Ultimate Risk
  Solutions

Products

Consulting

Training

Our Clients

People behind
  the Products

Newsletters

 

More About Risk

TABLE OF CONTENTS

Learning From Success and Failures
Board of Directors and ERM

Financial and Risk Managers
Learning From the Past Financial Fiascos

RISKS

Market Risk
Credit Risk

Loan Credit Risk
Issuer Credit Risk
Counterparty Credit Risk
Settlement Credit Risk

Operating Risk

Operations risk
Operational risk

Combined Risks
Insurance and its Risks

More About Risk. Learning From Success and Failures

Enterprises make money by taking risks. Even sophisticated financial institutions may, and often do lose money. Every day brings more examples of losses, often avoidable if a robust enterprise risk management program were in place. Every day also brings more examples of how enterprises benefit from risk management. The hurricanes of the 2005 season, especially the destruction of New Orleans and its ports by Katrina, once again brought to light the importance of DFA modeling, and DFA / DRM software tools not only on the property-casualty insurance side, but by the state and federal governments and agencies, oil industry, and other interested parties with substantial financial stakes.

The increased attention to enterprise risk management is stimulated in part by the massive losses from hurricanes such as Katrina, or events such as the 9/11 2001 destruction of the World Financial Center in New York City, the economic recession and sharp declines in the financial markets that ensued. A brief sampling of some well-studied fiascos in risk management included on this page is here to help you gain an intuitive understanding of risks and the importance of Enterprise Risk Management for the firm's survival and prosperity.

Board of Directors and ERM

Ultimately, the firm's risk function is overseen by the Board of Directors. Shareholders, who naturally pursue high returns, urge the Board to take on more risk. The Board is limited in its risk taking by the debt holders, by the Rating Agencies, such as S&P, Moody's and Fitch, and by regulators, as well as the Board's own mandate to keep the firm in business and operating with steady profite. As a result, the institution is allowed to take on a limited amount of risk, while trying at the same time to maximize the returns on the allowable level of risk.

Risk Explorer™, Model Builder and URS Translator™ for Excel , highly evolved, powerful and flexible dynamic financial analysis software tools from Ultimate Risk Solutions allow companies to rapidly create advanced risk studies, explore various risk scenarios, quickly quantify the effects of the changing market and economic conditions and perform numerous other quantitative modeling tasks essential for an effective corporate finance function. From adopting alternate strategies and creating the optimum risk-reward trade-offs, to VaR calculations, to full financial statement modeling, to determining Economic Capital requirements, Capital Allocation and RORAC, to allocating risk limits to business units, and much more, these are invaluable tools for risk managers and financial managers. Yet, even with all the power of these products, risk management remains a corporate function distinct from general financial management; it requires specialized skill set and focus on risks, strategies and mathematical modeling. Oftentimes, the board mandates a position of CRO, Chief Risk Officer; sometimes risk management is performed by the actuaries and finance department associates.

The board oversees key risk managements functions, including: deciding the desired target debt rating by the rating companies (S&P, Moody's and Fitch), allocating allowable level of risk to each business unit or company's division, and determining the amount of available capital.               

 <<to Table of Contents>>

Financial and Risk Managers

For the firm's Risk Management function to be credible to its shareholders, to regulators and senior management, the risk managers usually do not report to the line managers who may be tempted to take on more risk than the firm's risk allocation policy and strategic goal permit them. To ensure objectivity of their reporting, risk managers usually report to CEO's and CFO's of the company or its division.

The notion of risk is generally associated with negative outcomes. In the context of Enterprise Risk Management (ERM), these undesirable outcomes could be disastrous. Hence, the focus on the downside and on the tail of the profit and loss statistical distribution is a critical part of ERM. However, higher returns may require taking more risk. Limiting the use of DFA, DRM and ERM analytics to scrutinizing the distribution's tail leads to effectively ignoring valuable information embedded in other parts of the distribution.

Risk Explorer™ empowers risk managers not only to explore various scenarios, but also to consider - on an ad hoc basis and quite quickly - the potential rewards for taking certain risks, and determine the optimal risk-return tradeoffs. After all, risk management should not be reduced to a purely defensive stance of controlling risk, avoiding overexposure, and determining minimum capital requirements.

