Ch 29: Risk Management And Reporting Flashcards
Risk quantification
For all risk events, assess:
- Probability of occurrence (frequency)
- Expected loss (severity)
- Normally treated as random variables
Subjective assessment:
- Risks commonly assessed using simple scales
- Ranking frequency and severity from low to high
- Product of two scales = overall score for that risk
- enabling them to be ranked
- Assessment would be done with and without
controls - assess efficiency - May be recorded in risk register
Using a model
Note! It is difficult to model low frequency events due
to lack of data. Stochastic approach more
appropriate if risk:
* Has a high score - high priority to assess
carefully
* High variability of possible outcomes
* Lot of experience data on which to base
probability distributions
* Relates to financial guarantees / options
* Involves mismatching of assets and liabilities
Operational risks:
- Difficult to quantify
- Typical approaches
- Broad-brush addition to other risks (for
capital requirements) - Scenario analysis
- Banking - add % uplift to total aggregated
risks other than operational risks - Insurers - Solvency II standard formula uses
factor-based approach, taking specified % of
provisions and premiums
Operational risk categories examples:
- Fraud
- Loss of key personnel
- Mis-selling of financial products
- Calculation error in computer system
- Loss of business premises
- Loss of cpy email access for 72 hours
Scenario analysis
Looks at financial impact of plausible and possibly adverse set / sequence of events
* Useful when it is difficult to fit full probability distribution to risk events
* Typically, deterministic and straight forward
- May be adapted to contain probabilistic and advanced mathematical elements
- Frequently used - operational risks, global recession
- Assessing emerging risks - climate change
* Drawback - does not indicate likelihood of estimated severities
Scenario analysis process:
- Risk exposures grouped into categories - input from senior individuals in organisations
- Develop plausible adverse scenario for each group of risk
- Determine financial cost of each scenario - involving senior staff
- Total cost represents a βworst-caseβ loss scenario
Stress testing
- Involves assessing impact of a specific
adverse event - Form of scenario analysis, focusing on
extreme scenarios - Radically change assumptions and
characteristics - Deterministic method
- Application
- Extreme market movements
- Credit and liquidity risks
Note! Sensitivity testing works the same,
except that you donβt βstressβ.
Stress scenario
- Combine stress and scenario testing
- Stress test is performed by considering the impact of a
set of related adverse conditions that reflect the chosen
scenario - Decisions need to be made as to how other aspects of the
business will react if stress event occurs - Types of stress scenario tests:
- Identify βweak areasβ in the portfolio and investigate
effects of localised stress situations by looking at the
effect of different combinations of correlations and
volatilities - To gauge the impact of major market turmoil affecting
all model parameters, while ensuring consistency between
correlations while they are stressed
Stochastic model
Ideal model
- All risk variables modelled through probability
distributions
- Dynamic interaction between variable specified
- Potentially very complex / impractical
* In theory, correct required capital to avoid ruin (at given
confidence level) calculated
Practical ways to reduce complexity of stochastic models:
* Restrict time horizon for model
* Limit number of stochastic variables
* Carry out a number of runs with a different single
stochastic variable and then a single deterministic run using
all the worst-case scenarios together
Note! All methods are used to understand a companyβs
vulnerability to various risks.
Reverse stress testing
- Often required by regulators
- Construction of severe stress
scenario that just allows firm to be
able to continue to meet its business
plan - May be extreme scenario, but must
be plausible
Capital requirements and relationships between risks
Generally, most important aggregation is for capital
requirements
* In many regulatory regimes, capital requirement is set in
respect of an event occurring within 12 months with a
probability of 0.5% (β1 in 200-year eventβ)
* Aggregate individual risks to allow for correlations and
inter-actions
Risk can be aggregated through:
- Stochastic modelling - although
this may be impractical - Single formulae - fully
independent / fully dependent - Correlation matrices
- Copulas
Fully dependent risks:
- Aggregate risk is the sum of individual
risks (at a given probability level) - Capital requirement = sum RJ for n
dependent capital requirements
Independent risks:
- Aggregate capital requirement < less than sum of its
constituent parts β cancel out
* - For fully independent risks, a simplified approach
such as is often used
Note! In most real-world problems, risks are partially
correlated.
