Module 9: Risk policy Flashcards
Risk appetite
The degree of risk an organisation or individual is willing to take in order to achieve objectives.
It reflects types of risk and their level.
For a company, it is set by the Board of Directors.
Risk capacity
The upper bound for risk exposure(s) as might be determined by
- regulators,
- legislative limits,
- availability of capital and/or
- the preferences of key stakeholders.
Risk tolerance
A set of (usually quantitative) statements as to how much risk a company is willing to take.
These statements are more detailed than those in the risk appetite statement and typically apply to specific categories of risk and/or business units.
It is part of the job of the Risk Management Function to break down the risk appetite into a set of risk tolerance statements.
Risk appetite (and hence risk tolerance statements) are often probabilistic and may relate to factors such as (5)
- solvency level
- target credit rating
- earnings volatility
- ability to pay dividends
- economic capital
Risk limits
Risk limits translate risk tolerance statements into operational limits (or restrictions) as to how much of a particular risk category can be taken on.
The aim is that risk limits can be used by the business on a day-to-day basis.
If the company stays within all its risk limits, it should also meet its overall risk tolerance, its risk appetite and stay within its risk capacity.
Risk profile
A complete description (including quantification if appropriate) of the current and emerging risks, which the company is exposed to, and which will affect the organisation.
Risk exposure
The maximum loss that can be suffered if a risk event occurs.
Risk policy
The Board-approved risk policy sets out how an organisation will manage each category of risk to which it is exposed.
It should include:
- objectives and definitions
- risk management structure
- risk management processes and benchmarks.
Utility function
Measure happiness (or satisfaction) as a function of wealth.
They may be useful when considering a company’s risk appetite, as different utility function express different levels of risk aversion.
Desirable features of utility functions
- monotonically increasing
(investors prefer more to less) - concave
(investors are risk averse)
Prospect functions
Show the utility of wealth given a particular starting reference point.
Prospect functions improve on utility functions, as they consider the starting level of wealth and are more realistic in reflecting how people behave - decision makers end to be risk seeking when facing losses, and risk averse when facing gains.
What are the key contents of the risk profile:
Objectives and definitions
- the aims of the ERM activities, eg how it links to the company’s objectives and strategy, benefits, success criteria
- a statement of the organisation’s philosophy as to risk management and desired risk culture
- risk categories and definitions
What are the key contents of the risk profile:
Risk management structure
- the role of the risk managers, eg CEO, CRO, executive managers, risk sponsors, risk owners, risk committee members
- the structure of the corporate governance, eg committee roles, delineation of accountabilities
What are the key contents of the risk profile:
Risk management processes and benchmarks
- an overview of each stage of the risk management process
- risk appetite and tolerance statements
- risk policy standards, to ensure risk policies are consistent across the organisation