Part 2 (Ch 8 - 14) Flashcards
The components of a corporate strategy PASTA DC
- Product choice – design and pricing
- Asset management
- Sales growth
- Target markets
- Acquisitions strategy
- Distribution techniques
- Cost management
How risk appetite and strategy influence corporate strategy GRATR
- Gearing and borrowing ratio levels set
- Retention decision – choose risks to embrace and mitigate
- Allocation of capital decision
- Transfer and hedging strategies – degree and type
- Risk appetite: The risk a company is willing to take in order to reach its strategic objectives (influences risk and return trade-off)
Management decisions likely taken when in financial distress SLITS EQ
- Safety of work environment and services
- Liquidation working operations
- Investment spending in long term assets reduced
- Tax benefits loss
- Share price affected
- Exiting promising lines of business
- Quality of production
How to improve risk management strategies DOES
• Diversification o Resources o Locations o Skill o Channels • Outsourcing of services • Early warning triggers and horizon scanning • Structural changes made to ensure robustness and flexibility
Companies that would benefit from active risk management: KEUS
- Knowledge gathering companies - exploratory ventures
- Entrenchment strategy – value adds and complementary products
- Untapped markets
- Switch costs ensures retention
Risk management control cycle IAMMM DRAGS QAMI (BE PAIR REAR) ART
Identification o Definition is consistent o Recording o All risks considered o Grouping of risks o Sources of risk should be understood Assessment – quantify risks in terms of risk appetite o Quantify o Aggregate risks o Measurement of risk o Interdependencies of risk Management (Response) – ORM Monitoring – Record, review and report on risk o All aspects of ERM process o Recording of losses arising from risks o Trigger points reviewed Modification – pivot when needed
The purpose/components of risk tolerance statement
BARET FACE:
- Board decides on the level of risk to take
- Application of risk appetite to classes of risk
- Relationships between risk categories considered
- Expressed in qualitative or quantitative measures
- Time horizon of tolerance linked to corporate strategy
- Flexible to allow for changes in strategy
- All risks considered
- Classification at BU and organisational level
- Embedded in risk management policies and procedures
Parameters used to articulate risk tolerance PLEAD COMBS EC
- Pricing principles – minimum level
- Lines of business accepted or not
- Earnings volatility
- Aggregation of risk limits
- Dividend paying capacity
- Capital strength – rating of level by credit ratings agency
- Operational risk scenarios not accepted
- Maximum catastrophe loss
- Buffer on capital held in excess of minimum
- Supervisory criteria met
- Economic capital levels – chance of meeting policyholder obligations/probability of ruin
- supervisory capital – economic capital?
- Corporate transactions and strategic projects
Risk limits applied in businesses CUS CAS DILDO KC
- Concentration limits on certain lines of business, geographies and businesses
- Underwriting and pricing limits
- Statistical measure of the investment portfolio: VAR, Convexity, the Greeks
- Counterparty limits
- AL Mismatching degree
- Supplier limits
- Derivative usage limited
- Investment mandates – limiting investments in traded instruments
- Liquidity and reserving benchmarks
- Dependency limits
- Operational guidelines – what can be outsourced, recruitment process, communication channels etc.
- KRIs used
- Credit rating of counterparties to write deals with
The components of a risk management policy SPOOR CAPS
• Strategies and stakeholders
• Processes and benchmarks to manage risks
o Identify, measure, treat, and monitoring
• Objectives and Definitions
• Organisational structures
• Reporting processes
• Categories and definitions of risk
• Administrative points
• Philosophy and culture of risk management
• Scope and aims of ERM
Measures of risk appetite relating of financial/non-financial risks (Metric, probability cut-off, time horizon): CLOSET E
- Credit rating
- Loss ratios
- Operational efficiencies
- Solvency level
- Earnings and ability to pay dividends
- Time horizons
- Economic value
Risk appetite, tolerance, limit, capacity, exposure
Appetite: The amount of risk an organization is willing to take to meet its objectives – broken down into detailed risk tolerances
Tolerance: The amount of risk a company is willing to take on - clearly defined in terms of risk measures, time horizons and limits for each risk category
Limit: Operational limits of risk tolerances which dictates day-to-day decision making
Exposure: The maximum loss a company can suffer is a risk event occurs
Capacity: The upper bound of a company’s risk exposure defined by some consistent measure
Profile: Complete identification, description and quantification of the current and emerging risks
Requirements of good data and its communication TRAFVICS GR
- Timeliness of data
- Reliability
- Audience considered
- Format of the data
- Volume and Detail of data
- Internal or external sourcing
- Common classification of data into risk categories
- Systems and tech suitable to capture data
- Good quality of risk management is dependent on quality of data gathered
- Relevance and clarity
- Competency of data capturers
