Enterprise Risk Management - PowerPoint PPT Presentation

Loading...

PPT – Enterprise Risk Management PowerPoint presentation | free to download - id: 3d5430-NjlhZ



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Enterprise Risk Management

Description:

Enterprise Risk Management Berke Gumus Hakan Bilgutay Murat Bilsel Financial Risk Management Source: KPMG Financial Risk Management Source: KPMG Determining the Right ... – PowerPoint PPT presentation

Number of Views:77
Avg rating:3.0/5.0
Slides: 53
Provided by: homeKuEd
Learn more at: http://home.ku.edu.tr
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Enterprise Risk Management


1
Enterprise Risk Management
  • Berke Gumus
  • Hakan Bilgutay
  • Murat Bilsel

2
Enterprise Risk Management
  • Twenty years ago, the job of the corporate risk
    manager- a low level position
  • Over the last 10 years Corporate Risk management
    has expanded well beyond insurance and the
    hedging of financial exposures
  • Variety of other kind of risks are included
    operational, reputational and strategic

3
Average CRO Annual Salary is 80k in US
The risk management function is directed by a
senior executive in growing number of companies
with the title of chief risk officer (CRO)
Source simplyhired.com
4
Enterprise Risk Management History
  • Maturing as a business process

1980s Companies begin Risk departments, typically
focused on insurance
1990s Risk management matures as companies begin
to focus on business risk
2004 Release of COSO ERM Integrated Framework
1970s Risk management gains wider acceptance
1950s-1960s Traditional Risk Management (TRM)
1980
1970
1990
2000
1960
1950
1977 Foreign Corrupt Practices Act (FCPA)
Early 1980s Increased focus on internal control
and compliance
1985 National Commission on Fraudulent Financial
Reporting Treadway Commission
1992 Committee of Sponsoring Organizations
(COSO) published Internal Control Integrated
Framework
2002 Sarbanes-Oxley Act of 2002
1990s-2000 Continued focus on internal control,
risk management, and responsibilities (Blue
Ribbon Commission, Competency Framework for
Internal Audit, others)
Enterprise Risk Management is intertwined with
the development of internal control standards and
the regulatory environment.
Source Deloitte Touche LLP
5
Enterprise Risk Management/ Current State (2005)
  • Deloitte Touche Observations
  • 45 have no formal Enterprise Risk Management
    program
  • 49 have a program in development
  • Still only 6 consider Enterprise Risk Management
    fully operational
  • Need to better define fully operational and in
    development

Source Deloitte Touche LLP
6
Risk Linkages
Enterprise-Wide Risks
FinancialRisk
Regulatory Risk
OperationalRisk
Source James Lam, Enterprise Risk Management
7
One Risk At a Time vs ERM
  • A corporation can manage risk in 2 fundamental
    ways
  • One risk at a time Compartmentalized and
    Decentralized
  • ERM All risks viewed together within a
    coordinated and strategic framework
  • In the article, Nocco and Stulz argue that ERM
    have a long-run competitive advantage over those
    that manage and monitor risk individually
  • Our argument in brief is that, by measuring and
    managing its risks consistently and
    systematically, and by giving its business
    managers the information and incentives to
    optimize the tradeoff between risk and return, a
    company strengthens its ability to carry out its
    strategic plan

8
ERM is conceptually straightforward, its
implementation is not
  • You dont become a famous writer by
  • Reading a book
  • Reading about other authors
  • Watching someone else write
  • Similarly, you dont become an Enterprise Risk
    Manager by
  • Reading a book
  • Taking a course
  • Listening to a presentation

Source Midwestern Actuarial Forum Chicago
9
Presentation Outline
  • How ERM can give companies a competitive
    advantage and add value for shareholders?
  • The process and challenges involved in
    implementing ERMHow much and which risks to
    retain and which to lay-off?
  • How companies should measure their risks?
  • Various means of laying off non-core risks
    which increases the firms capacity for bearing
    core risks the firm chooses to retain
  • Guide to the major difficulties that arise in
    practice when implementing ERM

