P. 1
Total Risk Management

Total Risk Management

|Views: 471|Likes:
Published by Yashvi Chitalia

More info:

Categories:Types, Business/Law
Published by: Yashvi Chitalia on Sep 02, 2011
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as DOCX, PDF, TXT or read online from Scribd
See more
See less






  • Composite Risk Index:
  • Risk avoidance:
  • Risk reduction:
  • Risk sharing:
  • Risk retention:
  • Important Advantages of Operational Risk Management:
  • Types of Operational Risk:
  • Operational Risk Management Software:
  • Application of Financial Risk Management:
  • Uses of Market Risk Management:
  • Main Characteristics of Market Risk Management:
  • Importance of Credit Risk Management:
  • Situations of Credit Risk Management:
  • Aim of Credit Risk Management:
  • y Quantitative Risk Management:
  • Inputs of Quantitative Risk Analysis:
  • Functioning of Quantitative Risk Management:
  • Output of Quantitative Risk Management:
  • y Commodity risk management:
  • Types of Commodity Risk:
  • y Bank risk management:
  • Steps of Nonprofit Risk Management:
  • Risk Management Issues Concerning Nonprofit Organizations:
  • Reasons for Adoption of Nonprofit Risk Management:
  • y Currency Risk Management:
  • y Enterprise Risk Management:
  • Types of Enterprise Risk Management:
  • y Project Risk Management:
  • Process of Project Risk Management:
  • y Technology Risk Management:
  • Processes of Technology Risk Management:
  • From Theory to Practice: Why Firms Should Manage Risk
  • Using Risk Management to Lower Taxes
  • Reducing Financial Distress and Bankruptcy Costs
  • Using Risk Management to encourage and Protect Firm Specific
  • Investments
  • Using Risk Management to Monitor and Control Managers
  • Using Risk Management to Improve Decision Making and Capital
  • Budgeting
  • Risk Management and Dividends
  • Summary and Conclusions

Total Risk Management



Total Risk Management

We would like to express our gratitude to our teacher in charge Prof.Murugank Kapadia for giving us this opportunity of working on this project and guiding us throughout the course of the project.


Total Risk Management

SR NO. 1 2 3 4 5 6 7 8 TOPIC Introduction Principles of Risk Management Potential Risk Treatments Importance of Risk Management Types of Risk Management Application of Financial Risk Management Risk Management, Corporate Governance & Public Corporation Summary & Conclusion PAGE NO. 3 5 10 13 13 18 32 40


Total Risk Management

 Risk management is the identification, assessment, and prioritization of risks (defined in ISO 31000 as the effect of uncertainty on objectives, whether positive or negative) followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or to maximize the realization of opportunities.  Risks can come from uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attacks from an adversary.  Several risk management standards have been developed including the Project Management Institute, the National Institute of Science and Technology, actuarial societies, and ISO standards.  Methods, definitions and goals vary widely according to whether the risk management method is in the context of project management, security, engineering, industrial processes, financial portfolios, actuarial assessments, or public health and safety.  The strategies to manage risk include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk.  Certain aspects of many of the risk management standards have come under criticism for having no measurable improvement on risk even though the confidence in estimates and decisions increase.  In ideal risk management, a prioritization process is followed whereby the risks with the greatest loss and the greatest probability of occurring are handled first, and risks with lower probability of occurrence and lower loss are handled in descending order. In practice the process can be very difficult, and balancing between risks with a high probability of occurrence but lower loss versus a risk with high loss but lower probability of occurrence can often be mishandled.  Intangible risk management identifies a new type of a risk that has a 100% probability of occurring but is ignored by the organization due to a lack of identification ability. For


Total Risk Management
example, when deficient knowledge is applied to a situation, a knowledge risk materializes. Relationship risk appears when ineffective collaboration occurs. Process-engagement risk may be an issue when ineffective operational procedures are applied.  These risks directly reduce the productivity of knowledge workers, decrease cost effectiveness, profitability, service, quality, reputation, brand value, and earnings quality. Intangible risk management allows risk management to create immediate value from the identification and reduction of risks that reduce productivity.  Risk management also faces difficulties in allocating resources. This is the idea of opportunity cost. Resources spent on risk management could have been spent on more profitable activities. Again, ideal risk management minimizes spending and minimizes the negative effects of risks.

For the most part, these methods consist of the following elements, performed, more or less, in the following order:     

identify, characterize, and assess threats assess the vulnerability of critical assets to specific threats determine the risk (i.e. the expected consequences of specific types of attacks on specific assets) identify ways to reduce those risks prioritize risk reduction measures based on a strategy


iterative and responsive to change be capable of continual improvement and enhancement 6 .Total Risk Management Principles of risk management: The International Organization for Standardization (ISO) identifies the following principles of risk management Risk management should:            create value be an integral part of organizational processes be part of decision making explicitly address uncertainty be systematic and structured be based on the best available information be tailored take into account human factors be transparent and inclusive be dynamic.

Identification of risk in a selected domain of interest 2." the process of risk management consists of several steps as follows: o Establishing the context Establishing the context involves: 1. Planning the remainder of the process. 4. o Identification:  After establishing the context. 5.Total Risk Management Process: According to the standard ISO 31000 "Risk management -. when triggered.  Source analysis : Risk sources may be internal or external to the system that is the target of risk management. Defining a framework for the activity and an agenda for identification. risk identification can start with the source of problems. Developing an analysis of risks involved in the process. Examples of risk sources are: stakeholders of a project.Principles and guidelines on implementation. the next step in the process of managing risk is to identify potential risks. 3. cause problems. 7 . human and organizational resources. employees of a company or the weather over an airport. Mapping out the following:    the social scope of risk management the identity and objectives of stakeholders the basis upon which risks will be evaluated. 6. Hence. Risks are about events that. constraints. or with the problem itself. Mitigation or Solution of risks using available technological.