Rather than focusing exclusively on the tails of probability distributions, thus acting in their defensive capacity, risk managers may and should look at the bigger picture and participate in decision making, thus using their skill set and talents for revenue generation, not just capital preservation. While the role of the “risk police” is important for the survival of the enterprise, modeling with the goal of maximizing the returns at the allowable levels of risk is just as important.

Focus on the technical aspects of risk and scenario modeling is an important part of the risk managers' skill set. Yet, equally important is the manager's ability to summarize analytical results and present them to decision-makers in a cogent, concise and convincing manner. This is where the Risk Explorer's visualization, report capabilities, context Wizards and help are invaluable. While certain risks are not easy to grasp in absence of sophisticated modeling, and certain risk-related strategies may be quite involved and technical, communication of the key conclusions to senior management must be very effective or else companies do not act on the risks they do not quite understand.

 <<to Table of Contents >>

 

Learning From the Past Financial Fiascos

Learning from past mistakes is more than just a way to avoid repeating them in the future. Professor Stephen Ross of MIT's Sloan School, which did much work in risk management, coined the term "forensic finance" to describe a process he strongly recommended: going back to some of the great disasters of risk management in a role of a "financial pathologist" and carefully considering questions of what went wrong and why, and what lessons we could learn from the past mistakes.

Prof. Steven Ross wrote about ERM, "Practicing good risk control, particularly employing serious scenario analysis and stress testing, is just practicing financial safe sex."

RISKS

To gain an intuitive understanding of risks, let's consider a brief sampling of financial fiascos from the three broad categories of risk: market risk, credit risk, and operating risk by looking at some classic examples.

Market Risk

Market Risk reflects the possibility of loss of an asset's or portfolio value when the market moves in the adverse direction:

  • Nasdaq Index lost 65% of its value between March 2000 and March 2001.

  • The Dow Jones index lost 23% on Black Monday, October 19, 1987, and lost 31% during the week following the Black Monday.

  • The Dow Jones lost 89% of its value between 1929 and 1932 and precipitated the Great Depression. The Index did not recover until... 1954.

  • In 1980's S&L Banks were issuing mortgages at the prevailing long-term interest rates, while attracting new capital by offering the prevalent short-term interest rates on the savings accounts. When interest rates suddenly rose, S&L banks found themselves stuck with receiving low interest rate mortgage payments,while having to pay its depositors high short-term rates. As a result of poor asset liability management (ALM, or management of long-term interest rate risks), many US S&L banks in the South West went out of business.

The two elements or risk are exposure and uncertainty. Risk management may involve quantitative modeling with scenario playing, stochastic modeling, and the use of DFA, DRM and ERM methods which among other things allow an institution to identify areas of overexposure to certain risks, even when such risk are considered "improbable" at the time. Risk analysis allows the firm to adjust its positions to avoid the potentially severe consequences should the identified risks materialize. Thus, in 1998 Chase Bank realized that its exposure to Russian instruments was too great, and unloaded many of its Russian holdings, just in time.

Thanks to its risk management, Chase continued business as usual when Russia defaulted on its bonds. On the other hand, LTCM, despite being run by two Nobel prize winning economists, did not properly evaluate the potential of default by the Russian government on its bonds, and the flight to liquidity effect this and other events of 1998 had cumulatively on the markets. As a result, LTCM suffered severe, precipitous losses and had to be salvaged and taken over by a consortium of banks lead by the Federal bank of New York.  

<< To Table of Contents >>

 

Credit Risk

Credit Risk arises from defaults when an individual, company or government fails to honor a promise to make a payment. The price of corporate bonds fluctuates relative to treasury bonds due to the market's perception of the probability of a default by the bond's issuer. This may be reflected in a reduced or improved rating issued by the credit rating agencies. This aspect of risk (in absence of, or before the default actually occurs) is usually considered to be market risk. The actual default is credit risk.

