Risk Measurement And Reporting

Question 1

Scenario analysis

Answer 1

Looks at the financial impact of a plausible and possibly adverse set or sequence of events
It is useful where it is difficult to fit full probability distribution to risk events. It provides information of the severity but not the likelihood of risk

It involves the following steps:
• grouping of risks into broad categories
• development of a plausible adverse scenario
• calculation of the consequences of the risk event occurring for each scenario
• total costs calculated are taken as the financial cost of all risks represented by the chosen scenario

Question 2

Stress testing

Answer 2

Involves assessing the impact of a specific extreme adverse event over a period of time, such as a shock fall in equity values or shock increase in claim frequency

Stress and scenario testing can be combined to determine a stress scenario. In this case, the stress test is performed by considering the impact of a set of related adverse conditions that reflect the chosen scenario

Two types of stress scenario test:
• to identify “weak areas” in the portfolio and investigate the effects of localized stress situations by looking at the effect of different combinations of correlations and volatilities
• to gauge the impact of major market turmoil affecting all model parameters, while ensuring consistency between correlations while they are “stressed”

Question 3

Reverse stress tests

Answer 3

Construction of a severe stress scenario that just allows the firm to be able to continue to meet its business plan
E.g. by having sufficient capital to meet solvency requirements or to cover its minimum risk appetite

The model is often limited by one of the following approaches:
• restrict the duration (of time horizon) of the model
• limit the number of variables modeled stochastically and use a deterministic approach for the other variables
• carry out a number of runs with a different single stochastic variable and then a single deterministic run using all the worst case scenarios together

Question 4

Aggregate risks

Answer 4

Individual risks need to be aggregated in order to allow for correlations and inter-actions
This can be done through:
• stochastic modeling - although this may be impractical
• simple formulae if risk events are fully dependent (sum of individual capital requirements) or fully independent (square root of sum of squares)
• correlation matrices
• copulas - function that take as inputs marginal CDFs and output a joint CDF
Different copulas are used to describe different degrees of dependence between random variables, including in the tails of distributions

Question 5

Risk measures

Answer 5

Risk measures can be classified into two groups: deterministic and probabilistic

Deterministic approaches to measuring risk include the notional approach, the factor sensitivity approach and the scenario sensitivity approach

Probabilistic approaches include:
• deviation - including standard deviation and tracking error
• value at risk
• probability of ruin
• tail value at risk

VaR and TVaR can be calculated using an empirical, parametric or stochastic approach or scenario analysis

Question 6

Risk portfolios/registers

Answer 6

Records the impact and probability of each risk

The risk portfolio can be extended to indicate how the risk was dealt with:
• avoided
• retained (and how much capital is needed to support it)
• diversified (and a revised assessment of the remaining combination of risks)
• mitigated (and a revised assessment of the remaining risk)
-internally
-by transfer to another party

For risks that are retained, the risk portfolio would also contain details of:
• control measures
• reassessment of value and impact after controls
• risk owner
• board committee/senior manager with oversight of the risk
• identification of concentrations of risk and related actions

Question 7

Risk reporting

Answer 7

Regular risk reporting is vital is ensure that the risk management process is effective:
• identifying new risks
• quantifying the impact of individual risks
• determining appropriate control systems for specific risks
• monitoring the effectiveness of existing control systems
• assessing changes to risks faced
• assessing the interaction between risks
• assisting with pricing, reserving and determining capital requirements

It is also helpful for external stakeholders, e.g. shareholders (existing and potential), credit rating agencies and regulators

Risk reporting should be consistent across the enterprise in order to optimize the allocation of risk appetite and to make the best use of diversification for capital efficiency