or one can begin with the consequences and determine which combination of threats and resources would be involved to bring them about.Total Risk Management  Problem analysis: Risks are related to identified threats. lists with known risks are available. Based on the taxonomy and knowledge of best practices. Scenario-based risk identification scenario analysis . or an analysis of the interaction of forces in. One can begin with resources and consider the threats they are exposed to and the consequences of each. The scenarios may be the alternative ways to achieve an objective. Alternatively one can start with the threats and examine which resources they would affect. In different scenarios are created. the threat of abuse of privacy information or the threat of accidents and casualties.  The chosen method of identifying risks may depend on culture. a questionnaire is compiled.     8 . industry practice and compliance. Each risk in the list can be checked for application to a particular situation. for example. Threats to those resources Modifying Factors which may increase or decrease the risk and Consequences it is wished to avoid. Risk charting This method combines the above approaches by listing resources at risk. a market or battle. Creating a matrix under these headings enables a variety of approaches. Common risk identification methods are:  Objectives-based risk identification: Organizations and project teams have objectives. The identification methods are formed by templates or the development of templates for identifying source. Taxonomy-based risk identification The taxonomy in taxonomy-based risk identification is a breakdown of possible risk sources.see Futures Studies for methodology used by Futurists. Any event that may endanger achieving an objective partly or completely is identified as risk. most important with shareholders. The threats may exist with various entities. Any event that triggers an undesired scenario alternative is identified as risk . For example: the threat of losing money. problem or event. customers and legislative bodies such as the government. Common-risk checking In several industries. The answers to the questions reveal risks.

 The fundamental difficulty in risk assessment is determining the rate of occurrence since statistical information is not available on all kinds of past incidents. in the assessment process it is critical to make the best educated guesses possible in order to properly prioritize the implementation of the risk management plan. there have been several theories and attempts to quantify risks. in the case of the value of a lost building. Nevertheless. Numerous different risk formulae exist. best educated opinions and available statistics are the primary sources of information. as follows:  Composite Risk Index = Impact of Risk event x Probability of Occurrence  The impact of the risk event is assessed on a scale of 0 to 5. Thus. evaluating the severity of the consequences (impact) is often quite difficult for immaterial assets.  These quantities can be either simple to measure.  Asset valuation is another question that needs to be addressed. Furthermore. but perhaps the most widely accepted formula for risk quantification is:  Rate of occurrence multiplied by the impact of the event equals risk Composite Risk Index:  The above formula can also be re-written in terms of a Composite Risk Index.  Thus. they must then be assessed as to their potential severity of loss and to the probability of occurrence. where 0 and 5 represent the minimum and maximum possible impact of an occurrence of a risk (usually in terms of financial losses). or impossible to know for sure in the case of the probability of an unlikely event occurring.  Therefore. 9 .Total Risk Management o Assessment:  Once risks have been identified. risk assessment should produce such information for the management of the organization that the primary risks are easy to understand and that the risk management decisions may be prioritized.

where 0 represents a zero probability of the risk event actually occurring while 5 represents a 100% probability of occurrence. and this range is usually arbitrarily divided into three sub-ranges. the three sub-ranges could be defined as 0 to 8. 9 to 16 and 17 to 25. The overall risk assessment is then Low. 10 .  The Composite Index thus can take values ranging from 0 through 25.Total Risk Management  The probability of occurrence is likewise assessed on a scale from 0 to 5. For instance. depending on the sub-range containing the calculated value of the Composite Index. Medium or High.

 Acknowledging that risks can be positive or negative. but the cost may be prohibitive as a strategy. For example.  Avoidance may seem the answer to all risks. and between risk 11 . Another would be not be flying in order to not take the risk that the airplane were to be hijacked.  Risk reduction:  Risk reduction or "optimization" involves reducing the severity of the loss or the likelihood of the loss from occurring. sprinklers are designed to put out a fire to reduce the risk of loss by fire. Halon fire suppression systems may mitigate that risk. all techniques to manage the risk fall into one or more of these four major categories     Avoidance (eliminate. withdraw from or not become involved) Reduction (optimise .outsource or insure) Retention (accept and budget)  Risk avoidance:  This includes not performing an activity that could carry risk. Not entering a business to avoid the risk of loss also avoids the possibility of earning profits. An example would be not buying a property or business in order to not take on the legal liability that comes with it. but avoiding risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed. This method may cause a greater loss by water damage and therefore may not be suitable.Total Risk Management Potential risk treatments: Once risks have been identified and assessed. optimizing risks means finding a balance between negative risk and the benefit of the operation or activity.mitigate) Sharing (transfer .

the company can concentrate more on business development without having to worry as much about the manufacturing process. and the measures to reduce a risk."  The term of 'risk transfer' is often used in place of risk sharing in the mistaken belief that you can transfer a risk to a third party through insurance or outsourcing. By developing in iterations. technically speaking. or finding a physical location for a call center. it can optimize risk to achieve levels of residual risk that are tolerable. Early methodologies suffered from the fact that they only delivered software in the final phase of development. As such in the terminology of practitioners and scholars alike. any problems encountered in earlier phases meant costly rework and often jeopardized the whole project. the original risk is likely to still revert to the first party. For example. This way. 12 . or customer support needs to another company.  Outsourcing could be an example of risk reduction if the outsourcer can demonstrate higher capability at managing or reducing risks. the purchase of an insurance contract is often described as a "transfer of risk. while handling the business management itself.  In practice if the insurance company or contractor go bankrupt or end up in court." However. from a risk. software projects can limit effort wasted to a single iteration. managing the development team.  Risk sharing:  Briefly defined as "sharing with another party the burden of loss or the benefit of gain. meaning that insurance may be described more accurately as a post-event compensatory mechanism. By an offshore drilling contractor effectively applying HSE Management in its organization. a company may outsource only its software development. the manufacturing of hard goods.Total Risk Management reduction and effort applied.[  Modern software development methodologies reduce risk by developing and delivering software incrementally. the buyer of the contract generally retains legal responsibility for the losses "transferred".

a personal injuries insurance policy does not transfer the risk of a car accident to the insurance company. or benefit of gain.  This includes risks that are so large or catastrophic that they either cannot be insured against or the premiums would be infeasible. The risk still lies with the policy holder namely the person who has been in the accident.  Some ways of managing risk fall into multiple categories. so the loss attributed by war is retained by the insured. Risk retention pools are technically retaining the risk for the group.  Risk retention is a viable strategy for small risks where the cost of insuring against the risk would be greater over time than the total losses sustained.  This may also be acceptable if the chance of a very large loss is small or if the cost to insure for greater coverage amounts is so great it would hinder the goals of the organization too much. This is different from traditional insurance.Total Risk Management  For example. The insurance policy simply provides that if an accident (the event) occurs involving the policy holder then some compensation may be payable to the policy holder that is commensurate to the suffering/damage. but instead losses are assessed to all members of the group. from a risk when it occurs. 13 .  Risk retention:  Involves accepting the loss. but spreading it over the whole group involves transfer among individual members of the group. in that no premium is exchanged between members of the group up front. Also any amounts of potential loss (risk) over the amount insured are retained risk. True self insurance falls in this category. All risks that are not avoided or transferred are retained by default.  War is an example since most property and risks are not insured against war.