10
How ERM can give companies a competitive
advantage and add value for shareholders?
11
The Macro Benefits of Risk Management
  • Within perfect markets view, the value of a
    firm does not depend on its total risk, depends
    mainly on systematic risk
  • However in real world, there are incomplete
    information and financial troubles which can
    disrupt a companys operations and can have a
    large deadweight costs
  • It is senior managements responsibility to
    protect a companys ability to carry out its
    business plan

12
Which risks should a company lay off and which
should it retain?
  • Companies take many strategic or business risks
    and obviously they should be taking risks which
    have an economic meaning (risk/reward in other
    words)Sometimes companies cannot find an
    economic hedge or the cost of transferring such
    risks would likely be prohibitively high
  • The companys management presumably understands
    the risks of such expansion better than any
    insurance or derivatives provider

13
Comparative Advantage in Risk Bearing
  • Companies are in business to take strategic and
    business risks especially when they have a
    comparative advantage
  • For example a gold mining company knows
    supply/demand of gold better than many other
    counterparties therefore can bear with price risk
    of gold
  • In this case gold mining company has a special
    ability to forecast gold market variables and
    have comparative advantage in bearing the risk
    associated with those variables.

14
Reduce Non-Core Exposures
  • Senior management should reduce non-core
    exposures
  • ERM effectively enables companies to take more
    strategic business risk and greater advantage of
    the opportunities in their core business

15
Micro Benefits of ERM
  • Decision-making not just by senior management but
    by business managers throughout the firm
  • Decentralized approach Each unit in the
    corporation evaluates risk-return trade off in
    its decision making
  • An important part of senior management and CROs
    job is to provide the information and incentives
    for each unit to make these trade offs in ways
    that serve the interests of the shareholders

16
2 main components of decentralizing
  • Managers proposing new projects should be
    required to evaluate all major risks in the
    context of the marginal impact of the projects on
    the firms total risk
  • The periodic performance evaluations of the
    business units must take account of the
    contributions of each of the units to the total
    risk of the firm. This creates incentive for
    managers to manage risk-return trade off
    effectively by refusing to accept risks that are
    not economically attractive

17
Every risk is owned since it affects someones
performance evaluation
  • When risks are overstated, promising projects
    could be rejected
  • One division could take a project that another
    would reject based on a different assessment of
    the projects risk and associated costs
  • Systems that ignore risk will end up encouraging
    high risk projects, and in many cases without the
    returns to justify them
  • ERM helps business units to solve above issues
  • The individuals who are closest to risks are
    generally in the best position to assess what
    steps should be taken to reduce the firms
    exposure to them

18
Micro/Macro ERM
Board
Board
  • Integrates risks
  • Best practices
  • Balances perspectives
  • Risk education
  • Regulatory Risk
  • Legal Risk
  • Governance
  • Audit

CRO
Counsel / Compliance
CEO
CRO
Head of Treasury/ALM
Head of IT/ Operations
Chief Investment Officer
Chief Financial Officer
Chief Actuary
EVP Line Units
  • Interest rate risks
  • Parallel shifts
  • Curve twists
  • Basis risks
  • Other risks
  • FX risks
  • Liquidity risks
  • Operational risks
  • Processes
  • People
  • Contingencies
  • Technology risks
  • Availability
  • Performance
  • Security
  • Financial risks
  • Capital
  • Statutory GAAP Reporting Risk
  • Rating agency
  • Tax
  • Liability risks
  • PC
  • Life/Health
  • Commercial
  • Other issues
  • Expected losses
  • Unexpected losses
  • Embedded options
  • Business risks
  • Product risks
  • Customer risks
  • Market risks
  • Fixed income
  • Equities
  • Real estate
  • Performance risks
  • Tracking error
  • Alpha
  • VaR
  • Risk budget
  • Operational Risks

Source James Lam, Enterprise Risk Management
19
Risk/Reward Assessment
20

21
BP 5year CDS
  • Companies should realise how risky is when
    governance and ethical behaviour break down.
    Catastrophic events needs to be highlighted with
    the help of a good ERM process

22
Determining the Right Amount of Risk
  • Guarding against corporate underinvestment
    problem is likely to be the most important reason
    to manage risk.
  • Risk management can be viewed as a substitute
    for equity capital.
  • Many companies identify a level of minimum cash
    flow that they want to maintain and then design
    their risk management programs to ensure the firm
    achieves that minimum.
  • A break-even level is set where the management
    begins to feel pressure to cut projects, but
    there will be some risks of falling into
    financial distress.
  • ERM program is not to eliminate, but rather to
    limit, the probability of distress to a level
    that management and the board agree is likely to
    maximize firm value.

