Chapter 1: Introduction PDF

Chat with Document Quiz & Flashcards

Document Details

CommodiousKineticArt

Uploaded by CommodiousKineticArt

Tags

financial risk management risk management history early risk management academic risk management

Related

Summary

This document provides an introduction to financial risk management. It details the historical milestones of financial risk management, tracing its development from the Second World War onwards, featuring key contributors and events in risk management.

Full Transcript

Chapter 1 Introduction Accompanying presentation: 1. Risk Management — Introduction 1.1. Historical Milestones in Financial Risk Management1 Financial risk management as an academic discipline only ca...

Chapter 1 Introduction Accompanying presentation: 1. Risk Management — Introduction 1.1. Historical Milestones in Financial Risk Management1 Financial risk management as an academic discipline only came into exis- tence in the years following the Second World War,2 and the first aca- demic books on the subject3 were not published until the 1960s. Since then, the field has seen rapid growth, accumulating extensive knowledge and expertise and becoming an integral component of business administration, public administration and international regulation. Risk Management Academic study of risk management began after the Second World War. Source: Georges Dionne (2013). The years 1955–1964 mark the beginning of modern risk management. Source: Crockford (1982), Harrington and Neihaus (2003), Williams and Heins (1995). The first two academic books on the subject of risk management were published in 1963–1964. Source: Mehr and Hedges (1963) and Williams and Heins (1964). 1 See also Georges Dionne (2013). Risk Management: History, Definition and Critique. Risk Management and Insurance Review, 16(2), 147–166. 2 Georges Dionne (2013). According to Crockford (1982), Harrington and Neihaus (2003), Williams and Heins (1995), financial risk management in its modern form can trace its origins to the years 1955–1964. 3 Mehr and Hedges (1963) and Williams and Heins (1964). 1 2 Lecture Notes in Risk Management In this chapter, we shall present in chronological order some of the most significant milestones in the history of financial risk management and explain how they have influenced the development of the field from its infancy and up to the present day: #### The first milestone in the history of risk management is the sub- ject of an entertaining debate. Some would point to the Biblical story of the contract between Jacob and Laban. The vagueness of the contract’s terms resulted in the materialization of legal risk — although the contract was supposed to grant Jacob the right to marry Rachel, Laban’s youngest daughter, Jacob instead ended up marrying Leah, the eldest daughter, and had to work for seven more years before Laban would finally allow him to marry Rachel. Others would put that first milestone at an even earlier point in the same story, arguing that Laban, in the business of financial derivatives pricing, sold Jacob an option granting him the right to marry Rachel for the premium of seven years of labor. Others would go still further, all the way back to the Garden of Eden. According to this argument, the conduct of Adam and Eve surrounding the forbidden fruit was an example of failed risk management. This brought about a severe crisis, the consequences of which humanity con- tinues to suffer to this very day. Milestones in Risk Management 1730 1864 1972 The first The first futures Future contracts futures contracts on on currency at contracts on agricultural the Chicago rice prices in products at the Mercanle Japan Chicago Board of Exchange Trade 1700 1750 1800 1850 1900 1950 1900 1932 1952 1963 1974 Bachelier The first Markowitz Arrow presents Merton’s credit publishes his edion of publishes his opmal risk model thesis, Theory of the Journal paper on insurance, moral Speculaon, of Risk and porŒolio hazard and based on Insurance selecon adverse Brownian selecon moon 1952 1961–1966 1973 Roy’s safety- Development of The Black– first criterion the CAPM model Scholes–Merton (Treynor, Sharpe, opon pricing Lintner and model is Mossin) developed Introduction 3 1730: We begin this historical overview with the first milestone of finan- cial risk management in modern history. In 1730, the Dōjima Rice Exchange in Osaka, Japan, began trading in futures contracts. In those days, samurai would receive their wages in rice. The amount of rice was fixed, but its monetary value would vary depending on the abundance and quality of the season’s harvest. Futures contracts made it possible to assign a fixed value to samurai wages, independent of fluctuations in rice prices. This milestone marked the first time that futures contracts were used as a tool to facilitate risk management, mitigating the market risks which had affected routine business activity since then. This was the start- ing point of an era in which business needs play a key role in risk management, an era which continues to our time. 1864: More than 130 years after futures contracts were introduced in Japan, the Chicago Board of Trade (CBOT) began conducting trade in agricultural commodity futures. This made it possible to plan business activity based on mutually agreed-upon commodity prices. CBOT contin- ues to operate until our time and now conducts trade in thousands of futures contracts, as well as other types of derivatives that have developed over the years. This milestone saw regular business activity spark a devel- opment of additional tools for managing market risk. 1900: In 1900, French mathematician Louis Bachelier published his theo- retical work, Théorie de la speculation (The Theory of Speculation), in which he conducted an analysis of the French stock market. This was considered a groundbreaking thesis: Bachelier, for the first time, made use of the model of Brownian motion to describe the development of financial asset prices analytically. This was the first time market prices had ever received in-depth academic care and as such was a significant milestone in academic research.4 Bachelier’s thesis marks the start of the academic era of risk 4Some interesting facts… A few interesting facts about the progression of scientific research into Brownian motion are as follows: · Brownian motion was discovered in 1827 by Scottish botanist Robert Brown, who was researching the random movement of pollen in water. · Not until 1880 did Danish astronomer Thorvald Nicolai Thiele outline the mathemati- cal foundation of Brownian motion in an article on the method of least squares. 4 Lecture Notes in Risk Management management, which has greatly contributed to our knowledge and under- standing of various areas — definition and classification of risks, assess- ment and measurement of market risk and other types of risks, risk pricing, the invention of new tools to reduce and hedge risk and of course spreading all this new knowledge. 1932: This year marked the founding of the American Risk and Insurance Association. The Association began publishing the Journal of Insurance, which contained the first academic articles dedicated to risk management, primarily on the topic of insurance. Later on, the Association issued two publications: the Journal of Risk and Insurance and Risk Management and Insurance Review. Many other risk management journals have sprung up since then, facilitating academic discussion of the ever-growing field and furthering its expansion. 1952: In March 1952, The Journal of Finance published an article on portfolio selection by Nobel laureate Harry Max Markowitz. What set this article apart from those that had come before was the integration of return and risk into the decision-making process, resulting in a portfolio compo- sition based on the optimal distribution of assets. 