such as interest rate risk. Types of Risk Management: There are different types of risk management and the characteristics and procedures of each type of risk management is different from the other. commodity risk. All these risk management processes play a significant role behind the growth of an organization in the long term. • The process of risk management helps focus on priorities and in decisions on deploying limited resources to deal with the highest risks.Total Risk Management Importance of Risk Management • Risk Management is essential not only for prevention of risk but also for reduction of risks. political and economic development in a country. Various types of risk management can be categorized into the following:  Operational risk management: Operational risk management deals with technical failures and human errors  Financial risk management: Financial risk management handles non-payment of clients and increased rate of interest  Market risk management: Deals with different types of market risk. and currency risk  Credit risk management: Deals with the risk related to the probability of nonpayment from the debtors 14 . Commercial enterprises apply various forms of risk management procedures to handle different risks because they face a variety of risks while carrying out their business operations. • Risk Management leads to maximum social advantages and plays a significant role in bringing about social. equity risk. Effective handling of risk ensures the successful growth of an organization.

operational risk and reputational risk  Nonprofit risk management: This is a process where risk management companies offer risk management services on a non-profit seeking basis   Currency risk management: Deals with changes in currency prices Enterprise risk management: Handles the risks faced by enterprises in accomplishing their goals  Project risk management: Deals with particular risks associated with the undertaking of a project  Integrated risk management: Integrated risk management refers to integrating risk data into the strategic decision making of a company and taking decisions. for example. it is the supervision of market. 15 . In commercial enterprises. such as price risk. legal risk. operational risk management is the supervision of different types of operational risk occurring on a daily basis. credit. In other words. market risk. liquidity risk. credit risk. political risk. and liquidity risk at the same time or on a simultaneous basis.  Operational risk management is also known as ORM. various types of operational risks are managed that occur on a daily basis. an effort is carried out to numerically ascertain the possibilities of the different adverse financial circumstances to handle the degree of loss that might occur from those circumstances  Commodity risk management: Handles different types of commodity risks. quantity risk and cost risk  Bank risk management: Deals with the handling of different types of risks faced by the banks.  Technology risk management: It is the process of managing the risks associated with implementation of new technology  Software risk management: Deals with different types of risks associated with implementation of new softwares  Operational risk management is an important form of risk management. which take into account the set risk tolerance degrees of a department.  With the help of operational risk management.Total Risk Management  Quantitative risk management: In quantitative risk management.

can be categorized into the following types:  External Fraud: Risk arising from fraudulent activities from a third party. computer software. These include telecommunication.  Damages to tangible properties: Risk resulting from damages or losses of tangible properties due to natural calamity or other occurrences. employment.Total Risk Management Important Advantages of Operational Risk Management: Following are the most important advantages of operational risk management:     Decrease in losses arising from operations Reduced auditing/compliance expenses Decreased vulnerability to risks in the future Early sensing of illegitimate functions Types of Operational Risk: According to the Basel Committee on Banking Supervision. which lead to operational risks. theft. for example. robbery.   Internal Fraud: Risk arising from fraudulent activities from internal parties. phishing or hacking. Products. These involve the following: 16 . supply and process management: Risk arising from failure in process management or transaction processing due to poor association with vendors and commercial service providers. Customers and Business Practices: Risk resulting from inadvertent or careless failure to satisfy a professional responsibility to particular customers (involving fiducial and appropriateness necessities) or from the characteristics of configuration of a commodity.  Execution. or computer hardware failure and equipment failure. or safety acts or from disbursal of claims related to personal injury or from inequality/unfair treatment  System failure and business interruptions: Risk resulting from interruptions of business operations or system breakdown. the events.  Workplace safety and employment practices: Risk arising from non-compliance with health.

 Financial risk management: 17 . preservation or loading fault o Accounting mistake o System/Model malfunctioning o Failure in delivery o Entity assignment fault o Failure in reference data preservation o Failure from collateral management o Unsuccessful compulsory reporting liability o Reporting & monitoring failure o Client Intake & Paperwork o Erroneous external report (incurring loss) o Incomplete or misplaced legal documents o Overlooked client disclaimers/permissions o Unauthorized access offered to accounts o Client/Customer Account Management o Careless damage or loss of customer assets o Inappropriate customer records (incurring loss) o Failure on behalf of commercial partners and non-client vendors and vendor disagreements Operational Risk Management Software: At the present time. Forrester Research has recognized 115 Risk and Compliance and Governance marketers. which deal with operational risk management programs.Total Risk Management o Performance & maintenance miscommunication o Transaction seizure o Missed responsibility or deadline o Data entry. financial audit can be performed at cheaper expenses. a number of software products have been introduced for the purpose of operational risk management according to the Sarbanes-Oxley Act. With the help of this software.

Financial risk management concentrates on the appropriate time and manner for hedging implementation of cash instruments and derivative instruments to address pricey risk exposures. a number of financial risks can be handled. specifically market risk and credit risk. describing and disclosing credit risk. 18 .  With the help of financial risk management. In the banking industry all over the world.Total Risk Management  Financial risk management is a method of producing or adding value to a company through utilizing financing mediums for handling vulnerability to risk. evaluating the financial risk and strategies to deal with those risks. especially from market risk and credit risk.  Financial risk management is a type of risk management. operational risk and market risks. Financial risk management is an important form of risk management. which tries to add value in a company through implementation of financing mediums (cash instruments and derivative instruments) to handle risk exposure. the Basel Accords are usually chosen by multinational or global banking institutions for identifying. which include the following:       Shape risk Foreign exchange risk Sector risk Volatility risk Inflation risk Liquidity risk  The process of financial risk management involves identification of financial risk.