23
Financial Distress Threshold Can Be Set Via...
  • Bond ratings
  • Management may conclude that the firm would have
    to start giving up valuable projects if its
    rating falls to below a certain level.
  • As the study by Moodys suggests there is a
    certain probability of a company with an Aa
    rating having its rating drop to Baa within a
    years time is 1.05 using data from 1920 to
    2005.
  • Whether such a probability is acceptable is for
    top management and the board to decide.
  • Equity capital provides a buffer or shock
    absorber that helps the firm to avoid default.
  • High levels of volatility in earnings and
    capital
  • Value at Risk (VaR)

24
Transition Matrix From Moodys
  • Lets assume management wants the probability of
    its rating falling to Baa or lower over the next
    year to average around 7.
  • Consequently, by targeting an A rating,
    management would achieve the probability of
    financial distress that is optimal for the firm.
  • To achieve an A rating, the company must have
    the level of (equity) capital that makes its
    probability of default equal to 0.08.
  • Both its probability of default and its
    probability of downgrade,

25
Tradeoff between VaR-Equity Capital

26
Value at Risk (Turkcell)
  • Objective
  • To forecast the market risk of Turkcell financial
    assets using the Value at Risk (VaR) methodology.
  • Turkcell Methodology
  • Monte Carlo Simulation
  • Monte Carlo methods are a class of computational
    algorithms that rely on repeated random sampling
    to compute their results.
  • It is the most reliable method for VaR
    computation however this reliability depends on
    the number of the simulations applied.
  • Volatility Method GARCH
  • The best way to obtain dynamic volatility is to
    use methods that give more weight on most recent
    values. These methods adjust the volatility
    output in line with the shocks that might occur
    in the market.
  • Our back-testing results support GARCH
  • FX exposure risk is the major factor of Turkcell
    Portfolio VaR.
  • It can be stated that most of Turkcell Asset VaR
    is due to FX exposure.
  • Turkcell Group have a significant amount of FX
    liability which lowers the Turkcell Asset VaR.

27
Value at Risk (Turkcell)
Reuters
- Market data from Reuters are fed automatically
(every evening)
Analyzing before investment decisions
Treasury Front Office
VaR System
Treasury Middle Office
Reporting VaR daily
VaR Results
- Turkcell Portfolio data from TMS are fed
automatically (every evening)
Treasury
TMS
Reconciliation of accounts and accounting
treatments
Turkcell ERP
28
Value at Risk (Turkcell)
  • VaR Limit Structure for Turkcell Derivative
    Portfolio
  • The Limit Structure will have three different
    limit levels
  • Green Level
  • Normal level that daily VaR of the Derivative
    Portfolio would not exceed.
  • Yellow Level
  • Maximum temporary high level allowed if a shock
    in volatility occurs.
  • If Yellow Level is exceeded, this would be
    reported to CFO.
  • Red Level
  • Extreme limit that will not be exceeded.
  • Corrective action will be taken (unwinding
    options etc.) once the Red Limit is exceeded.

29
Framework of ERM Can be Summarized
  • When credit ratings are used as the primary
    indicator of financial risk, the firm determines
    an optimal or target rating based on its risk
    appetite and the cost of reducing its probability
    of financial distress.
  • 2) Given the firms target rating, management
    estimates the amount of capital it requires to
    support the risk of its operations. In so doing,
    management should consider the probability of
    default.
  • 3) Management determines the optimal combination
    of capital and risk that is expected to yield its
    target rating.
  • 4) Top management decentralizes the
    risk-capital tradeoff with the help of a capital
    allocation and performance evaluation system
    that motivates managers throughout the
    organization to make investment and operating
    decisions that optimize this tradeoff.

