The Governance of Risk Management - Foudantions - Chapter 1 Flashcards
3.6 The Dodd-Frank Act overhauled the regulation of financial institutions in the United States, aiming at improving both consumer protection and systemic stability. List and discuss three issues that the Dodd-Frank Act tried to address?
3.6 Include any of the following seven elements. * Strengthening the Fed: The Act extended the regulatory reach of the Federal Reserve (i.e., the Fed) in the areas concerned with systemic risk. All the sys-temically important financial institutions (SIFIs), which are defined as bank holding firms with more than USD 50 billion of assets, are now regulated by the Federal Reserve and the Fed’s mandate now includes macro-prudential supervision. * Ending too-big-to-fail: Dodd-Frank proposed an end to “too-big-to-fail” by creating an orderly liquidation authority (OLA). * Resolution plan: SIFIs are required to submit a so-called “living will” to the Federal Reserve and the Federal Deposit Insurance Corporation (FDIC) that lays out a corporate governance structure for resolution planning. * Derivatives markets: The Act launched a transparency-focused overhaul of derivatives markets regulation with the aim of helping market participants with counterparty risk. * The Volcker Rule: This is a prohibition on proprietary trading, as well as the partial or full ownership/ partnership of hedge funds and private equity funds by banking entities. * Protecting consumers: The Act created a Consumer Financial Protection Bureau (CFPB) to regulate consumer financial services and products. * Stress testing: The Act instituted a radically new approach to scenario analysis and stress testing, with the following characteristics. * A top-down approach with macroeconomic scenarios unfolding over several quarters;
* A focus on the effects of macroeconomic down-turns on a series of risk types, including credit risk, liquidity risk, market risk, and operational risk; * An approach that is computationally demanding, because risk drivers are not stationary, as well as realistic, allowing for active management of the portfolios; * A stress testing framework that is fully incorpo-rated into a bank’s business, capital, and liquidity planning processes; and * An approach that not only looks at each bank in isolation, but across all institutions. This allows for the collection of systemic information showing how a major common scenario would affect the largest banks collectively.
3.7 Describe what is involved in risk governance.
3.7 Risk governance involves * Setting up an organizational infrastructure of human, IT, and other resources as well as articulating formal procedures for defining, implementing, and oversee-ing risk management; and * Transparency and the channels of communication established within the organization as well as with external stakeholders and regulators.
3.8 What went wrong in MF Global after 2010? How was it related to corporate governance issues?
3.8 Key points include the following. * Jon Corzine was appointed chairman of the board and CEO of MF Global In 2010. * MF Global was experiencing liquidity and compliance problems. * Despite repeated warnings by the company’s chief risk officer, MF Global made huge proprietary invest-ments in European sovereign debt. These investments soured in 2011, exacerbating the company’s liquidity problems. * Liquidity problems led to the loss of shareholder and client confidence, and ultimately to the firm’s collapse. * The company allegedly misappropriated client funds to meet the cash crunch.
3.9 Describe key points involved in constructing a risk appetite.
3.9 Key points include the following. * Risk appetite is intimately related to business strategy and capital planning. * Certain activities may be categorically inappropriate for an enterprise given the type of risk involved.
* Business planning must take risk management into consideration from the outset. * The matching of strategic objectives to the risk appe-tite must be incorporated into the planning process. * Clear communication of the firm’s risk position and risk appetite is essential so that appropriate limits can be set on various risk-bearing activities.
3.10 What are the four basic choices a bank needs to make regarding a potential risk exposure?
3.10 The choice to: * Not undertake certain activities, * Transfer either all or part of a certain risk to third parties, * Preemptively mitigate risk through early detection and prevention, and * Assume the risk while being fully cognizant of both the upside and downside implications.
3.11 How would one assess the stature of the CRO in the organization?
3.11 Questions to ask include the following. * Is the risk manager a member of the executive staff and can this position lead to other career opportunities? * How independent is the risk manager? * What authority does the risk manager hold? * To whom does the risk manager report? * Are risk managers comparatively well paid relative to other employees who are rewarded for performance? * Is the enterprise’s ethical culture strong and resilient to the actions of bad actors? * Has the bank set clear-cut ethical standards and are these standards actively enforced?
