Topics 4-7 Flashcards
Describe enterprise risk management (ERM) and compare and contrast
differing definitions of ERM
An integrated and centralized approach under ERM is significantly more effective in managing a company’s risks than under the traditional silo approach of managing and centralizing risks within each risk/business unit.
ERM is a comprehensive and integrated framework for managing a firm’s key risks to meet business objectives, minimize unexpected earnings volatility, and maximize firm value.
Definitions:
- ERM is a process, effected by an entity s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its appetite, to provide reasonable assurance regarding the achievement of entity objectives
- Risk is the effect of uncertainty on objectives and risk management refers to coordinated activities to direct and control an organization with regard to risk
- Risk is a variable that can cause deviation from an expected outcome. ERM is a comprehensive and integrated framework for managing key risks in order to achieve business objectives, minimize unexpected earnings volatility, and maximize firm value.
Compare the benefits and costs of ERM and describe the motivations for a firm to adopt an ERM initiative
The key motivations of an ERM initiative include integration of risk organization,integration of risk transfer, and integration of business processes, which lead to increased organizational effectiveness, better risk reporting, and improved business performance, respectively
However, implementation of an integrated firm-wide initiative is costly (both capital and labor intensive) and time-consuming. This process could last several years and requires ongoing senior management and board support.
Describe the role and responsibilities of a chief risk officer (CRO) and assess how the CRO should interact with other senior management
The chief risk officer (CRO) is responsible for all risks facing a company, including market, credit, and operational risks and is responsible for developing and implementing an ERM strategy.
The CRO provides overall leadership for ERM and develops policies and standards, including setting the firm’s overall risk appetite, measuring and quantifying risks and setting risk limits, and developing risk systems.
The CRO generally reports to the CEO or CFO but could also have a dotted line relationship to both the CEO/CFO and to the board to minimize any potential friction between the CRO and the CEO/CFO (due to excessive risk taking, regulatory issues, or fraud).
An ideal CRO possesses five critical skills:
- leadership,
- power of persuasion,
- ability to protect the firm’s assets,
- technical skills to understand all risks, and
- consulting skills to educate the board and business functions on risk management.
Distinguish between components of an ERM program
A strong ERM framework has seven main components:
- corporate governance,
- line management,
- portfolio management,
- risk transfer,
- risk analytics,
- data and technology resources, and
- stakeholder management
Line management is the management of activities that relate directly to producing a firm’s products and services. Line management is critical as it integrates business strategy into corporate risk policy, assesses the relevant risks, and incorporates them into pricing and profitability decisions. The assessment process should include adequate due diligence to determine which risks line managers can accept without senior management or board approval. In terms of addressing relevant risks, managers should include the cost of risk capital and expected losses in decisions about product pricing or investment returns.
Risk analytics quantifies risk exposures for use in risk analysis, measurement, and reporting. Many of the risks facing the firm can be quantified including credit, market, and operational risk. Risk analytics can be used to calculate the cost-effective way of reducing risk exposures. It is also useful in evaluating the cost of managing risks in-house or externally as long as the cost of managing them externally is cheaper. The analysis and quantification of various risks can ultimately increase shareholder value, boosting net present value (NPV) and economic value added (EVA).
Assess methods that banks can use to determine their optimal level of risk
exposure, and explain how the optimal level of risk can differ across banks
Methods to determine the optimal level of risk exposure include targeting a certain default probability or credit rating and sensitivity or scenario analysis.
In targeting a certain default probability or credit rating, a bank should not always aim to earn the highest credit rating possible because the rating would likely involve a large opportunity cost as the bank would have to forego risky projects that could otherwise provide high profits.
Sensitivity or scenario analysis involves a bank determining its optimal level of risk exposure by the impact of specific shocks. There would be an analysis of the adverse impacts on the value of a bank due to changes in interest rates, foreign exchange rates, inflation, et cetera.
The optimal level of risk depends on the specific focus of the bank’s activities (e.g., lending, deposits, derivatives), so it will differ among banks.
Describe implications for a bank if it takes too little or too much risk
compared to its optimal level
Banks need to take on an optimal amount of risk in order to maximize shareholder value while satisfying the constraints imposed by bank regulators.
If a bank takes on too little risk compared to its optimal level, it may not generate sufficient returns for its shareholders, which could decrease the value of the bank.
Taking on too much risk may also decrease the value of a bank.
Explain ways in which risk management can add or destroy value for a
bank
Investing in risk management might not be worth its cost if incremental changes in risk taken do not result in much change in the value of a bank.
On the other hand, risk management may add value if taking on incremental risk would otherwise result in excessive total risk and a significant decrease in the value of a bank.