30
Implementing ERM
  • ERM is conceptually straightforward, its
    implementation is challenging.
  • Inventory of Risks
  • Identify all of the companys major risks
    (market, credit, liquidity, operational,
    reputational and strategic.
  • Find a consistent way to measure firms exposure
    to these risks (a common approach that can be
    used to identify and quantify exposures.
  • Without such a method, exposure to the same risk
    could have different effects on the performance
    evaluation and decision-making of different
    business units and activities.
  • Companies must be able to aggregate common risks
    across all of their businesses to analyze and
    manage them effectively.

31
Implementing ERM
  • Economic Value vs. Accounting Performance
  • Credit ratings are often not the most reliable
    estimates of a firms probability of default.
  • In such cases, management should rely on its own
    economics-based analysis, while making every
    effort to share its thinking with the agencies.
  • Financial ratios to be used after determining
    main concern of risk management (Shortfall in
    cashflow or earnings?)
  • Accounting Problem
  • Volatile accounting earnings If a company uses
    derivatives to hedge an economic exposure but
    fails to qualify for hedge accounting, the
    derivatives hedge can reduce the volatility of
    firm value while at the same time increasing the
    volatility of accounting earnings.

32
CDS Market or Rating?
Source Bloomberg
33
Bank Exposure?
34
Financial Risk Management
Source KPMG
35
Financial Risk Management
Source KPMG
36
Determining the Right Amount of Risk
  • Guarding against corporate underinvestment
    problem is likely to be the most important reason
    to manage risk.
  • Risk management can be viewed as a substitute
    for equity capital.
  • Many companies identify a level of minimum cash
    flow that they want to maintain and then design
    their risk management programs to ensure the firm
    achieves that minimum.
  • A break-even level is set where the management
    begins to feel pressure to cut projects, but
    there will be some risks of falling into
    financial distress.
  • ERM program is not to eliminate, but rather to
    limit, the probability of distress to a level
    that management and the board agree is likely to
    maximize firm value.

37
Financial Distress Threshold Can Be Set Via...
  • Bond ratings
  • Management may conclude that the firm would have
    to start giving up valuable projects if its
    rating falls to below a certain level.
  • As the study by Moodys suggests there is a
    certain probability of a company with an Aa
    rating having its rating drop to Baa within a
    years time is 1.05 using data from 1920 to
    2005.
  • Whether such a probability is acceptable is for
    top management and the board to decide.
  • Equity capital provides a buffer or shock
    absorber that helps the firm to avoid default.
  • High levels of volatility in earnings and
    capital
  • Value at Risk (VaR)

38
Transition Matrix From Moodys
  • Lets assume management wants the probability of
    its rating falling to Baa or lower over the next
    year to average around 7.
  • Consequently, by targeting an A rating,
    management would achieve the probability of
    financial distress that is optimal for the firm.
  • To achieve an A rating, the company must have
    the level of (equity) capital that makes its
    probability of default equal to 0.08.
  • Both its probability of default and its
    probability of downgrade,

39
Tradeoff between VaR-Equity Capital

40
Value at Risk (Turkcell)
  • Objective
  • To forecast the market risk of Turkcell financial
    assets using the Value at Risk (VaR) methodology.
  • Turkcell Methodology
  • Monte Carlo Simulation
  • Monte Carlo methods are a class of computational
    algorithms that rely on repeated random sampling
    to compute their results.
  • It is the most reliable method for VaR
    computation however this reliability depends on
    the number of the simulations applied.
  • Volatility Method GARCH
  • The best way to obtain dynamic volatility is to
    use methods that give more weight on most recent
    values. These methods adjust the volatility
    output in line with the shocks that might occur
    in the market.
  • Our back-testing results support GARCH
  • FX exposure risk is the major factor of Turkcell
    Portfolio VaR.
  • It can be stated that most of Turkcell Asset VaR
    is due to FX exposure.
  • Turkcell Group have a significant amount of FX
    liability which lowers the Turkcell Asset VaR.

