You are on page 1of 51

ppt #1 IPGDRM 2013-14

Introduction Introduction Risk Management toto Risk Management 1 .


.

Administration Administration Administration and operational Risks operational Risks and Operational Risks

Risk and Risk and Organizational Planning anizational Planning Organizational Planning

Ris Risk and Return and Return


2

5 4
Enterprise Risk Management syllabus

Risk Risk in in Organizational Organizational Context Context

Risk Management Risk Management and formation Systems nformation Systems Information Systems

Risk Management Risk Management Risk Management Standards Standards Standards

Enterprise Risk Management

Historically, within both private and public organizations,Risk management has traditionally been segmented and carried out in silos.
This has arisen for a number of reasons, such as the way our mind works in problem solving, the structure of our business organizations and the evolution of risk management practice.
3

Enterprise Risk Management

There is clearly the tendency to want to compartmentalize risks into distinct mutually exclusive categories and this would appear to be as a result of the way we sub divide problems to Credit risk manage them. Interest rate risk
Equity risk Currency risk

Commodity risk
Underwriting risk Operational risk Reputational risk
4

Enterprise Risk Management

ERM is a response to the sense of inadequacy in using a silo based approach to manage increasingly interdependent risks. The discipline of ERM, sometimes referred to as strategic business risk management,is seen as a more robust method of managing risk and opportunity and an answer to the business pressures.
5

Enterprise Risk Management

ERM is designed to improve business performance . It is relatively a new approach, whereby risks are coordinated and integrated way across an entire business.

Enterprise Risk Management

ERM is about understanding interdependencies between the risks, how materialization of a risk in one business area may increase the impact of risks in another business area. ERM is an illustration of integrated approach to risk management.
7

Board Strategy setting

Identify events Manage risk Achievement objectives

Process

affected

Management

applied Across enterprise

designed

ERM is; a process, affected by an entitys board of directors, management and other personnel, applied in strategy setting and across the enterprise ,designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives
8

Personnel

With an ERM approach, the scope of risk management is enterprise wide and the application of risk management is targeted to enhancing as well as protecting the unique combination of tangible and intangible assets comprising the organizations business model.

With market capitalizations often significantly exceeding historical balance sheet values, the application of risk management to intangible assets is critically important.

10

Just as potential future events can affect the value of tangible physical and financial assets, so, too can they affect the value of intangible assets eg customer assets, employee/supplier assets and organizational assets such as entitys distinctive brands, differentiating strategies, innovative
processes and proprietary systems.
11

This is the essence of what ERM contributes to the organization- an elevation of risk management to a strategic level by broadening its application to all sources of value, not just physical and financial ones.

12

Introduction to risk management

a. Meaning ,nature of risk-sources of risks b. Types of risks c. Concept of risk management d. Purpose and objective of risk management e. Risk Management techniques f. Limitations of risk management g. Costs of risk management

13

Meaning of Risk

Webster says that Risk is the possibility of something unpleasant happening or the chance of encountering loss or harm.
Risk is the possibility of the actual outcome being different from the expected outcome.
14

Meaning of Risk

Risk includes both the downside and the upside potential. Downside potential is the possibility of the actual results being adverse compared to the expected results. On the other hand, upside potential is the possibility of the actual results being better than the expected results
15

Definition of Risk The Chinese symbol for risk best captures the positive and negative outcomes of risk;

The symbol for risk is a combination of danger (crisis) and opportunity, representing the downside and upside of risk.
16

Meaning of Risk
The terms risk and uncertainty often used are interchangeable. There is a clear distinction between certainty, uncertainty and Risk.

Certainty is the situation where it is known what will happen, and happening or non happening of an event carries 100 % probability. Uncertainty is where even the probable outcomes are unknown. It reflects total lack of knowledge of what might happen
17

Meaning of Risk

Risk is variable which can be calibrated, measured and compared. The degree of risk attached to an event is generally linked to the likelihood of the occurrence of an event Risk is a function of the probability of an outcome being different from that expected,but also its potential intensity,if it occurs. . 18

Meaning of Risk

The magnitude of the probable outcomes and the probability of their occurrence together determine the riskiness of an event. Risk is measured using standard deviation.

