Past Exam Questions: September 2013 Flashcards

1
Q

Compare the data typically used for modelling credit risk with that for modelling operational risk.

A

For both types of risk, data are needed for both severity and frequency.

There are different types of credit risks. The main distinction is between government, companies and individuals.

For credit risk, frequency refers to the probability of default and severity to the expected level of recovery which can be made (or the expected loss) given default.

There are a variety of sources of data on the levels of credit risk.

And these are more likely to be subject to greater scrutiny or review than operational risk data, therefore more likely to be robust.

And similarly are more likely to be up-to-date.

For example, credit agencies may provide information on the level of financial soundness of a counterparty (and ratings can be a condition of some stock market listings).

If the company is listed it will have a market price which will give some information on the likelihood of default.

Spreads on corporate bonds and credit default swap spreads can also give some insight.

Operational risks are more likely to be heterogeneous than credit risk events and so it may be necessary to do more detailed analysis of data splits.

Information on operational risks from errors in internal processes will be generally available.

However, there is a risk that some data will not be available as staff may not record near misses which may affect their remuneration.

There will also be operational risks that do not happen often, but which are severe enough to bring down a company if they transpire, e.g. a large on-off fraud.

The data for such risks will be very scanty.

External operational risk data may be more credible, but is unlikely to be relevant to the specific company.

Particularly reflecting its actual operating processes, business mix, size and environment and the governance, controls and other mitigation actions which may have been implemented.

It is more important for operational risk data than for credit risk data to take into account the specifics of the company.

Expert judgement is more likely to be required for operational risk data.

Experts may also be needed to construct worst case scenario examples for analysis.

However, credit risk is likely to be more influenced by external events (e.g. general state of the economy) and so therefore it may be necessary to adjust historic credit risk data to reflect aspects such as the economic cycle and also to adjust appropriately for significant contagion events (to which credit risk events are likely to be more prone).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why is external operational risk data unlikely to be relevant to a specific company?

A
External operational risk data would need to reflect its actual
- operating processes
- business mix
- size
- environment
and the
- governance,
- controls,
- mitigation actions which have been implemented.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Discuss the advantages and disadvantages of selling futures contracts to mitigate risk

A
  • Selling futures contracts would provide a quick mitigation option.
  • Futures contracts are transacted through exchanges, which improves the liquidity and also removes the counterparty risk between the seller and the ultimate purchaser.

However, there are issues:

  • Futures contracts are subject to margin requirements
  • The company would need to submit margin if the price of the underlying changed adversely.
  • In addition futures contracts might expose the company to basis risk as they might not perfectly offset other asset movements being hedged.
  • Futures contracts are generally more standardised, meaning that the company would have less flexibility, e.g. in delivery date.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

List 6 TOOLS that can be used to identify risks

A
  • SWOT analysis
  • Risk check lists or taxonomy
  • Risk prompt lists
  • Risk trigger questions
  • Case studies
  • Risk-focussed process analysis
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Risk identification tools:

SWOT analysis

A

Considers both the downsides and positive implications of risk for future strategies,

through the identification of:

  • strengths
  • weaknesses
  • opportunities
  • threats
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Risk identification tools:

Risk check lists or taxonomy

A

Reference lists of possible risks, sourced from information obtained through experiences and from external documented knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Risk identification tools:

Risk prompt lists

A
Higher level categories intended to prompt a more specific list, e.g. PEST
- political
- economic
- social
- technological
analysis.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Risk identification tools:

Risk trigger questions

A

Lists of situations in particular areas of an organisation that can lead to risk, based on previous risk events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Risk identification tools:

Case studies

A

“real world” examples can suggest specific current risks if clear similarities with own organisation, otherwise could suggest areas where similar risks might occur in future.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Risk identification tools:

Risk-focussed process analysis

A

Construction of detailed flow charts for every process in the organisation and analysis of the points at which risks and failures can occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

List 7 TECHNIQUES that can be used to identify risks

A
  • Brainstorming
  • Independent group analysis
  • Surveys
  • Gap analysis
  • Delphi technique
  • Interviews
  • Working groups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Risk identification techniques:

