Financial Services: Key Types of Risks

Questions and Answers

What is the primary objective of investment management firms when considering investment and market risks?

• To minimize risk while maximizing returns through diversification. (correct)
• To eliminate risk while maximizing returns.
• To ignore risk and focus solely on maximizing returns.
• To maximize risk and diversify returns.

Which of the following best describes the role of risk and compliance functions in the 'three lines of defense' model?

• To directly manage risks as the first line of defense.
• To advise and challenge risk management practices. (correct)
• To set the organization's risk appetite.
• To provide independent assurance on the effectiveness of risk management and controls.

Which of the following best describes the strategic importance of diversifying funding sources in liquidity risk management?

• It simplifies cash flow analyses and maturity ladder construction.
• It centralizes banking relationships, improving operational efficiency.
• It mitigates the risk of over-reliance on a single source, enhancing resilience to market disruptions. (correct)
• It increases the overall cost of funding due to managing multiple relationships.

In Enterprise Risk Management (ERM), how does a common risk language primarily contribute to effective risk management?

By improving clarity and consistency in risk communication across different departments. (C)

What is the main characteristic of a 'fat-tailed' distribution, which is relevant in the context of risk assessment in finance?

Extreme deviations from the mean occur more frequently than predicted by a normal distribution. (A)

Which factor is most essential in high-frequency trading (HFT) for maintaining a competitive edge?

Co-locating servers in market data centers to minimize latency. (D)

What does Value at Risk (VaR) measure in the context of financial risk management?

The maximum loss that can occur with a specified confidence over a specified period. (C)

In managing Operational Risk, what does 'Segregation of Duties' primarily aim to prevent?

Conflicts of interest. (D)

Why is understanding the assumptions underlying financial models essential for effective risk management?

To ensure models are used only for their intended purposes and to recognize their limitations. (C)

What role does 'Stress Testing' play in managing Credit Risk?

It identifies potential adverse events affecting credit exposures and assesses a bank's resilience. (A)

How do Credit Rating Agencies (CRAs) aid investors?

By assessing the creditworthiness of borrowers to gauge investment risk. (D)

What is the potential impact of not having well-defined escalation procedures for rising trading losses and market risk limit breaches?

It can result in delayed or inappropriate responses, increasing potential losses. (A)

What is the primary goal of netting agreements in managing credit risk?

To consolidate multiple cash flows into a single payment to reduce settlement risk. (C)

What is the main purpose behind a bank implementing intra-day counterparty credit limits?

To mitigate risks related to potential counterparty defaults within the same day. (A)

In the Basel framework, what does Pillar 3 primarily focus on to enhance banking supervision?

Public disclosure of capital and risk management practices to promote transparency. (C)

Which type of risk refers to the potential losses in financial markets due to adverse price movements?

Market Risk (B)

What is the definition of operational risk according to the Basel Committee on Banking Supervision?

The risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events. (D)

Which of the following best describes the concept of 'risk appetite' in risk management?

The amount and type of risk an organization is willing to accept in pursuit of its objectives. (A)

What is the primary goal of establishing minimum regulatory capital requirements for banks under the Basel Accord?

To ensure banks have sufficient capital to withstand risks and meet short-term obligations.. (D)

Which factor primarily influences the effectiveness of risk limits in managing market risk?

The accuracy of risk measurement and the quality of underlying data. (D)

What is the definition of enterprise risk management (ERM)?

Managing risk across all risks a firm faces, understanding their interrelations (B)

What is a 'haircut' in the context of lending and borrowing?

A reduction in the loan amount to protect against value decline (D)

What are the external considerations of PESTLE Analysis?

Political, Economic, Social, Technological, Legal, Environmental (B)

What is 'business continuity planning'?

Planning for disaster recovery and identifying external risk factors that may impact operations (A)

How is 'strategic risk' best defined?

The risk to earnings and capital arising from changes in the business environment or poor decision-making (B)

What are the three pillars of the Basel Accord? (Pick three)

Market Discipline (A), Minimum Regulatory Capital Requirements (D), Supervisory Review Process (E)

What is the 'Net Stable Funding Ratio (NSFR)'?

