Summary - Risk Management Flashcards
What are the main stages in the RM process
Awareness
→ Identify
→ Assess
→ Manage
→ Monitor
which all feed into Profile (cyclical, with “Profile” at the center)
Risk awareness overview
What is it? Tools? Unique Points? Acronym?
What it is:
Setting the strategic context and risk appetite. Clarifies objectives, risk capacity, and boundaries for acceptable risk. Defines tone from the top.
Tools:
Mission/vision statements
Risk appetite frameworks
Risk culture assessments
Unique points:
Often vague in real firms — can weaken all other steps
Must be owned by senior leadership
Acronym: “TOP”
Tone from the top,
Objectives defined,
Policies shaped
Risk identification overview
What is it? Tools? Unique Points? Acronym?
What it is:
Spot the risks that might stop objectives being met. Gather risks from operations, strategy, stakeholders, and external environment.
Tools:
Risk registers
Workshops/interviews/brainstorm
PESTLE / SWOT analysis
Bow-tie diagrams
Unique points:
Needs both bottom-up and top-down inputs
Blind spots are common — esp. emerging risks
Acronym: “WARP”
Workshops,
Analysis (SWOT),
Register,
PESTLE
Risk assessment (measurement) overview
What is it? Tools? Unique Points? Acronym?
What it is:
Understand likelihood and impact of each risk. Evaluate risks quantitatively or qualitatively to rank priority and allocate resources.
Tools:
Risk matrices (heatmaps)
VaR, stress testing, scenarios
Monte Carlo simulations
Risk aggregation methods
Unique points:
Beware of correlation under stress
Hard to assess emerging risks reliably
Acronym: “SLAM”
Scenarios,
Likelihood/Severity (Freq/Sev),
Aggregation,
Models
Risk management overview
What is it? Tools? Unique Points? Acronym?
What it is:
Take action to treat the risks.. Decide on risk response — accept, reduce, avoid, or transfer.
Tools:
Controls
Insurance / hedging
Business continuity planning
Risk-sharing agreements
Unique points:
Controls must be proportionate and monitored
Can affect risk-return trade-off
Acronym: “ARTT”
Avoid,
Reduce,
Transfer,
Tolerate
Risk monitoring overview
What is it? Tools? Unique Points? Acronym?
What it is:
Track risk performance and control effectiveness. Ongoing oversight of risks, incidents, and changes in environment.
Tools:
KRIs (Key Risk Indicators)
Risk dashboards
Internal audit
Risk control self-assessments
Unique points:
Often too slow or reactive
KRIs must be linked to objectives
Acronym: “RACK”
Reports,
Audit,
Control testing,
KRIs
Risk PROFILE overview
What is it? Tools? Unique Points? Acronym?
What it is:
A living record of all current risks.. The risk profile reflects the firm’s full exposure, controls in place, and residual risk.
Tools:
Dynamic risk register
Risk dashboards
Integration with ORSA or ICAAP
Unique points:
Must be updated constantly
Links to capital, appetite, governance
Acronym: “REAL”
Residual risk,
Exposures tracked,
Aggregated view,
Live updates
What are the 6 dimensions of risk
“FIRST-C”
F – Frequency
I – Impact (i.e., Severity)
R – Risk Event (origin or nature of the event)
S – Size of Capital required
T – Time Horizon
C – Correlation / Interconnectedness
Lam’s 7 Lessons
“K-SUPER-B”
K – Know Your Business
Understand your specific risk profile and environment.
S – Set Limits and Boundaries
Tailor risk metrics to each business line and geography.
U – Use the Right Yardstick
Align performance measures with risk-adjusted objectives.
P – Pay for the Performance You Want
Match compensation to desired risk behaviours.
E – Establish Checks and Balances
Avoid excessive concentration of risk or authority.
R – Review Cash Flow Control (Keep Your Eye on the Cash)
Ensure liquidity and financial controls are adequate.
B – Balance the Yin and the Yang
Build the right risk culture — both technical and behavioural.
