Finance 590 by qfc86623

VIEWS: 6 PAGES: 59

									     Finance 590
Enterprise Risk Management
      Operational Risk
         MarkVonnahme
      Department of Finance
      University of Illinois at
       Urbana-Champaign
                       ERM
• Why operational risk management
  – Some perspectives on significance
     • Major financial disasters have included operational
       risk issues as a main contributing factor
     • Operational risks often interrelated with market and
       credit risk
     • When operational risk is not managed centrally it
       leads to lack of consistency across an org
                    ERM
• Benefits of effective operational risk
  management
  – Minimizes day to day losses and reduces
    potential for costly occurrences
  – Improves company’s ability to meet business
    objectives
  – Strengthens overall enterprise risk management
    system
                      ERM
• Operational Risk
  – a common definition
  “ Operational risk is the risk of direct or indirect
    loss resulting from inadequate or failed internal
    processes,people,and systems or from external
    events”

  BBA,et al
                         ERM
• Operational risk
  – The real definition varies by company based
    upon industry and other factors; essentials
    include
     •   Process risk
     •   People risk
     •   System risk
     •   Event risk
     •   Business risk
                       ERM
• Process risk
  – Risk occurs through ineffective or inefficient
    processes
     • Ineffective –fail to achieve objectives
     • Inefficient-meet objectives but excessive costs

     What does this mean
     Examples
                         ERM
• People risk
  – Result from
     •   Staff constraints
     •   Incompetence
     •   Dishonesty
     •   Cultures that do promote not risk awareness

     What does all this mean
     Examples
                            ERM
• System risk
  – More and more common across business
     • Technology keeping up with business
         – My experiences
  – Includes systems availability,data integrity,systems
    capacity,unauthorized access and use,and business
    recovery contingencies
     • Programming errors
     • Security
     • Mergers and acquisitions
         – My experiences
                          ERM
• Event risk
  – Unlikely single events that have serious
    consequences
     • Many examples
     • Expect the unexpected
     • Event risk may have ripple effect impacting other
       areas
        – Market, credit, financial
        – Other operational areas
                          ERM
• Business risk
  – Risk of loss due to unexpected changes
     • All kinds of risks including
        –   Strategy
        –   Client management
        –   Pricing
        –   Reputation and brand
        –   Many,many others
                       ERM
• Some key questions relate to
  –   Vulnerabilities in business strategy and plans
  –   Product diversification or sufficient business
  –   Appropriate operating leverage
  –   Wrong or changing business assumptions
  –   Fix or exit a business
  –   Exit strategy
                    ERM
• Operational Risk Management Process
  – Risk policy and organization
  – Risk identification and assessment
  – Capital allocation and performance
    measurement
  – Risk mitigation and control
  – Risk transfer and finance
                      ERM
• Risk policy and organization
  –   Management principles for operational risk
  –   Definition and taxonomy for operational risk
  –   Objectives and goals
  –   Operational risk processes and tools
  –   Organizational structure
  –   Roles and responsibilities
                         ERM
• Risk identification and assessment
  – A range of qualitative and quantitative tools to
    assess, measure and manage;these include
     •   Loss incident database
     •   Control self-assessment
     •   Risk mapping
     •   Risk indicators and performance triggers
                      ERM
• Capital allocation and performance
  measurement
  – Link risk to performance measurement through
    the capital allocation process
     • No widely accepted model
  – No one methodology or single solution ; a
    combination of approaches
                   ERM
• Capital allocation and performance
  measurement continued
  – Top down models v bottom up models
                      ERM
• Top down models
  –   Implied capital model
  –   Income volatility model
  –   Economic pricing model
  –   Analog model
                      ERM
• Bottom –up or loss distribution model
  – Statistical analysis
  – Scenario analysis
                        ERM
• Risk mitigation and control
  – The ying is useless without the yang
  – Assessing and measuring does no good without
    improving and controlling risk factors
  – Once measurement is in place must implement
    processes that identify and reduce operational
    risk
     • Involves people, training,changing or structure, etc.
                             ERM
• Risk transfer and finance
   – Choices to address key operational risks
      • Implement internal control v risk transfer
      • Not mutually exclusive; generally complementary
      • Company should go through the ERM process
          – Identify risk exposures and quantify probabilities,severities and
            economic capital requirements
          – Integrate operational risk with other key risks
          – Establish operational risk limits
          – Implement internal controls and risk transfer finance strategies
          – Evaluate alternative methods, providers, and structures including
            cost benefit analysis
                    ERM
• Best practices in operational risk
  management
  – Operational risk may be most dangerous
  – Wide range of industry practices
     • Basic
     • Standard
     • Best
                             ERM
• Operational risk
   – Basic practice-a company
      • Recognized operational risk as key risk
      • Definition of operational risk and sub categories is in place
      • Operational risk manger is appointed to develop a program
      • Operational risk committee with key reps is in place
      • Tracking program for risk is in place
      • Self assessment performed regularly
      • Policy developed and approved
      • Operational risk management group acts a consultant to sr.
        mgmt.
      • Audit and compliance group acts as checker
                             ERM
• Operational risk
   – Standard practice-a company builds on basic
      •   Developed full set of operational risk indicators
      •   Established goals and MAPs for the indicators
      •   Developed early warning signals
      •   Risk based maps developed to identify key exposures in
          operations
      •   Developed several years of risk losses and incidents
      •   Response plans and contingency plans developed
      •   Audit and operational risk management independent of each
          other
      •   Org learning programs are in place
                            ERM
• Operational risk
   – Best practice – a company continues to build
      • Business risk and reputational risk included
      • Advanced in their processes to assess and measure risk with
        qualitative and quantitative tools
      • Allocate economic capital to underlying risks along with credit
        risk and market risk
      • Initiate development of scenario based operational risk
        modeling to quantify potential loss
      • Insurance function is fully integrated with operational risk
        function
      • Risk transfer strategies based upon cost benefit analysis
      • Evolved from just control function to one that supports better
        decisions on price, growth and profit
                     ERM
• Operational risk
  – Where do you think most companies are in the
    cycle or phases of “ best practices ”
               ERM
• Questions

