Chapter 29: Risk measurement and reporting

Question 1

Describe how the risk identification “brainstorming” approach can be extended to obtain a subjective assessment of risk exposure

Answer 1

The probability and severity of each risk event are both estimated (separately) using a simple scale (eg scale of 1-5)

The product of the probability and severity assessments gives a score on a scale. This provides an assessment of each risk event and allows them to be ranked and prioritized.

The assessment would be carried out with and without possible risk controls. This will enable the efficiency of risk controls to be assessed against their cost

Question 2

Outline how a model could be used to assess a risk event

Answer 2

Distributions need to be assigned to both the probability and severity of the risk event (unless the latter is a fixed amount rather than a RV, such as for a without profit term assurance policy).

To quantify the risk simply, the company could define an event (eg 25% fall in equity price over a year) and then use historical data to determine a probability distribution for that event. Alternatively, the frequency of the event could be defined in advance and this could be used to determine the loss parameter (eg 0.5% probability could equate to a market movement of 40%)

A decision needs to be made as to whether a STOCHASTIC or DETERMINISTIC model is appropriate.

The availability of data to parameterize the model may influence the decision as to which model (if any) is used. This is particularly important when considering RARE EVENTS (such as an pandemic)

See ch 18 for more on models

Question 3

Suggest features of a risk that would make it more appropriate to use a stochastic rather than a deterministic model

Answer 3

• has a high score and therefore a high priority
• has a high variability of possible outcomes
• has a lot of experience data on which to base the probability distributions
• relates to financial guarantees or options
• involved the mismatching of assets and liabilities

Question 4

State 5 ways of evaluating risks

Answer 4

1. Scenario analysis
2. Stress testing
3. Combined stress and scenario testing
4. Reverse stress testing
5. Stochastic modeling

Question 5

Scenario analysis

Answer 5

• Looks at the financial impact of a plausible and possibly adverse set of events or sequences of events
• Deterministic model of evaluating risk
• Useful where it is difficult to fit full probability distributions to risk events (stochastic inappropriate)

Question 6

Outline 4 steps that should be involved in a scenario analysis to evaluate operational risk

Answer 6

1. Group risks into broad categories. -This should involve input from a wider range of senior individuals in the organization.
2. Develop a plausible adverse scenario of risk events for each group of risks, which is REPRESENTATIVE of ALL the risks in the group.
3. Translate each scenario into assumptions for the various risk factors in the model, again involving senior staff. The consequences of the risk occurring is then calculated
4. The total costs calculated are taken as the financial costs of all risks represented by the chosen scenario

Question 7

Suggest 6 categories into which operational risks might be divided for the purpose of scenario analysis

Answer 7

1. Fraud
2. Loss of key personnel
3. Mis-selling of financial products
4. Calculation error in the computer system
5. Loss of business premises
6. Loss of company e-mail access for a period of time

Question 8

Stress Testing

Answer 8

Stress testing is a deterministic method of modelling EXTREME risk event. It is commonly used to model extreme market movements, but can be applied to other risks. (e.g. credit, liquidity)

In relation to market risk it involves subjecting a portfolio to extreme market movements by radically changing the underlying assumptions and characteristics, in order to gain insight into the portfolio’s sensitivities to predefined risk factors - including changing asset class correlations and volatilities, which are often observed to increase during extreme market events.

Question 9

Give two examples of assets where a positive correlation may exist

Answer 9

• Assets in the same sector - eg 2 shares in the same industrial sector
• Assets from different sectors that react in the same way - eg shares and property are both correlated to inflation

Question 10

Combining stress and scenario testing

Answer 10

The principle of stress testing can be coupled with scenario testing to determine a stress scenario.

A stress test is performed by considering the impact of a set of related adverse conditions that reflect the chosen scenario.

When constructing a stress scenario, decisions need to be made as to how other aspects of the business will react if a stress event occurs

For example, for a provider of unit-linked investment bonds, a sustained reduction in market values will affect:

• income received from fund management charges
• persistency of existing investment bonds
• new business volumes
• the provider’s regulatory capital requirements
• the value of the stakeholders’ interests
• the probability of any guarantees biting

These factors need to be built into the model

See question p8

Question 11

Outline two types of stress scenarios test

Answer 11

Two types of tests are designed to:

1. Identify ‘weak areas’ in the portfolio and investigate the effects of localized stress situations by looking at the effect of different combinations of correlations and volatilities.
2. Gauge the impact of major market turmoil affecting all model parameters, while ensuring consistency between correlations while they are stressed.

Question 12

Reverse stress testing

Answer 12

This is the combination of a severe stress scenario that only just allows the company to be able to fulfill its strategic business plan.

Equivalently, it is the scenario that would just be enough to stop the company from fulfilling its strategic business plan.

