Chapter 25-Risk identification and classification

Question 1

1. Explain why identifying all the risks in an organisation is a difficult task.

Answer 1

Identifying all the risks in an organisation is a difficult task and requires good knowledge of:
* the circumstances of the organisation concerned
* the features of the business environment in which it operates
* the general business and regulatory environment.
Not all risks are immediately obvious.

Question 2

2. Explain who from within the business should be involved in the risk identification process.

Answer 2

To complete a full identification of risks requires gaining input from everyone involved in the business, at all levels. Senior management may not be aware of a weakness in an operational process that is a risk to the business, which the more junior operators of the process could readily identify.

Question 3

3. Outline four techniques that can be used to ensure that all relevant risks have been identified, including an explanation of why one of them might not be ideal.

Answer 3

There are some techniques available to ensure that all relevant risks have been identified:
* Use risk classification to ensure that all types of risk have been considered.
* Use techniques from project management.
* Where there is a risk-based capital requirement regime, such as Solvency II in Europe, there may be lists of risks that regulators believe are relevant to the business. For example, the standard formula for calculating capital requirements covers many risks relevant to financial product providers. Such lists may not be exhaustive. For example, the Solvency II standard formula does not include equity volatility as a risk, which could be highly relevant to a business offering equity-backed products with point guarantees.
* Use the experience of staff who have joined from similar organisations, and of consultants with broad experience of the industry concerned.

Question 4

4. Describe the steps necessary to achieve an effective identification of the risks facing a project.

Answer 4

The steps necessary to achieve an effective identification and analysis of the risks facing a project can be summarised as follows:
* Make a high-level preliminary risk analysis to confirm that the project does not have such a high-risk profile that it is not worth analysing further, in which case the project should not proceed.
* Hold a brainstorming session of project experts and senior internal and external people who are used to thinking strategically about the long term.The aim will be to:
○ identify project risks, both likely and unlikely, and their upsides and downsides
○ discuss these risks and their interdependency
○ attempt to place a broad initial evaluation on each risk, considering both frequency of occurrence and probable consequences if it does occur
○ generate initial mitigation options
○ discuss these options briefly.
* Carry out a desktop analysis to supplement the results from the brainstorming session, by identifying further risks and mitigation options, eg by researching similar projects undertaken by the sponsor or others in the past (including overseas experiences).
* Obtain the considered opinions of experts who are familiar with the details of the project and the outline plans for financing it.
* Carefully set out all the identified risks in a risk register or a risk matrix, with cross-references to other risks where there is interdependency.

Question 5

5. Explain why a clear understanding of the business undertaken by a provider and its organisational structure is important for risk management.

Answer 5

A clear understanding of the business undertaken by a provider and the organisational structure is a prerequisite to assessing the significance of each risk and how the outcome of that risk translates
into a financial impact on the balance sheet and cashflow requirements. The main effort in the analysis can then be directed to the key risks.

Question 6

6. Define market risk and state three types into which it can be divided.

Answer 6

Essentially market risks are the risks related to changes in investment market values or other features correlated with investment markets, such as interest and inflation rates.
The risk can be divided into:
* the consequences of changes on asset values - this is the most obvious implication
* the consequence of investment market value changes on liabilities
* the consequences of a provider not matching asset and liability cashflows

Question 7

7. Give two examples of asset value changes.

Answer 7

Asset value changes can result from:
* Changes in the market values of equities and property. These risks can be systematic if they occur across the whole market under consideration, or may be specific to particular markets and can therefore be diversified by holding a range of assets and asset classes.
* Changes in interest and inflation rates. These primarily affect the value of fixed-interest and index-linked securities, although there is usually some effect on equities and property too.

Question 8

8. Describe how market risk can arise through the impact of investment markets on liability values.

Answer 8

Liability value changes might arise because promises to stakeholders, policyholders or benefit scheme members are directly related to investment market values or interest rates. Alternatively a change in interest or inflation rates might affect the level of provisions a provider needs to establish for future liabilities. For example, a reduction in interest rates may reduce the discount rate used to assess the liabilities and therefore increase the provisions that a benefit scheme is required to hold to meet its liabilities.