Information that should be documented for risk reporting SMARD:
- Systems used for documenting
- Management failures
- Assumptions made, data used and methodology used for modelling
- Risk register – ID and assessment of risks
- Decisions made regarding risk management
The attributes of a common risk management language TUMS:
- Thresholds for reporting
- Universally understood top-down rating system
- Management level responsible for mitigation linked to risk rating
- Standardised templates used
Importance of a common risk language FAEBICS
- Focus on substance, rather than structure of risk management ensured
- Audit is easier to conduct across the business
- External and internal risk measurement should be consistent
- Business buy-in to ERM ensured
- Inefficiencies and Duplication avoided
- Concentration of risk avoided
- Silo approach prevented
The elements of a good KRI CAD TOMBS:
- Consistent methodologies and standards applied
- Accountable individual linked to it
- Drives decision making
- Trackable
- Objectives tied to it
- Measurable/Quantifiable
- Benchmark set against it
- Simple and Cost effective
Importance of risk reporting IBM MOCK
- Inform stakeholders
- Business decisions are improved
- Monitoring of risks are improved
- Management inefficiencies found
- Objectives that are at risk should be assessed
- Compliance must be ensured
- Key risk exposures assessed
The contents of a risk report TICKLED SARS PD
- Trend analysis
- Information – internal, external, formal, informal
- Clear and easy to understand format
- Key business risk details
- Losses and incidents
- Events/Milestones
- Drill down into detail
- Single point of access to critical information
- Analysis, commentary and explanations provided
- Real time data
- Summary of risks
- Priority of risks - traffic light
- Decisions made
The relationships of stakeholders with a company PACAI
- Principal – provides capital to the company and expects a return
- Agency – appointed by the company to perform a specific role on behalf of the principle
- Controlling – supervise the principals or agents; aim to minimise risk faced by various parties
- Advisory – advises the principles or agents
- Incidental – affected by the behaviour of principals or agents
Risk perspective of stakeholders determined by TRAC
- Term of interest of stakeholder: Path of least resistance vs. path of most benefit
- Remuneration/Investment return of stakeholder
- Appetite for risk: Risk-reward structure for the stakeholder
- Career growth prospects of stakeholder: Hierarchy & takeovers of a company
Areas where agency risk can arise MELD ERA
- Merger aversion
- Employee remuneration
- Low risk management decisions
- Dominant CEO risk (Hierarchy risk)
- Expected returns of finance providers
- Regulatory misalignment
- Asset allocation of pension schemes
Role of the CRF MARCO OG
- Monitoring of risk management
- Advise the board on risk
- Reporting focus point
- Compare risk profile with risk appetite
- Oversight and assessment of risk management in the business
- Overall risks taken by business assessed
- Guidance and education given to line management and employees on risk management
Areas, Considerations and challenges when integrating RMF with business BPR GRAS ROCR
- Business strategy
- Pricing
- Business performance measurement
- Product development
- Remuneration – should encourage appropriate risk taking
- Governance structures
- Risks faced by the business
- Autonomy of BUs in the current structure
- Size and nature of the business
- Remuneration incentives aligned
- Operational risk measurement
- Conflicts between stakeholders
- Risk staff in BUs to be managed
Components of initial risk assessment and ID process BE PAIR REAR
- Business analysis
- Education and training
- Prioritise risks
- Agreement on risks faced
- Integrating ERM into business BBRRP
- Risk ID – DRAGS
- Risk register
- Evaluate risks – likelihood + impact
- Accountability and action plans on risks
- Review, monitor and report
Benefits of risk ID and assessment FART B
- Future risk management improved
- Reporting improved
- Awareness and transparency increased of risk in the organisation
- Transfer knowledge across organisation
- Business decisioning improved
Potential pitfalls in risk assessment process O BOLLA
- Objectives and appetite not clearly defined
- Buy-in from senior management may lack
- Operational execution is ineffective across whole process
- Likelihood and severity of risk defined inconsistently
- Link between risk assessment and business decision not made
- Allocation of resources incorrect
Business analysis BALSM ORE:
- Business plan/model
- Accounts and accounting ratios
- Legislation and regulation
- Structures and systems of the business
- Market information
- Objectives of the business
- Resources available to the company
- Economic environment
Contents of a risk register DICED OR
- Description of risks
- Indexing of risks
- Categorization
- Evaluation – likelihood and impact timeframe and relationship
- Document control information
- Response action
- Owner of risk
Risk identification tools SCP TCP
- SWOT analysis
- Checklist – list of risk from past activities and external sources
- Prompt list – list of risk categories of risk to consider
- Taxonomy – all risks with clear descriptions and groupings done
- Case studies – risk ID in a specific context
- Process analysis – ID risk from a detailed process map