which says that in case of a perfect market.  At the time when this concept is implemented towards financial risk management. which the shareholders are able to perform for themselves at equal expenses. which the shareholders are able to hedge on their own at similar expenses.  Market risk management:  The concept of Market risk management has gained in importance in the recent times as it has been giving the business organizations a particular risk model that becomes all the more useful when the company is opening or closing business activities. 19 .  In reality. The process of market risk management comes with some essential features that help it to be more effective.  In addition. This idea is corroborated by the hedging irrelevance proposition. financial theory demonstrates that the management of the company is not able to produce shareholder (who are also known as the investors of the company) value through undertaking a project.Total Risk Management Application of Financial Risk Management:  Theories of financial economics suggest that a company should go for a project at the time it grows shareholder value. it denotes that management of a company should not go for hedging risks. a company is not able to perform value creation through hedging a risk while the cost of carrying the risk within the company is equal to the cost of carrying it away from the company. no financial market is a perfect market. This indicates that the management of a company has a large number of options to generate value for the shareholders utilizing financial risk management.

 Indicators: These are applicable only in the case of banks and certain businesses. These are normally used in order to find out the problems that may be related to market risks  Credit risk management: Credit risk management is extremely important as far as the overall financial stability of the financial institutions like the banks is concerned. The credit risk management situations in most banks are not exactly impressive and thus this process becomes all the more important. The basic aim of the system of credit risk management is to reduce the potential of credit risk that may be faced by a particular creditor. Main Characteristics of Market Risk Management: Following are the principal characteristics of the system of market risk management:  World limit management: This process is at the base of the various trading plans that are used across the world as well as their applications. This process also makes sure that the amount of loss that may be faced by a particular company while carrying out business transactions is not more than what is being expected by that organization.  The various market risk management systems make sure that the various information related to the market are relevant as far as the parameters of input in case of the market risk calculations are concerned. This risk structure comes in handy especially when a particular company is operating either in its closing or opening phase. 20 . Its most basic use lies in the fact that it furnishes the business concerns with a particular risk structure.Total Risk Management Uses of Market Risk Management: The process of market risk management has a number of applications in the context of today's global market.

 Risk is regarded as a combination of these three factors:  Possibilities of a hazard 21 .  Quantitative Risk Management:  Quantitative risk management is a very important process in the context of the modern day business world. the most important factor in this case has been the absence of proper credit rules for the debtors. Situations of Credit Risk Management: There are a variety of problems related to credit risk management that have been important in this context. Aim of Credit Risk Management: The most basic aim of the process of credit risk management is to minimize the levels of credit risk that a particular institutional creditor like a bank faces when it lends money to a particular borrower. However. The system of credit risk management accomplishes that by keeping the levels of the risk faced by a bank within certain acceptable standards. It has been observed that the financial institutions that are able to manage their credit risks properly are functioning well. It primarily deals with the concepts of risk and hazard and tries to reduce the chances of the occurrence of any form of financial loss. The banks and other financial institutions that are dealing in credit services have not always been able to take into account the various economic factors that have contributed to a decline in the credit capabilities of the borrowers. At times it has also been noticed that the companies have not been able to manage their portfolios in a proper way.Total Risk Management Importance of Credit Risk Management: The credit risk management is of utmost importance for the banks and other financial institutions that have been the chief sources of credit for many years.

The former shows ways to run the project and the later deals with the financial aspects of the project. This sort of information is taken from project archives. They may also be the study results of risk specialists as well as a database of proprietary risk. The project scope statement highlights the positive aspects of a particular business project.Total Risk Management   Possibilities of high losses being suffered as a consequence of the accident Possibilities of a hazard leading to an accident Inputs of Quantitative Risk Analysis:  The inputs of the process of Quantitative Risk Analysis are as follows:      Organizational Process Assets Risk Register Project Scope Statement Project Management Plan Risk Management Plan  The organizational price assets are basically information regarding a particular project that is similar to the one that is being analyzed. 22 . The project management plans are made up of the cost management plans and the schedule management plans. It also categorizes and prioritizes the various aspects of the process of quantitative risk analysis. The risk management plans contain information on the risky aspects of a particular business endeavor like:      Budget Types of Risk Explanations of impact and probability Timing and Schedule of Risks Probability and Impact Matrix  The Risk Register performs a similar function to the risk management plans.

Total Risk Management Functioning of Quantitative Risk Management:  The primary function of the process of quantitative risk management is to deal with the various elements of the phenomenon of risk by trying to bring down the possibilities of such mishaps.  There are some important aspects as far as the functioning of the process of quantitative risk management is concerned:       Modeling and Simulation Interviewing Expected Monetary Value Probability Distribution Decision Tree Analysis Sensitivity Analysis Output of Quantitative Risk Management: The outputs of the quantitative risk management are the results of the process. 23 . The risk register is made up of the following components:     Trends in quantitative risk analysis Probabilistic analysis of the project Prioritized list of quantified risks Probability of achieving cost and time objectives  Commodity risk management:  Commodity risk management is very important to provide coverage to all those groups that are related to the commodity market. Under normal circumstances the only output of a quantitative risk management process is a risk register. It also tries to limit the extent of loss that may take place if a hazard happens. These groups are exposed to maximum financial risks when there is any natural disaster or man-made disturbance.

political instability and so on. 24 . Last but not the least. price risks. Types of Commodity Risk: There are different types of commodity risk that are faced by the commodity markets across the world. the purchasers and exporters of commodities also come under the shadow of commodity risk. these risks can cause huge financial loss to a number of groups. These risks are as follows:   Natural Risks: Natural disasters Man-Made Risks: Political risks.  Bank risk management: Bank Risk Management is used mostly in the financial sector.Total Risk Management  Commodity market in every country faces some of the common risks. Bank Risk Management involves market risk as well as credit risk management.  Proper commodity risk management is essential to provide stability to this sector as well as to make this sector financially secured. Primarily there are the farmers. At the same time. quantity risks and so on Groups Facing Commodity Risk: There are a number of groups that mostly face the commodity risk. is the national governments that are also bound to share these risks with others. producers and plantation companies who face these risks. Bank Risk Management gives an idea of future risks and also promotes prudent risk taking behavior. If not covered properly. These risks are caused by natural disaster as well as external factors like wars.

