24 - Risk Governance Flashcards Preview

CP1 Flashcards > 24 - Risk Governance > Flashcards

Flashcards in 24 - Risk Governance Deck (23)
Loading flashcards...
1
Q

What are the key steps of risk management by a financial provider?

A
  • Risk identification
  • Risk classification
  • Risk measurement
  • Risk control
  • Risk financing
  • Risk monitoring
  • Cycle back
2
Q

What does risk identification concern?

A
  • Recognise risks that will threaten the assets & income of the organisation by establishing context:
    - > Business objectives
    - > Company structures & finances
    - > Who are the key stakeholders?
    - > What is the area of business?
    - > External environment
  • Systematic or diversifiable?
  • Preliminary identification of possible risk control processes
  • Identify exploitable risks to gain competitive advantage
3
Q

What is risk classification concerned with?

A
  • Classifying risks helps with calculating cost of risk & the value of diversification
  • Management allocates the risk to an “owner” who is responsible for the control processes of the risk
4
Q

What is risk measurement concerned with?

A
  • Estimation of the probability of the risk event occurring and its severity
  • Gives the basis for evaluating/selecting risk control methods:
    o Decline risks
    o Transfer risks
    o Mitigate risks
    o Retain risks with or without controls
5
Q

What is risk control concerned with?

A
  • Deciding whether to fully/partially accept each identified risk
  • Identifying possible mitigation options for risks where needed
  • Risk control measures aim to mitigate risks or their consequences by:
    o Reducing probability of risk occurring
    o Limiting severity of the effects of occurring risks
    o Limiting consequences of the risks that occur eg. adequate insurance
6
Q

What is risk financing concerned with?

A
  • Determining the likely cost of each risk (including cost of mitigations, expected losses & cost of capital arising from retained risks)
  • Ensuring the organisation has sufficient financial resources available to continue its objectives after loss event occurs
7
Q

What is risk monitoring concerned with?

A
  • Identify new risks or changes in the nature of existing risks
  • Determine if the exposure to risk and/or risk appetite of the organisation has changed over time
  • Report on risks that have actually occurred and how they were managed
  • Assess whether the existing risk management process is effective
8
Q

What are the benefits of a risk management process for a provider?

A
  • Avoid surprises
  • Improve stability & quality of the business
  • Improve their growth & returns by:
    o Exploiting risk opportunities
    o Better management/allocation of capital
  • Identify opportunities from:
    o Natural synergies
    o Risk arbitrage
  • Give stakeholders in their business confidence that the business is being well managed
9
Q

Risk management strategies that balance risk, growth and consistency should ideally:

A
  • Incorporate all risks, both financial & non-financial
  • Evaluate all relevant strategies for managing risks, both financial & non-financial
  • Consider all relevant constraints including political, social, regulatory & competitive
  • Exploit the:
    o Hedges & portfolio effects among the risks
    o Financial & operational efficiencies within strategies
10
Q

What is systematic risk?

A
  • Risk that affects the whole financial market or system

- It cannot avoided through diversification

11
Q

What is diversifiable risk?

A
  • Arises from an individual component of a financial market or system
  • Only non-diversifiable risks are rewarded within the scope of most financial systems
  • Rational investor should not take on any diversifiable risk
12
Q

What are the main characteristics of ERM?

A
  • Centralisation
  • Board implementation & key objective of the board
  • Evolving process
13
Q

What does the centralisation aspect of ERM concern?

A
  • Portfolio approach (assesses all the risks across the company wrt their cumulative effect & correlations)
  • Central Risk Function (single department responsible for risk assessment/objectives/monitoring lead by expertise & knowledge of CRO)
  • Documentation (details of all risks & potential risks kept in one evolving source document)
  • Reporting (one person, the CRO is responsible for reporting on overall risks to the company board)
14
Q

Advantages of portfolio approach:

A
  • Assesses all the risks across the company wrt their cumulative effect & correlations
  • Can lead to greater efficiencies in terms of:
    o Insurance purchased
    o Investment strategy
    o Capital requirements
15
Q

Advantages of central risk function (CRF):

A
  • Clearly defined risk objectives
  • Without CRF, dilution of knowledge b/w different departments is likely
  • More accurate/efficient reporting of risks from:
    o Staff to CRO
    o CRO to the board
    o The Board back to all departments & employees
  • Less likelihood of gaps in analysis
  • Central auditing of risks => less risk of over-confidence & anchoring
  • Improvement of risk culture or an organisation
16
Q

What is the documentation aspect of CRF concerned with?

A
  • Risk policy is set out and risks are listed & defined (using checklists & risk register) in consistent language (taxonomy of risks)
  • Responsibility of CRF to keep the documentation updated when new risks are identified or treatment of risks change
17
Q

What is the reporting aspect of CRF concerned with?

A
  • Risks must be reported to the board st. there is clarity in the understanding of:
    o Key risks prioritised by CRO
    o Developments in the organisation’s risk profile
  • Employees should
    o Be adequately trained in ERM
    o Understand importance of reporting potential risks & monitoring current risks
18
Q

What is the board implementation component concerned with in ERM?

A
  • Crucial for the board to completely buy into the concept
  • Should be a key objective for the board
  • ERM agenda item every meeting
  • Appoint CRO (who may be on the board)
19
Q

What is the evolving process component of ERM concerned with?

A
  • Board should implement a thorough process
  • Risk continually being monitored & revised
  • Not a once off exercise
20
Q

Challenges of ERM:

A
  • Considerable initial effort required
  • The Board must sell the idea to managers and staff
  • Must be a part of corporate culture
21
Q

How might business units of a single organisation operate?

A
  • Carry out the same activity but in different locations
  • Carry out different activities at the same location
  • Carry out different activities at different locations
  • Operate in different countries
  • Operate in different markets
  • Be separate companies in a group, which each have their own business unit
22
Q

How may a parent company manage risks b/w business units alternatively to ERM?

A
  • Determine the overall risk appetite of the company
  • Divide the risk appetite b/w the different units
  • Likely that this method does not allow for diversification benefits
  • Hence a preferable approach is risk management at the enterprise level
23
Q

Who are the stakeholders of risk governance?

A
  • Directors / senior management
  • Risk managers and any Chief Risk Officer
  • All other employees
  • Customers
  • Shareholders
  • Credit rating agencies
  • Regulators.