CH25 - Risk identification & classification Flashcards
Identifying all the risks in an organisation is a difficult task and requires good knowledge of (3)
- The circumstances of the organisation concerned
- The features of the business environment in which it operates
- The general business and regulatory environment
This is equivalent to needing to consider the external environment when following the actuarial control cycle.
Who should be involved in identifying the risks that could arise within an organisation
It is important that everyone involved in an organisation is involved in risk identification, not just management and not just those employees who work in a dedicated risk management team.
This is because those who work directly within the business and who use the processes on a regular basis are often most likely to be able to spot potential risk areas.
It is also useful to involve individuals who are external to the organisation. In particular, experts may be used to assist with those risks that are more difficult to identify.
Techniques available to ensure that all relevant risks have been identified (4)
- Use risk classification to ensure that all types of risk have been considered
- Use techniques from project management
- Use risk checklists, for example as used for regulatory purposes
- Use the experience of staff who have joined from similar organisation, and of consultants with broad experience of the industry concerned.
Risk checklists
Where there is a risk-based capital requirement regime, such as Solvency II in Europe, there may be lists of risks that regulators believe are relevant to the business.
For example, the standard formula for calculating capital requirements covers many risks relevant to financial product providers.
Identification and analysis of risks in project management
The steps necessary to achieve an effective identification and analysis of the risks facing a project can be summarised as follows:
- Make a high-level preliminary risk analysis to confirm that the project does not have such a high-risk profile that it is not worth analysing further - in which case, the project should not proceed.
- Hold a brainstorming session of project experts and senior internal and external people who are used to thinking strategically about the long term.
- Carry out a desktop analysis to supplement the results from the brainstorming session, by identifying further risks and mitigation options, e.g. by researching similar projects undertaken by the sponsor or others in the past.
- Obtain the considered options of experts who are familiar with the details of the project and the outline plans for financing it.
- Carefully set out all the identified risks in a risk register or a risk matrix, with cross-references to other risks where there is inter dependency.
The aim of brainstorming sessions (5)
- Identify project risks, both likely and unlikely, and their upsides and downsides
- Discuss these risks and their inter dependency
- Attempt to place a broad initial evaluation on each risk, considering both frequency of occurrence and probable consequences if it does occur
- Generate initial mitigation options
- Discuss these options briefly
Risk matrix
A risk matrix is very useful tool for the risk analyst because it is a reminder to consider particular types or risk, which may not have been sufficiently considered.
It may be linked to the use of risk checklists, and also provides a convenient categorisation for risks.
The rows in a risk matrix represent the stage of the project at which the risk arises. The columns represent the causes (or types) of risk.
Both the columns and the rows would be further subdivided.
Risk mitigation in project management
For each major risk, consideration would be given to identifying the main options for mitigating the risk. There options are the same as those that apply to businesses in general.
Risk classification
The phrase ‘risk classification’ can mean different things in different contexts.
In the wider risk management context, risk classification refers to allocating identified risks into higher level categories, in order to aid the other stages of the risk management control cycle.
Risk categories (6)
Broad classification of the risks that impact the providers of products and schemes that provide benefits on future contingent events.
It can be used as a structure when considering any other type of organisation. The risk categories are: 1. market risk 2. credit risk 3. liquidity risk 4. business risk 5. operational risk 6. external risk
This is a useful starting point for identifying risks for any organisation, not just for financial product providers.
A clear understanding of the business undertaken by a provider and the organisational structure is a prerequisite to assessing the significance of each risk and how the outcome of the risk translates into a financial impact on the balance sheet and cashflow requirements.
Market risk
Essentially market risks are the risks related to changes in investment market values of other features correlated with investment markets, such as interest and inflation rates.
Market risk can be divided into (3)
- The consequences of changes on asset values (this is the most obvious implication)
- The consequence of investment market value changes on liabilities
- The consequences of a provider not matching asset and liability cashflows
Asset value changes can result from (2)
- Changes in the market values of equities and property. These risks can be systematic if they occur across the whole market under consideration, or may be specific to particular markets and can therefore be diversified by holding a range of assets and asset classes.
