Risk Management

Question 1

Stages of risk control cycle

Answer 1

I can make cookies for mom
1. Risk identification
2. Risk classification
2. Risk measurement
3. Risk control
4. Risk financing
5. Risk monitoring

Question 2

Risk identification

Answer 2

Defn: recognition of risks That can threaten income and assets of an organisation
1. Systematic vs. diversifiable
2. Risk appetite /tolerance level
3. Preliminary risk control processes
4. must be comprehensive
* Watch out for new, unidentified risks
5. Identify opportunities to exploit risk
6. CEF
*circumstances
*features
*environment

Question 3

Risk classification

Answer 3

1. Take risks identified and group them into higher order categories
2. Aids calc for cost of risk and value of diversification
3. Allocate risk owner
   *responsible for control processes

Question 4

Risk cycle - Risk measurement

Answer 4

Defn: estimation of probability of risk event occurring and likely severity (incl cost of risk control)
* before & after risk controls
Basis for evaluation and selecting methods of risk control and whether risk should be
1. Declined
2. Transferred (insurance)
3. Mitigated
4. Retained with or without control
-

Question 5

Risk cycle - Risk Control

Answer 5

Defn: determining and implementing methods of mitigation (P S FO )
Systems that aim to mitigate the risks or the consequences of risk events
1. Reduce probability of risk occurring
*implementing controls and processes
*triggers
2. Limit financial consequences of risk
*both pre (insurance) and post risk occurrence
3. Limit severity of the effects of a risk that occurs
*insurance
*safety measures
4. Reduce consequences of a risk that does occur
*survival of organisation post event
*business continuity plan
* models & assumptions & discussions

!management buy in = mngment action

Question 6

Risk cycle - modelling

Answer 6

1. Helps find trigger points
2. Determines the value of management buy in and efficiency as well as other courses of action
3. Assumptions and methods only valid to extent actions would be taken
4. Helps choose best option

Question 7

Risk appetite

Answer 7

Amount of risk business can tolerate
1. Quantitative -
2. qualitative - organisations risk preferences/extent organisation is willing to be exposed to risk
3. Set by board and senior members
4. Communicated to organisation
5. Contributes to risk management and risk controls

Question 8

Risk financing

Answer 8

1. Determine the likely cost of each risk
   *mitigations
   *post loss event
   *capital implications
2. Sufficient financial resources
   *continuation post loss event

Question 9

Risk monitoring

Answer 9

Part/all - with/without
Defn: regular review and re-assessment of all risks previously identified + overall business review to identify new/previously omitted risks

NB: allocate management responsibility for effective mainland control processes

• C -change
• O -occured
• N -new risks
• E -evaluate effectiveness existing risk management process

Question 10

Risk management - benefits

Answer 10

IR access

1. Integrate risk into business processes and strategic decision making
   *product development
   *mergers and acquisition
2. reaction quick to emerging risks
3. Aggregate risks and assess interdependencies
   *concentration risk
   * Natural synergies
   –offsetting or hedging (mortality vs longevity)
   * diversification
4. capital allocation and better management to improve growth and returns
5. Confidence for stakeholders that business is managed well
   *shareholders
   *regulators
   *credit rating agencies
   6.Exploit risk opportunities
6. Improve stability and quality of business
7. Surprises

Question 11

Good Risk management process

Answer 11

Balance return, growth, consistency
CHAOS
1. Consider all relevant contrains
2. Exploit hedges and portfolio effects among risks
3. Incorporate all risks (financial and non-financial)
*political
*social
*regulatory
*competitive
4. Exploit financial and operational efficiencies within strategies
5. Evaluate all relevant strategies for managing risk

Question 12

Risk vs uncertainty

Answer 12

Risk defn: arises as consequence of uncertain outcomes
*cannot say explicitly whether it can be modelled/measured
*upside risk
> can be measured & avoided
> likelihood & size can be quantified
- data availability & credibility
- distribution of potential losses not known
- nature of risks is difficult to asses
> can be good & bad
>might not be able to model
! risk is impact of uncertain outcome

Uncertainty defn
*probability associated with particular outcomes
*severity of loss associated with outcomes
*can not be modelled
*lack of certainty and lack of knowledge
*no choice as to whether you encounter uncertainty and may not be possible to reduce
> cannot be measured
> cannot be anticipated
> cannot be reduced
>cannot be modeled
>lack of certainty and knowledge