19

Meaning of Risk
Risk is different from peril and hazard. While risk is the possibility of a loss, peril is the cause of loss. Hazard is a factor that may create or increase the possibility of a loss in the face of an undesired event or may increase the possibility of the happening of the undesired event.
20

Sources of Risk If a company is exposed to a risk the impact should finally be felt on the values of its assets and liabilities. In some cases ,the impact may be direct while in others it may be indirect. The concept of risk becomes relevant only when there are assets and liabilities and are risk sensitive either immediately or in future- eg fire,a
source of risk- can affect directly the inventory. When a fire destroys the inventory there can be a consequential indirect impact on the profits of the company.
21

ERM: shift in focus From Fragmented Negative Reactive Ad hoc Historical looking Cost based Narrowly focused Silos Functionally driven To Integrated Positive Proactive Continuous Forward Looking Value- based Broadly focused Systemic Process -driven

Sources of risk for a business entity


External non recurrent risks such as consumer boycotts, technology, patent infringement External recurrent risks such as demand and supply cyclicality competition, supply chain, Internal risks such as failed /delayed product launches product recall/default,plant safety Credit risk,Market risk like, interest rate changes, Exchange rate movements, equity /commodity price changes
23

External source

Internal source

Financial source

Types of Risks

Hazard Risk is related to natural hazards, accidents, fire etc that can be insured

Financial Risk has to do with volatility in interest rates exchange rates,default on loans ALM mismatches etc
24

Types of Risks
Operational Risk is associated with systems, processes and people and deals with succession planning, human resources. Information technology control systems and compliance and regulation

Strategic Risk stems from an inability to adjust to changes inthe environment such as changes in customer priorities, Competiveness conditions and geopolitical developments
25

Sources of Risks in General insurance The underwriting function needs to ensure that a robust infrastructure is in place so when individual accounts are underwritten the underwriter has: i. adequate information on the risk, such that the exposures can be reasonably known and understood, ii. the skills and experience required to analyze the risk, and iii. the ability and incentive to design coverage and price the account properly

26

Sources of Risks in General insurance


Underwriting authority needs to be granted based on skills and experience and not on managerial hierarchical level. Referral authorities need to be in place, as well as effective auditing to ensure compliance with delegated authorities, in order to minimize opportunities for rogue activities. The underwriting infrastructure also needs to provide training and oversight such that applicable laws, statutes, regulations, filings and so forth are rigorously followed. Adherence to filed rates, forms and similar measures is intended to reduce the opportunity for money laundering, terrorism funding, and so forth, and to ensure that customers are treated fairly.
.
27

Sources of Risks in General insurance

An underwriting infrastructure also needs to be in place to allow for the meaningful capture of data on the risks underwritten. This is necessary to monitor concentrations, meet any regulatory reporting requirements and have the ability to manage the underwriting of individual accounts to remain within agreed limits on aggregate concentrations.

28

Concepts of Risk Management


Principle 1 The essence of good risk management is to be able to roll with the punches when confronted with the unexpected Good risk management is not about seeking out or avoiding risk but about maintaining the right balance between the two Managing risk is a human endeavor, and a risk management system is only as good as the people manning it To manage risk the right way, we have to pick the right perspective on risk and stay consistent through the process to that perspective.

Risk is every where

Principle 2

Risk is threat and opportunity

Principle 3

We are not always rational about the way we assess or deal with risk

Principle 4

Not all risk is created equal

29

Principles of Risk Management


Principle 5
We have to understand what the tools share in common, what they do differently and how to use the output from each tool

Risk can be measured

Principle 6

Good risk measurement / assessment should lead to better decisions The key to good risk management is deciding which risks to avoid, which ones to pass through and which to exploit

The tools to assess risk and the output from risk assessment should be tailored to the decision making process rather than the other way round

Principle 7

Determining which risks should be hedged, which should not, ,and which should be taken advantage of is key to successful risk management
30

Objectives of risk management


Sl no 1 Objectives To systematically identify and measure various risks faced by the organization

2
3

T quantify such risks where possible in terms of likely impact on profits or capital of the organization
High light extreme risks that are not included in the quantification process and be alert the management on such risks on a regular basis

4
5 6 7

Improve the organizational awareness and appreciation of various risks and the need to manage them
Improve margins through reduced risks,lower cost of capitaland improve capital availasbility for for business and regulatory purposes Assist the business and product development divisionsin developing appropriate products and services Develop objective performance evaluation methods like RAROC.
31

Principles of Risk Management


The payoff to better risk management is higher value To manage risk right, we have to understand the levers that determine the value of a business

Principle 8

Principle 9

Risk management is part of everyones job

Managing risk well is the essence of good business practice and everyones responsibility

Successful risk taking organizations do not get there by accident

To succeed at risk management, we have to embed it in the organization through its structure and culture
32

Risk Management techniques


Avoidance

Loss Control

Risk becomes relevant if one is holding an asset/liability which is vulnerable to risk. Avoidance refers to not holding such an asset/liability as a means of avoiding risk. This model can be adopted more as an exception rather than a rule for obvious reasons.
33

Separation

Combination

Transfer

Risk Management techniques


Avoidance

Loss Control

Separation

Combination

Transfer

Attempt to reduce either the possibility of a loss or the quantum of loss. Loss control measures are used in respect of risks which cannot be avoided. These risks might have been assumed either voluntarily or because they could be avoided. The objective of the measures is either to prevent loss or to reduce the probability of loss -eg, insurance, loans at floating rate of interest to ensure protection against rising interest rates
34

Risk Management techniques


Avoidance

Loss Control

The scope for loss by concentrating an asset at a single location can be reduced by distributing it at different locations. Assets required for consumption such as inventory can be placed at multiple locations so that the loss in case of accident is minimized.
In the process risk centers get increased.