Brainstorming

A

Unrestrained or unstructured discussion involving experts, led by an experienced facilitator in order to draw out a wide range of ideas in depth.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Risk identification techniques:

Independent group analysis

A

All participants document their views on risks in silence and without collaboration, in order to avoid bias;
these are aggregated by a facilitator and then discussed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Risk identification techniques:

Surveys

A

Questions about different aspects of the area(s) being considered and related risks are distributed to a large number of staff.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Risk identification techniques:

Gap analysis

A

A survey-based approach seeking to answer 2 questions:

  • the desired level of a given risk and
  • its actual level.

The two questions would not necessarily be asked of the same people.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Risk identification techniques:

Delphi technique

A

Another type of survey with greater flexibility, whereby acknowledged experts are asked to comment on the risks anonymously and independently;

The answers are then analysed in detail and follow-up surveys issued until consensus is reached.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Risk identification techniques:

Interviews

A

These are carried out with specific individuals, with clarification being sought immediately on any unclear answers.

18
Q

Risk identification techniques:

Working groups

A

Once a risk has been identified, small groups of experts familiar with the risk can analyse and discuss it further.

19
Q

Describe the principal risk exposures of a nonprofit en endowment fund

A
  • Market risk
    The risk that the investments in the endowment fund underperform or are subject to losses in market value.
  • Reputational risk
    Potential reputational risk if the fund is not well managed.
  • Expense risk
    Cost control and managing the sources of expense risk is important.
  • Operational risk
    (counterparty risk, agency risk). There is potential misalignment of incentives (agency risk) or even moral hazard.
20
Q

Assess the suitability of the Solvency II standard formula approach for a coconut-injury insurer.

A

The standard formula is calibrated to the capital requirements of the “average” insurer in the industry.

It uses a standardised approach to assess the capital requirements in respect of the following risk categories:

  • UNDERWRITING risk: The coconut injury product is very unusual. It is highly unlikely that an average approach such as the standard formula will accurately reflect the risk exposures of this product.
  • MARKET risk: The insurer is likely to back its liabilities with a portfolio of short term fixed interest securities. This is a typical investment approach for short term insurance products and so it would appear that the average approach prescribed by the standard formula is appropriate.
  • COUNTERPARTY DEFAULT risk: The suitability of the counterparty default risk module will be similar to the underwriting risk module assessment (reinsurance assets) or the market risk module (all other assets) assessment.
  • OPERATIONAL risk. By definition, under the standard formula, operational risk capital is assessed using a formulaic approach. This inevitably means that the standard formula therefore does not capture any firm’s operational risk exposures accurately.

The coconut injury product would seem a good candidate for an internal model under Solvency II (i.e. the standard formula is unlikely to be appropriate).

21
Q

List the 6 tests which an internal model must meet under Solvency II

A
  • The “use” test
  • Statistical quality standards
  • Calibration standards
  • Profit and loss attribution
  • Validation standards
  • Documentation standards
22
Q

6 Solvency II Internal model tests:

The “use” test

A

Firms must demonstrate that the model has been developed solely for regulatory purposes but is widely used in the firm to support

  • risk management,
  • decision making,
  • economic capital allocations and
  • the solvency capital assessment.
23
Q

6 Solvency II Internal model tests:

Statistical quality standards

A

The assumptions used in the model should be realistic and based on accurate, appropriate and up-to-date information.

24
Q

6 Solvency II Internal model tests:

Calibration standards

A

This is to ensure that the output of the model reflects the 99.5% (over one year) level of confidence required to set the SCR.

25
Q

6 Solvency II Internal model tests:

Profit and loss attribution

A

The causes and sources of profit and loss for each major business unit need to be analysed at least annually.

26
Q

6 Solvency II Internal model tests:

Validation standards

A

These prescribe the criteria for continual review, monitoring and improvement of the internal model.

27
Q

6 Solvency II Internal model tests:

Documentation standards

A

These set the minimum documentation requirements for the model.

