Mod 09: Risk policy Flashcards
Define risk capacity and risk profile
Risk capacity and risk profile
Risk capacity is the volume of risk that an organisation can take as measured by some consistent measure, such as economic capital.
Risk profile is a complete description of the risk exposures of an organisation, including risks that might emerge in the future and that will affect the current business of the organisation.
©
Define risk appetite, risk tolerance and risk limits ©
Risk appetite, risk tolerance and risk limits
Risk appetite reflects the setting of targets and limits across the organisation as a whole, plus the breakdown of these high level statements into more detailed risk tolerances.
Risk tolerance is a more detailed set of statements, many quantitative or statistical in nature. The statements may apply to specific categories of risk and/or units of business.
Risk limits is a group of guidelines that set limits on acceptable actions that might be taken today. Risk limits can be regarded as a component of risk capacity.
©
Describe how the Board might express its risk appetite
Expression of risk appetite
Possible metrics for risk appetite statements include:
1. solvency level
2. credit rating
3. earnings and the ability to pay dividends
4. economic value.
They can also refer to reference events (eg unacceptable events).
Statements are usually:
1. probabilistic (eg ‘99% confident that …’)
2. based on absolute maxima and/or variability of the metrics chosen 3. stakeholder-centric, generally considering multiple stakeholders.
Outline how risk appetite can be translated into effective risk tolerance statements
©
Risk tolerance statements
1. should be established by senior risk managers in discussion with the Board (or the risk subcommittee of the Board)
2. should be established holistically to take advantage of synergies and to avoid unanticipated concentrations of risk
3. cover the company’s attitude to all risks, both:
a. quantifiable – for each risk category, and for each combination of risk category and business unit
b. non-quantifiable – using clear statements of what is acceptable and not acceptable
3. should be expressed in a way that can be easily understood and implemented by staff, eg breaking down into more detailed risk limits
4. should not obstruct new products / initiatives, but instead trigger a consideration of the impact at a higher organisational level
Describe what is meant by a risk management policy
Risk management policy
A risk management policy sets out how an organisation will manage (ie identify, assess, treat and monitor) each category of risk to which it is exposed. The policy should cover:
1. objectives (eg aims and scope of ERM, statement on ERM philosophy and desired culture, risk taxonomy, admin – owner, date of review)
2. RM organisational structure, including roles and responsibilities, reporting lines, delegation of authority, escalation processes
3. RM processes and benchmarks, including:
a. an overview of each stage in the RM process
b. risk appetite and tolerance statements
c. risk limits
d. handling of exceptions
It will generally cover a similar time period to that of the company’s business plans (perhaps 3 to 5 years) and should be reviewed at least annually.
Outline the use of utility functions within an ERM framework ©
Utility functions
- It may be possible to quantify risk tolerances of different stakeholders using utility functions (if suitable utility functions can be identified).
- A utility function, U(w) is a measure of happiness or satisfaction as a function of wealth, w.
- Realistic utility functions are monotonically increasing and concave.
- The expected utility theorem says that:
- a function, Uw , can be constructed as representing an investor’s utility of wealth, w, at some future date
- decisions are made in a manner to maximise the expected value of utility given the investor’s beliefs about the probability of different outcomes
Outline how prospect theory differs from utility theory as a means of making decisions when faced with uncertainty
©
Prospect theory
Under prospect theory:
1. investors derive utility from gains and losses measured relative to a reference point, eg their current level of wealth and endowments
2. investors tend to be risk averse in the domain of gains, and risk seeking when pondering losses; thus, a utility function is concave in the region of gains but convex in the region of losses
3. loss aversion: investors are much more sensitive to losses (even small ones) than to gains of the same magnitude.