Unit 3

Question 1

Comparing traditional RM and ERM -7 differences

Answer 1

1. Focus on risk identification/ analysis vs

Risk in the context of business strategy

Question 2

Traditional vs ErM

Answer 2

2. Risk as individual hazards
   Vs
   Risk portfolio development with risk interconnectivities

Question 3

Traditional vs ERM

Answer 3

3. Focus on all risks managed in separate areas

Vs
Focus on critical risks

Question 4

Traditional vs ERM

Answer 4

Risk mitigation

Vs
Risk is entity wide

Question 5

Traditional vs ERM

Answer 5

Risk with no owners
Vs
Identifying and defining risk responsibilities

Question 6

Traditional vs ERM

Answer 6

Risk is insurance

Vs
Monitoring and measuring risk

Question 7

Traditional bs ERM

Answer 7

Risk is only about ‘downside risk’

Vs
Risk encompasses upside and downside risk as well as uncertainty

Question 8

Traditional vs ERM

Answer 8

Risk is not my responsibility
Vs
Risk is embedded into everyone’s responsibility

Question 9

Solvency 2 -ERM definition

Answer 9

A firm must have in place an effective RM system comprising strategies, processes and reporting procedures necessary to identify, monitor, manage and report on a continuous basis the risks, at an individual and at an aggregated level, to which it is or could be exposed, and their interdependencies

Question 10

Solvency 2, RM system must

Answer 10

-be effective and integrated into org structure and dm
- include the risks to be covered in the SCR
- cover • underwriting and reserving
•asset liability management
•investments, in particular derivatives
• liquidity and concentration risk
• operational risk management
• re-insurance and other risk mitigation techniques
- where applying matching adjustment or liquidity adjustment, set up liquidity plan

Question 11

Basel 3, 4 principles of supervisory review (Pillar 2)

Answer 11

1. Banks should have a process to assess their overall capital adequacy in relation to their risk profile as well as a strategy to maintain their capital levels
2. Supervisors should review and evaluate bank internal capital adequacy assessments and strategies, as well as their ability to monitor and ensure their compliance with Reg capital ratios. Supervisors should take appropriate supervisory action if they are not satisfied with the result of the process.
3. Supervisors should expect banks to operate above the minimum Reg capital ratio and they should be able to require banks to hold capital in excess of the minimum.
4. Supervisors should seek to intervene at an early stage to prevent capital from falling below the minimum levels required to support the risk characteristics of a particular bank and should require rapid remedial action if capital is not maintained or restored

Question 12

Features of rigorous capital assessment

Answer 12

-the board should set risk appetite
- should monitor compliance with internal limits and controls
- all material risk exposures should be measured and estimated (including risks not addressed in Pillar 1)
- should be a system for reporting on risks

Question 13

ICAAP pillar 2 includes

Answer 13

• requirements on how banks should carry out their own risk and capital adequacy assessment, and document that in their ICAAP submission
• the independent supervisory review process that is used to challenge the ICAAP submission

Question 14

Firm that has received internal model approval, the RM function must:

Answer 14

• Design and implement model
• test and validate model
• document model and any changes
• analyse performance of model
• inform governing body about performance, suggesting areas for improvement

Question 15

ICAAP-regulators looking to see that:

Answer 15

• Board and senior management oversight: bank’s management responsible for understanding the nature and level of risk being taken and how that relates to capital requirements and for ensuring the adequacy and effectiveness of the risk management framework.
• Sound capital assessment: the bank should have in place a process for identifying, measuring and reporting all material risks (i.e. not just those addressed by Pillar 1) and for relating the level of risks to a capital level. This needs to be linked to the strategic objectives and business plans of the bank to ensure that capital held is not only adequate at the time of reporting but will remain sufficient should the bank plan to grow and/or if significant adverse events occur in the future.
• Comprehensive assessment of risks: all risks should be measured and where mathematical models are not possible, then appropriate estimation approaches should be used. Where mathematical models are used they should be subject to suitable stress tests. Concentration risk is highlighted
as requiring pro-active management
. • Monitoring and reporting: there should be mechanisms to monitor risk positions and to assess how the changing risk profile links to changing capital requirements.
• Internal control review: the capital assessment process should include independent review and, where appropriate, internal and external audit.

