There are several other problems with this approach. The overruns could have been small, and a rapid increase in volatility could have created many large gains as well. Alternatively, UBS could have realized many large losses and only a few large gains. In the former case it might actually be ahead at the end of the year; in the latter case it might be in serious trouble. Second, VaR does not capture catastrophic losses that have a small probability of occurring. This would be cold comfort, however, if the amount lost above the VaR—which VaR is not designed to assess—threatened the institution.
Though it is hard to get data on the dollar amounts of VaR overruns, the markets have been full of rumors of extremely large ones in Daily VaR measures assume that assets can be sold quickly or hedged, so a firm can limit its losses within a day. But as we have seen in and as we saw in other crises such as the one in , a dramatic withdrawal of liquidity from the markets leaves firms exposed for weeks or months on positions they cannot easily unwind. The risk of those CDOs during that period was unrelated to a daily VaR; rather, it lasted as long as the market for them was moribund.
And risk increases over the time horizon for which it is computed. Risk managers often distinguish among market, credit, and operational risks, which they measure differently and in isolation. Furthermore, you are ignoring risks not included in the definitions of the boxes. This tendency is driven in part by regulatory considerations. The Basel II rules, for example, have an extremely narrow definition of operational risk, so banks that follow that definition overlook certain strategic and business risks. The market risk attached to securitized subprime mortgages was closely connected to a very large business risk at many banks for which securitizing subprime mortgages was a significant source of income.
So the banks lost out twice: The value of their portfolios of subprime mortgages, securitized or otherwise, fell, and they lost the fee income from securitizing subprime mortgages. Firms using the Basel II definition of operational risk would have largely ignored this relationship. Thus it is crucial to measure risk in ways that cut across organizational silos and include all the material risks to which a firm is exposed.
Before Russia defaulted on its domestic debt in August , many hedge funds bought high-yielding Russian debt and then hedged it against default risk as well as exchange-rate risk. It was easy to believe that the resulting position was risk-free. To hedge the currency risk, however, the funds had to sell rubles forward against dollars.
- Spring Consulting Group Careers;
- Cognitive Linguistics in Action: From Theory to Application and Back (Applications of Cognitive Linguistics).
- Microsoft AJAX Library Essentials: Client-side ASP.NET AJAX 1.0 Explained!
- Physics Reports vol.276.
- What can we help you with?.
- Economic Theory and Social Justice.
The banks that were willing to stand on the other side of those trades were often Russian. When Russia defaulted, many banks collapsed, and the hedge funds ended up realizing exchange-rate risk because their counterparties did not honor the hedges. Had the fund managers properly accounted for counterparty risk, they would have understood that their positions were still exposed to substantial risk in the event of a shock to the Russian banking system.
Creating a Comprehensive Risk Management Program | Government Finance Officers Association
But risk managers who focus on exchange-rate risk are typically not responsible for credit risk, so they would have ignored the counterparty risk. By the same token, credit risk managers may overlook risks associated with exchange-rate contracts because exchange-rate risk is not credit risk. In a frictionless market, financial institutions take prices as given rather than changing them during transactions.
For instance, it is well known that when the hedge fund Long-Term Capital Management LTCM collapsed, in , it was holding extremely large positions in the index option market.
During the crisis it was unable to change its positions because other players wanted substantial discounts in order to trade on the scale LTCM required. Additional complications can come from predatory trading: Other traders try to push prices down so that the big player is forced to unwind its positions for next to nothing. Another important source of market friction is doubt about the true value of traded assets when markets are illiquid. This causes market participants to stop taking prices as given because transactions are too infrequent to provide clear price signals.
Traders often use pricing services to mark securities to market. With a repo, a bank sells and agrees to repurchase securities, effectively borrowing money for the period between the two transactions—usually a day. This represents a major source of funding for many banks, especially for their trading operations. The risk associated with this type of funding is typically deemed to be low, because the borrower has to provide collateral whose value exceeds the cash received by a set amount. So the primary risk for the provider of repo financing is that it may be left with the collateral which it can sell to a third party in the event that the borrower defaults.
Risk managers who work with models that implicitly or explicitly assume frictionless markets would have ignored these possibilities. This can be very dangerous, since unreported risks have a tendency to expand in financial organizations. Suppose a securities-trading desk in your bank has risks that are not fully reported and therefore not thoroughly monitored. They therefore have an incentive to assume risks, which is easier to do if those risks are unmonitored. But not all unreported risks are deliberately concealed; some of them involve positions that use securities not yet established in the markets or positions held for short periods.
Senior management decisions, too, can lead to reporting failures. Take the case of Union Bank of Switzerland. In the second half of the s the bank was establishing risk-management systems to aggregate risks across all its securities-trading operations. The bank decided, at the top level, that it was more important to let the traders make money than to disrupt what they were doing in order to make the change.
As a result, the risks this group assumed were not fully accounted for in the risk-management system. Soon thereafter, the group lost a large amount of money, forcing the undercapitalized bank to merge with another Swiss bank to create UBS. Clearly, organizations face trade-offs.
Risk management might conceivably be structured to keep track of everything at all times—but it would probably be too costly to implement and, worse, would stifle innovation within the firm. In fast-moving markets, employees need to have flexibility in their trading. Often, the largest profits are made in the newest securities. And employees will take risks more judiciously if their compensation is affected. Ironically, the risk manager who has most scrupulously modeled, measured, and captured knowable risk is perhaps most likely to trigger the fifth type of risk-management failure: poor communication to the board and the CEO, who are ultimately responsible for making decisions about risk.
Even worse, information may reach top management too late or be distorted by intermediaries. Communication failures have certainly played a role in the most recent crisis. The reports did not, however, communicate an effective message for a number of reasons, in particular because the reports were overly complex, presented outdated data or were not made available to the right audience.
Risk-management systems are extremely costly, and a CEO may be nonplussed to learn that all that money pays for imprecise estimates. Paradoxically, by developing a risk culture that accepts and understands the limitations involved, a firm can increase the value of risk management. So far we have looked at risk management in terms of capturing a risk profile at a given point in time. But it is a dynamic process: Risk managers are responsible for making sure that the firm takes only the risks that it wants to take.
Think about how you measure stock price risk.
Suppose you model price returns using the normal distribution and you have no reason to believe that future returns will come from a different distribution. As long as the historical volatility and mean are a good proxy for the future behavior of stock returns, you will capture the relevant risk characteristics of the stock through your estimation of the statistical distribution of its returns.
Other unknown risks may not matter simply because they have a trivially low probability. There is some probability that any given building will be hit by an asteroid. That risk does not affect management decisions, and ignoring it has no implications for risk management. A few of these will always exist, of course, and the only way to account for them is to make available some capital over and above what your models predict you need.
The Allianz Group
But here you have to enter the realm of intuition; by definition, a formal risk-management system will provide little guidance. This responsibility is more onerous for financial firms than for most others. Elsewhere risks change more slowly and usually involve a new exposure assumed through operations, such as sales or purchases denominated in foreign currencies.
But financial firms have many derivatives positions and positions with embedded derivatives; the associated risks can change sharply even if the firms take no new positions. These changes can be dizzying in periods of turmoil.
Figuring out the right hedge when markets are moving rapidly is like trying to change an insurance policy on a house while it is burning. In an extreme example, in just one day a security might have an exposure to a stock price such that it gains substantially if the price rises but later have an exposure such that it loses substantially if the price rises. Suppose you hold what is called a barrier call option—an option that pays off only if the stock price stays below a certain level.
Its value will start to fall as the stock price approaches the threshold. For a product like this, hedges that are adjusted only daily could create large losses: A hedge that is optimal at the start of the day—say, a short position in the stock—might increase risk exposure at the end of the day if the stock price has risen. When the risk characteristics of securities can change quickly, it is challenging for risk monitors to capture changes and for risk managers to adjust hedges accordingly. The introduction of mark-to-market accounting actually makes it even harder for risk managers to estimate and adequately hedge risk.
In a way, marking to market has brought what is known as the observer effect into financial markets: For large organizations, observing the value of a complex security affects the value of that security. As losses become known through the process of marking to market, they start a chain reaction of adjustments at other institutions and affect the prices of possible trades as the market comes to better understand the capital positions of the institutions involved.
As the foregoing makes clear, conventional approaches to risk management present many pitfalls. Even in the best of times, if you are to manage risk effectively, you must make extremely good judgment calls involving data and metrics, have a clear sense of how all the moving parts work together, and communicate that well.
In the worst of times, risk management can fall apart. Historical models can fail, liquidity can dry up, and correlations can become stronger without warning. In addition to these three methods, governments may occasionally choose not to provide a service altogether, a risk management technique known as risk avoidance. It is essential that government officials are aware of not only the policies and procedures, but that the risk responses are implemented and effectively carried out. Skip to main content.
Consulting Consulting Services Custom Research. Printer-friendly version. The following steps should be included in an effective risk management program. Physical environment natural or man -made disasters and infrastructure Legal environment laws and legal precedents Operational environment day-to-day activities and actions within the local government, including services provided and workforce demographics Political environment legislative activity, elections Social environment socio-economic composition of the community Economic environment market trends, interest rates Internal environment the attitude of individuals towards risk 2.
Creating a Comprehensive Risk Management Program
Financial risk transfer may involve the use of an insurance company or risk managements pools. The criteria for procuring insurance should involve quality and scope of service, breadth of coverage level of deductibles , financial stability, and cost. Most governments typically begin with three basic types of coverage. Property insurance protects against damage or loss of property. Liability insurance covers losses related to a government being found negligent in the performance of operations. Risk management pools may be classified through various factors like type of service, lines of coverage, or type of government.