1952: In July of the same year, Econometrica published an article by Arthur Roy presenting Roy’s safety-first criterion for choosing between portfolios according to the principles of risk management. Roy’s proposed innovation was to compare only the expected losses of the various portfolios, in order to select the portfolio with the lowest probability of significant losses. · The mathematical development of Brownian motion was further advanced by Nobel- winning physicists, such as Albert Einstein and Norbert Wiener. Wiener’s progress in the field proved to be particularly valuable to subsequent research. · In 1973, Fischer Black and Myron Scholes published an article in which they presented the options pricing formula which came to be known as the Black–Scholes formula (which is included in the following as a milestone in its own right). Although they did not quote Bachelier directly in their article, his theory provided the groundwork for the description of the development of financial asset prices upon which they based their pricing model. Introduction 5 1961–1966: Treynor, Sharpe, Lintner and Mossin developed the Capital Asset Pricing Model (CAPM) and calculated the additional yield required to compensate for the risk of loss. This model is considered a milestone in financial risk management as it made it possible to assign a monetary value to risk, what is today referred to as a risk premium. 1963: Research into risk management continued with the publication of an article by Kenneth Arrow, who would later win the Nobel Prize in Economics, in 1972. The article, titled Uncertainty and the Welfare Economics of Medical Care, introduced two new concepts into the field of risk management: moral hazard and adverse selection. It would be ten years from the publication of Arrow’s article until the next break- through in the field. 1972: Having abandoned the Bretton Woods system in favor of a U.S. Dollar exchange rate based on market forces, the Chicago Mercantile Exchange (CME) began trading in currency futures. This develop­ ment meant that additional tools were now available to assist in the man- agement of currency risk. Nevertheless, the academic study of risk management up to that point played no significant role in the development of this system. 1973: Fischer Black and Myron Scholes published an article in which they presented a formula for options pricing, which subsequently became known as the Black–Scholes formula. This was the first time an academic breakthrough in risk management has had such a substantial impact on the market.5 5Some interesting facts… A few interesting facts on the article by Black and Scholes are as follows: · Economist and Nobel laureate Robert C. Merton was the first to publish a mathematical model for options pricing. He had already made most of the theoretical progress in the development of the model before Black and Scholes published their work. It was the latter pair, however, who ultimately won the Nobel Prize for their work in the field, for proposing a method to implement Merton’s model, using a simple formula which con- tained the assumption that the distribution of asset prices was a normal distribution, as well as a number of other simplifying assumptions. This was the formula adopted in the market, which remains at the base of options pricing since then until our time. 6 Lecture Notes in Risk Management 1974: Robert C. Merton published a model for calculating a company’s credit risk, utilizing an expanded version of Bachelier’s Brownian motion coupled with a number of simplifying assumptions. His article proposed innovative methods for quantifying credit risk, and it managed to find its way out of academic circles and into the world of finance. Private busi- nesses and banks have since made extensive use of the ideas presented in Merton’s article. Milestones in Risk Management 1987 1990 1999 Global stock Nikkei index Financial crisis market collapse crash in Brazil 1979–1982 1980–1990 1985 1987 1988 1994 1997–1998 The first Development of The Swap Merrill Lynch Basel I Crisis in Mexico Debt OTC/Swap exo c op ons, Dealers forms the first cancela on in contract on swap ons and Associa on risk Russia, crises in exchange rates deriva ves sets standards management Asia, LTCM and interest for OTC trade division collapse rates 1975 2000 1977 Late 1980s Interest rate Development of models VaR and published by calcula on of Vašíček and op mal capital subsequently by alloca on Cox, Ingersoll and Ross 1975: Academic research into risk management continues, with the work of Cox, Ingersoll and Ross outlining a model for the evolution of interest rates. This model made use of an extended version of Brownian motion, as well as another extended mathematical model published by Vašíček describing the evolution of interest. Their work made it possible to implement a pricing system for interest rate derivatives. · Merton himself coined the term “Black–Scholes options pricing model” in an article he published later in 1973. · Most academic financial journals refused to publish Black and Scholes’s article, claim- ing it was too revolutionary. · Their article was eventually printed in the Journal of Political Economy, which was in fact an economic journal rather than a financial one. · Until our time, the Black–Scholes model remains the most widely-used risk pricing model for derivatives markets around the world. Introduction 7 1979–1982: The first swaps are traded over the counter (OTC). These contracts make it possible to exchange the cash flow from one financial asset for the cash flow from another. One of the earliest and best-known swap deals was signed between IBM and the World Bank. IBM required its cash flow in U.S. Dollars, while the World Bank sought German Marks and Swiss Francs. Swaps are among the most extensively traded financial assets world- wide, with trillions of U.S. Dollars in swaps traded every day — several times the entire gross world product for an entire year! 1980–1990: During these years, the area of exotic options trading saw significant development. Exotic options are options with complex fea- tures, such as multiple triggers. For example, the option to purchase Euros for U.S. Dollars at an exchange rate higher than EUR 1.2 per U.S. Dollar will only come into effect if the EUR/USD exchange rate rises above 1.3 at least once during the option’s lifetime and various calculations of base asset price (e.g., monthly price average). In a later section of this book, we will expand on the different types of exotic options. It is important to note that despite their exotic name and the speculative nature, it would seem to imply, exotic options do, in fact, serve to reduce and hedge risk. 1985: The Swap Dealers Association established a set of standards for OTC trade. These standards ensured uniformity in business specifications and simplified trade between various financial institutions across the world. 1987: The financial crisis known as Black Monday occurred on October 19, 1987. Stock markets worldwide plummeted by tens of percentage points. Although we will not describe crisis in great depth, the reasons for its occurrence, the contagion effect which caused the crisis to spread across the world, from Hong Kong, through Western Europe and all the way to the United States, Australia and New Zealand (where it became known as Black Tuesday due to the differing time zones), its analysis and its consequences are fascinating in and of themselves. Nevertheless, as we shall see, the crisis had some far-reaching impli- cations for risk management. In the wake of the crisis, two years after its 8 Lecture Notes in Risk Management occurrence, regulators6 began conducting risk management with a global outlook. 1987: The global financial crisis caused American investment broker Merrill Lynch to form a risk management division. This was the first time risk management had been recognized by a business firm as an independ- ent field, requiring the constant attention of professionals in order to effectively reduce the market risk to which the company is exposed. 