3.12 Describe what a “Risk Appetite Statement” (RAS) is and the objectives of a RAS.
3.12 A risk appetite statement: * Is an important component of corporate governance, * Articulates the level and types of risk a firm is willing to accept to reach its business goals, * Includes both qualitative and quantitative statements, and * Helps to reinforce a strong risk culture. Objectives include * Maintaining a balance between risk and return; * Retaining a prudent attitude toward tail risk and event risk; * Achieving a desired credit rating; * Linking short-term capital and long-term capital, financial and strategic plans, as well as compensation structure; * Setting risk appetite and risk tolerance measures which limit the amounts at risk that are expressed at the business unit level and on an enterprise level; and * Making transparent the relationship between risk appetite, risk capacity, risk tolerance and a firm’s current risk profile.
3.13 What is the difference between Tier 1 and Tier 2 limits?
3.13 Tier 1 limits: * Are specific and often include overall limits by asset class, an overall stress-test limit, and a maximum drawdown limit; and * Excesses must be cleared or corrected immediately. Tier 2 limits: * Are more generalized; * Relate to areas of business activity and aggregated exposures to credit ratings, industries, maturities, regions, and so on; and * Excesses are less urgent and can be cleared within a within a few days or a week.
3.14 What were three recommendations from the Financial Stability Board regarding compensation after the 2007–2009 financial crisis?
3.14 Recommendations include: * The elimination of multi-annual guaranteed bonuses; * The incorporation of executive downside exposure through the deferral of certain compensation, the adoption of share-based remuneration to incentivize long-term value creation, and the introduction of clawback provisions requiring reimbursement of bonuses should longer-term losses be incurred after bonuses are paid; * The placement of limitations on the amount of variable compensation granted to employees relative to total net revenues; and * The imposition of disclosure requirements to enhance transparency.
3.15 What are the roles of the senior management risk committee?
3.15 The senior management risk committee: * Reports back to the board risk committee with recom-mendations regarding the total at risk deemed pru-dent for the latter’s consideration and approval; * Establishes, documents, and enforces all corporate policies in which risk plays a part; * Sets risk limits for specific business activities, which are then delivered to the CRO; and * Delegates the power to make day-to-day decisions to the CRO. This delegation includes the power to approve risks exceeding preset limits imposed on the various business activities, provided these excep-tions remain within the bounds of the overall board-approved limits.
3.16 What are the key roles and responsibilities of an internal audit function?
3.16 Key roles and responsibilities include: * Independently assessing risk governance as well as the implementation and efficacy of risk management; * Reviewing the risk management process, a compre-hensive review includes, among other things, assess-ing adequacy of the organization of the risk control unit and documentation; * Analyzing the integrity of risk governance and the efficacy of the risk management process, including the integration of risk measures into daily business management; * Examining the monitoring procedures, for tracking the progress of risk management system upgrades; * Assessing the adequacy and effectiveness of applica-tion controls in generating and securing data; * Affirming the reliability of vetting processes; * Comparing compliance documentation with qualita-tive and quantitative criteria stipulated by regulations; * Offering its opinion on the reliability of any risk exporting framework; and * Evaluating the risk measurement methodologies both in terms of theory as well as implementation, includ-ing stress-testing methodologies.
3.17 Describe three key roles and responsibilities of the board of directors.
3.17 Such roles and responsibilities include: * Assessing the fundamental risks and rewards engen-dered in the bank’s business strategy, based on a clear understanding of the latter’s direction and goals; * Harmonizing risk appetite with the bank’s strategic plan; * Being accountable for risk transparency; and * Making sure that: * Any major transaction undertaken is in-line with authorized risk taking as well as with the relevant business strategies. * An effective risk management system is in place that enables corporation to further its strategic objectives within the confines of its risk appetite. * Procedures for identifying, assessing, and handling the various kinds of risk are effective. * Executives are compensated based on their risk-adjusted performance and that the incentives inherent in such compensation do not clash with shareholder interests. * Disclosure to managers and relevant stakeholders is both adequate and compliant with internal cor-porate rules and external regulations. * The information it obtains concerning the imple-mentation of risk management is accurate and reliable.
3.18 Describe the roles and responsibilities of the board audit committee.
3.18 The board audit committee is responsible for: * Assessing the veracity and the quality of the firm’s financial reporting, compliance, internal control and risk management processes; and * Compliance with best-practice standards in non-finan-cial matters. Regulatory, legal, compliance, and risk manage-ment activities also fall under the purview of the audit committee.