Question 16

ORSA

Answer 16

ORSA allows an insurer to calculate its capital requirements at a confidence interval of its own choosing. Typically, this would be higher than the regulatory capital requirement since the regulatory capital is calibrated at a level at which an insurer would receive a low credit rating. In addition, ORSA might include those risks that are not set out in the Pillar 1 regulatory capital requirement, including
strategic risk and reputational risk. The ORSA therefore provides an “economic capital” view.

Question 17

Features of ERM

Answer 17

• Encompasses all areas of exposure
• integrated rather than silo view
• evaluates internal and external context
• recognises exposures are interrelated
• qualitative and quantitative structured process
• seeks to embed RM in decision making
  -helps identify risks to strategy
• communicates risk issues
• supports activities of internal audit
• sees RM as a source of competitive advantage

Question 18

ORSA PRA must include:

Answer 18

• Overall solvency needs taking into account the specific risk profile, approved risk tolerance limits and business strategy
• Compliance, on a continuous basis, with SCR and MCR
• significance with which the risk profile of the firm deviates from assumptions underlying the SCR

Question 19

ORSA PRA

Answer 19

Firm must make ORSA integral part of business strategy and take ORSA into account on ongoing basis in strategy

Perform regularly and without delay following any significant change

Question 20

Definition of ERM by IIA

Answer 20

A rigorous and coordinated approach to assessing and responding to all risks that affect the achievement of an organisation’s strategic and financial objectives

Question 21

Benefits/ reasons of RM

Answer 21

MADE 2

Mandatory, Assurance, decision making, Effective and Efficient core processes

FIRM

Financial; infrastructure; reputational; marketplace

Question 22

Principles of RM / how

Answer 22

PACED

Proportionate, Aligned, comprehensive, embedded, dynamic

Question 23

S&P - ERM analysis

Answer 23

RM culture;
Risk controls;
Emerging RM;
Risk models;
Strategic RM

Question 24

Establishing the context for RM -Hopkin

Answer 24

External context
Internal context
Context of RM process

Question 25

External context

Answer 25

• government policy, national and international regulation • the changing financial services market – competitor activity, new competitors such as supermarkets offering financial services, evolving products, new and declining markets and customers • factors in the wider financial services sector such as low interest rates or excess growth in credit • technological developments including increased use of the internet for banking and insurance. What does the world around us look like? What are the drivers and trends?

Question 26

Internal context

Answer 26

What are our objectives? What is our capacity? What are our business processes? How do we make decisions? - The organisation’s divisions, departments, structures, systems, processes and accountability, cultures, leadership, strengths and weaknesses • internal stakeholders – staff, managers and the board • its approach to corporate governance, its resources, competencies and capabilities, its culture, and the ways it conducts itself factors that influence how the organisation will try to set and achieve its objectives, which of course is the primary aim of risk management.

Question 27

Context of RM process

Answer 27

what is the process expected to achieve? Who will be responsible? What resources will be required? The risk management context typically involves the context in which the risk management process must operate, which can be described using the RASP acronym. Included in this element of context is something called the ‘risk appetite’; a very important idea around deciding upon an acceptable level of risk for the organisation.

Question 28

Objective setting

Answer 28

External analysis + Internal analysis | Strategic objectives (alignment required) | Tactical objectives (mid level / departmental) | Operational objectives (team, personal)

Question 29

Benefits of establishing context for RM

Answer 29

Define objectives Identify scope, responsibilities, and resources Methodologies for evaluating success

Question 30

Reasons why setting objectives is difficult

Answer 30

1. Competing stakeholders expectations; 2. Continuously questioned in light of changing context 3. Staff may be unaware/ disagree 4. More ambitious/ more risky and vice versa

Question 31

Implement ERM steps through

Answer 31

PIML