Certain banks, investment and insurance companies hire credit analysts who prepare detailed credit ratings of the institution's counterparties. Other firms, including Standard & Poor's, Moody's and Fitch, are in the business of developing credit ratings for use by investors and other third parties. Institutions that sell publicly traded debt hire analysts to prepare credit ratings for the debt obligations traded. Those credit rating reports may then be distributed for little or no charge to investors. Some regulators also develop credit ratings. In the US, the National Association of Insurance Commissioners publishes credit ratings used for calculating capital charges for bond portfolios held by insurance companies.

Credit Risk may assume several forms, which include Loan Credit Risk, Issuer Credit Risk, Counterparty Risk and Settlement Credit Risk. The more obvious forms are the former two and involve default on a loan or default by the bond issuer, i.e. failure to repay the amount that has been lent. Trading operations result in more subtle forms of credit risk. These include the Counterparty Risk and Settlement Credit Risk.

Loan Credit Risk

  • In August of 1999, Iridium, a satellite telecom company, after having unexpectedly low earnings, defaulted on $1.5 billion in two syndicated loans which it borrowed from the banks to launch the satellites.
  • In January of 1999 Guangdong International Trust and Investment Corporation defaulted on the repayment of $4.5 billion, of which half was owed to foreign banks.

Issuer Credit Risk

  • In August of 1998, Russia unilaterally rescheduled repayments of $43 billion of bonds it previously sold to foreign banks, financial institutions and investors. Investors eventually recovered only a fraction of their invested capital. Yet, these events were foreseeable. The global recession of 1998, which started with the Asian financial crisis in July 1997, exacerbated and precipitated Russia's own gradually developing financial crisis, expected by some wiser investors: The 1998 recession and decline in world commodities prices, especially oil (petroleum, natural gas, metals, and timber accounted for more than 80% of Russian exports), left the country vulnerable to further swings in commodity prices, and its own use of its short-term government bonds in a pyramid scheme with new issues barely covering debt payments on older issues. With Oil being a major source of government tax revenue, the sharp decline in the price of oil was bound to have severe consequences for Russia, and it did.

  • In February of 2001, a California-based electric utility, PG&E, selectively defaulted on about $726 million of its short-term bonds. It still continued to pay coupons and interest on its other debt of about $8 billion and continued operating.

  • Right at the end of 2005, Calpine Corporation, an innovative and highly leveraged power utility producing electricity in its environmentally clean, brand new gas-burning power plants all across the US and Canada, defaulted on its $22.5 billion in debt. Calpine's management team, which around 1999-2001 enjoyed celebrity status for its financial innovation, was fired. As it stands today, Calpine’s projections of the US economic expansion, expectations for high and growing electricity demands, and “moderate” levels of fuel cost inflation were way too optimistic. Calpine’s 92 new power plants in US and Canada could be operated only at 45 percent of their total capacity, due to a mediocre to low demand for electricity, while the price of natural gas more than tripled since 1999. Deregulation and increased competition among energy producers resulting in cheaper electricity was also a factor. These conditions made it impossible to generate enough money to service, let alone repay the $22.5 billion debt, listed in Calpine's bankruptcy filing on December 20, 2005.

Counterparty Credit Risk

  • In 1998 the Moscow Interbank Currency Exchange and several Russian banks defaulted to pay to Credit Suisse First Boston (CSFB) about $600 million on currency derivatives.

Settlement Credit Risk

  • Financial history holds a small German bank, Bankhaus Hesrtatt, responsible for a temporary collapse of the international payments systems. Having run into a few losses in its Foreign Exchange operations, Bankhouse Herstatt went bankrupt by the end of the business day in Germany. Just prior to its bankruptcy, in settlement of their maturing forex transactions, several of Herstatt's counter parties in the U.S. had already made irrecoverable payments of $620 million worth in Deutschemark to Herstatt against anticipated receipts in U.S. dollars later the same day in New York. Herstatt's correspondent bank in NY was required by law to freeze its assets after it declared bankruptcy. The US banks lost virtually all of the $620 million.

As Herstatt incident demonstrated, time zone differences can be a major part in the settlement risk, but banks’ own settlement practices, and those of intermediaries such as correspondent banks, plus all inefficiencies in local and global payment systems are also important parts of the risk, which can be immence. Studies, such as the Allsopp 2004 Report to the Bank of England, found many deficiencies in how banks manage their foreign exchange settlement risk. It found evidence of sometimes very large exposures - in certain cases banks were unknowingly exposed to a single counterparty for more than the bank’s capital, a dangerous position, indeed! Such large exposures present a significant concern, not only for the individual institution, but also for the international financial system as a whole, due to the potential systemic risk implications as the failure of one market participant to meet its required settlement obligations could create major difficulties for other participants, and threaten the stability of the international financial system as a whole.

<< To Table of Contents >>

 

Operating Risk

The Basel Committee on Banking, a standard-setting body on all aspects of banking supervision, defines operational risk as "the risk of direct or indirect losses resulting from inadequate or failed internal processes, people and systems or from external events." This definition includes errors and fraud.

  • Errors: In 1997, Nat West lost $127 million in its trading operations, because its option traders were using wrong data for the implied volatility variable in their pricing models. In reliance on the pricing model, which was fed the wrong data, the traders were virtually oblivious to the real risks they were taking.

  • Fraud: A trader at the New York office of a Japanese bank was able to transfer securities out of the bank's customers' accounts to cover trading losses; this activity went undetected for 10 years, and amounted to $1 billion in fraudulent transactions.

Practitioners actually use the terms operating, operational and operations risk, which all mean slightly different set of risks, with operations risk being a subset of operational risk, and operation risk being in turn a subset of operating risk. Hence, operating risk is a term which covers many types of risks listed below.

Operations (processing) risk includes losses from: incorrectly entered trades, lost information on trades, failures of order routing and other computer systems, accidental destruction of a database, losses due to incorrect performance by an outsourced vendor, etc. Operations risk may also include fraud possible due to poor processing procedures. Most operations risks are best managed within the departments in which they arise. Information technology professionals are best suited for addressing systems-related risks. Back office staff are best suited to address settlement risks, etc. However, overall planning, coordination, and monitoring should be provided by a centralized operational risk management, which closely coordinates with market risk and credit risk management within an overall enterprise risk management framework.

Operational or failure risk includes: Processing (operations) risks, human mistakes by traders, such as buying 100,000 shares instead of 10,000 or using incorrect data in pricing models; employee fraud, such as placing unauthorized trades, covering losses or transfering money into their own account; errors in applying law, such as incorrectly understanding the terms of securitization or collateral agreements; mistakes or misconduct, such as exploiting the customers, which may lead to a legal action against the institution.

Finally, operating risk includes both operations (processing) risks and opetaional risks, plus: business risks due to changes in the competitive environment, such as an introduction by a competitor of a successful new product; business risk due to miscalculation in projected revenue and costs associated with a new product (see the case of Calpine Corporation above, which miscalculated its operating risk); and business risk of income falling due to customers' response to the changing market conditions.

Combined Risks

Firms also lose money from incidents which may involve more than one form of risk, as we already know from the "Collapse of the Barings Bank."

  • Having ostensibly generated 20% of Baring's 1994 paper profits, Nick Leeson, a trader enjoying a celebrity status and working in Baring's Singapore branch, could do no wrong and had extraordinary access to the bank's computer systems. As the post-mortem analysis showed, instead of 20% profits he booked fraudulently, he had been actually making losses and hiding them in a fictitious account. To recover the losses, Nick attempted a major gamble with the thinly traded derivatives on the Nikkei 225 index. His trade was so large that the position taken became quite illiquid and lost $1 billion, which wiped out all of Baring's capital, killing the legendary financial empire. Nick Leeson enjoyed the status of a star trader and was able to hide losses because there were no effective accounting and technical controls, and he was able to take his final, desperate and losing gamble because the bank's senior management had no effective means of measuring or putting into perspective the risks being taken.