1988: As a consequence of Merrill Lynch’s decision, the first of the Basel Accords was drafted. The Accord, which subsequently became known as Basel I, would be adopted by regulators in several countries, primarily in Europe. It contained banking management rules which were designed to reduce the scope of market and credit risks faced by banks in those coun- tries that chose to implement its recommendations. These standards were so widely adopted that banks which would not comply with them were either prohibited from conducting business altogether or forced to pay a substantial fine in order to continue operations. In 1988, regulation gained an international aspect for the first time, due to the understanding that a financial crisis in one country could soon lead to crises in neighboring countries. Basel I marks the beginning of the era of international regulation. Late 1980s: A new measurement approach was developed, bearing the name Value at Risk (VaR). This will be discussed in depth later on. This method quantifies the risk in the event of an extreme crisis, of the sort that occurred on Black Monday. Bankers Trust was the first organization to make use of this method in its business activity, and virtually all banks have since followed suit. This method calculates the capital required to preserve the financial well-being of a banking institution. Several years later, regulators in many countries adopted this system, requiring all banks under their jurisdiction to allocate capital accordingly. 1990: Yet another crisis struck financial markets, this time with the col- lapse of the Nikkei index. This crisis marked the end of a financial bubble 6 Bank and currency regulators, securities authorities, etc. Introduction 9 which had formed in the Japanese market, leading to a severe economic crisis in Japan and two decades of stunted growth in the country. 1994: Mexico found itself in an economic crisis, despite seemingly favorable macroeconomic conditions — a successful monetary policy had reduced annual inflation from 160% to just 7%, the budget was balanced, external and internal debt had been reduced, capital flows liberalized, free-market economic reform implemented, administrative distortions eliminated and the North American Free Trade Agreement (NAFTA) had been signed with Canada and the United States. At that time, boundaries on the exchange rate (“Target Zone”) had been implemented for the currency. In March 1994, in the aftermath of the assassination of the ruling party’s candidate in the presidential elections, the value of peso dropped sharply, sticking to the upper limit of the target zone. In an attempt to protect its exchange rate, Mexico lost approxi- mately USD 19 billion, leaving it with foreign exchange reserves of just USD 6 billion. At this point, Mexico chose to abandon the controlled exchange rate system and adopted a floating exchange rate, and the cur- rency devalued by almost 90%. The collapse of the peso destabilized the entire financial system in the country. In an effort to prevent Mexico’s impending bankruptcy and avert the crisis, the United States and the International Monetary Fund (IMF) put together an assistance package of USD 52 billion. The Mexican crisis raised many doubts about the ability of a state to artificially stabilize its currency, particularly in times of financial pressure which would otherwise lead to currency devaluation. Nevertheless, a number of other countries would experience currency crises of their own, losing significant portions of their foreign exchange reserves, before learning Mexico’s lesson. 1997–1998: A further series of financial crises occurred. In 1997, Thailand lost billions of U.S. Dollars in an attempt to protect its currency. Giving in to market pressures, ending government intervention in the foreign exchange market and transitioning to a floating exchange rate caused the Thai baht to experience a 55% devaluation. The local currencies of Malaysia and South Korea also dropped by 55%, and in Indonesia by 80%. The IMF pumped tens of billions of U.S. 10 Lecture Notes in Risk Management Dollars in loans into these economies in order to assist in the recovery process. These crises affected national production, employment and invest- ment rates in these countries and led to mass protests by citizens, con- cerned about the lack of basic goods and the inability to repay the IMF loans. The economic crises in East Asia were an important milestone which underlined the connection between negative developments in financial markets and economic crises affecting every citizen, and in particular disadvantaged sectors far removed from the financial market. In August 1998, the wave of crises spread to Russia. The Russian government, with Boris Yeltsin at its head, announced that it would be unable to repay its debts and would initiate a process of debt relief. Russia’s debt relief led to a default on large debt payments to the Long-Term Capital Management (LTCM) hedge fund.7 This hedge fund was unique by virtue of its use of mathematical formulas to create alleg- edly risk-free arbitrage profits and because Nobel laureates Black and Scholes were members of the fund’s board of directors. LTCM’s collapse became a significant milestone for two reasons: First, since then until our time, the fund’s collapse is given as an example of the enormous risk potential of financial markets. Second, the fund’s collapse served as a “proof” by contradiction for the argument against the use of mathematical models in policy and business-related decision-making, due to the inability of such models to take into account the human element involved. As a result, the analytical models were more carefully examined in order to reduce the model risks. 7Some interesting facts… A few interesting facts on LTCM are as follows: · LCTM’s specialization was in using arbitrage gaps in bond pricing. · The fund saw phenomenal returns — double-digit percentages every year between 1994 and 1997. · The preeminent group involved with the fund was doctors and professors who were leaders in the field — among them were Nobel laureates Black and Scholes. · Before the crisis, the fund’s exposure reached a trillion U.S. Dollars, the equivalent of the GDP of a mid-sized country. Introduction 11 1999 — Crisis strikes Brazil: Having lost about half of its USD 70 billion of foreign exchange reserves, which were supposed to protect the exchange rate, Brazil learned the same lesson Mexico had learned five years previously. Milestones in Risk Management 2000 Dot-com crash 2001 2002 2004 2007 2009 2010... Enron collapse SOX Basel II Beginning of Solvency II Basel III Local regulaon subprime crisis 2000 2016 2000–today... Connued Internaonal research and regulaon, development of money models, theory laundering, and risk FATCA measures 2000 — The dot-com crash: Internet companies had become modern- day “gold mines”, and stock indices soared upwards for several years. NASDAQ doubled within a year from 2,500 to 5,000 points. This rapid rise in stock indices, however, represented a bubble which did not accu- rately reflect the actual growth of the traded companies. It was only a matter of time before investors realized that stock prices were signifi- cantly higher than the actual company values and started selling their shares. In the year 2000, many stock indices collapsed, with NASDAQ plummeting to below 2000 points. This was called the “dot-com crash”. 2001 — The Enron scandal: Enron was a U.S.-based energy company which specialized primarily in electricity and natural gas. At its peak, the company employed 21,000 people. Enron filed for bankruptcy in 2001 after it was revealed that the company had falsified its balance sheets. Investors lost more than USD 60 billion as a result of this scam, and Enron’s employees lost billions more in pension funds. 2002 — The Sarbanes–Oxley (SOX) Act: After the collapse of Enron, U.S. Senator Paul Sarbanes and U.S. Representative Michael G. Oxley 12 Lecture Notes in Risk Management sponsored the Sarbanes–Oxley Act, which stipulated that senior execu- tives of public companies would be required to declare that the accounting reports published by their firm were an accurate reflection of the compa- ny’s financial status. This law was a milestone for the implementation of organizational regulations and increasing the liability of corporate officers. 2004 — Basel II: The second Basel Accord was published, with over 100 signatory nations. The Accord, which dealt with the subject of banking risk management, extended the mitigation of market risks and credit risks, and, for the first time, specified regulations pertaining to operational risk management, which would be applied to all regulated banks. 2000 — Present day: Economic research into risk management contin- ues, and the use of various risk indices has become widespread throughout the market. An empirical and theoretical breakthrough in decision-making under risk conditions earned its proponents, Daniel Kahneman and Amos Tversky, the Nobel Prize in Economics.8 In a series of empirical experi- ments, the pair demonstrated that people do not always make rational decisions. Although this claim might seem obvious, the two managed to formulate a mathematical model for irrational decision-making and pro- vided empirical evidence. This model explains why people purchase lottery tickets, hoping to win against almost impossible odds, or, to give an example where the opposite occurs, why people choose not to apply for a job despite favora- ble odds, out of fear of failure. 2007 — The subprime crisis: In 2007, financial institutions began to collapse after borrowers, unable to repay their debts, defaulted on their mortgages. The price of apartments, which had been used as collateral, began to drop due to falling demand and the rising of supply, which was 8Some interesting facts… Prof. Daniel Kahneman alone won the Nobel Prize in Economics in 2002, his partner Amos Tversky having passed away in 1996. The award had been granted, however, for an article written jointly by the two men. Shortly after winning the Nobel Prize, Daniel Kahneman stated: “I feel it is a joint prize. We were twinned for more than a decade.” Since then, both men are mentioned together whenever the prize is mentioned. Introduction 13 the result of an attempt by financial institutions to realize the collateral. The collapse of the real estate market might have remained within the confines of the borders of the United States, but a part of the debt has been leveraged abroad. In practice, the real estate crisis triggered a general drop in U.S. stock indices, began snowballing and by early 2008 had reached global proportions. One of the measures adopted by the U.S. Federal Reserve (the Fed) in an attempt to avoid a credit crunch was the lowering of interest rates to extremely low levels. By the end of 2008, the Fed’s interest rate stood at just 0.25%. This was an important milestone as, since the end of the subprime crisis, interest risk has changed dramatically. First of all, the crisis ushered an era of extremely low (sometimes even negative) interest rates world- wide. Second, fluctuations in interest rates were greatly reduced. Third, hopes of interest rates returning have been dashed time and time again, reducing the weight assigned to statistical risk indices and greatly increas- ing the importance of scenario-based risk management. Fourth, the use of central bank interest rates as a policy tool for managing market purchasing power was greatly limited — interest rates may still be raised, and so they remain an effective tool for times of increased inflation; however, as they cannot be lowered too much any further, they are no longer effective in case of price drops. 2009 — The Solvency II Directive: In the spirit of Basel II’s recommen- dations on banking risk, insurance companies came out with their own set of directives for measuring insurance risks. The allocation of capital required to maintain the stability of insurance companies even in times of crisis was determined through risk aggregation. Despite the extensive experience gained implementing regulations in capital markets, it has taken years for insurance companies to implement these recommenda- tions, and the process continues. 2010 — Basel III: Additional recommendations for the banking sector were turned into active regulation in many countries. The novelty of these recommendations was their mitigation of liquidity risk and asset liability management. According to the new regulations, banks are now required to perform heavy analytical calculations. For instance, in addition to dis- closing future payments and obligations in great detail, they must perform 14 Lecture Notes in Risk Management dynamic simulations featuring the reactions of lenders and borrowers to various changes. Thus, for example, in addition to the standard tests, which are sensitive to upward and downward changes in interest rates, they must also take into account the changes in supply and demand which may be expected in response to these changed interest rates. Local regulation: Local regulations remain in effect, with country- specific directives and instructions in place. To give an example, there has been growing concern regarding the issue of cybersecurity, and each country is adopting its own independent measures to tackle the issue. International regulation (money laundering and the Foreign Account Tax Compliance Act (FATCA)): As part of its effort to combat tax eva- sion, the United States now demands reports on the financial status of U.S. citizens living abroad. The U.S. requires that foreign banks deliver reports on their citizens and prohibits business relations with any non- compliant institution. Many other countries have responded in kind, requesting reports on their citizens living in the United States as well as in other countries. Thus, financial institutions must report not only to the local regulator but also to the authorities of foreign nations. As part of the international war against money laundering, financial institutions are required to track cash flows actively and verify the legitimacy and legality of funds originating from foreign financial institutions. It must be said that the implementation of international regulation is far from simple.9 In the European Union, for instance, every directive must be published in multiple languages, and the particulars of a directive may vary from one translation to the next. 1.1.1. Conclusion The various milestones of risk management may be divided into three categories: 1. Developments in risk management due to business needs: From the early futures trading of 1730 and all the way to the present day, 9Mugerman, Y., Hecht, Y., & Wiener, Z. (2019). On the failure of mutual fund industry regulation. Emerging Markets Review, 38, 51–72. Introduction 15 numerous milestones across almost three centuries have underlined the need for risk management in markets in order to maintain regular business activity even in the event of failure. 2. Academic research into risk management: A series of milestones, mostly in the middle of the 20th century, have led to a number of breakthroughs in our ability to measure and understand risks. Toward the end of the 20th century, academic research and business require- ments formed a bond of mutual correspondence and influence. Academic knowledge rapidly found its way into financial markets and corporate boardrooms worldwide. 