Question 9

9. Suggest ways in which market risk can be mitigated?

Answer 9

• Choose investments that match the (guaranteed) benefits as closely as possible.
• Manage policyholders’ expectations as to the level of bonuses, eg by:
  ○ disclosing information on investment strategy
  ○ making sure that illustrations/ projections are not too optimistic.
• Don’t deviate too much from what competitors are investing in.
• Regularly monitor actual investment returns against expected and take corrective action if necessary, eg review premium rates.

Question 10

10. State six reasons why choosing assets to perfectly match the liabilities may be impossible.

Answer 10

In practice a perfect match may be impossible because:
* there may not be a wide enough range of assets available
* in particular it is unusual to find assets of long enough duration
* liabilities may be uncertain in amount and timing
* liabilities may include options and hence have uncertain cashflows after the option date
* liabilities may include discretionary benefits
* the cost of maintaining a fully-matched portfolio is likely to be prohibitive

Question 11

11. What does an investor typically require in order to be able to take an unmatched position?

Answer 11

The existence of additional capital gives freedom to intentionally take an unmatched position in the hope of achieving an additional return. The capital will be used to cover the cost of the risk taken.

Question 12

12. Define credit risk and give examples.

Answer 12

Credit risk is the risk of failure of third parties to meet their obligations. Particular examples are:
* The issuer of a corporate bond defaulting on the interest or capital payments.
* A corporate bond’s credit rating being downgraded
* Counterparty risk or settlement risk, which arises when a party pays away cash or delivers assets before the counterparty is known to have performed their part of the deal.
* General debtors - the purchaser of goods and services fails to pay for them.

Question 13

13. Outline ways in which the bank might be able to reduce credit risk.

Answer 13

• require to set up a liquidity account containing a minimum of 6 or 12 months’ interest
  
  • require to transfer risk relating to the completion of the project eg using insurance
  • require a loan guarantee from the sponsor require
  • restrict the term of the loan to a sensible period of time
  • restrict any further borrowings
  • set a principal repayment schedule
  • take a fixed security over all of the assets of the owner
  • ensure that these assets are readily realisable in a cost-effective manner
  • check the creditworthiness of the company to which the loan is being given
  • take a higher margin to allow for that proportion of customers who default
  • allow some flexibility of mortgage repayments if this would help avoid defaulting

Question 14

14. Discuss the aim of requiring security for lending.

Answer 14

If a borrower can provide security, providing finance to that borrower will be more attractive to a lender. However, the existence of security is not an excuse for otherwise bad lending.
The decision as to what security is taken is dependent on:
* the nature of the transaction underlying the borrowing
* the covenant of the borrower
* market circumstances and the comparative negotiating strength of lender and borrower
* what security is available.

Question 15

15. State a desirable feature of the security for a loan.

Answer 15

It must be within the ability of the lender to realise the security if necessary in a cost-effective manner.

Question 16

16. What is meant by the term credit rating and what is its relevance to companies?

Answer 16

A credit rating is given to a company’s debt by a credit-rating agency as an indication of creditworthiness, ie the likelihood of default / credit loss. A company may act to improve its credit rating and these actions may affect the market for that company’s and other companies’ shares.

Question 17

17. Define liquidity risk in the context of an individual or a company.

Answer 17

The normal definition of liquidity risk relates to individuals or companies. Liquidity risk is the risk that the individual or company, although solvent, does not have available sufficient financial resources to enable it to meet its obligations as they fall due.

Question 18

18. Describe how liquidity pressures can cause a trading company to go into liquidation.

Answer 18

Liquidity pressures are the most common reason why a trading company goes into liquidation. The phrase ‘into liquidation’ immediately gives the reason for the action. A trading company may well have sufficient assets, probably largely stock and work in progress, to cover its liabilities, but if those assets cannot be realised the company may not be able to satisfy its creditors.