    << To Table of Contents >>

 

Insurance and its Risks

Finally, we must briefly mention insurance-specific risks, the reserve and insurance risk, and the great sophistication with which Insurers' risks must be managed in order for the insurer to be viable and profitable. Insurance companies provide insurance against many types of risks, from those outlined in the TRIA, Terrorism Risk Insurance Act, adopted by the US Congress in 2002, to the more traditional risks of property losses, such as those in auto- and home-owner insurance, business interruption losses, liability losses, key person losses, health and disability risks, catastrophe, etc.

Insurers borrow money (premiums) by issuing debt in the form of insurance policies, which pay the policyholder financial compensation if a pre-specified uncertain event occurs. Such payments are uncertain concerning their size and timing. By pooling contracts that are not perfectly correlated, the insurer makes the aggregate losses more smooth and predictable over time. By investing part of the premiums into conservative financial assets, the insurers generate future cash flows needed to pay expected future claims. Thus, insurers are liability-driven financial intermediaries: they originate financial contracts (insurance policies) and they use financial markets to invest today's premiums in order to build capital for covering tomorrow's claims. In addition, while pooling of policies against different risks reduces uncertainty of future payments, unexpected losses still may and do occur, which requires the insurer to hold risk capital.

The standard corporate finance toolkit is simply inadequate vis-à-vis the many specifics of the insurance business. The special role of capital in insurance as a cushion against losses, and the many inefficiencies and risks associated with holding this capital by the insurance company while ensuring a multitude of risks to its customers, demands a more careful fiscal analysis and attracts more regulatory and rating bureau scrutiny than other financial services companies do.

Before earning recognition as ERM / DRM, stochastic modeling, and financial/mathematical modeling tools, Risk Explorer™, Model Builder and URS Translator™ for Excel evolved first and foremost as Dynamic Financial Analysis (DFA) software tools in Insurance and reinsurance industries, which by their very nature have traditionally been focused on studying risks, and developed models and methodologies of scenario playing and strategy optimization, for maximizing returns and minimizing risks.

DFA is a methodology which evaluates the impact of the totality of risks on a company's financial condition. Ab initio DFA was born of the insurance business and evolved for the insurance business, though its methodology gained recognition and quickly spread into general financial services and other industries and sciences. DFA looks at the impact of both macro-economic risks (e.g., inflation, changes in interest rates, foreign exchange rates, the price of oil and other major commodities, etc.) and the insurance-specific risks (e.g., catastrophes, trends, the underwriting cycle, etc.), and takes into account the correlations among the risks. In Insurance applications, DFA typically involves modeling the impact of the underwriting risk (volatility of losses, exposures, mix of business, etc.), market, credit and operational risks (with correlations among the risks) on the financial condition of the insurer over a fixed timeframe, for example, five years. Dynamic Reinsurance Analysis (DRA) is subset of DFA, one that focuses on the underwriting risk (driven primarily by large losses) and liquidity risk. DRA is a process that concentrates on the effectiveness of the risk management of large losses relative to the company's financial position.

All around the world the insurance and reinsurance industries are subject to scrutiny by government regulators, requiring insurance companies to model risks and evaluate capital required to underwrite the risks they assume, and to provide periodic, timely and accurate reporting on their financial position and ability to cover unexpected and expected losses. There are many examples of such government-mandated regulation, including Solvency II regime in Europe, or The Financial Services Authority (FSA) in the U.K. DFA / ERM / DRM software products by Ultimate Risk Solutions provide efficient and effective means for such reporting and modeling and empower businesses to meet the challenges before them and excel in developing optimum strategies and adjusting to the quickly changing business environment.

A company able to measure risks ahead of its competition can make decisions with an awareness and precision that are out of reach of its competitors. A company armed with DFA / DRM / ERM methodology and flexible software tools can respond quickly and successfully to the rapidly changing business environment. Today, armed with powerful and user-friendly software tools from Ultimate Risk Solutions, such as Risk Explorer™, Model Builder and URS Translator™ for Excel , enterprises forge ahead with confidence in their optimal risk reward strategies and assurance that they will do well even in the most unlikely, adverse circumstances.

 

    Quick Links


      - Risk Explorer
      - Res-Solver
      - UltiFit
      - URS Model Builder
      - URS Translator for Excel
 
     
         
        Copyright © 2001-2007 Ultimate Risk Solutions, LLC.