Documentation needs to go beyond methodology and audit trail, also recording the 
- theory, 
- assumptions and 
- reasoning 
behind the model.
28
Q

Describe the additional risk modelling considerations for an indemnity product as opposed to a fixed benefit product

A
  • Fixed benefit product need only cover the frequency of insurance events, not the severity as well.
  • To provide full indemnity cover, the model will need to be extended to model severity.
  • It will be necessary to collect data on severities.
  • It is unlikely that a company with fixed benefit products has been collecting any data on severity, but there may be a limited amount of information already available.
  • External sources of data should also be investigated.
  • The availability of relevant research should be investigated.
  • The insurer needs to consider whether the factors underlying frequency also impact severity, or whether any additional risk factors are required.
  • To model severity, the company could use a parametric or non-parametric approach.
  • The output from the severity and frequency models need to be combined in some way.
  • This is likely to require some form of correlation assumption.
  • The indemnity payment could result in payments being made over a long period of time (healthcare costs etc), so claims inflation will need to be considered.
  • Indemnity payments also increase the risk of the company paying out for things it didn’t expect to cover and hence didn’t include in the pricing.
  • It may be difficult to formulate an analytical / closed form representation of the loss model.
  • In this case a Monte Carlo simulation would be the best way to produce the full loss distribution.
29
Q

Outline the metrics and approaches which could be used to measure and monitor the sovereign default risk exposure of a life insurer.

A
  • Simple measures such as the amount (by market value or nominal amount) split by each issuing government.
  • The difference between the company’s solvency ratio as it stands and after applying an adjustment (e.g. a haircut to the market value) for sovereign default risk.
  • The Value at Risk or Tail Value at Risk on the asset portfolio for sovereign default.
  • The Value at Risk or Tail Value at Risk on the overall net asset-liability (solvency) position for sovereign default (which takes into account the fact that much of the risk may be passed to policyholders).
  • Measures of the likely probabilities of default.
  • For example a comparison of government bond yields or credit default swap prices.
  • Estimates of the loss on the bonds should default occur.
30
Q

Define “economic capital”

A

An organisation’s economic capital is an assessment of the capital required to cover its risks.

It is the 
... amount of capital 
... that an organisation requires 
... to cover its liabilities and obligations (or to remain solvent) 
... under adverse outcomes 
... with a given degree of confidence 
... and over a given time horizon.
31
Q

Define “economic value”

A

Economic value is the present value of all future shareholder profits, determined on a realistic economic basis.

32
Q

Economic profit

A

The change in economic value over a period.

33
Q

Comment on the use of economic profit as a key performance indicator

A

The formula for calculating economic profit is relatively clear and straightforward, therefore should be an objective measure that is not particularly susceptible to manipulation.

There may however still be some element for discretion required (and therefore potential for manipulation) if the economic value calculation requires subjective assumptions to be set relating to future experience.

  • It is a risk-based measure of profit.
  • It should therefore link better to the true underlying profit of the business than the accounting profit.
  • However, the accounting profit remains important and economic profit will have to supplement this.
  • Economic profit links performance measurement to the risk framework.
  • It will be aligned with the risk appetite framework of the firm.
  • However it may be volatile, which could have issues in terms of stakeholder communication and buy-in.
  • It also may be difficult to compare with peer companies.
34
Q

Analysis of change in economic value (over a year)

A

Under this process, each source of profit or loss is compared with the amount expected and allocated to a high level risk category (e.g. market, insurance, operational etc).

35
Q

Outline the advantages and disadvantages of presenting economic profit in an analysis of change in economic value

A

+ Can provide valuable management information

+ Could use as a way to link risk appetite and risk thresholds / limits directly

+ Supports evaluation of risk / return trade-offs in decision making

+ Shows that risks can have upsides and downsides

  • The analysis of surplus on which it is based may be very subjective or contain a number of implicit assumptions which could distort the result or lead to the wrong interpretation.
  • The measure may be very volatile.
  • It can be difficult to allocate some effects to one particular risk category (or may depend on the order of analysis)
  • How to allow for diversification / correlations between risk drivers.
36
Q

Define model risk

A

Model risk is risk arising from the use of an inappropriate or inaccurate model when assessing or managing risks.