Question 19

19. Describe the exposure to liquidity risk of the following:
    
    • insurance companies and benefit schemes
    • banks
    • collective investment schemes.

Answer 19

Insurance companies and benefit schemes normally have little exposure to liquidity risk, because a large proportion of their assets are in cash deposits or bond and stock market assets. In general, these can readily be sold in the market to raise cash when required.
Banks are generally exposed to significant liquidity risk. They lend depositors’ funds and funds raised from money markets to other organisations, and generally do so for longer periods than they offer to the providers of the funds.
A retail bank that offers customers instant access to their deposits needs to maintain sufficient liquid resources to withstand a large number of customers asking for their money back. For this reason banks frequently offer good investment returns on fixed term deposits, where the depositors are not able to access their funds until the maturity date.
Similarly, collective investment schemes and insurance funds that invest in real property need to protect themselves if clients request access to their funds when the underlying properties cannot be sold. Such funds frequently have the power to defer withdrawals by up to six months if necessary, to allow time for property sales. Hedge funds that invest in illiquid assets also often have lock-in periods to mitigate liquidity risk

Question 20

20. Describe market liquidity risk.

Answer 20

In the context of the financial markets, liquidity risk can arise where a market does not have the capacity to handle (at least, without a potential adverse impact on the price) the volume of an asset to be bought or sold at the time when the deal is required. In general, the larger a market is, the easier it is to trade and the more liquid it will be, because more participants in the market will be trading at any one time. Thus when any member of the market wishes to complete a trade, it is likely that the market will be able to find a counterparty willing to accept the trade.
The market is sensitive to factors such as changes in interest rates and the economic outlook, which means that the price of the assets can vary significantly over time, so there is a risk that the asset holder may make a loss if they are required to make a sudden sale at a time the price is depressed.

Question 21

21. Define business risk and give seven examples.

Answer 21

Business risks are risks that are specific to the business undertaken. Business risk differs from operational risk in that the latter are nonfinancial events that have financial consequences. Examples of business risk are:
* a life or general insurer not having adequate underwriting standards, and thus taking on risks at an inadequate price
* an insurer suffering more claims than anticipated
* a provider of finance, such as a bank, investing in a business or project that fails to be successful
* a reinsurer having greater exposure than planned to a risk event - for example through writing whole account protection covers as well as primary reinsurance of the risk
* a music production company promoting a CD that fails to sell
* a competitor launching a new product in the week before your similar product launch
* an umbrella manufacturer whose sales suffer in a drought. It might be argued that a drought, as an external event, is an external risk. However, the profits of the company will be so closely correlated with the amount of rainfall that the risk is key to the company’s business.

Question 22

22. Describe operational risk and give four examples.

Answer 22

Operational risk refers to the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events.
Operational risk can arise from:
* inadequate or failed internal processes, people or systems
* the dominance of a single individual over the running of a business, sometimes called dominance risk
* reliance on third parties to carry out various functions for which the organisation is responsible, eg if administration or investment work is outsourced
* the failure of plans to recover from an external event.

Question 23

23. Discuss the identification and analysis of operational risk.

Answer 23

While it is possible to develop computer models to analyse and price operational risk, such models are only as good as the parameters input. Whether or not a model is used, identification of operational risks requires considerable input from owners, senior management and other individuals who have a detailed working knowledge of the operations of the business.

Question 24

24. Suggest ways in which operational risk can be mitigated.

Answer 24

• Ensure that sales agents and administrators are adequately trained .
  
  • Make sure that policy literature is clear and understandable, and explains the risks associated with the product.
  • Make sure that projections show a range of values and are not overly optimistic.
  • Carry out spot checks on the sales process and on bonus calculations etc .
  • Provide regular policy reviews, eg annual updates on the value of the policy.

Question 25

25. Describe external risk.

Answer 25

External risk is a form of non-financial risk but is separate to operational risk.
External risk arises from external events, such as storm, fire, flood, terrorist attack, cometitors and regulatory change.
In general these are systematic risks. Only for the largest entities is it economically efficient to diversify these by carrying out the same operation on different sites.