• Discussion
     Finance 590
Enterprise Risk Management
   Business Applications

         MarkVonnahme
      Department of Finance
      University of Illinois at
       Urbana-Champaign
                       ERM
• Business applications have followed the
  requirements and changes of business
     • RM practices have evolved
     • RM will continue to evolve and adjust to business
       conditions and change
                        ERM
• Business Applications
  – Three major applications
     •   Stage I: Minimizing the Downside (loss reduction)
     •   Stage II: Managing Uncertainty
     •   Stage III: Performance Optimization
     •   Combination of all three is Enterprise Risk
         Management
                       ERM
• Stage I: Minimizing the Downside
  – RM in the 1970s focused on protection against
    downside risks
  – Establishing credit controls, investment and liquidity
    policies,audit procedures and insurance coverage
  – Defensive RM practices looked at minimizing losses in
    credit risk, market risk and operational risk
  – Found out it was not enough
  – Demonstrating how RM can be positive in supporting
    profit and business growth lead to next stage
                            ERM
• Stage II: Managing Uncertainty
   – RM focuses on managing volatility around business and
     financial results
   – A number of sources of volatility were catalysts
      • 1970s: fixed to floating exchange rates and wildly fluctuating
        oil prices
      • 1980s: double digit inflation, double digit interest
        rates(volatility) and lending crises
      • 1990s: derivative losses, volatile equity markets and
        beginnings of major economic shifts
      • 2000-today: economic changes, corporate scandals, new
        regulations - “ uncertainty continues ”
                      ERM
• Stage II continued
  – With increased volatility RM practices evolved
     • Credit scoring and migration models to develop
       more precise estimates default probabilities
     • Advances in management of financial market risks
     • Recognition of importance of operational risk
       management
                             ERM
• Stage II continued
   – Risk transfer products increased in popularity
      • Derivatives and sophisticated insurance products
   – Recognition that additional products needed
      • Derivatives and insurance not enough
   – Alternative risk transfers
   – Integration of risk management silos
      •   Transfer packages of risks
      •   Development of integrated internal models for risk
      •   A more holistic view of risk
      •   Spurred use of RM for performance optimization
                       ERM
• Stage III Performance Optimization
  – RM characterized by integrated approach to all
    types of risk
  – Move from partial integration in other stages to
    complete integration
  – Risk and return are important component
     • Not defensive
     • Move to an offensive approach in dealing with
       credit , market risk and operational risk
                        ERM
• Further evolution of RM
  – Changes in business environment will continue
    to impact the development of the practice
     •   Globalization
     •   Technology
     •   Changing market structures
     •   Restructuring
     •   Other changes we do not know about today
               ERM
• Discussion