If a bank adopts an inflexible risk management process in order to manage the bank’s risk below a set acceptable threshold level, it may not allow for any value creation.
In contrast, a more flexible risk management system may allow the bank to take on profitable risks and take advantage of investment opportunities that could increase its value. The risk management function of a bank can add value by requiring business units to take the perspective of the entire bank when making decisions regarding risks.
Describe structural challenges and limitations to effective risk
management, including the use of VaR in setting limits
Risk management through hedging alone will not result in risk management becoming a passive activity due to
- risk measurement technology limitations,
- hedging limitations, and
- risk taker incentive limitations.
Ideally, the risk management function within a bank would be independent of the activities of the business lines. However, risk management involves both a verification function and advising on whether to accept or reject a risky project based on established risk limits.
Therefore, such independence is difficult to achieve in practice. In addition, if the risk management process is viewed as a form of internal policing, then the necessary dialogue between risk managers and business unit managers will not exist.
All individual banking units must consider their ability to adjust their VaR by trading
efficiently to ensure that, overall, the bank is making optimal use of its ability to take risk and maximizing its profits.
Firmwide VaR is not likely to account for all of the bank’s risks, especially operational risks. The aggregation of market, credit, and operational risks in arriving at a firmwide risk measure needs to consider the correlation estimates between such risks, although in practice, there is usually insufficient data available to make such estimates accurately. Different types of risk will lead to differing statistical distributions. For example, market risk can be approximated by a normal distribution, but credit and operational risks follow a nonnormal distribution, which makes them more challenging to quantify.
Assess the potential impact of a banks governance, incentive structure, and
risk culture on its risk profile and its performance
It is difficult to demonstrate that a bank’s governance has a significant impact on its risk profile and performance for three main reasons.
- First, very limited data exists on how the risk function operates in banks.
- Second, risk function characteristics are also affected by the bank’s risk appetite (in addition to governance).
- Third, it is possible that at the firm level, poor performance will occur even in the presence of strong governance.
Incentives must be designed so that they do not merely reward managers for performance based on their respective business units alone. Incentives should reward managers for taking risks that create value for the overall bank while at the same time penalize them for taking risks that destroy value.
Two studies examined the impact of culture. One of these studies concluded that companies where managers were perceived as honest and trustworthy were more profitable and were given higher valuations. The other study concluded that shareholder governance improvements would change a firm’s culture from focusing on employee integrity and customer service to focusing on end results.
Risk capital
Risk capital is the amount of capital a bank holds in order to support its risk
appetite.
Describe the key factors the led to the housing bubble
The two main factors that led to the housing bubble were:
- Cheap credit: Large capital inflows from abroad plus the Fed’s lax interest rate policy lead to a low interest rate environment in the United States, making mortgages less expensive for borrowers.
- Decline in lending standards: The originate-to-distribute model allowed banks to offload risk to investors, which led to falling lending standards because banks had less incentive to exercise care when approving and monitoring loans.
Explain the banking industry trends leading up to the liquidity squeeze
and assess the triggers for the liquidity crisis
The originate-to-distribute model and asset-liability maturity mismatches were two key banking industry trends that led to the mortgage crisis and resulting liquidity squeeze.
Explain how banks created collateralized debt obligations
Banks create collateralized debt obligations (CDOs) to unburden themselves of risk.
- First, the bank will bundle a number of debt instruments, such as bonds and loans.
- Then, this portfolio is sliced into various tranches.
- Finally, the different tranches are sold to investors with varying appetites for risk.
The super senior tranche, which is the safest tranche and first to be paid out (but pays the lowest interest rate), is sold to investors that have low risk tolerance.
The most junior or equity tranche is typically (but not always) retained by the CDO issuer to give the bank incentive to monitor the loans carefully.
The mezzanine tranche is in-between the senior and equity tranches.
Explain the purposes and uses of credit default swaps
Credit default swaps (CDSs) are essentially insurance contracts that pay off in the event of the default of a bond or tranche. The protection buyer pays the protection seller a set fee at fixed intervals and in exchange receives protection in the form of a payment if the debt instrument experiences a credit default.
Describe how securitized and structured products were used by investor
groups and describe the consequences of their increased use
The originate-to-distribute model refers to the process through which banks create securities based on an underlying pool of mortgages, bonds, or other loans and then sell the securities to investors. By originating and selling the securitized assets, the banks transfer the default risk of borrowers to the investors.
Banks, via structured investment vehicles (SIVs), used commercial paper and repurchase agreements (repos) to roll over short-term financing for investing in long-term assets. The banks’ mismatches in asset-liability maturities exposed the banks to funding liquidity risk.
