management,
    audit, and compliance functions
    - Problems – out of date policies, failure to identify problems, friction, and little incentive to report
    problems / policy violations
    * Partnership model
    - BU’s & risk management staff (RMS) work together in client-consultant type relationship to manage risk.
    RMS recognise importance of their role as consultants. Independence may suffer in this structure.
26
Q

Appropriate governance structure will depend on
factors such as:

A
  • Structure of existing committees and decision-
    making bodies
  • Size and nature of business
  • Risks faced by business
  • Autonomy and accountability of the elements in
    the current corporate structure
27
Q

Line management

A

ERM supported by:
* Process for engaging with BUs
* Common risk taxonomy - system for classifying
and defining risks
* Standard risk management process
* Appropriate incentives for employees, linked to
agreed behaviours
* Clear monitoring and risk reporting

28
Q

Incorporating risk management into business management processes:

A
  • Business strategy
  • New product / business development
  • Set trigger points for each assumption
  • Specific risk committee
  • Pricing of products
  • Take account of all the costs of risk - expected losses, cost of capital, cost of risk transfer
  • Measuring business performance
  • Risk-adjusted performance measures
  • Risk and incentive compensation
    External stakeholders
  • Organisations can encourage their customers to note & report risk that they come across
  • Other stakeholders have strong interest in risk governance within an organisation including the
    shareholders, any regulators & credit rating agencies

πŸ¦‹πŸ¦‹πŸ¦‹ (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions