Finance 590
Enterprise Risk Management
ERM
• Quick review of last class
• Today’s discussion– ERM Basics– ERM Concepts and processes– ERM Risk Analytics
ERM
• Enterprise Risk Management– Some Basics
ERM
• In virtually all business there are trade-offs– Growing earnings v managing risks– Business decisions on many fronts build up
over time in reflecting a “unique” risk profile• Impact earnings over the short term and long term
ERM
• Risk v Return– Business expects higher return for more risk– Theoretical v real life
• Optimal balance– Risk adjusted return – A “sweet spot” in balancing risk and return
ERM
• Key message from our brief discussion – Businesses(companies) should develop an
integrated approach to measuring and managing all its risk
• Key management requirement is risk return optimization
• Integrate risk management in the business processes of the company
ERM
• So why enterprise risk management– Why not just accept risk
• What is the value proposition
• How do you convince senior management and your board the importance
ERM
• Benefits of Risk Management– Practical “Whys” from Lam
• Managing risk is management’s job
• Managing risk can reduce earnings volatility
• Managing risk can maximize shareholder value
• Risk management promotes job and financial security
ERM
• Benefits of Risk Management – Some practical “whys” from Vonnahme
• Successful companies are just as prone to risk management issues as poorly run companies
• Business conditions can change quickly and radically– Economic issues
– Terrorism
– Consolidation
– Legal and regulatory
– Business partners can change overnight
ERM
• Tales and Lessons– Recent history includes numerous examples of
business failures– Wheel of Misfortune
• Examples include– Enron
– Barings
– Many , many others
ERM
• Lessons learned from a number of cases. Common themes include:– Know your business
– Establish checks and balances
– Set limits and boundaries
– Keep your eye on the cash
– Use the right yardstick
– Pay for the performance you want
– Balance the yin and the yang
ERM
• Know your business– It is everyone’s responsibility
• CEO
• Management
• Supervisors
• The board of directors– No place today for passive board members
ERM
• Establish checks and balances– Application of portfolio diversification
concepts to risk management – Segregation of duties– No concentration of power by group or
individuals• Authority levels in HO and Field• Adequate monitor and controls• Management response to violations
ERM
• Set limits and boundaries– “Where to stop”– Risk limits are part of sound risk management
• Limits on financial risk
• Limits on credit risk
• Limits on operational risks
• Limits on a variety of business risks
ERM
• Keep your eye on the cash– Appropriate safeguards for cash positions and
cash flow• Basic internal controls
• Development of internal processes for monitor of cash transactions
• Checks on reasonableness looking at actual positions
• Challenges of new technology
ERM
• Use the right yardstick– The right measures of success
• Drive the behavior you want business wise and risk wise
• Balanced scorecard– Financial measures and performance measures
• Risk measures incorporated in processes that generate management reports and measure performance
– An early warning system
ERM
• Pay for the performance you want– Performance measurement and incentive comp
• Can be a positive or negative depending on structure
• Want to drive the right behavior
ERM
• Balance the yin and the yang– The hard side, the yin
• Focus on processes, systems, and reporting
• The enablers, which support risk management activity
– The soft side, the yang• Focus on people, skills, culture, values and
incentives
• The key drivers of risk taking activity
ERM
• Questions
• Next will begin to consider Concepts and Processes
Finance 590
Enterprise Risk Management
Concepts and Processes
ERM
• Risk– Businesses are exposed to different types of
risk– The definition and meaning of risk varies by
industry• Market risk may be different for insurance than
energy
• Operational risk may vary by industry
ERM
• Risk – Financial risk v operational risk
ERM
• Financial risk– Credit risk – Market risk
ERM
• Operational risk– Business risk– Organizational risk– Everything else as well
ERM
• No one individual can manage all risk – Risk management is every employee’s
responsibility– Needs to come from all parts of an org
– Employees know where risk exists
– Means risk is managed throughout the company
ERM
• Employees need to know and understand Risk Concepts– Exposure
– Volatility
– Probability
– Severity
– Time horizon
– Correlation
– Capital
ERM
• Exposure– What will we lose– May vary by industry or business– Generally the maximum amount of damage if
some event occurs• Risk increases as exposure increases
ERM
• Volatility– How uncertain is the future– Variability of potential outcomes– Greater the volatility, higher the risk
ERM
• Probability– How likely will the risky event occur– The more likely, the greater the risk
• Likely v unlikely events require different strategies and planning
ERM
• Severity– Amount of damage that is likely to be suffered– Greater the severity, the greater the risk
ERM
• Correlation– How are risks in a business related to each
other• Higher the correlation, higher the risk
• Concentration of risk by industry– Aggregation of exposure in insurance and surety
– Reinsurers look at this today more than ever
• Key to concepts of diversification
ERM
• Time Horizon– How long will we be exposed– Longer the duration, greater the risk
• Many examples in credit extension and the surety business
ERM
• Capital– How much capital allocated to business
• Adequate return for the capital allocation
– How much capital to cover unexpected losses– What financial ratings are necessary for a
business– Capital allocated to internal business units
• Adequate return• Compare businesses to each other
ERM
• Risk concepts – First step in understanding risk
• Risk processes – Risk awareness– Risk measurement– Risk control
ERM
• Risk processes– Risk awareness-first step
• Objective– Proactive identification of key risks
– Thinking seriously about consequences of risks
– Communication up and down the org the risks that warrant others’ attention
ERM
• Risk processes– Organization’s promote Risk Aware-ness in a
number of ways• Set the tone from the top
• Ask the right questions
• Establish a risk taxonomy
• Provide training and education
• Link compensation to risk
ERM
• Risk awareness– Set the tone from the top
• CEO
• Senior Management team– “Walk the Talk”
– Participate in meetings
– How do they handle violations
– Demonstrate buy- in by actions
ERM
• Risk awareness– Ask the right questions
• Examples– Return
» Acceptable return for the risks we take?
– Immunization
» What limits and controls are in place to limit downside?
– Systems
» Right systems to track and measure risks?
– Knowledge
» Do we have the right people with skills to manage risk?
ERM
• Risk awareness– Link compensation to risk
• Risk management part of their job
• Compensation linked to business and risk performance at business and individual levels
– “Same rules for everyone”
» Particularly to senior management
ERM
• Risk awareness– Provide training and education
• Starts at Orientation
• Is ongoing process or “Continuing Education”
• Tailored to the employees responsibilities– Understand the spirit and letter of the law
– The whys behind the process
ERM
• Risk awareness– Establish a Risk taxonomy
• Establish a common language for risk– “Everyone is on the same page”
– Meaningful to the business
• Common structure for describing categories of risk
• Allows break down into manageable components– Allows aggregation for reporting and measurement
ERM
• Risk Measurement– Need appropriate risk information to support to
support business and policy decisions– Executive risk report
• Key elements– Losses
– Incidents
– Management assessments
– Risk indicators
ERM
• Risk Control– Optimize risk/return of the business
• Effect real change in the risk profile of the company– Accomplished through
» Selective growth of business
» Support of profitability
» Control downside risks
ERM
• Summary
• Questions
Finance 590Enterprise Risk Management
Steve D’ArcyDepartment of Finance
Lecture 2
Risk Analytics
March 29, 2005
Reference Material• Chapter 9 – Enterprise Risk Management by
Lam
• Overview of Enterprise Risk Management by the Casualty Actuarial Society
http://www.casact.org/research/erm/overview.pdf
Overview
• Risk Control Analytics• Risk Optimization Analytics• Classification of Risk Types• Risk Analytics by Risk Type• Performance Measures• Risk Measures• Risk Modeling• Risk Integration
Risk Control Analytics
• Scenario Analysis– Stress testing– Simulation
• Economic Capital– Solvency standards
• Risk Indicators– External– Internal
Risk Optimization Analytics• Return on Capital (Financial Services Industry)
– Risk-adjusted return on capital (RAROC)– Return on risk-adjusted capital (RORAC)– Risk-adjusted return on risk-adjusted capital (RARORAC)
• Economic Income Created– Risk-adjusted return – (Hurdle rate x economic capital)
• Shareholder Value– Shareholder value (SHV)– Shareholder value added (SVA)
Risk Types
• Hazard or Insurance Risk
• Financial or Market Risk
• Credit Risk
• Operational Risk
• Strategic Risk
Hazard Risk Management Analytics
• Probable Maximum Loss (PML)
• Maximum Possible Loss (MPL)
• Loss Frequency
• Loss Severity
• Actuarial Models– Loss Distributions
Financial Risk Management Analytics
• Interest Rate Models– Equilibrium models– Arbitrage free models
• Value-at-Risk (VaR)– Parametric– Monte Carlo simulation– Historical simulation
• Asset/Liability Management (ALM)
Credit Risk Analytics
• Credit Scoring Models
• Credit Migration Models
• Credit Exposure Models
• Credit Portfolio Models– Financial models– Econometric models– Actuarial models
Operational and Strategic Risk Analytics
• Top-Down Approaches– Analogs– Historical loss data
• Bottom-Up Approaches– Self assessment– Cash flow model
Performance MeasuresGeneral
• Return on Equity (ROE)
• Operating Earnings
• Earnings before interest, dividends, taxes, depreciation and amortization (EBITDA)
• Cash Flow Return on Investments (CFROI)
• Weighted Average Cost of Capital (WACC)
• Economic Value Added (EVA)
Performance MeasuresInsurance Industry
• Economic Capital• RAROC
– Expected net income divided by economic capital
• Embedded value• Risk Based Capital (RBC)
Risk MeasuresSolvency Related
• Probability of Ruin
• Shortfall Risk
• Value-at-Risk (VaR)
• Expected Policyholder Deficit (EPD) or Economic Cost of Ruin (ECOR)
• Tail Value at Risk (Tail VaR) or Tail Conditional Expectation (TCE)
• Tail Events
Risk MeasuresPerformance Related
• Variance
• Standard Deviation
• Semi-variance and Downside Standard Deviation
• Below-target-risk (BTW)
Risk Modeling
• Analytic Methods
• Simulation Methods
• Statistical Methods
• Structural Methods
• Dynamic Financial Analysis (DFA)
Risk Integration
• Covariance
• Covariance Matrix
• Structural Simulation Model
Conclusion
• There is a standard approach for dealing with each type of risk
• Each area has its own terminology and techniques• The ERM challenge is to combine these different
approaches into a common method that can deal with risk in an integrated manner
• The first step is to understand the different approaches
Top Related