Ensures that banks maintain a stable funding profile in relation to their assets and off-balance-sheet activities (C)

What is the formula for calculating the expected loss from borrowers?

Probability of Default (PD) x Exposure at Default (EAD) x Loss Given Default (LGD) (D)

How are Non-Performing Assets (NPAs) classified?

Loans for which repayments are overdue (D)

What factors are used to assess borrowers?

Review of cash flow and financial statements, consideration of earnings, profit margins, and outstanding debt, analysis of industry variables such as competitive pressures and growth potential, control of loan terms (B)

How is Market Risk defined?

Potential for loss from fluctuations in the value of financial instruments (B)

What is the difference between microprudential and macroprudential regulation?

One regulates individual firms and the other the system as a whole (D)

What are the key types of internal risks? (Pick Three)

Operational (A), Strategic (B), Financial (D)

What is 'credit risk'?

A counter party's issuer fails to meet financial obligations (C)

What is 'settlement risk'?

A key source of counterparty risk that occurs at the point of exchange between a buyer and seller (C)

What action would be best to mitigate Model Risk?

Ensure constant stress testing of models (D)

What is the major goal of ERM?

To have better decision making across the organization (C)

What are two things a risk committee is supposed to do?

Monitors effectiveness of risk policies, translates risk appetite into limits (A)

What is a main goal of having a strong risk governance structure?

Facilitate communication of strategic and tactical risk takers (C)

Flashcards

Credit Risk

The risk of loss due to a borrower's failure to repay a loan or meet contractual obligations.

Market Risk

The risk of losses in financial markets due to adverse price movements.

Liquidity Risk

The risk that a firm cannot meet its short-term financial obligations due to an imbalance between its liquid assets and liabilities.

Investment Risk

Combination of credit, market, and liquidity risks, which are managed to provide the right level of return to investors.

Operational Risk

Arises from the processes, systems, and people involved in managing the aforementioned risks. It includes risks from internal processes and external events.

Enterprise Risk Management

A holistic approach to risk management that provides a comprehensive view of all risks faced by a financial services firm. This enables informed decision-making at the senior management level.

Internal Strategic Risks

These arise from a firm's strategy, execution, financial management, and compliance with regulations.

External Strategic Risks

These include unforeseen changes in the global economy, political landscape, competitive environment, and technological advancements.

Risk

Variability that can be quantified with probabilities, often based on historical data.

Uncertainty

Variability that cannot be quantified, often due to unique events or lack of data.

Risk Policies and Governance

Establishing clear policies at the board level.

Risk Oversight

Conducted by business units with independent risk management functions ensuring risks are identified, assessed, and controlled.

Day-to-Day Risk Management

Integrated into business management, owned by business units rather than solely by the risk function.

Economic Risk

The economy is shaped by human behaviour and resource allocation. Firms must anticipate changes in consumer behaviour and market conditions to avoid losses during downturns.

Technological and Cyber Security Risks

The rapid development of technology drives productivity and economic growth, but it also introduces risks related to data security and operational integrity.

Cyber Risk

New threats related to the theft or damage of information stored on computers and the systems that operate them.

Identifying External Risks from Stakeholders

External stakeholders, including parent companies, institutional investors, and large customers, can present significant risks to a firm.

Parent Company Risk

When a parent company owns multiple businesses, it may impose broader expectations that can disrupt subsidiary plans if not managed carefully.

Institutional Investors Risk

Significant shareholders can influence corporate decisions through voting rights, potentially pushing for changes that may not align with the firm's strategy.

Large Customers Risk

Over-reliance on a single customer can create concentration risks, necessitating careful management of these relationships.

Environmental Risks

Include climate change and depletion of natural resources.

Social Risks

Involve human capital issues, product liability, and stakeholder opposition.

Governance Risks

Relate to corporate governance structures and ethical business practices.

PESTLE Analysis

Examines the external macro environment affecting a business, considering factors beyond the firm's control.