It may result in incorrect or suboptimal decisions being made.

37
Q

Describe the experience and expertise which a Model Governance Committee as a whole should possess

A
  • There should be members with strong technical skills to consider the model methodology.
  • At least one member of the Committee must have specific experience and detailed knowledge of the model.
  • But wider modelling exposure would also be useful to help benchmark and consider issues in a more general context.
  • At least one member should have operational experience of how the output from the model is used by workers on the front line and key decision makers.
  • There should also be representation of senior management responsibilities and risk management skills.
  • At least some of the members should have formal (relevant) qualifications.
  • Committee members are not expected to do the work, but some of them must have done it or managed it in the past in order to both understand it and check it for reasonableness.
38
Q

Outline the activities that a Model Governance Committee should oversee

A

The Model Governance Committee would be tasked with establishing and monitoring:

  • The control environment in which the model runs are carried out.
  • The control environment in which the model output is aggregated for reporting.
  • The control environment in which changes to the model are made.
  • The control environment / criteria for model testing.
  • The criteria for the quality of data inputs into the model (e.g. use of the risk register).
  • The criteria for the quality of any assumptions used in the model.
  • The quality of the communication of the outputs, including ensuring that users fully understand any modelling limitations.
  • Feedback learning loops from any problem deliveries.
  • Training of users.
  • Model documentation.
  • Reporting requirements (to the Committee and to management).
  • Authorising different levels of access to the model.
  • Processes for handling significant model changes in the future.
39
Q

Discuss the role of the Internal Audit function in relation to models.

A

Internal Audit will be independent of the Model Governance Committee.

They would in normal course of their business be expected to check the general compliance with internal model procedures and use.

And highlight any perceived weaknesses in internal controls.

However, Internal Audit may lack the technical skill sets to consider the accuracy and appropriateness of the model so may need to utilise external experts.

40
Q

List the advantages and disadvantages of a smaller, easier-to-understand, simpler “short form” of the actual model used internally.

A

+ Quicker to run so can make decisions more rapidly

+ May be more cost-effective

+ Possibly simpler to understand and explain.

+ Which facilitates the embedding of the model into the business.

+ Metrics produced are likely to be more intuitive - i.e. point estimates rather than distributions.

+ Produces a more tractable assessment, which could allow the model to link more directly to other types of analyses.

  • Increases the model risk exposure: new / second model and also risk of misalignment between the two models.
  • It may not be possible to find an appropriate simplified form which will continue to give optimal or near optimal results.
  • If an approach is found, it may oversimplify the analyses which could lead to sub-optimal decisions being made which could have a detrimental impact on the company’s costs, reputation and business volumes.
  • May not be appropriate for considering extreme events, i.e. worst case scenarios
41
Q

Suggest terms and conditions to be included in supply contracts to impose some aspects of ERM onto suppliers, in order to improve and de-risk the supply chain.

A

The more onerous conditions need not be included in supply contracts which are not business critical to the company.

INFORMATION:

  • Supplier to provide the company with pre-agreed financial information at pre-agreed intervals.
  • Supplier to continuously monitor key financial statistics and advise the company immediately of breaches.
  • This could include typical debt style covenants such as debt-to-equity ratio and liquidity ratio.
  • Supplier reports regarding issues (strikes, legal, maintenance etc.).

PENALTIES

Financial penalties to incentivise the supplier to identify, monitor and manage the risk of failure to meet the contract terms.

These can include:

  • comprehensive product guarantees
  • free expedited shipping as needed to meet deadlines
  • monetary penalties for failing to supply goods on time

Supplier to provide trade credit terms to ensure that payment delays to not affect the timely supply of goods.

Contract to require the supplier to maintain pre-agreed stock levels on business critical goods.

Contract to stipulate the process for returning goods including damaged and broken goods.

In particular, the policy for damaged and dead-on-arrival goods should require immediate expedited replacement at the supplier’s expense.