The economic theory of risk management states that the risk of a particular portfolio is usually not determined by a simple addition of the component risks. But violation of prescribed regulations in the capital market attracts heavy penalty. Bank risk management policies despite their worthiness are resource intensive. more interested at knowing the overall risks as compared to the individual portfolio items. Banks that are involved in trading go in for   Intra day risk management on selective areas Regular measurement of the overall risks faced by the bank Regulators are however. Investment of capital is then directed to options with high reward risk ratios. Apart from regulatory requirements. So managers do a cost benefit analysis whenever portfolio composition changes. They demand considerable time and money. non-financial and government bodies have created the need for bank risk management policies. Another characteristic of bank risk management policy is that it is usually not carried out in a decentralized fashion.Total Risk Management Need for Bank Risk Management Repeated financial disasters faced by financial. risk monitoring part is already put in place. Banks also learn to handle their available liquidity well. 25 . Characteristics of Bank Risk Management Policies: One of the characteristics of bank risk management policies is that it needs to be updated on a regular basis. bank risk management is needed by the bank managers for the following reasons: -risk ratios.

It is this uncertain event. in case of an eventuality. Herein come the various management policies. In order to achieve the same they must use their resources efficiently. Nonprofit risk management formulates various strategies and prescribes various techniques to be followed by the 26 . It mitigates the adverse effects arising out of risk factors.It is done with a view to mitigate the difficulties arising out of risk situations. Different organizations may have different goals. Steps of Nonprofit Risk Management:  Identification of problems: This refers to identification of areas of operation where problems might crop up due to unforeseen events. So risk management essentially provides the organization with a back up plan. which we refer to as risk. Normally risks adversely affect the functioning of an organization. Nonprofit risk management provides the organization with an action plan. Risk Management Issues Concerning Nonprofit Organizations:        Screening of the organization's volunteers Keeping a tab on the records of driving licenses of both staff and volunteer drivers Developing training and orientation modules for volunteers Developing guidelines for employees Financial negotiations at the time of taking a bank loan Purchase of property Taking insurance of liabilities Reasons for Adoption of Nonprofit Risk Management: For non-profit organizations risk management is essentially a preventive measure. It is put in place to avoid any unnecessary future hassle arising out of risk factors.  Determination of compensation package in case of an eventuality: Here we try to determine what the ideal compensation package will be.  Formulation of plans: This deals with the preparation of an action plan .Total Risk Management  Nonprofit Risk Management: Nonprofit risk management is carried out by non-profit organizations.

 Nowadays. individuals as well as several national governments are involved in these activities. It is wise to plan in advance for possible future disruptions and create a back up policy for the same. there are the forex market traders who are involved in trading of currencies of different countries. market risk as well as inflation risk. Attainment of long term set goals also becomes easy.  Currency Risk Management:  Currency risk can be termed a sudden fall in the value of a particular currency. The currency exchanges are done for a number of reasons. all are considered as systematic risks. proper currency risk management strategy is very essential. Interest rate risk.  Currency risks are related to the floating exchange rates. These traders participate in the activities of one of the most liquid world financial markets.  A large number of banks.  Two types of risks are managed by currency risk management strategies. 27 . On the other hand. On the other hand. Almost everything starting from goods to technologies are exchanged between the traders of different countries.  Systematic risks are all those risks that affect each and every kind of investments. cross border commercial activities are growing at a rapid pace. These are the systematic risk and unsystematic risk. These institutions as well as the individual investors are also in need of currency risk management because the forex market rates and trends change very quickly. there are the unsystematic risks like business and financial risk.  This happens due to unexpected shifts in the currency exchange rates. This helps in the smooth running of the organization. To avoid or minimize losses caused by these incidents.  These transactions are subjected to currency risk because floating exchange rates are minimizing the chances of fixing the value of a particular currency.Total Risk Management organization.

Certain amount of risk is associated with all types of business operations. there are certain theories regarding the trading process in the currency market. Managing these risks properly and making full use of the business opportunities are termed as enterprise risk management. It helps in developing the business by adding value to the particular business. it is essential that these risks are hedged properly so that they cannot cause any kind of loss to the business or even if it causes any harm.  On the other hand. On the other hand. the exchange rates are fixed before the actual transaction. 28 . According to these contracts that are signed between the potential seller and purchaser of a particular currency.  For the overall development. it is also necessary that the provided opportunities are used in the best possible way. if the exchange rate of that currency changes at the time of transaction.  These are also very helpful for currency risk management.  Enterprise Risk Management:  The business sector has its own risks and opportunities. At the same time. the effects can be minimized as much as possible. the purchaser and the seller are not affected.  One of the most common currency risk management tool is the forward exchange contract.  There should also be a definite trading strategy that can be very helpful in hedging the currency risks. there are a number of growth opportunities that are also related to the business. These strategies should be developed after analyzing the market averages or market indexes properly. All these are specialized things and one may seek professional assistance from the currency risk management firms for the purpose.Total Risk Management  Unsystematic risk affects some definite businesses and not the entire market.  The transaction takes place in the future but due to the contract.

However. the better it is for the organization. Project risk management deals with different types of uncertainties and constraints related to a project (known as project risks). Assessment of risk may be carried out at any point of time within the duration of the project. There are two main phases of project risk management and they are risk assessment and control of risk. These are the RIMS and COSO. The monitoring activities are also very important to take hold of the market opportunities. these risk management strategies are also conscious about monitoring the development of the risk hedging strategy. The process of project risk management is carried out in a number of steps. Project risks having negative characteristics are known as threats and project risks bearing positive characteristics are known as opportunities. Efforts are always on to minimize the threats and maximize the opportunities Project risks can be minimized with the help of eliminating or decreasing them. the earlier it is performed. Nevertheless.  At the same time. there are two principal phases of project risk management and they are assessment of risk and risk control.  Project Risk Management: Project risk management focuses on the management of various types of risks related to a project. Risk control is always 29 . A project risk is a probable origin of variation from the plan of the project and it may have a positive or negative influence on the project.  Both these types share some common objectives like locating the hidden risk factors and providing solutions to hedge the risk. Application of RIMS or COSO depends on the particular situation and is subjected to the approval of the management.Total Risk Management Types of Enterprise Risk Management:  There are two types of enterprise risk management.

 Measure and control: Observing the outcomes of the risks that have been detected and handling them to a favorable or productive end. Risk mitigation: A number of measures are taken beforehand for minimizing the impact of risk. time period or satisfaction of the necessity of the customer is ascertained. In this process. On the other hand. if risk control measures are not undertaken. 30 .  Contingency plan: For risks that are regarded as important. which risks require continuous supervision and monitoring and which risks are not so important to supervise. the manner in which the project risks may influence the project performance in terms of expenses. it is determined that which risks require total elimination. there is no use of performing a risk assessment.  Prioritization of risk: According to this process.Total Risk Management dependent on a proper risk assessment.  Project Risk Control Project risk control involves the following steps:  Avoidance of risk: A plan is chalked out as to how project risks can be eliminated or avoided.   Risk transfer: In this way. risk is transferred by buying insurance policies. a contingency plan is prepared in advance before those risks occur. Process of Project Risk Management: The process of project risk management can be elaborated as follows:  Project Risk Assessment : The process of project risk assessment can be further categorized into the following:   Identification of risk: The project risks are identified by examining the whole project plan. Analysis of risk: Risk analysis can be quantitative or qualitative in nature.  Risk acceptance: Certain risks are accepted because they are regarded as small and do not influence the performance of the company to a significant degree.

Normally it has been seen that the companies that need to take technology risk management steps opt for any of the above-mentioned steps. The banks nowadays work as per three approaches. The approaches may be mentioned as below:  Risk management with the help of internal processes. It has been observed that the risk management strategies that are useful in other cases are generally not applicable when it comes to technology risk management. In such cases the required work is outsourced to external bodies. the choice is normally made after judging the profitability of each one of the options. These approaches are either used on their own or in combinations. This process is especially applicable in case of the banking industry.   Risk transfer by buying insurance coverage Risk management with the help of outsourcing. 31 .Total Risk Management  Technology Risk Management: The system of technology risk management is used in order to deal with the various risks that may arise in the use of technological tools. All these choices provide the users with specific advantages as well as disadvantages. However. Processes of Technology Risk Management: As far as the process of technology risk management is concerned after the weaknesses are detected the authorities function in order to eliminate them by developing the proper strategy. In such cases controls are extremely important.

Total Risk Management 32 .

4. Risk management can be used to design management compensation plans that hold management accountable only for the factors under their control. 7. We review these reasons in order to set the stage for connecting them to more fundamental social welfare concerns about corporate governance and risk management. 1985.. At the core of financial agency theory was the notion that in a world of informational asymmetries and self-seeking behavior. Risk management can reduce the costs of financial distress and bankruptcy. Risk management can be used to assist firms in developing financial plans and funding programs. Corporate Governance and the Public Corporation From Theory to Practice: Why Firms Should Manage Risk Not until the re-emergence of corporate governance concerns about the separation of owners and managers articulated by Berle and Means in the 1930s reappeared in the “modern” finance literature did risk management enter the “scientific” world of financial economics. Later. The usual reasons are: 1. Froot. 6. This re-emergence in the scholarly literature can be traced to Ross (1973) and Jensen and Meckling (1976) who introduced the term agency theory into finance. early and late financial agency theory took the seminal works of early financial theory that were developed around the notion of perfect capital markets and introduced imperfections into the analysis. Although such behavior was ascribed to all stakeholders. other stakeholders were brought into the scheme. individuals would use informational and other advantages to transfer wealth to themselves from others. 33 . 1993). Grinblatt and Titman. reasons that have found their way into contemporary financial management textbooks (e. The introduction or recognition of these imperfections led to many reasons for having managers manage risk (Smith and Stulz. Risk management can be used to lower the firm’s expected tax payments.g. Risk management can be used to align the interests of management with those of the owners of the company. Scharfstein and Stein. 3. Risk management can be used to encourage and protect firm specific investments.Total Risk Management Risk Management. Basically. Ways of solving or mitigating these conflicts are the concerns of corporate governance. 2001). Risk management can be used to stabilize cash dividends. early attention focused on conflicts on interest between shareholders and managers (a concern of Berle and Means) and shareholders and bondholders. 2. 5.

Any such tax-coded asymmetry is exacerbated under a progressive tax code. risk management strategies can be used to arbitrage or negate tax code asymmetries. If the gains average out over a business or price cycle. customers and suppliers and they could suffer substantial costs should a company find itself in financial difficulty. however. cash dividend payments are paid from after tax dollars. These other stakeholders include creditors. are reasons for risk management emanating from how the company is financed – itself a governance structure issue – and how the suppliers of capital monitor and control managers. the average tax paid will be lower if the firm hedges its exposures to these price changes and pays taxes on the average gain over the entire cycle. Exchange rate or commodity price gains may be taxable. To the extent that risk management enables a firm to use more debt (increase its financial leverage) risk management becomes a way of reducing taxes by letting a firm borrow more money and obtain interest expense tax shields. debt financing may reduce the overall after tax cost of capital to the company by creating an interest expense tax shield with the benefits accruing to the shareholders. the losses could not be used to offset the gains. Consequently. however. provide on-going service and technical assistance and supply spare parts. if the firm did not hedge the exposures. taxes qualify as a market imperfection. Another common tax code asymmetry is the differential treatment of gains and losses. In contrast. losses may not be fully or immediately deductible. One tax code asymmetry is the differential treatment of interest expense and cash dividends. Reducing Financial Distress and Bankruptcy Costs While fully diversified equity investors may not pay much attention to the unique risks associated with price. Southeast Asia and Europe are both major markets for Toolco with 34 . To the extent that taxes levied on corporate income differ from those on personal income or treat some forms of income differently from others. More interesting from a corporate governance perspective. currency and interest rate volatility. other stakeholders take a different view of the situation. Interest payments are tax deductible and paid from before tax dollars.Total Risk Management Using Risk Management to Lower Taxes Although not associated with informational asymmetries. Consider Toolco. especially if the progressivity is steep. a machine tool manufacturer that produces and sells highly specialized equipment to customers who rely on the company to honor warranties.

