Ch25: Risk governance Flashcards

1
Q

Risk management definition

A

The process of ensuring that the risks to which an organization is exposed are the risks to which it thinks it is exposed and to which it is prepared to be exposed.

Key aim: Protect organization against adverse experience that could result in it being unable to meet its liabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Risk management process steps (6)

A
  • Risk identification (Recognition of risks that threaten organization)
  • Risk classification (Group risks into categories; aids calculation of cost of risk)
  • Risk measurement (Estimation of probability and severity of risk event)
  • Risk control (Determining and implementing methods of risk mitigation)
  • Risk financing (Determining cost of each risk (mitigations, expected losses, cost of capital to
    hold against risk; and ensuring adequate financial resources to continue business after loss
    event occurs)
  • Risk monitoring (Regular review and re-assessment of all risks previously identified, plus overall
    business review to identify new or previously omitted risks)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Four ways risk control measures aim to mitigate risks.

A
  • Reducing the probability of the risk event occurring
  • Limiting the financial consequences of a risk (losses if risk event occurs as well as cost of
    mitigation technique’; e.g. reinsurance)
  • Limiting the severity of the effects of a risk that does occur (Reduce the probability of a
    catastrophic loss e.g. sprinkler systems)
  • Reducing the consequences after the risk occurs (Ensure the survival of organization;
    business continuity plan)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Four risk monitoring objectives

A
  • Determine if the exposure to risk or risk appetite of the organization has changed over time
  • Identify new risks or changes in the nature of existing risks
  • Report on risks that have actually occurred and how they were managed
  • Assess whether the existing risk management process is effective
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Benefits of a risk management process (8)

A
  • Avoid surprises
  • Improve stability and quality of business
  • Improve growth and returns through better management and allocation of capital
  • Improve growth and returns by exploiting risk opportunities
  • Identify opportunities arising from natural synergies
  • Identify opportunities arising from risk arbitrage
  • Give stakeholders confidence business is well managed
  • Competitive advantages
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk vs uncertainty

A
  • Risk refers to the situation where all possible outcomes and their probabilities are known or at least can be estimated. Risk can usually be managed and there is a choice whether to take it or not.
  • Uncertainty refers to the situation where all possible outcomes and/or their probabilities are unknown. Can not be measured or controlled and typically there is no choice whether it is faced.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Systematic vs diversifiable risk

A

Systematic risk: Risk that affects an entire financial market or system, impossible to avoid systematic risk through diversification.

Diversifiable risk: Arises from an individual component of a financial market or system. A rational investor should not take on any diversifiable risks as these are not rewarded within the scope of most financial markets. In practice investors have different estimates of risks and returns, as a result they will hold a less-well diversified portfolio if they believe it offers a higher expected return than the market to compensate them for the diversifiable risk they take on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Key features of enterprise risk management (4)

A
  • Consistency across business units
  • Holistic (considers risks of enterprise as a whole, rather than in isolation, thus allowing for
    diversification, hedging risks across business)
  • Seeking opportunities to enhance value
  • Accountability at a single point
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Outline how different employees are involved in risk governance

A
  • All employees are stakeholders in risk governance
  • Board of directors responsible for setting overall risk appetite for company
  • All providers of financial products should have a designated Chief Risk Officer (CRO) at
    enterprise level.
  • CRO is responsible for allocating the risk budget to business units after allowing for
    diversification and for monitoring the group exposure to risks and documenting the risks that
    have materialized and affected the group.
  • Business units will often have a risk manager
  • At business unit level, the responsibility is to make full use of the allocated risk budget, as well
    as data collection, monitoring and reporting.
  • All employees should be looking out for risks to which the business is exposed
  • They should suggest ways in which these risks can be mitigated or controlled
  • Reports on risk from staff should be noted and rewarded through the normal appraisal system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Role of CRO

A
  • Give advice to board on risk
  • Assessing the overall risks being run by the business (taking into account hidden risks and
    correlations)
  • Making comparisons of the overall risks being run by the business and its risk appetite.
  • Acting as a central focus point for staff to report new and enhanced risks.
  • Giving guidance to line managers about the identification and management of risks, making
    suggestions for risk responses.
  • Monitoring progress on risk management
  • Pulling the whole picture together.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Providers need to look to find optimal set of strategies that balance needs for return, growth and consistency. Risk management process should: (5)

A
  • Incorporate all risks, financial and non-financial
  • Evaluate all relevant strategies for managing risks
  • Consider al relevant restraints (political, social, regulatory and competitive)
  • Exploit hedges and portfolio effects among the risks
  • Exploit financial and operational efficiencies within the strategies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly