Enterprise Risk Management (ERM)

 Enterprise Risk Management (ERM)

  • One risk type can affect another, and risks (or their hedges) can be offsetting if viewed from the perspective of the entire company. Treating each primary risk type in isolation ignores these interdependencies and can result in inefficient and costly overhedging of risks at the firm level.
  • In addition, the various functional units responsible for evaluating and measuring risks may all use different methodologies and formats in their risk measurements. Without a centralized risk management system, a company’s senior management and its board of directors will receive fragmented information from the various units, each potentially utilizing different measurement methods.
 benefits of an ERM approach to managing risks
  • ERM helps managers define the risk appetite of the entire enterprise and helps firms adhere to the constraints put on risk.
  • It allows managers to focus on the largest threats to the firm, threats to the firm’s survival, rather than day-to-day threats to specific units and business lines. 
  • ERM identifies threats to the entire operation that arise from individual business lines. 
  • Emerging risks, such as cyber threats, reputation risks, and anti-money laundering (AML) risks, are better managed at the enterprise level. 
  • ERM supports regulatory compliance. ERM is reassuring to stockholders and other stakeholders of the financial institution. 
  • ERM helps managers understand crossover risks (i.e., when risks create additional risks) and as well as correlations between specific risk types. 
  • Total costs of transferring risks (i.e., an optimization of risk transfer expenses) in line with the scale of various risks are better managed through ERM. 
  • Capital costs associated with stress testing are incorporated into pricing and decision-making.
  •  Risk is incorporated into business model selection and the strategic decisions of the bank. 
A successful corporate governance framework requires that senior management and the board adequately define the firm’s risk appetite and risk and loss tolerance levels. An effective framework also requires that all key risks are successfully integrated into the ERM program and that those responsible for implementing the program have clearly defined risk roles and responsibilities, including the role of the chief risk officer (CRO). Oversight, audit, and monitoring targets are also crucial components of the ERM governance process.

ERM Program Dimensions

ERM is organized around the following five important dimensions:
  • Targets. Banks should set the correct risk targets. Risk targets should not be in conflict with the strategic goals of the institution. Targets include the following: 
    • a. Risk appetite. Operational mechanisms such as compensation plans and global risk limits are linked to the risk appetite of the firm. 
    • b. Strategic goals in light of the firm’s risk appetite. 
  • Structure. the roles of relevant parties are defined (i.e., chief risk officer, global risk committee, other risk committees) along with a description of the firm’s governance structure. The structure should ensure that enterprise-wide risks are identified and that direct and indirect losses are considered. Reporting lines are established in the ERM structure (e.g., business-line managers, risk committees, the chief risk officer).
  • Identification and metrics. Enterprise risks must be measured in terms of the impact on the firm, the severity of the risks, and, ideally, the frequency of occurrence. One goal of ERM is to make sure that the firm has the right metrics in place to capture whole-firm risks. Metrics that are used include 
    • scenario analysis, 
    • stress testing, 
    • value at risk (VaR), t
    • otal cost of risk approaches, 
    • enterprise-wide risk mapping, 
    • risk-specific metrics, and
    • risk flagging tools.
  • ERM strategies. Firms must articulate the methods and strategies that will be used to manage risks at the whole-firm and business-line levels. Decisions regarding whether risk will be avoided, mitigated, or transferred must be made at the enterprise level. Risk transfer instruments must also be identified 
  • Culture. The firm’s risk culture is the heart and soul of ERM. A firm must instill in its employees the importance of risk management through the goals, practices, and behaviors of those in top management positions on down through the ranks of the firm.

Risk Culture Characteristics and Challenges

  • The risk culture of a firm is the goals, customs, values, and beliefs (both implicit and explicit) that influence the behaviors of employees.
  • Firms need methods to measure progress in terms of risk culture. One method is to identify the key risk culture indicators of the firm. The Financial Stability Board (FSB) has specified four risk indicators:
    • Tone from the top of the organization.
    • Effective communication and challenge
    • Accountability
    • Incentives
  • Other factors that can be used to build a strong risk culture include the following:
    • Knowledge of the firm’s risk appetite. 
    • Risk literacy. 
    • The flow of risk information. 
    • Risk/reward decisions of managers. 
    • Risk management stature.
    • Whistleblowing and escalation. 
    • Priorities of the board. 
    • Actions against offenders. 
    • Identification of risk culture concerns/incidents. 

Scenario Analysis and Stress Testing

  • Sensitivity analysis involves changing one variable at a time and assessing the sensitivity of the model (e.g., assessing the impact on net income) to that one variable
  • Scenario analysis, on the other hand, looks at multiple variables at once and involves developing a narrative to explain why variables change and the effects of those changes.
  • Advantages of scenario analysis include the following:
    • helps the firm understand the effects of abnormal/tail events
    • Risk frequency is irrelevant. The risk must simply be plausible. 
    • Scenarios can be intuitive and transparent. Firms must imagine the worst thing that could happen and the consequences of that potential worst-case scenario.
    •  It helps firms focus on key risk types and risk exposures. 
    • It helps firms see potential warning signals and develop contingency plans to manage risk events. 
    • It may be forward looking, using hypothetical events, or may be based on historical data.
    •  Scenario analysis may be straightforward or highly sophisticated. 
    • Scenario analysis may be used to develop the firm’s risk appetite, set risk limits, and be used in capital adequacy planning. 
  • Disadvantages of scenario analysis include the following:
    • Probabilities of adverse events are difficult to estimate. Also, scenario analysis does not lead to a quantification of risk because the exercise is qualitative in nature (though quantitative models are built around scenarios). 
    • Scenarios are complex. 
    • Scenarios may underestimate possible events and the effects of those events. Is the firm developing the “right” scenarios (only a limited number can be fully developed)? Is the firm focusing on the correct warnings and developing the right plans, based on the limited scenarios that are fully developed? 
    • Scenarios are often based on the last big crisis, rather than what might lie in the future. Because scenario analysis may be sophisticated or straightforward, credibility may be difficult to assess. 
    • The usefulness of scenario analysis depends on accuracy, comprehensiveness, and whether the analysis captures future risks, not just past risks.
  • Since 2011, the Federal Reserve has conducted annual stress tests. The Federal Reserve requires banks to consider the following three macroeconomic scenarios:
    • Baseline. This scenario is based on the consensus economic forecasts of economists at large banks. 
    • Adverse. This scenario assumes a moderately declining economy. 
    • Severely adverse. This scenario assumes a global recession/depression with a corresponding decline in demand for fixed-income investments. 
  •  Comprehensive Capital Analysis and Reviews (CCAR) are conducted at year-end for banks with assets of $50 billion or more. CCAR requires projections over a nine-quarter horizon and is complex, requiring banks to dynamically forecast balance sheets and income statements
  • Banks must also submit capital plans based on each scenario/stress tests.
  • As of 2018, the minimum common equity Tier 1 capital ratio is 4.5%, the Tier 1 risk-based capital requirement is 6%, the total risk-based capital ratio is 8%, and the Tier 1 leverage ratio is 4%. Banks must meet these minimum standards under all scenarios
 

Comments

Post a Comment

Popular posts from this blog

Market Risk : Estimate VaR using a historical simulation approach

  What is VaR? Value at Risk (VaR) measures the potential loss in value of a portfolio over a defined time period for a given confidence level. It answers the question: "How much could I lose with x % x\% x % confidence over t t t days?" Historical Simulation Approach This is a non-parametric method that uses actual historical returns to estimate potential future losses. It assumes that the past distribution of returns is representative of the future. Steps to Estimate VaR using Historical Simulation Collect Historical Data Gather historical price data for the assets in the portfolio. Calculate daily returns for each asset using: r t = P t − P t − 1 P t − 1 r_t = \frac{P_t - P_{t-1}}{P_{t-1}} r t ​ = P t − 1 ​ P t ​ − P t − 1 ​ ​ where P t P_t P t ​ is the price on day t t t . Simulate Portfolio Returns Compute the daily portfolio return for each historical period. For a portfolio with n n n assets: R t = ∑ i = 1 n w i ⋅ r i , t R_t = \sum_{i=1}^n w_i \cdot r_{i,t} R ...
Read more

Market Risk Problem 1 - Calculate VaR using Parametric approach

 Assume that the profit/loss distribution for XYZ is normally distributed with an annual mean of $15 million and a standard deviation of $10 million. Calculate the VaR at the 95% and 99% confidence levels using a parametric approach. Given Data Distribution : Normal. Mean ( μ \mu μ ) : $15 million (annual). Standard deviation ( σ \sigma σ ) : $10 million (annual). Confidence levels : 95% ( z = 1.645 z = 1.645 z = 1.645 ). 99% ( z = 2.33 z = 2.33 z = 2.33 ). Formula for VaR The parametric VaR formula is: VaR = ∣ z ∣ ⋅ σ − μ \text{VaR} = |z| \cdot \sigma - \mu VaR = ∣ z ∣ ⋅ σ − μ ∣ z ∣ |z| ∣ z ∣ : z-score corresponding to the confidence level. σ \sigma σ : Standard deviation (risk/volatility). μ \mu μ : Mean (expected gain/loss). Step-by-Step Calculations 1. VaR at 95% Confidence Level ( z = 1.645 z = 1.645 z = 1.645 ) VaR 95 = ∣ 1.645 ∣ ⋅ 10 − 15 \text{VaR}_{95} = |1.645| \cdot 10 - 15 VaR 95 ​ = ∣1.645∣ ⋅ 10 − 15 VaR 95 = 16.45 − 15 = 1.45  million . \text{VaR}_{95} = 16.45 -...
Read more

Market Risk : Estimate VaR using a Parametric Approach

What is the Parametric Approach? The parametric approach assumes that portfolio returns follow a specific type of mathematical distribution (like a bell-shaped curve for normal distribution). Using some simple formulas, we calculate how much you could lose at a certain confidence level (like 95% or 99%). Steps to Estimate VaR 1. Get the Data You need: Portfolio value (how much your portfolio is worth today). Mean return (average return, usually based on past data). Volatility (how much the returns fluctuate, measured as a standard deviation). Confidence level (how certain you want to be about the worst-case loss, like 95% or 99%). 2. Use a Formula VaR is calculated as: VaR = z ⋅ Volatility ⋅ Portfolio Value \text{VaR} = z \cdot \text{Volatility} \cdot \text{Portfolio Value} VaR = z ⋅ Volatility ⋅ Portfolio Value Here: z z z is a number from statistics that depends on the confidence level: For 95%, z = 1.645 z = 1.645 z = 1.645 . For 99%, z = 2.33 z = 2.33 z = 2.33 . Multipl...
Read more