41
Value at Risk (Turkcell)
Reuters
- Market data from Reuters are fed automatically
(every evening)
Analyzing before investment decisions
Treasury Front Office
VaR System
Treasury Middle Office
Reporting VaR daily
VaR Results
- Turkcell Portfolio data from TMS are fed
automatically (every evening)
Treasury
TMS
Reconciliation of accounts and accounting
treatments
Turkcell ERP
42
Value at Risk (Turkcell)
  • VaR Limit Structure for Turkcell Derivative
    Portfolio
  • The Limit Structure will have three different
    limit levels
  • Green Level
  • Normal level that daily VaR of the Derivative
    Portfolio would not exceed.
  • Yellow Level
  • Maximum temporary high level allowed if a shock
    in volatility occurs.
  • If Yellow Level is exceeded, this would be
    reported to CFO.
  • Red Level
  • Extreme limit that will not be exceeded.
  • Corrective action will be taken (unwinding
    options etc.) once the Red Limit is exceeded.

43
Framework of ERM Can be Summarized
  • When credit ratings are used as the primary
    indicator of financial risk, the firm determines
    an optimal or target rating based on its risk
    appetite and the cost of reducing its probability
    of financial distress.
  • 2) Given the firms target rating, management
    estimates the amount of capital it requires to
    support the risk of its operations. In so doing,
    management should consider the probability of
    default.
  • 3) Management determines the optimal combination
    of capital and risk that is expected to yield its
    target rating.
  • 4) Top management decentralizes the
    risk-capital tradeoff with the help of a capital
    allocation and performance evaluation system
    that motivates managers throughout the
    organization to make investment and operating
    decisions that optimize this tradeoff.

44
Implementing ERM
  • ERM is conceptually straightforward, its
    implementation is challenging.
  • Inventory of Risks
  • Identify all of the companys major risks
    (market, credit, liquidity, operational,
    reputational and strategic.
  • Find a consistent way to measure firms exposure
    to these risks (a common approach that can be
    used to identify and quantify exposures.
  • Without such a method, exposure to the same risk
    could have different effects on the performance
    evaluation and decision-making of different
    business units and activities.
  • Companies must be able to aggregate common risks
    across all of their businesses to analyze and
    manage them effectively.

45
Implementing ERM
  • Economic Value vs. Accounting Performance
  • credit ratings are often not the most reliable
    estimates of a firms probability of default.
  • In such cases, management should rely on its own
    economics-based analysis, while making every
    effort to share its thinking with the agencies.

46
Assesing the Risk
47
Aggregating Risk
  • A firm uses three-parts typology of market,
    credit and operational risk
  • Each risk has different distribution
  • Market risk has normal distribution or
    symmetrical distribution
  • Credit and Operational Risks have asymmetric
    distributions
  • Using normal distribution is not appropriate to
    estimate VaR of Operational Risks and Credit
    Risk, since these risks have fat tails.

48
  • Aggregating the risks, the correlation between
    individual risks should be taken into
    consideration as well.
  • Estimating the correlation is more art than
    science.
  • Another factor is the companys actions
  • Total risk of an insurance company can be
    modified by allocating the balance sheet.
  • To create an efficient frontier, insurance
    companies use different types of asset allocation
    methods in balance sheets.

49
(No Transcript)
50
Measuring Risk
  • Because of tail risk, low possibility and large
    outcomes might be seen.
  • Setting the companys capital at a level equal to
    the conditional VaR would provide the firm with a
    lower probability of default
  • It is therefore critical for companies to make
    sure that the equity capital set based on VaR
    estimate leads to the targeted optimal
    probability
  • Without any historical experience of losses, it
    is hard for management to estimate the VaR at
    that probabilityy level and then evaluate the
    result.

51
Regulatory versus Economic Capital
A firm that practices ERM should have an amount
of capital that substantially exceeds its
regulatory requirements because it maximizes
shareholder wealth by doing so. Regulatory
capital is generally defined in terms of
regulatory accounting. For purposes of an ERM
system, companies focus on GAAP and economic
capital Thus, in assessing the level of a
companys buffer of capital, this suggests that
the amount of its GAAP equity capital is only
part of the story.
52
Using Economic Capital to Make Decisions
When a company undertakes a new risky activity,
the probability that it will experience financial
distress increases, thus raising the expected
costs of financial distress.
About PowerShow.com