3. International regulation: Every state has long possessed its own methods for regulating financial institutions. However, with the grow- ing understanding that risks in one country could spread to other countries, regulators began to seek international regulation which would reduce the risk of financial crises spreading from one country to another. This is a relatively recent development of the past three decades or so, but extraordinary progress has been made during this short time. In academic terms, risk management is a relatively new field of study, compared to such traditional fields as philosophy, astronomy, mathemat- ics or physics. This is a growing field which offers many opportunities for pure research and for research and development (R&D) of both new tools for risk trading and advanced regulation methods. 1.2. Basic Concepts: Certainty, Uncertainty, Risk and Exposure As in every profession, risk management also possesses its own jargon, and some key concepts must be defined before we can continue. While some of these terms are used in everyday conversation, in the field of risk management, they have acquired a very precise and specific meaning. The following are the most fundamental concepts of risk management: 16 Lecture Notes in Risk Management Uncertainty vs. Risk Certainty A given scenario effectively has a single possible outcome It is a basic working assumption in risk management that the possibility of alternative outcomes always exists, however miniscule it may be. Risk A given scenario has multiple possible outcomes The probability of each outcome occurring is known Uncertainty A given scenario has multiple possible outcomes The probability of each outcome occurring is not known · Certainty A given situation has only a single possible outcome.10 Despite the prevalent skepticism surrounding the human capacity for prediction and prophecy, it is indeed possible to assume with certainty that some things will occur. For instance, a person swimming in the sea will get wet and therefore would be wise to bring along a towel. As demonstrated by this example, there is room for risk assessment even in cases where certainty exists. This is typically a relatively simple process in such instances. · Risk A given situation has several possible outcomes, and the probability of each of these outcomes is known. For example, the exchange rate of the U.S. Dollar against the Euro could go either up or go down tomorrow. The likelihood of each eventual- ity occurring is 50%. As its name implies, the risk management process is intended for such risk scenarios. The tools that risk management provides for measuring and reducing risk and for maintaining business continuity ensure that risk scenarios are dealt with in the most effective manner possible. 10Nevertheless, it is a fundamental working assumption in risk management that even at the highest levels of certainty, other eventualities are still possible, however improbable they may be. Introduction 17 · Uncertainty A given situation has several possible outcomes, but these outcomes are unknown (naturally, the probability of each outcome occurring is also unknown). Geopolitical developments in Europe or China, or the effects of tech- nological progress on the economy over the next two years are examples of uncertainty. Situations involving uncertainty are the most complex type of situa- tion to manage. Dealing with the unknown is also difficult from a psycho- logical perspective. Decision makers, however, often have a tendency to define the situations they are faced with as situations of uncertainty, even when the situation is in fact one of risk and therefore easier to manage. Furthermore, through effective risk management, it is often possible to reduce the extent of uncertainty by studying the situation in detail and remolding it into a risk situation, or, alternatively, reducing exposure to situations of uncertainty. Now that we have defined these concepts, we shall give the following pair of examples: Example 1: A commercial bank is looking to appoint a new risk manager Example A commercial bank is searching for a new CRO Certainty The bank will pick a new CRO. The probability that the bank will withdraw the tender and leave the position vacant is extremely small. Decision: I am interested in the job and would like to find out further details. The chief risk officer (CRO) at a commercial bank has been reassigned and the bank is looking for a replacement to fill the position. It is certain that the bank will select a CRO, as the position is mandated by regulations which stipulate that banks must appoint a CRO. 18 Lecture Notes in Risk Management I decide I am interested in the position and proceed to seek further details. Example A commercial bank is searching for a new CRO Uncertainty I do not know who else has applied for the position, how many other candidates there are or how high my odds of getting the job are. Decision: I apply for the position. I don’t know how many other people are applying for the job or what my odds of success are. This is an example of the uncertainty that many people, lacking crucial information, face when looking for a job. Example A commercial bank is searching for a new CRO Risk It turns out two other people are applying for the position. The odds against me getting the job are 2/3, and the odds in favor 1/3. Question: Should I withdraw my application to avoid the potential embarrassment of failure? After a while, it turns out two other people have applied for the job. Both candidates have the same odds of acceptance as I do. This means that the probability that I will get the job is one-third, and the probability that I will not get it is two-thirds. The uncertainty turns to risk. Introduction 19 Still, this is a difficult dilemma, particularly for employees working for large organizations (e.g., banks), where an unsuccessful job applica- tion could tarnish their reputation and have an adverse impact on future job applications. Every time we have students to vote on the question of whether or not to withdraw the application, the vote was inconclusive. In this risk situa- tion, where both the outcomes themselves and the probability of their occurrence are known, different people make different choices. Some students assign greater weight to the potential damage and choose to with- draw their application, whereas others assign lesser weight to the damage and choose to proceed. This decision-making phenomenon was aptly described by Nobel laureates Daniel Kahneman and Amos Tversky, whose work was described in greater detail in the previous section, at the milestone for the year 2000. Example 2: Buying a car Example 2 I have bought a car Certainty If I have an accident. I will not be able to afford to pay for the repairs and compensations. I have a low-salary job but I have decided to buy a car. I can say with certainty that, in the event of an accident, I would not have enough money to afford to pay for any repairs or compensations. 20 Lecture Notes in Risk Management Example 2 I have bought a car Uncertainty I myself may be a cautious driver, but I do not know how careful the other drivers on the road are. Decision: I buy insurance. Although I can significantly reduce the probability of an accident occur- ring by driving carefully and only when traffic is light, I do not know how cautious the other drivers are or at what time reckless drivers take to the road. In this situation, I do not have information about every single pos- sible accident eventuality or about the other drivers on the road, and therefore I decide to purchase an insurance policy. Example 2 The insurance company Risk A driver has approached us seeking to purchase insurance. We can measure the probability that the driver will be involved in an accident in the coming year. We can also calculate the risk premium. Outcome: The insurance company sells me a policy. Note the contrast between my uncertainty and the risk as seen by the insurance company. From the perspective of the insurance company I approach, the eventual- ity of an accident occurring is not one of uncertainty but one of risk. The insurance company gathers information on every driver and analyzes it in order