Session2 - Handout 4 - Strategic Risk, Risk management and Critical Thinking Flashcards
Potential exam question: Is good performance = Low strategic risk?
Don’t have a great answer here yet…
What is the suggested definition of Strategic Risk?
1) Strategic risk is the risk to the sustainability and the viability of the organisation
2) as a result of inadequate and improper implementation of strategic decisions by the organization’s management body
3) or lack of responsiveness of the management body in relation to the internal and/or the external environment.
OR, To what extent we are able to react in the case of something.
In terms of Strategic Risk, what are the risk coming from sources from the Internal Environment?
Losses due to inappropriate
decisions regarding…
- Strategy/projects
- Critical resources
- Structure
- Systems and processes
- Style
- Shared values
In terms of Strategic Risk, what are the risk coming from sources from the External Environment?
Losses due to inappropriate
responsiveness to…
- Political
- Economic
- Social
- Technological
- Environmental and ethical
- Legal and regulatory
- Competitors
- Customers
- Suppliers
What are the 7 rules of efficient KRI´s?
- Incorporating Risk Drivers
– Addresses risks, not events - Quantifiable: €, %, #
– Measures the risk, to manage it - Time series tracked against standards or limits
– Limits are linked to risk appetite and strategic
importance of the risk - Tied to objectives, risk owners and standard risk categories
– Classify KRI by types of risks addressed, or by
businesses incurring the risk (risk owners) - Linked to preventive or corrective controls, supporting management decisions and action
- Timely and cost-effective
- Simplifying risk
Look at slide 29 and the picture of the “Risk Governance Framework”, can you describe the relationship here?
About the framework:
• Mission & vision - what should the company do? We strive for the vision.
- Strategy & Objective & Risk appetite - This should be aligned with your risk appetite.
- Guidelines and requirements - What framework should you follow.
- Implementation - Not only following the framework but also applying all my knowledge in risk management.
- Usage - same here
- Assessment - how much time could get lost due to lack of structure –> Have to assess the situation.
• Internal control - three types:
○ Risk Control
○ Internaudit - ensure that all operations are aduequatley linked
○ compliance - ensure that they follow the framework
• Documentation
• Reporting - the way we report things
○ When we write, never forget the target audience in the easiest way possible.
• Corporate Governance - external consultant
Validation - Validated by the national supervisor
Board of directors at the upper half and then executives at the lower part.
The management body consists of 2 parts, which ones and what do they do?
The Management Body consists of 2 bodies
• 1) Board of Directors:
– the definition (high-level requirements) of the risk policies and the review
• 2) Executive Committee:
– the implementation following guidelines and requirements received by BD
– should put in place organizational structures, corporate loss control
– programs and risk policies to ensure cost-effective loss control
In terms of management, what are the three lines of defence?
• First level of control:
– At the activity level
– Performed by staff & line manager
– The most efficient level
• Second level of control:
– At-risk management level
– Performed by specialized risk manager (credit, market, actuaries..)
• Third level of control:
– Internal audit
– Best performed when internal auditors have been previously in the function themselves.
In terms of Credit Risks, who is the risk taker and who is the risk-owner?
RO = Risk Manager RT = Credit Risk Analyst
In terms of Operational Risks, who is the risk taker and who is the risk-owner?
RO = Risk manager + Operational Risk manager RT = Everybody
In terms of Liquidity Risks, who is the risk taker and who is the risk-owner?
RO = CFO, Asset & Liability management comitte in banking, to meet the short- and long run liquidity obligations. RT = CFO + traders
In terms of Market Risks, who is the risk taker and who is the risk-owner?
RO = Market risk manager RT = The buy-side, investors and traders.
In terms of Strategic Risks, who is the risk taker and who is the risk-owner?
RO = Same people RT = Executive team and board of directors