1 / 20

Applied Business Statistics Case studies Introduction to risk management concepts

Applied Business Statistics Case studies Introduction to risk management concepts. Mauro Bufano Risk Management – Banca Mediolanum Spa. Risk Management: what is it? .

lottie
Télécharger la présentation

Applied Business Statistics Case studies Introduction to risk management concepts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Applied Business StatisticsCase studiesIntroduction to risk management concepts Mauro Bufano Risk Management – Banca Mediolanum Spa

  2. Risk Management: what is it? • Risk management can be considered the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities1. • It’s therefore not a mere quantification of risk, but rather a complex and integrated process within a company and its stakeholders • The ultimate goal of risk management is not just to fix limits to the business units, but to create value through competitive advantages! • It should not be a collection of standardized rules taken from outside (e.g. a regulator), but a cultureembedded in a firm 1: Douglas Hubbard "The Failure of Risk Management: Why It's Broken and How to Fix It" pg. 46, John Wiley & Sons, 2009

  3. Why companies need it? • All firms (even the smallest) operate in an uncertain environment, in which a growing competition forces them to react quickly and to take decisions in short terms • Moreover, an always increasing types of risks affect companies in a way that is obviously impossible (or economically inconvenient) to be immune by all unfortunate events

  4. Why companies need it? • It’s therefore necessary to individuate relevant risks, estimate potential unexpected losses (within a certain degree of reasonability) and take decisions to manage/reduce them • Example of possible actions: • Reduce exposure to risk in a particular business unit • Raise capital in order to cover unexpected losses • Buy an insurance (in the financial industry we have derivative products) An efficient risk management process is therefore crucial in the life of a firm!

  5. The risk management process • Risk identification and assessment • Relevance analysis • Risk measurement and quantification of potential losses • The fixing of risk limits • Risk reporting • Risk mitigation or risk management

  6. Risk identification and assessment • The first step in the risk management process is the identification of the main risks run by the firm • It involves generally several business units and should be assessed at a bottom level in the firm’s hierarchy, monitoring all procedure and operations that could cause an economic loss • In this step the firm should take into account also risks that could apparently seem inexistent or intangible (e.g. reputation risks)

  7. Relevance analysis • Once the main risks have been identified, a company need to fix priorities among them, by defining a relevance classification among them • Relevant risks should be measured and monitored constantly, with a periodical reporting to the top management that should help it in decision-taking process

  8. Relevance analysis Relevance analysis: an example Existent No Risk Not relevant Yes Measurable No Monitored, but not reported Yes Monitored and reported weekly, with risk limits Potential losses Monitored and reported yearly, no risk limits >=15% of net assets < 15% of net assets

  9. Risk measurement and quantification • It’s sometimes considered the risk management itself, but it’s just a step into a more complex process • It generally involves statistical techniques adopted to generate a distribution of potential future losses • N.B.: the adoption of a statistical model involves the choice of the assumptions behind it !! (e.g. the Gaussian distribution generally underestimate extreme events!)

  10. Risk measurement: an example of wrong prediction The chart above shows the movements of the Index of European credit default swaps (insurance against default of a company). Using historical or parametric analysis in June 2007, the movements happened in august 2007 should have occurred not even in the entire age of the universe!2 (approx. 25 sigma events) 2See also Haldane, A. G., “Why banks failed the stress test”, Bank of England, February 2009

  11. Risk measurement Given that, how should we take into account extreme events like these? • Stress testing: when we have a statistical model (e.g. a regression) an example of stress test could result in a shock on the explanatory variables (e.g. suddenly increase of interest rates of 3%) • Scenario analysis: it’s also useful to simulate (or reply, if we have historical data) some scenarios that could have a big impact in terms of losses. Examples • Terrorist attacks (9/11/2001) • The Great Depression (’30s) • Oil shock (1973-74) • Stock market crashes (1987 or 2008)

  12. The fixing of risk limits Once the risks are estimated and quantified, it’s necessary to fix risk limits for every risk and for every business unit interestedin order to monitor and signal to the top management an eventual overstep How to fix risk limits? • They should depend on the risk appetite of the company on that particular business • Generally, the limits should be chosen by the top management (advised by the risk management unit) • Again, it should take into account not only the current situation, but also stress tests and dangerous scenarios, together with the future evolution of that business (strategic plans)

  13. Risk reporting One of the main activities of the risk management unit is the production of reports to the top management, in which risks are quantified The periodicity of reports depends on the nature of the risk and of the business. Examples • Trading desk – market risk: daily • Residential mortgages – credit risk: monthly or quarterly • Real estate – market risk: semi-annual or yearly N.B. Risk reports must be as clear as possible, because they must be instruments for the top management to take important and quick decisions!

  14. Risk report – an example • As we can see, different business units have different risk limits, due to their importance in a firm • Oversteps are signalled in two different ways • If it’s less than 20% beyond the limits, it must be signalled (and eventually authorized) by the director of that business – it’s considered a contingent problem • If it’s more than 20% beyond the limits, it must be signalled (and eventually authorized) by the Board of Directors – it’s a priority that could eventually impact on the entire company!

  15. Risk mitigation & risk management • The final goal of risk management is therefore the awareness of the risks taken by the company and the actions that top management has to take to mitigate or manage them (see slide 4) • Risk mitigations must not be only at the end of the risk management process, but rather have to be planned in strategic plans (or e.g., at the presentation of the yearly financial statement)

  16. An introduction to risk measures • Generally, risk measures can be divided into two groups, that generate different actions to be taken to cover relative losses: • Expected losses: they generally represent losses that are experienced on average conditions, or given the current situation • Unexpected losses: they represent losses that occur in particular bad events (e.g. once every 20 years) or that are associated to stress tests / extreme scenarios. They take place in the right tail of the losses distribution

  17. Loss distribution: an example The histogram chart shows a simulated loss distribution (in terms of millions €). A common risk management practice (particularly used in credit risk) is to consider average losses (or expected losses) a “cost” to be budgeted periodically (e.g. yearly), while unexpected losses are by their nature an extreme event, and have to be covered with capital

  18. A common risk measure One of the most used risk measures in finance is Value at Risk (VaR): it expresses the maximum loss that a portfolio of asset can experience with a given confidence level and within a given time It’s widely used in financial reporting to monitor market risk, but it’s also starting to be used to measure credit risk (e.g. a pool of mortgage loans) Its importance is also recognized by the regulators (e.g. the Bank of Italy), being one of the parameters used to work out minimum capital requirements

  19. Value at Risk - introduction In defining Value at Risk, we must choose • The typology: historical, parametric or Monte Carlo • The time horizon – it depends on the nature of the risk • Short for market risk (e.g. 1 day or 2 weeks) • Longer for credit risk (e.g. 1 year) • The confidence level – it depends on the nature of the risk and on the risk appetite of a bank • Generally 99% for market risk • Higher for credit risk (99,9% or above)

  20. References • Douglas Hubbard "The Failure of Risk Management: Why It's Broken and How to Fix It" pg. 46, John Wiley & Sons, 2009 • Haldane, A. G., “Why banks failed the stress test”, Bank of England, February 2009 • Resti, A. and Sironi, A., “Risk Management and Shareholders’ Value in Banking”

More Related