The scenario might be financial or non-financial (for example that cause the firm to cease having access to its major market)

Although it might be an extreme scenario for well-capitalised firms , it must be PLAUSIBLE!!!

Question 13

Describe how a stochastic model could be used to evaluate a particular risk

Answer 13

The variables that gives rise to the risk are treated as RVs with probability distributions.

The model must be DYNAMIC, with full interactions/correlations between variables.

The model can be run to determine the amount of capital that is necessary to (just) avoid ruin with a given probability

Question 14

Outline 3 approaches to limiting the ideal scope of a stochastic model in order to make the model more practical

Answer 14

1. Restrict the time horizon that the model projects (for example a one-year ruin probability)
2. Limit the number of variables that are modelled stochastically and model the other variables deterministically with scenario testing (for example the variables that only have an adverse effect when moving in one direction)
3. Carry out a number of runs each with a different single stochastic variable, followed by a single deterministic run using all the worst case scenarios together

Question 15

Outline how the overall capital requirement for a combination of risks relates to the individual risk capital requirements, if the risk events are:
- fully dependent

Answer 15

The overall capital requirement is the aggregation of the individual capital requirement for each risk at a predetermined probability level

Question 16

Outline how the overall capital requirement for a combination of risks relates to the individual risk capital requirements, if the risk events are:
- fully independent

Answer 16

The overall capital requirement is LESS than the sum of the individual capital requirements (the difference is the diversification benefit)

Under certain assumptions, the overall capital requirement can be determined as the square root of the sum of the squares of the individual risk capital requirements.

Question 17

Outline how the overall capital requirement for a combination of risks relates to the individual risk capital requirements, if the risk events are:
- partially dependent

Answer 17

The overall capital requirement is less than the sum of the individual risk capital requirements. The diversification benefit depends on the degree of correlation (possibly negative) between the risks.

Diversification is maximised if the correlations are negative

SEE EXAMPLES P13

Question 18

List 3 methods of aggregating partially dependent risks

Answer 18

1. Stochastic model
2. Correlation matrix (See formula p13)
3. Copulas

Question 19

Copulas

Answer 19

A copula is a function, which takes as inputs marginal cumulative distribution functions, and outputs a joint cumulative distribution function

A copula provides a way of calculating joint probabilities of risks, such as the probability of the return on the equity portfolio and the return on the bond portfolio falling below certain levels.

Different copulas are used to describe different degrees of dependence between random variables, including dependence in the tails of the distributions

Widely used to model tail risk, which enables organisations to minimise that risk and to optimise portfolios of investment (a 1-in-200 year event is a tail riks)

Question 20

Approaches to measuring risk

Answer 20

Deterministic

• Notional Approach
• Factor Sensitivity Approach
• Scenario Sensitivity Approach (considers the effect of changing a set of factors in a mutually consistent way)

Probabalistic

• Deviation (incl std dev and tracking error)
• Value at Risk
• Probability of ruin
• Tail Value at Risk (or conditional VaR)

Question 21

Notional Approach

Answer 21

eg Credit Rating

SEE p17 for advantages and disadvantages

Question 22

Factor Sensitivity Approach

Answer 22

Determines the agree to which the organisation’s financial position is affeted by the impact that a change in a single underlying risk factor (impact it has on the value of assets as liabilities)

Advantage
- increased understanding of the drivers of risk

Disadvantage

• does not assess a wider range of risks, since it focusses upon a single risk factor
• is difficult to aggregate over different risk factors
• the probability of changes considered (in the value of assets/liabilities) is not quantifies

Question 23

Deviation

Answer 23

Standard Deviation
- Where deviation is measured from the mean

Tracking Error
- Where deviation is measured relative to a benchmark other than the mean (such as the investment return that would have been achieved by investing in another benchmark)

Question 24

Value at Risk

Answer 24

VaR generalised the likelihood of underperforming by providing a statistical measure of downside risk

VaR represents the maximum potential loss on a portfolio over a given period with a given degree of confidence

VaR can either be measured in absolute terms or relative to a benchmark

Example a 99% 1-day VaR is the maximum loss on a portfolio over a 1-day period with 99% confidence - ie 1% probability of a greater loss

SEE p 19 for example

SEE p 20 for advantages and disadvantages

Question 25

Outline 3 drawbacks of using VaR as a measure of risk

Answer 25

1. It is often calculated assuming a normal distribution of returns, whereas this is not necessarily true in practice as distributions may be ‘fat-tailed’ or skewed.
2. VaR can be calculated using a different distribution but DATA is often sparse, particularly within the tails, and it is difficult to fit an accurate distribution.
3. VaR does not quantify the size of the tail, i.e. what the loss might be beyond the VaR confidence level.