to estimate the probability of my involvement in an accident in the next year. The insurance company also calculates the cost of this risk and thus determines my insurance premium. Introduction 21 I buy the insurance. In this example, a situation, which for me is one of uncertainty, is one of risk for the insurance company. · Exposure Risk exposure is the damage potential due to the occurrence of some sort of failure. This damage may be measured in various ways, such as money, loss of life and reputation. Risk Exposure The potential loss which could be caused due to the occurrence of some event. A company whose entire operation is conducted in U.S. Dollars, but which owns assets in Euros, faces potential financial losses if the value of the Euro depreciates. The risk management process depends on identifying the exposure and risk factors which could result in a failure and estimating the potential damage from such a failure. An example of exposure is as follows: Example Exporter Income — 1,000,000 GBP Expenses — 1,300,000 USD This includes salaries, raw materials, electricity, water, office expenses, etc. The GBP/USD exchange rate is 1.3 1,000K*1.3–1,300K ≅0 The exporter breaks even 22 Lecture Notes in Risk Management An exporter from the U.S. has an income of one million British pounds from exporting goods to the U.K. By contrast, this exporter must pay USD 1.3 million in salaries, raw materials, electricity, water, office expenses, etc. The exporter breaks even when the GBP/USD exchange rate stands at 1.3. Example Exporter What is the risk to which the exporter is exposed? What possible event could cause the exporter to suffer a loss? What is the extent of the exporter’s exposure to this risk? The previous image is visible at the bottom right corner of the current image as a reference. · The risk to which the exporter is exposed is exchange rate risk. · More specifically, the exporter is exposed to U.S. Dollar appreciation. If this happens, the GBP/USD exchange rate will drop below 1.3, and the value of the income will be lower than that of the expenses. For instance, an exchange rate of 1.2 would mean a loss of $100,000 (1,000K × 1.2 – 1,300K = –100K). · The scope of the exposure in this example is the entire sum of one million Pounds sterling (or USD 1.3 million). Such a risk will only materialize if the expression “risk potential” signifies in the context of determining exposure with no relation to the probability it will happen (though the probability that this will occur is more than 0 but very small). Introduction 23 1.3. Identifying Risks The first step of the risk management process is the identification and classification of risks. Risk Identification A systematic process for defining and recording the obstacles to reaching business goals Market risk (stocks, exchange rates and interest rates) Credit risk Liquidity risk Operational risk (embezzlement, fraud, physical damage and system failure) Insurance risk (life, health and general insurance) Reputational risk Others (regulatory risk, country risk, geographic risk, etc.) Some risk management consulting firms maintain lists detailing hundreds or even thousands of different risks. However, risks are typically classi- fied according to a number of categories, which will be examined in detail in the following chapters. · Market risk Market risk pertains to changes in market prices, e.g., share prices, exchange rates and interest rates. These price changes affect the value of the assets (and debts) we own. · Credit risk The risk that a loan will not be repaid. Banks are often considered to be the type of financial entity most vulnerable to credit risks, but in fact, bondholders, who hold government or public debt in expectation of receiving an interest-bearing cash flow, are equally at credit risk. · Liquidity risk The risk of not having enough cash to conduct business activity or repay debts on time. 24 Lecture Notes in Risk Management · Operational risk The risk of embezzlement, fraud, physical damage, system failure, etc. · Insurance risk Insurance risks are typically subdivided into life, health and general insur- ance risks. For an example, one of the risks of life insurance is the longev- ity of the insured. From virtually any other standpoint, longevity would be seen as a positive event. Insurers, however, consider it risk as it means they must continue to pay the insured according to obsolete calculations formulated many years before, back when life expectancy was signifi- cantly lower. · Reputational risk This is the risk of potential damage due to loss of trust. In recent years, as the saying that “there is no such thing as bad publicity” has gained in popularity, the question of reputational risk has become an extremely interesting one, in particular how it is to be measured. Although account- ing reports may include a section on reputational value, it is almost impos- sible to find proper estimates of reputational risk. · Others Other, heretofore unmentioned risks include the following: regulatory risk, which affects companies when they are forced to allocate resources to ensure compliance with a new regulation; country risk, the risk of a country experiencing a crisis or even going bankrupt; geographic risk, which stems from the location of an asset in an area prone to natural disas- ters, geological changes, wars, etc. Example — Risk Identification Name Quanty Price Currency Security Indexed Ranking Industry Sector type BAIDU 100 150 CNY Stocks Pharmaceucals Coca-Cola 80 608 USD Stocks Banks Types of exposure: Italy Generic 1500 0.147 EUR Bonds Yes A+ Government Exchange rate Govt 10Y Security type Indexaon Apple Inc. 40 510 USD Stocks Electronics Credit Industry sector Spain Generic 30 104 EUR Bonds No AA+ Government Govt 10Y Introduction 25 The example of risk identification in the above table shows a portfolio containing five different types of securities. Try to identify the different risk types in the portfolio. The purpose of this table is merely to classify the types of risk; at this stage, there is no need to quantify them. In the same way that a disease must be accurately diagnosed in order to guarantee that the patient will receive the appropriate medical treat- ment, so too is proper risk identification an essential prerequisite to select- ing the appropriate hedging tools. For instance, derivatives (forwards, options, swaps, etc.) may be used to hedge market risks, whereas the appropriate tool for dealing with liquidity risks would be a reserve of cash or other liquid assets. 1.4. Measuring Risk Different risks are measured in different ways: financial risk is measured in terms of money, disease risk is measured in percentage, environmental risk is measured by the amount of pollutants, legal risk is measured by the odds of not winning, etc. Assessment and Measurement of Risk Financial risk is measured in terms of money Disease risk is measured in percentage Environmental risk is measured by the amount of pollutants Legal risk is measured by the probability of not winning How is reputational risk measured? The measurement of risk plays a crucial role in determining the priorities for risk mitigation as well as the scope of mitigation required. 26 Lecture Notes in Risk Management Assessment and Measurement of Financial Risk Examples of financial measures What do we measure? How do we measure it? Which risks is it used for? Fluctuaon σ, Var Market risk Maximum loss Max DD Market risk VaR, Condional VaR Market and operaonal risk Loss frequency Frequency Market and operaonal risk Loss severity Severity Operaonal risk Probability of loss PD Credit risk Ranking Rang Loss in various scenarios What if Market, credit and Scenario operaonal risk Stress The above table shows which elements we measure and which types of risk they may be used for. Just as, during a medical evaluation, the doctor takes the patient’s temperature, pulse, blood pressure and other physiological measures in order to better assess the patient’s condition, so too in risk management do we use several measurement methods in order to better gauge the extent of exposure to various risk factors. 