• Questions

• Next class
        Finance 590
Enterprise Risk Management
            Steve D’Arcy
       Department of Finance
              Lecture 5
   Strategic and Operational Risk
           Measurements
           April 19, 2005
             Reference Material
• Chapter 14 – Operational Risk Management in
  Enterprise Risk Management by James Lam
• Why COSO is Flawed by Ali Samad-Khan
• Burchett and Dowd presentation
http://www.casact.org/affiliates/cagny/1101/basel1.ppt
• Reputation Risk – Operational Risk
CAS ERM Task Force presentation
                 Overview
• Strategic Risk
• Operational Risk
• Measures of Operational Risk
  – Capital requirements for operational risk
  – Market performance
• COSO Approach
• Critique of COSO Approach
                Strategic Risk
• Difficulty in quantifying strategic risks
• Contrast with hazard and financial risks
  – Lack of data
  – Imprecision of measurements
• How do you measure the likelihood and
  impact of:
  – a competitor’s or regulator’s actions
  – a technological innovation
  – a political impediment
           Operational Risk
• Loss from inadequate or failed
  – Processes
  – People
  – Systems
• External events (generally covered under
  Hazard Risks)
  Measures of Operational Risk
• Basel Accord
  – Capital requirements
• Market performance
  – Examine similar events for other companies
       New Basel Capital Accord
• Focus is on banks
• Convergence of regulation will expand
  application to insurers and other industries
• Minimum capital requirement
Capital Ratio = Total Capital/(Credit Risk + Market Risk
                    + Operational Risk)
Minimum Capital Ratio = 8%
Top Down vs. Bottom Up Capital
         Allocation
                       Top Down
 Start with aggregate capital for the industry
 Allocate this to each risk source
 Allocate result to individual financial institutions
                       Bottom Up
 Identify each source of risk
 Develop a method for measuring the magnitude
 Derive capital from this measure
    Proposed Capital Approaches
•   Basic Indicator
•   Standardized
•   Internal Measurement
•   Loss Distribution
        Basic Indicator Approach
                      KBIA = EI*
KBIA   = the capital charge under the Basic Indicator Approach
EI     = the level of an exposure indicator for the whole
              institution, provisionally gross income
      = a fixed percentage relating the industry-wide level of
              required capital to the industry-wide level of the
              indicator
             Standardized Approach
                      KTSA = (EI * )     1-8    1-8


KTSA    = the capital charge under the Standardized Approach

EI1-8   = the level of an exposure indicator for each of the 8
               business lines

1-8    = a fixed percentage relating the level of required capital
               to the level of the gross income for each of the 8
               business lines
(Corporate Finance, Trading and Sales, Retail Banking, Commercial Banking
Payment and Settlements, Agency Services and Custody, Retail Brokerage,
Asset Management)
        Internal Measurement Approach
                 KIMA = (EI *PE *LGEij*ij)
                                       ij     ij



KIMA     = the capital charge under the Internal Measurement Approach
EIij     = the level of an exposure indicator for each business line and event
            type combination
PEij     = the probability of an event given one unit of exposure, for each
            business line and event type combination
LGEij    = the average size of a loss given an event for each business line and
            event type combination
ij      = the ratio of capital to expected loss for each business line and event
            type combination
    Loss Distribution Approach
• Similar to Hazard Risk analysis
  Market Performance Approach
• Gather information regarding publicly traded peer
  companies that have experienced significant distress events
  negatively affecting stock price relative to market indexes.
• For each company, evaluate historical stock price relative
  to the S&P 500 or industry related stock price index during
  the “pre-event” period.
• Using the relationship to one or more indexes, project
  future stock price movements for the individual company
  stock on a pro-forma basis for the “post-event” period.
• Compare the pro-forma stock price to the actual stock price
  in the post-event period, to estimate the hypothetical
  percentage loss in market valuation for each day.
Market Performance Approach (2)
• Project cumulative average market valuation movements
  beyond the latest available post-event data point for
  individual companies based on the cumulative average
  percentage movement in market valuation for the
  remaining companies in the sample data, up to one year
  beyond the event.
• Derive a rough model for the number of trading days
  before stock price “recovers” to the pro-forma projected
  level.
                          Schering-Plough Corp.
EVENT: Schering-Plough has problems with FDA manufacturing regulations, leading
to a delay in approval for its allergy blockbuster successor, Clarinex.