Question 13

Risk measurement modelling challenges

Answer 13

1. Credible data
2. Cannot identify distribution of potential loss
3. Exact nature of loss is difficult to assess

Question 14

Systematic risk

Answer 14

*Risk that affects an entire financial market or system
*not possible to avoid systematic risk through diversification
*impacts entire market
*systemic - 1 company collapse could trigger whole system

Question 15

Diversifiable risk

Answer 15

Defn: risk arises from individual component of financial market or system
*rational investor should not take on any diversifiable risk
*only non diversifiable risk taken on is rewarded
**securities riskyness is considered relative to the portfolio and not solo

Question 16

Risk management definition

Answer 16

• process of enduring Risks exposed to are what we
  -think we are exposed to and
  -what we are prepared to be exposed to
  *protect org against adverse risk experience
  -result in being unable to meet liabilities

Question 17

Risk Governance

Answer 17

How risk management is
*managed
*controlled

Question 18

Group risk management function

Answer 18

1. Full view of exposure
2. Diversification
3. Economies of scale
4. Pooling of risks
   capital allocation
5. Business planning & decisions
   7.exploit opportunities enhance value

Question 19

ERM Key features

Answer 19

1. Consistency across business units
2. Holistic
   3.seek opportunities to enhance value

Question 20

Stakeholders in risk Governance

Answer 20

Scarred
1. Shareholders
2. Customer
3. Credit ratings agency
4. Regulator
5.risk managers /officer
6. employees
7. Directors

Question 21

Employees

Answer 21

1. Look out for and identify risks
2. Suggest ways to mitigate
3. Reward

Question 22

Directors [ERM]

Answer 22

1. Oversee management of risks
2. Set risk appetite
3. Set suitable ERM framework to manage risk
   **Set risk management strategy
4. Approve policies
5. Responsible for overall success of company
6. Set direction culture & structure
7. List of most strategic risks

Question 23

Risk function/management

Answer 23

1. management treatment of key risks
   *Oversee & challenge
   *advice on identification and management
   *monitor progress
2. Set risk policy
3. Gather relevant information on risks
4. Give advice to board on risks
5. overall risks being run by business
   * assess
   * compare against appetite
6. Pull whole picture together

Question 24

CRO [ERM]

Answer 24

> allocate risk budget and capital- after allowing for diversification
monitor group exposure to risk
document and report risks that thave materialised & affected group
risk & compliance programs & policies
support & monitor line management
report to board
set company’s risk appetite and communicate with stakeholders
manage risk functions
design and implement ERM framework
developed processes and systems to analyze, monitor and manage risks
establish relationship with people
must understand key stakeholders and drivers of performance

Question 25

Good ERM framework

Answer 25

I M TIGER
* appropriate structure for governance of risk management
* process for engaging business units
* common risk taxonomy
> system for classifying & defining risks
* standard risk management process
* incentives for employees
* clear monitoring & risk reporting
* incorporate risk management into business (line) - p cubed rs
> business strategy
- plans & strategy for
> product development
- set trigger points for each ass.
- set up a risk committee for business dev
> product pricing (take account of cost of risk)
- expected losses from bad debts
- cost of capital
- cost of risk transfer
> business performance management
- risk- adjusted performance measures
> remuneration
- link between executive compensation & risk
management must be disclosed
* salaries & incentive based comp
* stock options
- cOmp arrangements must not encourage excessive/inappropriate risk-taking
- clawback provisions

Question 26

3 lines of defence

Answer 26

1. Line manager and staff
   *measure and manage risks daily
2. CRO
   *establish risk and compliance policies and programs
   * support and monitor 1st libe
3. board and audit function
   *set effective governance fir risk management process
   * set risk management strategy
   * approve policies
   *ensure ERM is effective

Question 27

3 working models

Answer 27

1. Offense vs defence
   *1st vs 2nd (maximise profits vs min losses
2. Policy and policing
   * business function with rules and policies set by risk and policed by risk
   - out of date die to out of touch
   - reviews are not continuous = problems fall through
   - friction
   - incentives to report if uncertain
3. Partnership
   * risk management is integrated into staff - clients consultant relationship
   * share performance measures
   * awareness of long term benefits from risk management
   *NB to meet needs of business as risk consultant
   - Independence is compromised