Question 26

Probability of Ruin

Answer 26

The probability that the net financial position of an organisation or line of business falls below zero in a given time horizon

Question 27

Tail Value at Risk (or conditional VaR)

Answer 27

The expected loss given a loss over the specified VaR has occurred

Question 28

Describe what is meant by a “risk portfolio” and what it might contain.

Answer 28

A risk portfolio is a means of categorizing the various risks to the company or individual. Against each risk the likely impact and probability of occurrence are recorded. The product of these measures gives an idea of the relative importance of the various risks.

The risk portfolio can be extended to indicate how each risk has been dealt with, e.g. avoided, retained, diversified or mitigated. Where risk has been mitigated, the risk portfolio can include a revised assessment of the remaining risk.

For retained risks, the risk portfolio could also include details of control measures, reassessment after controls, risk owners, committee/senior management with oversight, identification of concentrations of risk and the need for management in these areas.
 

Question 29

Give 10 reasons why regular risk reporting is important within a business

Answer 29

FRAUD CRIME

• Financing (appropriate price, set up reserves, determine capital requirements)
• Rating agencies (to help determine appropriate rating)
• Attractiveness to investors (shareholders)
• Understand better (risks and their financial impact)
• Determine appropriate control systems to manage the risks
• Changes over time (changes in risks)
• Regulator (helps regulator understand areas in the business which may require more scrutiny)
• Interactions (asses interaction between risks)
• Monitor and manage the effectiveness of controls
• Emerging risk identification (NB)

Question 30

Explain why, if risk is managed at the enterprise level, it is necessary to have a coherent system of risk reporting across the whole enterprise

Answer 30

As part of ERM, each business unit will have been given a risk exposure allocation. The benefits of diversification are likely to rely on each unit taking on the exposure allocated, otherwise the enterprise may require more capital. Therefore, it is necessary that each unit report on the exposure that they are taking, in a CONSISTENT way.

If this does not happen, there is a risk that additional capital will be required to cover the undiversified risks.

Question 31

The process of determining the amount of capital to hold can be divided up into two modelling steps. What are these steps?

(WAAR?)

Answer 31

1. A model is used to determine the risk event at the required level of probability. A stochastic model could be used to determine this.
2. A second model is used to determine the consequences/cost of the risk event determined in 1. A deterministic model is likely to be used to determine this.

Question 32

State 5 issues to consider when assessing the risk-based capital requirements.

Answer 32

1. Should the ruin probability be expressed over a single year or over the whole run-off of the business?
2. Modelling more than 2 variables stochastically is probably impractical. Therefore, a method of assessing the correlation between variables is needed, e.g. a correlation matrix.
3. The effect of multiple risk events may be greater or less than the sum of the individual risks due to interactions between the risks.
4. Some risks, such as operational risks, are highly subjective. In order to construct a plausible adverse scenario with a given ruin probability, it is necessary to look beyond risk events that have already occurred.
5. Past data must be used with caution when estimating the consequences of rare events.

Question 33

Advantages and Disadvantages of each method of aggregating capital requirements across individual risks
- Summing the individual capital requirements

Answer 33

Advantages

• Simple and quick to apply
• No assumptions are needed
• Appropriate if the risks are fully independent

Disadvantages

• Risks are normally only partially dependent
• This approach will therefore overstate capital requirements
• This will result in inefficient use of capital, opportunity cost and increased cost of capital

Question 34

Advantages and Disadvantages of each method of aggregating capital requirements across individual risks
- Using a correlation matrix

Answer 34

Advantages

• Simple to apply
• Common technique that is well understood
• Allows for partial dependency between risks

Disadvantages

• Populating the matrix requires subjective assesment
• There are underlying assumptions which may not hold in practice, eg the correlation factors between risks do not vary under different conditions. In particular, correlations may change during extreme market events

Question 35

Advantages and Disadvantages of each method of aggregating capital requirements across individual risks
- Using a stochastic model

Answer 35

Advantages

• It can allow for partial dependency between risks
• It provides a distribution of outcomes
• It allows automatically for programmed correlations between events under each simulation, and these can vary according to the simulated conditions

Disadvantages

• It can be impractical due to the long run-time required
• It required expertise and resources to build the model
• Calibration and programming of the correlation rules can be particularly complex

Question 36

Advantages and Disadvantages of each method of aggregating capital requirements across individual risks
- Using a copula

Answer 36

Advantages

• It allows for partial dependency between risks
• Different forums of copula are available to suit different degrees of dependence
• It is a sophisticated way of allowing for dependence in the tails of the distribution
• It therefore helps with minimising tail risks and optimising portfolios

Disadvantages

• Expertise is required, it can be mathematically complex
• The choice of copula and its calibration/parameterisation can be diffuly
• It can be difficult to explain to end users of the outputs