Separation

Combination

Transfer
35

Risk Management techniques


Avoidance

Loss Control

The risk of default is less when financial assets are distributed over a number of number of issuers instead of locking in the same with a single issuer.

Separation

It pays to have multiple suppliers of raw materials instead of relying on a sole supplier. A well diversified company has a lower risk experiencing recession.
36

Combination

Transfer

Risk Management
Avoidance

Risk reduction can be achieved by transfer.


Loss Control

The transfer can be of three types;

Separation

Combination

-The risk can be transferred by transferring the asset /liability itself. -Transferring the risk without transferring the asset /liability eg swaps in forex . -Making third party pay for losses without transferring the risk- insurance policy for
cars
37

Transfer

Limitations of Risk Management Risk Management cannot prevent the adverse events from happening. Quantitative models used in risk management have limitations. Even the most popular tool like VaR suffers from limitations. Risk management is a tool in the hands of management and the quality of governance decides the quality of risk management and vice versa.
38

Limitations of Risk Management

Risk models are based on historic data and most models assume that the historical data follows a uniform distribution .Such assumptions may not not hold good during bursts of stress in the market.

39

Limitations of Risk Management

Risk management is also subject to limitation that it tries to simplify the risk by arriving at a few risk numbers.While such quantification of risk prima facie is alright, the dynamic nature and their ever changing linkages require a more dynamic approach to measuring risk using tools like scenario analysis or sensitivity analysis
40

Limitations of Risk Management


The governance mechanisms are not being able to control risks assumed by the management Due to lack of awareness of various new and complex financial instruments such as derivatives and the principles of effective risk management governing bodies have been criticised of late. Even rating agencies have been subjected to criticism for failure to correctly identifying the various instruments rated by them.
41

Limitations of Risk Management


Leverage and speculatve positions have led to

failure of many institutions. What is risk taking and


what is speculation need to be spelt out by the Board

42

Costs of Risks
There are various costs involved in the management of risk like the following; - Risk Identifying Costs - Risk Handling Costs - Actual losses - Social costs - Loss Financing Costs - Loss Control Costs - Cost of residual Uncertainty
43

Costs of Risks
Risk Identifying Costs
Risk identifying costs are those costs which an enterprise incurs to identify and analyze the risk like fees for consultants. Given the fact that most preventive measures are estimated on an ex ante basis*, risk identifying costs are estimates of the cost of losses.
* before the event
44

Costs of Risks
Risk Handling Costs After the risks are identified, certain expenses of handling them are to be incurred like insurance premia, alarm installation and loss prevention devices in addition to the man hours spent on risk handling

45

Costs of Risks
Actual Losses Actual losses imply direct and indirect losses. Damages caused by fire, death of personnel, loss of production and finished goods are direct losses. While indirect losses imply productivity reduction, stoppages which will happen if the fire takes place. Social Costs These are the costs that the company may have to undertake to compensate the Society for the damages caused by its actions eg Union Carbide
46

Costs of Risks
Loss Financing Costs These costs also include insurance policies hedging arrangements and other contractual risk transfers etc Loss Control Costs Loss control costs are the increased precautions and limits on the risk activities in order to reduce the chances of recurrence of risks eg, timely maintenance of machinery.
47

Costs of Risks
Residual Uncertainty Cost After the magnitude of losses are eliminated through various measures like insurance policies, loss control etc there are certain risks still remain uncovered. These are usually small in nature and known a residuary risks.

48

Principles of Risk Management


Principle 1 Risk management should create value

Principle 2

Risk management should be an integral part of the Organizational processes

Principle 3

Risk management should be part of decision making

Principle 4

Risk management should explicitly address uncertainty


49

Principles of Risk Management


Principle 5 Risk management should be systemic and structured

Principle 6

Risk management should be based on the best available information

Principle 7

Risk management should be tailored o the specific needs of the organization

Principle 8

Risk management should take into account human factors


50

Principles of Risk Management


Principle 9

Should be transparent and inclusive

Principle 10

Risk management should be dynamic,iterative and responsive to change Risk management Should be capable of continual improvement and enhancement

Principle 11

51