Furthermore. produce and deliver high quality machine tools as contracted. ultimately. the dollar value of Toolco’s outstanding bids and accounts receivables will plummet. quotes prices and bills customers in local currency – Euros and South Korean won. So. the firm will enjoy an improved competitive position in its product and labor markets. should the dollar remain strong for an extended period.S. Managing currency risk may also lead to an increased willingness of customers to buy from Toolco because of its ability to withstand financial difficulties. to the extent that risk management is able to reduce the risks of financial distress and failure. Toolco prepares bids. Using Risk Management to encourage and Protect Firm Specific Investments Stakeholders of the firm include its employees. dollar appreciate substantially relative to the euro and won. Should the U. Toolco can use risk management strategies to mitigate the potential financial problems associated with currency risks. the improvement in Toolco’s financial position may improve the terms on which suppliers sell to Toolco. These stakeholders find it very difficult to diversify away the risks they are exposed to in their relationships with the firm. managers. Toolco’s overall competitive position will weaken relative to its foreign competitors. an outcome desired by its shareholders. The explanation offered is a reduction in financial distress costs along with the deductibility of interest expense story. 35 . Contemporary textbook treatments of risk management also develop the story that locking in a certain level of operating cash flows may also permit Toolco to use more debt to finance itself. 1985). This strengthening of the dollar will cause a substantial reduction in Toolco’s profits and cash flows. suppliers and customers. In turn. a reduction that will affect its ability to provide service and spare parts and. especially if the stakeholders make firm specific investments (Williamson.Total Risk Management German and South Korean manufacturing firms being major customers. It can hedge its exchange rate exposures and adopt other exchange rate exposure strategies – such as currency swaps for financing its foreign operations – that reduce the likelihood of Toolco experiencing severe financial problems from unexpected exchange rate movements. Toolco uses both debt and equity to finance itself. The end result for Toolco will be an increase in the market value of its common stock.

These firm-specific skills generate the positive NPV projects. an outcome that investors cannot duplicate on their own regardless of whether financial markets are perfect. Perhaps what MM have in mind is a two-tier market. but come in the form of promotions. employees have a considerable interest in the success of a company because they would incur substantial adjustment costs were the firm to fail. also. And. And. including the patents that Modigliani and Miller invoke for explaining the existence of economic rents. Instead of ascribing the excess returns to monopolistic practices. let’s ascribe them to firm-specific skills and accumulated knowledge. with one tier for securities and the other for physical assets. firms that can offer security and the prospects of financial success to their employees and managers are likely to garner greater employee loyalty and recruit and retain the “better” workers and managers. to ensure these unique. 36 .” Durand concludes that investors in security markets can earn only a zero NPV return because the investor does not have access to the monopolistic opportunities available to the firm. Expressed in the terminology of financial management. firm-specific skills are developed. these firm specific skills enable the firm to find and undertake positive net present value projects. The returns are not entirely pecuniary. Durand then argues that this “rationale implies that their [MM] perfect market is not perfect enough to accord everyone. hence. especially for highly skilled technical and managerial employees. equal access to the better opportunities …. So. But. instead. as pointed out in most textbook treatments of the subject. These individuals typically make major commitments of time and effort to develop company specific skills and look to the continued growth and success of the company for the returns on these investments. status and job security. the need for managing total risks. a more fundamental relationship exists between having employees and other stakeholders make firm specific investments and the need for firm survival. These costs go beyond the costs of looking elsewhere for employment. let firms earn excess returns due to special circumstances such as patents and other factors. whether firm or individual investor. We would argue that it is the firm specific skills amassed by the firm’s employees that make it possible for the firm to earn more than its cost of capital. the firm needs to survive as a going concern.Total Risk Management For example. This notion of the importance of firm survival and the need to manage total risk so as to support the development of firm specific skills to make positive NPV projects fits nicely into David Durand’s critique of Modigliani and Miller’s irrelevance of capital structure given perfect capital markets. We want to suggest another way of phrasing Durand’s critique. Durand (1989) notes that Modigliani and Miller did not restrict the firm’s investment opportunities to only perfectly competitive zero net present value projects but.

the need to manage total risk at the firm level rather than only the systematic risk at the investor level. they have an interest in sustaining the firm and their association with the company. The above reasons for risk management arise not so much out of conflicts of interest among stakeholders as out of the benefits associated with the survival of the firm. Many small and medium-sized firms are privately owned and owner managed. Therefore. risk management becomes a very important way for owner-managers of closely held firms to protect themselves from commodity price and exchange rate risk. generate relational rents (Dyer and Singh. the owners have their human capital tied up in the company as well. once the firm’s stakeholders become vested in the company with their firm specific investments. Suppliers are unlikely to make firm specific investments in plant. To exacerbate matters. equipment and production technology to service weak customers who may not be around next year to buy the components. suppliers and customers also have a direct interest in the financial health and survival of the firm. So. 1998). These actions create costs called agency costs and they reduce the market value of the company. managers are likely to be interested in their own well being as much as the well-being of the owners of the company. Managers may seek to extract perks from the company and grow the company at the expense of the shareholders by making unprofitable investments so as to keep control of corporate resources. 37 . However. the objective of management should be to maximize the price of the company’s common stock. risk management actions that reduce the likelihood of a firm failing will increase the willingness of suppliers to enter into long-term contracts and make investments in equipment and product development that benefit the buying firm. Think of it this way: The firm can be characterized as a voluntary association to create new wealth with new wealth thought of as positive NPV projects. in turn. preserve their jobs and increase their salaries. in a world of self-seeking behavior and informational asymmetries (where managers have more information than owners). conflicts of interest between managers and owners of publicly held companies are likely to arise. This new wealth requires firm specific skills and investments such that. Hence.Total Risk Management As we mentioned earlier in connection with financial distress costs. the owners have most of their wealth tied up in the company and cannot obtain the benefits of portfolio diversification that would eliminate the unique financial risks of the company. Using Risk Management to Monitor and Control Managers From a public shareholder’s perspective (a perspective generally assumed by financial theory). Therefore. These complimentary firm specific investments between suppliers and users support and produce inter-firm efforts that. Usually.