1.5. Risk Mitigation Once we have identified and measured a risk, we must then proceed to mitigate it. Risk Mitigation Risk reduction Risk Risk reducon Risk transfer avoidance procedures “the day aer” Managing Acceptance of Recovery consequences planning Introduction 27 Risk management strategy consists of two parts: first, reducing vulnera- bility to a risk and second, managing the consequences of a failure, i.e., dealing with the consequences should the risk be realized. 1.5.1. Risk reduction In general terms, there exist three main tools which may be employed to reduce risk: · Risk avoidance: Let us suppose a company is examining the possibil- ity of launching a product in another country. It turns out no one at the company is familiar with the trade regulations of that country; the company requires additional salespeople and is unfamiliar with the legislation in this country. Since marketing a product abroad requires a substantial financial commitment, one way of managing the expected loss from this investment would be to avoid it altogether. · Risk reduction procedures: An example of risk reduction procedure might be fire detectors. Many factories install fire detectors in their facilities in order to ensure that the time elapsed from the moment a fire breaks out until it is discovered will be as short as possible. The sooner the fire is detected, the sooner the firefighters can arrive and minimize the damage it causes. · Risk transfer: The most common way to transfer risk to other parties is by purchasing an insurance policy. In this way, even if parts of the factory are damaged in the fire, the insurance company will cover the costs. 1.5.2. Managing the consequence The consequence of an event refers to the results of an incident in which damage was sustained. At this point, two management methods are available: · Accepting the consequences of the risk: Let us suppose our invest- ment portfolio consists of 98% bonds and 2% NASDAQ stocks. Should we purchase options to protect against the risk of an NASDAQ collapse? Very often the answer is no: even if NASDAQ were to fall by 50%, the entire portfolio would only lose 1% of its total value. 28 Lecture Notes in Risk Management In such cases, we may simply choose to accept the consequences of the market risk, rather than hedging the portfolio against it. · Planning a recovery: Many organizations have emergency protocols instructing their employees on the proper conduct in extreme circumstances. Nations mobilize firefighting services, rescue services, police and military forces in response to fires, traffic accidents, robberies or even attacks by foreign nations. This array of security forces will often dedicate much of its efforts to preventing situations in which it might be required, e.g., by instructing on proper use of electricity or safe driving. However, its primary purpose remains to assist in recovering from events that have already occurred.   In the financial realm, banks are required to establish a backup array of computers, which are capable of performing all the functions of the primary array in case of a system failure. If the main system fails, the backup will activate automatically, and the bank’s clients will probably not even notice that a malfunction has occurred. 1.5.3. Example: Risk mitigation in the event of a car accident Example Risk mitigation in the case of a car accident Risk avoidance Not buying a car Risk reduction procedures Driving carefully, using seatbelts, verifying airbags Risk transfer Renting a car, buying insurance Let us use the example of a car accident to demonstrate how risk mitiga- tion is applied: Introduction 29 The first method is risk avoidance. The practical way to apply this method is by not buying a car at all. The second method is risk reduction procedures in the event of an accident. We should make sure to fasten our seatbelts, check that the air- bags are working properly, fill up the tires with air and, of course, drive slowly and carefully. These methods will reduce both the probability of being involved in a car accident and the amount of damage if an accident does occur. The third method is to transfer the risk to another party. In this example, the two most common ways to do this would be either to pur- chase car insurance, thus transferring the cost of any damages to the insur- ance company, or to rent a car, in which case the rental company will be responsible for the car in the event of an accident. Example Risk mitigation in the case of a car accident (continued) Acceptance of consequences Tow truck, garage, insurance agent — loss of work days for no return Recovery planning Substitute vehicle The fourth method is to accept the consequences of the risk. In the case of an accident, there are several consequences which we simply accept, without attempting to reduce the risk of their occurrence. For instance, we waste time waiting for the tow truck, dealing with the garage and con- tacting the insurance agent. This wasted time has an opportunity cost measured in lost work days. In many cases, once the accident has occurred, we accept these consequences without any attempt to reduce the risk. The fifth and final method is to plan a recovery. In our example, this means making sure in advance that a substitute vehicle is available, 30 Lecture Notes in Risk Management ensuring we can continue to drive about in another vehicle while ours is under repair at the garage. 1.6. Risk Management Risk management is a continuous process which consists of the following elements: identification, assessment and measurement of exposure to risk, followed by reduction and reporting of risk. Risk Management Risk management Risk management is the process of identifying and assessing risks, measuring exposure to them, reducing those risks and reporting them. Risk management in the banking system: International Convergence of Capital Measurement and Capital Standards, June 2006, http://www.bis.org/publ/bcbs128.pdf, p. 113. Risk management according to ISO guidelines: ISO 31000 – Principles and guidelines, 2015, https://www.iso.org/iso-31000-risk-management.html. In fact, many financial entities go much further than this basic definition: they monitor risk exposure through appropriate controls, set priorities for risk mitigation, they put metrics of risk reduction, allocate resources for their implementation, devise risk reduction plans, they conduct periodic risk assessments, they make decisions regarding the scope of risk taking and they deliver reports on risk exposure to senior management and to the board of directors as well as reports on risk-related developments to the various regulators. This somewhat ‘boring’ definition has far-reaching business consequences: First, someone must be charged with carrying out these processes.11 The organization must allocate the necessary resources in manpower, time, budget, etc. 11 The role of the risk management supervisor is described in the chapter on ERM. Introduction 31 Second, “identification, assessment, and measurement of exposure to risk” is a function which requires considerable skill and expertise. Some risk measures demand complex statistical analysis and a thorough under- standing of the field of knowledge encompassed by risk management. For comparison, a medical checkup involves the taking of measures such as temperature, pulse and blood pressure. Each test measures different physi- ological symptoms, but only by combining them all is it possible to derive a professional opinion regarding the patient’s illness. Similarly, many dif- ferent measures are involved in the measurement and assessment of risk, each of which measures a different aspect. Only by combining all of these can we