Business Continuity Planning

Involves planning for disaster recovery and identifying external risk factors that may impact operations.

Strategic Risk

Defined by the European Banking Authority as the risk to earnings and capital arising from changes in the business environment or poor decision-making.

Operational Risk

Refers to losses resulting from inadequate internal processes, people, systems, or external events, as defined by the Bank for International Settlements.

Financial Risk

Includes credit risk (failure of a counterparty), market risk (value changes in financial instruments), and liquidity risk (insufficient cash to meet obligations).

Risk management involvement

Analysing potential revenues against actual costs to determine the viability of a project.

Inherent (Gross) Risk

Refers to the level of risk present before any controls are applied. It is crucial to assess this risk to understand the potential exposure without mitigation.

Residual (Net) Risk

The remaining risk after controls have been implemented.

Risk Appetite

The amount and type of risk an organization is willing to accept in pursuit of its objectives. It varies across different risk types and is essential for guiding decision-making.

Risk Profile

Outlines the specific risks an organization faces, including their nature, likelihood, and potential impact.

Risk Culture

Encompasses the values and behaviours that influence risk-related decisions within an organization.

4th EU AML Directive (4MLD)

Addresses the regulation of virtual assets and requires member states to implement AML measures for crypto exchanges.

Payment Services Directive (PSD)

Aimsto create a safer online payment environment, ensuring strong customer authentication and secure communication.

Hot Storage

Online storage that is vulnerable to hacking.

Cold Storage

Offline storage that is less vulnerable but still carries risks.

Liquidity requirements

Liquidity Requirements: Ensures banks maintain sufficient liquid assets to meet short-term obligations.

Responsibilities, Objectives & Powers

An effective banking supervision system must have clear responsibilities and objectives for each supervisory authority.

Netting Agreements

Agreements allow two parties to consolidate multiple cash flows into a single payment per currency, to reduce settlement risk, lower transaction costs and communication expenses.

Study Notes

Key Types of Risks

• Financial services are exposed to multiple risks affecting operations and profitability.
• Credit risk constitutes the potential for loss when a borrower does not repay a loan or fulfill obligations.
• Market risk is the potential for losses in financial markets due to unfavorable price movements.
• Liquidity risk refers to the situation where a business cannot meet its immediate financial obligations due to liquid assets and liabilities being unbalanced.
• Investment risk is a mix of credit, market, and liquidity risks managed together to provide target returns.
• Operational risk stems from processes, systems, and human factors involved in managing risks, including both internal and external events.

Enterprise and Strategic Risks

• Enterprise Risk Management (ERM) is a holistic approach, offering a comprehensive view of all risks to enable informed executive decisions.
• Firms are shifting towards collective risk reporting to gain clarity on risk exposure.
• Internal strategic risks stem from strategy, execution, financial management, and regulatory compliance.
• External strategic risks involve unforeseen shifts in the global economy, political landscape, competitive environment, and technological advancements.

Key Elements of Risk Management

• Risk is defined as variability that can be quantified through probabilities, often drawing upon historical data.
• Uncertainty is variability that cannot be quantified, often linked to unique events or a lack of data.

Framework for Managing Risk

• A robust framework includes Risk Policies and Governance, Risk Oversight, and Daily Risk Management
• Risk Policies and Governance involves establishing policies at the board level.
• Risk Oversight is conducted by business units with independent management functions, ensuring identification, assessment, and control.
• Day-to-Day Risk Management is integrated into business management, owned by business units instead of solely by the risk function.

Types of External Risks

• External risks stem from changes in the global economy, political events, and competitive market dynamics.
• Additional external considerations include social and market forces, environmental factors, technological advancements and cybersecurity.

Economic and Political Risks

• Economic risk is the economy shaped by behavior and resource allocation of humans, and anticipating consumer and market impacts. Firms not adapting to a recession may face challenges with inventory.
• Political risk comes from political shifts, impacting financial services, market changes, demand for financial products, and regulatory environment.