• Market Cap Loss:
$15.3 Billion or 22%                   Relative Price Performance for Schering-Plough and
(2/15/01 – 3/8/01)                    the S&P 500: Novermber 1, 2000 through June 1, 2001
                               125%
                                                                                     2/01: FDA halts review on SGP’s
• Recovery Period to Date:                                                           Clarinex, due to separate
                                                                                     manufacturing concerns
                               100%
  None
                               75%
• 2/01: Class action lawsuit
filed against directors and    50%
                                      11/1/00


                                                12/1/00



                                                          1/1/01



                                                                         2/1/01


                                                                                  3/1/01



                                                                                             4/1/01


                                                                                                       5/1/01



                                                                                                                6/1/01
officers

                                                                   Schering-Plough         S&P 500
   125%                                                  Schering-Plough
                                                                                                             Schering-Plough
   100%
                                                                                                             S&P 500
                                                                                                             S&P 500 Pharm
      75%
                                                                                                             Forecast

      50%


                                                1/1/01

                                                          2/1/01

                                                                   3/1/01

                                                                              4/1/01

                                                                                         5/1/01

                                                                                                  6/1/01
                       11/1/00

                                     12/1/00




                                               The ore tica l Lost Ma rke t Ca p - Sche ring

                      25%
    Lost Market Cap




                      20%
                      15%
                      10%
                      5%
                      0%
                                 0             50         100           150            200        250      300   350     400
                                                                            Ela pse d Da ys




Pro-forma stock price movements modeled relative to the S&P 500 Pharmaceutical index.
                         McKesson Corporation
EVENT: McKesson improperly reports its software revenue
from newly acquired HBOC, resulting in loss of investor
confidence.

• Market Cap Loss:                      Relative Price Performance for McKesson Corp. and the
  $ 9.1 Billion or 50%                      S&P 500: January 2, 1999 through August 1, 1999
 (4/27/99 – 4/29/99)           125%

• Recovery Period to Date:     100%                                                                                                       4/99: MCK reduces
  None                                                                                                                                    earnings by 4.4% after
                               75%                                                                                                        restating financials
•4/99 – Class action lawsuit                     1/99: Acquired HBOC
filed against directors and    50%
officers                       25%
                                      1/1/99
                                               1/15/99
                                                         1/29/99
                                                                   2/12/99
                                                                             2/26/99
                                                                                       3/12/99
                                                                                                 3/26/99
                                                                                                           4/9/99
                                                                                                                    4/23/99
                                                                                                                              5/7/99
                                                                                                                                       5/21/99
                                                                                                                                                 6/4/99
                                                                                                                                                          6/18/99
                                                                                                                                                                    7/2/99
                                                                                                                                                                             7/16/99
                                                                                                                                                                                       7/30/99
•6/99 – McKesson
downgraded by S&P and
Moody’s                                                                                      McKesson                             S&P 500
   125%
                                                              McKesson
   100%                                                                                                 McKesson
                                                                                                        S&P 500
    75%
                                                                                                        S&P 500 HC
    50%                                                                                                 Forecast


    25%
                       1/1/99


                                    2/1/99


                                                  3/1/99


                                                             4/1/99


                                                                       5/1/99


                                                                                6/1/99


                                                                                         7/1/99
                                             The ore tica l Lost Ma rke t Ca p - McKe sson

                      35%
    Lost Market Cap




                      30%
                      25%
                      20%
                      15%
                      10%
                       5%
                       0%
                                0            50            100        150       200      250      300   350    400
                                                                         Ela pse d Da ys



Pro-forma stock price movements modeled relative to the S&P 500 Healthcare Services index.
         Why COSO is Flawed
• Resource intensive approach
• Identification, definition and assessment of risk
  – Performed by business managers
• Results in huge catalogue of risks
• Likelihood-impact method
               Risk = Likelihood x Impact
          Actuarial Approach
• Individual loss events
• Risk matrix for loss data
• Loss distributions
  – Frequency
  – Severity
• VaR Calculation
• Total loss distribution
                Conclusion
• Quantifying strategic and operational risk is
  the latest challenge for ERM
• Variety of approaches proposed
• Eventual standard likely to follow the
  approaches used for hazard and financial risk
• Lots of work remains to be done in this area

								
To top