correctly qualify and quantify risks. From a business perspective, this highlights the importance of professional qualification, periodic ­training and constant study of new developments in the field of risk management. Third, risk management has an impact on the work plan of an organi- zation. For instance, an upswing in the number of cases of credit card fraud may compel an organization to adopt countermeasures in an attempt to minimize its financial losses. Such steps must be planned and executed, and their results monitored; this frequently means integrating new techno- logical systems, updating protocols, creating new job positions for risk management professionals, training employees, etc. Fourth, the very fact that risk management is being conducted, when combined with various changes in the business environment, is itself a factor which affects changes in the extent of exposure, which conse- quently results in changes to the work plan as well. This may be overcome by allocating a budget reserve to materialized risks whose adverse effects must be mitigated. The extent of this reserve is the result of calculations which much be learned. Fifth, as with any type of report, the manner in which reports are given to management and to the board of directors has an impact on the entire risk management process. A report which is careless, overly detailed, lacking crucial information, confused, long-winded, etc. may itself pose a risk to the organization. 32 Lecture Notes in Risk Management 1.6.1. The risk management process Risk Management Process Consolidaon of risk Capital allocaon management plan Risk survey Renewed risk assessment aer implementaon Risk idenficaon of reducon plans Risk mitigation Establishing controls −Risk avoidance −Risk reduction − Risk transfer Implementaon − Acceptance of Monitoring and of risk reducon consequences assessing risk −Recovery plans Planning KRIs Risk management is a circular process. In fact, to adequately reflect the temporal dimension, it would be most aptly described as a spiral process over time. The process begins with the consolidation of a risk management plan, which specifies who is responsible for conducting risk management, which resources are allocated to it, what the appropriate organizational structure is, to whom reports should be sent, etc. In most organizations, the person or persons responsible for this pro- cess start out by conducting a risk survey, often with the assistance of outside consulting firms which specialize in this area. Most consulting firms maintain lists of hundreds or even thousands of different risks which they examine as part of the survey. These firms may also assist in risk identification and classification in order to allocate controls which allow us to regularly monitor and assess risks and gauge their magnitude. For example, the smoke detectors installed in many modern buildings serve as a control which alerts us to the risk of a fire outbreak. Some, but not all, organizations also make use of Key Risk Indicators (KRIs), which are measures that allow us to identify potential risks. For instance, if by 7:30 AM only 70% of nurses have shown up at the emergency department of a hospital, hospital management receives an Introduction 33 alert. While a shortage of nurses in and of itself is not a risk, it does increase the likelihood that other risks will materialize, e.g., wrongly diag- nosed illnesses as a result of nurses not checking a patient’s vital signs, medical complications and even death due to delays caused by understaffing. An organization which has identified the risks, assessed their magni- tude and monitored them using various controls will now wish to apply risk reduction plans using the risk mitigation methods outlined earlier. For example, in addition to smoke detectors, which provide warning of a fire, it is also possible to install sprinklers which activate automatically the moment a fire is detected. This way, even if a fire were to break out while the factory was closed, the sprinklers would help put it out before it spread to the rest of the factory. Now that the risk reduction plans are in place, we perform a renewed, post-reduction plan risk assessment. The remaining risk is hedged through capital allocation in the form of a budget reserve in case the risk materializes. As soon as it ends, this process begins anew, resulting in the spiral model we used earlier to describe the risk management process. Probability of achieving Risk Management goals 0% % of resources allocated to risk 100% management, monitoring and control Source: Adif conference (2010). The above diagram demonstrates the connection between risk manage- ment and goal achievement. The x-axis reflects the resources allocated to risk management, monitoring and control by the organization. The y-axis reflects the likelihood that the organization will achieve its goals. 34 Lecture Notes in Risk Management The origin of the graph represents organizations which irresponsibly choose to allocate no resources at all to risk management, monitoring and control (0% of resources). Such organizations will not be able to meet their goals at all. Their employees will soon realize no one is monitoring their hours at work or their output, not out of trust but simply because no one at the organization cares. The employees will eventually stop showing up for work but continue receiving their paychecks because no one both- ered to check if they were even there. At the extreme right end of the x-axis is the point representing an organization which allocates all of its resources (100%) to risk manage- ment, monitoring and control. Such organizations will also be unable to meet their goals — all their employees will be too busy monitoring other employees to actually do the jobs for which they were hired. Using a few simplifying mathematical assumptions, we may draw the dotted line which connects the leftmost extreme (0%) and the rightmost extreme (100%). Although the precise course of the line is open to discus- sion, it can be stated that there is a point at which asset allocation to risk management, monitoring and control is optimal, ensuring the highest probability of achieving goals. The purpose of risk management is to make the dotted line conform as closely as possible to the continuous line, to ensure the highest odds of success for the lowest possible allocation of assets. Climbing to top Introduction 35 1.6.2. Concluding exercise Questions Answers What do we see in this image? Two rock climbers. What is their objective? To get to the top, to climb higher. What could this mean from an Two insurance scenarios. economic perspective? How do we manage the risks? According to the risk management circle. Which risks can we identify? · Falling down from a high altitude · Rocks falling from above What is the exposure the two · Falling from a high altitude: major climbers face? damage · Rocks falling from above: com- paratively minor damage How do we assess risk? Which · Probability of injury measures do we use? · Extent of financial damage Which of the two climbers has The climber on the right has a better put in place a better reduction risk-reduction system in place: plan? Why? · Better rope · Harness · Anchors · Helmet After the risk has been reduced, The climber on the left is more which of the two climbers is  exposed, as he uses a rope with no exposed to greater risk? additional equipment. Who needs to allocate more cap- The climber on the left must allocate ital before climbing?  more capital before climbing as he is not managing his risk properly. The capital will be used to pay for the rescue team. Who is a better risk manager? The right-hand side climber. Who has better odds of reaching The right-hand side climber. his goal? Who has better odds of reaching The right-hand side climber. higher goals? This page intentionally left blank

Use Quizgecko on...
Browser
Open
Browser
Browser