Competitive, Social, and Technological Risks

• Firms must navigate the competitive space and the performance of competitors will influence market dynamics. Gaining market share could force others to leave the market, while a company collapse could open acquisition.
• Technological and cybersecurity growth leads to productivity and economic benefits, but comes with data security and operational risks, and firms have to adapt to remain secure and competitive.

Understanding Risk Management in Business Evolution

• Originally, workers moved to employer location but modern firms can outsource customer communications overseas. This enhances operational efficiency as consumer data is effectively used and consumers gain access to info on products and services.

Cyber Risk A New Frontier

• New tech introduces cyber risk regarding theft or damage of data on computers and it systems.
• New fields like info security aims to combat cyber risk, and UK government releases guidelines on cyber threat, which emphasizes proactive management by corporate governance

Types of Stakeholder & Third Party Risks

• External shareholders can pose great risks to a firm, from parents, institutional investors and large customers
• Risks from a parent can disrupt subsidiary plans unless handled carefully, and shareholders can influence business strategy through voting rights if unmanaged.

Managing Stakeholder Relationships

• Managing Over-reliance on a customers can cause heavy concentration risks.
• Establish high-level relationships to effectively oversee stakeholder risks, acknowledge diverse objectives, and oversee expectations on news.

Environmental, Social, and Governance (ESG) Risks

• A World Bank study finds water scarcity can lead to some countries losing up to 6% of GDP, with expectations of 55% water demands to rise by 2050. This has risk to all intensive areas like food and beverage as well as energy.
• Governance risks touch upon corporate governance as well as ethical practices.
• ESG risks lead to negative impacts on business like revenue reduction, reputational damage or missed savings as well opportunities for innovation
• COSO framework puts focus on integrating ESG in enterprise-wide risk management systems to create value as well make decisions.

Analytical Tools for Management

• PESTLE analysis looks at external macro environment and a business like political, economic, social, technological, legal, and environmental factors.
• This is often conducted collaboratively to find potential risks.
• Planning for business includes disaster recovery from risks impacting operations, and business process analysis views internal and external factors impacts those processes.
• Risk is categorized internally into three main types like strategic, operational, and financial risk.

The 3 Types of Internal Risks

• Strategic risk, as defined by European Banking Authority, involves changes to earnings plus capital arising from changes or poor decision making.
• Operational risk comes from losses from inadequate internal processes or systems, while financial risks involve failure or insufficient cash.
• There is assessment of internal risks including strategic as well operational, and financial, achieved through multiple techniques

The Systematic Approach to Risk Management

• Focus on finding, measuring and controlling potential losses while improving opportunity
• Risk assessment through tests, workshop, stress analysis for managing and finding risk

Management and Involving Early Risk

• Is about finding revenues against actual to see viability of projects, or regulatory issues.
• If underestimated it's important to involve management staff to protect the firm and improving volatility of earnings.
• Involving management to see potential impacts to include risk mitigation strategies to reduce these impacts as well reduce risk.

Risk Appetite and Risk Profiles

• There can be a level of risk where before controls applied, and its crucial to see the potential.
• The remains still exists and its important to know what level of risk remains once controls are used.
• Risk Appetite is the amount and type of organization which accepts on purposes of the objectives.
• The different risk types is critical as well for guiding the decision, risk profile to see specific risks which is in an event in how they may happen and potential impacts

Importance of Risk Culture

• The risk values will infulence risk within organization. The actions will outcome for customers as incentives prioritize welfare.
• The regulations that take place to combat things like terrorism or virtual assets. There are EU directives which take the AML measures from crypto.

Risks that are Cyber

• There is private key stolen, that can be accessed without recourse for original owner.
• It is important for EU as GDPR to impose limits on protection when there penalties for non compliance
• Organization needs to manage limits
• In digital world assets have to encrypt and stored securely to combat from things like hot storage and cold storage, there are high volatility by ownership which is susceptible for invest

Fintech & Rep Risk

• There needs to be compliance to manage the trust from clients and regulators from negative to save the data and data for regulatory violations
• That means companies have balance between all the clients