- Changes in interest and inflation rates. These primarily affect the value of fixed-interest and index-linked securities, although there is usually some effect on equities and property too,
Liability value changes
Liability value changes might arise because promises to stakeholders, policyholders or benefit scheme members are directly related to investment market values or interest rates.
Alternatively, a change in interest or inflation rates might affect the level of provisions a provider needs to establish for future liabilities. For example, a reduction in interest rates may reduce the discount rate used to assess the liabilities and therefore increase the provisions that a benefit scheme is required to hold to meet its liabilities.
Two causes of liability value changes are changes to (2)
- The liability amount, e.g. inflation-linked annuities or unit-linked benefits.
- The liability value as the interest rate used in the valuation changes.
Asset / liability matching (5)
The fundamental principle of investment is that assets should be selected to match the liabilities in nature, term and currency. If it were possible to find such a perfect match, then market risk could be completely diversified away by choosing a matched portfolio.
In practice a perfect match may be impossible because:
1. there may not be a wide enough range of assets available, in particular it is unusual to find assets of long enough duration
2. liabilities may be uncertain in amount and timing
3. liabilities may include options and hence have uncertain cashflows after the option date
4. liabilities may include discretionary benefits
5. the cost of maintaining a fully-matched portfolio is likely to be prohibitive.
Hence even a well-matched portfolio is likely to retain some element of risk.
The existence of additional capital gives freedom to intentionally take an unmatched position in the hope of achieving an additional return. The capital will be used to cover the cost of the risk taken.
Credit risk
Credit risk is the risk of failure of third parties to meet their obligations.
Particular examples are:
- The issuer of a corporate bond defaulting on the interest or capital payments
- The term ‘credit risk’ is sometimes also used to describe the risk associated with any kind of credit-linked event. This could include changes to credit quality (up or down) or variations in credit spreads in the market as well as the default events described above.
Credit spread
Credit spread is the difference in yield between a particular corporate bond and an otherwise equivalent government bond.
Give some examples of credit linked events (5)
- Bankruptcy (insolvency, winding-up, appointment of a receiver)
- A rating downgrade or upgrade
- Failure to pay
- Counterparty risk, where one party to a transaction fails to meet their side of the bargain. An example of counterparty risk is settlement risk, which arises when a party pays away cash or delivers assets before the counterparty is known to have performed their part of the deal.
- General debtors - the purchaser of goods and services fails to pay for them
Outline possible credit risk exposures of an insurance company (5)
- Issuers of government and corporate bonds in which the insurance company has invested may default on payments or their bonds may be downgraded
- The company’s reinsurer(s) will represent exposure to counterparty risk
- The company is exposed to the risk of the failure of banks with which its deposits are held.
- If the company uses outsourcing companies or external investment fund managers, it is exposed to the risk that they will not fulfil their obligations (this may alternatively be classified as an operational risk)
- General debtors will include policyholders who may default on their premiums (this may be alternatively be classified as a business risk) and/or brokers who may fail to pass on premiums.
Security
If a borrower can provide security, providing finance to that borrower will be more attractive to a lender. However, the existence of security is not an excuse for otherwise bad lending.
The decision as to what security is taken is dependent on:
- The nature of the transaction underlying the borrowing
- The covenant of the borrower
- Market circumstances and the comparative negotiating strength of lender and borrower
- What security is available
The most common asset to take as security is property.
It is within the ability of the lender to realise the security if necessary in a cost-effective manner.
Credit rating
A credit rating is given to a company’s debt by a credit-rating agency as an indication of creditworthiness, i.e the likelihood of default / credit loss.
A company may act to improve its credit rating and these actions may affect the market for that company’s and other companies’ shares.
Liquidity risk
The normal definition of liquidity risk relates to individuals or companies.
Liquidity risk is the risk that the individual or company, although solvent, does not have available sufficient financial resources to enable it to meet its obligations as they fall due.
‘or that they can secure such resources only at excessive cost’
Liquidity risk for non financial institutions
Liquidity pressures are the most common reason why a trading company goes into liquidation. The phrase ‘into liquidation’ immediately gives the reason for the action.
A trading company may well have sufficient assets, probably largely stock and work in progress, to cover its liabilities, but if those assets cannot be realised the company may not be able to satisfy its creditors.