However. reducing the total variance of firm cash flows may be very important for managers who.S. Wadco’s Thai division will report very high profits as a result of the Thai devaluation. For example. However. Regardless of why the firm fails. managers are likely to make decisions based on the total risk of a venture whereas shareholders would prefer managers to consider only the systematic risk. unlike investors. managers are exposed to the total risk of the company. By letting managers eliminate these risks through hedging. However. by reducing the consequences of project failure for management. Wadco costs are in Thai baht and its revenues in dollars.” Such hedging costs the public shareholders nothing in terms of expected returns on the hedged project and also doesn’t affect the systematic risk. suppose the Thai baht substantially depreciates against the dollar. Now. suppose you are a large institutional investor who owns stock in Wadco Enterprises. One important application of agency theory is the design of management evaluation and compensation systems that reduce conflicts of interest between managers and owners by aligning managers’ interests with the shareholders. Now. should the mangers of Wadco be paid a bonus for this performance? What control did they have over the devaluation of the baht? Suppose the baht had appreciated instead of depreciated? Should the managers of Wadco be penalized for this outcome? 38 . Risk management strategies are used in conjunction with managerial performance evaluation and compensation systems to separate financial outcomes under management control form those not under their control. Wadco has an executive compensation program with bonuses tied to operating cash flows measured in U. With costs denominated in Thai baht and revenues in dollars. the managers are out of a job. dollars.Total Risk Management Students of financial economics and organizational behavior use financial agency theory to analyze and understand these costs and recommend ways to reduce them. Wadco manufactures circuit boards in Thailand and sells them to U. the shareholders need not worry about managers rejecting projects that are very profitable based on their systematic risk exposures but unlikely to be undertaken unless managers can hedge the unique risks to protect their jobs and the company in the event of a “bad draw. not just the systematic risk. Consequently. companies. Risk management enters into this process the following way: Unlike shareholders. cannot diversify away the risks associated with certain business ventures. a project which would have been discarded without the knowledge of public shareholders is now undertaken. managers cannot diversify away the unique risks associated with the company.S. recall that we said financial theory predicted that hedging would not improve firm values if all it did was to reduce the variance of the firm’s cash flows because investors could do this on their own through diversification. Hedging has effectively reduced agency costs and increased the market value of the company even though the project’s systematic risks and expected rate of return are unaffected.

Removing the noise improves decision making by providing higher quality information on fundamental performance. by having Wadco managers hedge the exchange rate exposures. Normally. firms can better plan both the capital expenditures and the funding arrangements.Total Risk Management A widely held opinion is that Wadco management bonuses should not be affected by unexpected exchange rate movements because managers had no control over these events. such as production. especially across divisions. by requiring managers to hedge the exposures. Furthermore. product lines and geographic locations. The noise introduced into these measures by volatile commodity prices. exchange rates and interest rates can be removed through risk management strategies that minimize cash flow and income variability. can focus management attention on things management can control. Bonuses and performance evaluations should be based only on outcomes over which managers have control. firms would have a capital budget in place along with a plan to finance the expenditures. shareholders make it more difficult for management to claim that poor performance was caused by events outside of their control. exchange rate and interest rate exposures. Risk management can also be used to protect against disruptions in implementing a capital budget by ensuring that substantial shortfalls in internally generated funds do not occur as a result of unexpected price movements. stockholders. like the large institutional investors. By hedging commodity price. This higher quality information makes it easier to decide how to allocate funds within the firm and may increase the “trust” of competing managers in the capital allocation process. marketing and sales. So. 39 . Using Risk Management to Improve Decision Making and Capital Budgeting Substantial volatility from quarter-to-quarter and year-to-year in operating cash flows and net income makes it difficult to evaluate the fundamental performance of a company and divisions or other units within the company.

To the extent that dividend policy and investment policies (capital budgeting) are not independent of each other.Total Risk Management Risk Management and Dividends Do dividends (like capital structure) matter? Miller and Modigliani (1961) said no. these customers monitor the cash flows. This stabilization of dividend payments is needed to communicate information about future investment returns. the customers of companies that develop software programs for proprietary use want to be sure the developer will be around to supply second and third generation products and to service the existing systems. stock prices and dividends of the suppliers to assess the supplier’s financial health and ability to develop new products. it is especially important for firms with public shareholders. Dividends. So. of course. 40 . an extensive body of literature has shown that dividends do matter – especially if dividends are cut. For example. risk management designed to stabilize dividend payments is really stabilizing the total cash flow stream available for investment and dividend payments. Note that while stabilizing the cash flows available for investment and distribution to owners as cash dividends is important for all firms. dividend payments and the financial health of the company to all the firm’s stakeholders. Consequently. but. risk management makes it possible to maintain cash dividends and smooth out the dividend cash flow stream. therefore are important for maintaining a company’s competitive position in its product markets as well as for providing shareholders with an adequate return on their investment. Since then. this claim is true only for perfect capital markets. by stabilizing cash flows.

This broader perspective on risk management should be the one that informs the regulation of risk management products and markets. Hence. Firm survival and continuity is important for societal reasons and risk management assists in this task. however. These imperfections arise out of conflicts of interest among stakeholders seeking to advance their own interests in the presence of informational asymmetries and distortions introduced by taxes. then. in a perfect world. risk management makes a major contribution with respect to preserving the firm as a social welfare organism. the existence of risk management is tied directly to the governance issues of how investors monitor. are assumed to be efficiently diversified investors concerned only with the expected return and non-diversifiable risk of their investments. The role of the shareholders is to ensure that managers do not waste economic resources within the overriding social responsibility functions of the firm. dominates the market imperfection arguments of financial economists for risk management. it should also recognize the economic efficiency and growth objectives that are enhanced by having risk management products. While regulation should discourage speculative abuses. transaction costs and legal systems. the objective of risk management is stated as maximizing the wealth of the existing owners of the firm who. Implicitly or explicitly. From a social welfare perspective. control and compensate managers so as to protect their investments in the company. 41 . In finance. accepting a broad definition of corporate governance focused on how society is organized with economic efficiency objectives being important. This organization does not exist solely for the benefit for the shareholders but is part of a larger scheme designed to achieve a set of political objectives which vary from one country to the next but generally regard the corporation as serving more than the needs of its owners. but not supreme.Total Risk Management Summary and Conclusions Risk management is presented in the finance literature as a cure for market imperfections.

Total Risk Management 42 .

Total Risk Management 43 .

Total Risk Management 44 .

Total Risk Management 45 .

Total Risk Management 46 .

Total Risk Management 47 .

Total Risk Management 48 .

Total Risk Management 49 .

Total Risk Management 50 .

Total Risk Management 51 .

Total Risk Management 52 .

Total Risk Management 53 .

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->