Correlation matrices:
- Reflects diversification benefits
- Commonly used in insurance
- n x n symmetrical matrix
- Overall capital can be expressed
Copulas:
- Function - joint cumulative distribution function from
marginal cumulative functions - Reflects dependence explicitly
- Used in quantitative finance, starting in insurance
- Useful to model tail risks
- Describe different degrees of dependence between random
variables, including in the tails of distributions
Deterministic approach
- Notional approach
- Factor sensitivity approach
- Scenario sensitive approach
Notional approach:
- Broad-brush measure β weights for
different assets - Factor-based charges β factor x exposure
measure - Advantage - simple to implement and
interpret across diverse range of
organisations - Disadvantages
- Potential undesirable use of a βcatch allβ
weighting, for undefined asset classes - Possible distortions to the market -
demand for assets with high weightings - No allowance for concentration risk β
same weighting irrespective of whether the
investment consists of single security /
variety of different securities - Probability of changes considered is not
quantified
Scenario sensitivity approach:
Scenario sensitivity approach:
* Effect of changing a set of factors in a mutually
consistent way is considered
* Disadvantage β probability of changes considered
not quantified
Factor sensitivity approach:
- Determines degree to which financial position is
affected by impact that change in a single
underlying risk factor has on the value of assets
and liabilities - Advantage - Increased understanding of the drivers
of risk - Disadvantages
- Not assessing a wider range of risks, by focusing
on a single risk factor - Being difficult to aggregate over different risk
factors - Probability of changes considered is not quantified
Probabilistic approach
- Deviation
- Value at risk
- Probability of ruin
- Tail Value at Risk
Deviation:
- Standard deviation β deviation is measured from mean
- Tracking error β deviation is measured relative to a benchmark other than mean
Value at Risk:
- Statistical measure of downside risk
- Maximum potential loss on portfolio over
given future period with given degree of
confidence - Calculated using an empirical, parametric /
stochastic approach / scenario analysis - Maximum potential loss which is not
exceeded with a given high probability over a
given time period - Absolute terms / relative to benchmark
Disadvantages:
- Gives no indication of distribution of losses
greater than VaR - Can under-estimate asymmetric and fat-tail
risks - does not quantify size of the tail - Can be very sensitive to choices of data,
parameters, and assumptions - Not always sub-additive (Subadditivity = merger
of risk situations does not increase the overall
level of risk - If used in regulation it may encourage herding,
thereby increasing systemic risk
Advantages:
Simplicity of expression
* Intelligibility of results
* Applicability to all types of risks
* Applicability over all sources of risk
* Ease of its translation into a risk benchmark
Three general approaches to calculation of VaR:
- Empirical / historical
- Parametric
- Stochastic
Probability of ruin:
- Probability that the net financial
position of an organisation / line of
business falls below 0 over a defined
time horizon
Tail Value at Risk / Conditional Value at Risk:
- Expected loss given that a loss over the specified VaR
has occurred
Note! Higher ratio of Tail VaR / VaR β asymmetric
distribution with a fatter tail
Risk categorisation and quantification:
Risk categorisation and quantification:
* Impact and probability
* Product of impact & probability gives
idea of relative importance of various
risks
Risk response:
Extend risk portfolio to indicate how risk was dealt with:
* Avoided
* Retained + capital needed to support it
* Diversified + assessment of remaining combination of risks
* Mitigated + assessment of remaining risk
- Internal actions / transfer to another party
For risks that are retained, the risk portfolio would also contain details of:
- Control measures
- Reassessment of value and impact after controls
- Risk owner
- Board committee / senior manager with oversight of the risk
- Identification of concentrations of risk and related actions
Risk reporting allows management to:
- Identify new risks
- Obtain better understanding of risks faced i.t.o quantifying the impact of individual risks
- Determining appropriate control systems for specific risks
- Monitoring the effectiveness of existing control systems
- Assessing changes to risks faced
- Assessing the interaction between risks
- Assisting with pricing, reserving, and determining capital requirements
Note:
It is also helpful for external stakeholders β shareholders, credit rating agencies, and regulators
Reporting at enterprise level
- Should be consistent across the enterprise in order to
- Optimise the allocation of risk appetite
- Make the best use of diversification for capital efficiency
