Q) Why firms should manage Financial Risks? INTRODUCTION: The etymology of the word “RISK” can be traced to the Latin word “RESCUM” meaning danger at sea or that which cuts. Managing business in a highly volatile environment is like navigating a ship on stormy seas. The modern business is confronted with many risk, some of which are basic eg. , loss of property due to natural calamities, civil unrests etc. , and some are strategic risks. Strategic risks may manifest themselves in several ways like foreign exchange rates or interest rates or commodity prices impacting the expected value or the real cash flow.
In recent years, life has become a lot more complicated. Today firms are confronted with business risks that are greater and more varied than ever before. The same technology that has dramatically improved our way of life has also created the potential for disasters some of them like, in 1970s and 1980s, financial and commodity asset prices became quite volatile due to a varity of factors, such as the breakdown of the Bretton woods system of fixed exchange rates, the oil price shocks in 1971 and 1973 because of the excess government spending and inflation policies etc. Purpose of Risk Management
The purpose of risk management is not necessarily to avoid risk altogether, and complete elimination of risk is not possible. Instead the purpose of risk management is to identify which risk are relevant and in what amount for the smooth functioning of an business or an organization that helps in devising suitable strategies to handle relevant risks Risk Management concept and Definition Risk management is one of the specialized functions of general management, as such risk management shares many of the characteristics of general management, and yet is unique in several important respects.
The strategies include transferring the risk to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk. One can say a Risk is a situation wherein objective probability distribution of the values a variable can take is known, even though the exact values it would take are not known Definition The definition of risk depend on specific application and situational contexts and is considered as an indicator of threat and can be assessed qualitatively or quantitatively.
Risk is defined as Risk= (probability of an accident) X (losses per accident) Risk management is defined as the process of planning, organizing, directing and controlling the resources and activities of an organization in order to minimize the adverse effects of potential losses at the least possible costs. Risk management is the human activity which integrates recognition of risk, risk assessment, developing strategies to manage it, and mitigation of risk using managerial resources.
Risk management is a concept that denotes a potential negative impact to an asset or some characteristic of value that may arise from some present process or future event, and is often used synonymously with the probability of a unknown loss. Financial risk In finance, risk is the probability that an investment’s actual return will be different than expected. This includes the possibility of losing some or all of the original investment. It is usually measured by calculating the standard deviations of the historical returns or average returns of a specific investment. “A fundamental idea in finance is the relationship between risk and return.
The greater the amount of risk that an investor is willing to take on, the greater the potential return. The reason for this is that investors need to be compensated for taking on additional risk” Financial risk is often defined as the unexpected variability or volatility of returns, and thus includes both potential worse than expected as well as better than expected returns. Risk Vs uncertainty Frank Knight (1921) in his seminal work has established the distinction between risk and uncertainty as Uncertainty must be taken in a sense radically distinct from the familiar notion of Risk, from which it has never been properly separated.
The term “risk” really covers two things which, in there casual relations to the phenomena of economic organization. Risk management with regard to firms In enterprise risk management, a risk is defined as a possible event or circumstance that can have negative influences on the Enterprise in question. Its impact can be on the very existence, the resources (human and capital), the products and services, or the customers of the enterprise, as well as external impacts on society, markets, or the environment. Risk- sensitive industries
Some industries mange risk in a highly quantified and numerate way. These include the nuclear power and aircraft industries, where the possible failure of a complex series of engineered systems could result in highly undesirable outcomes. The usual measure of risk for a class of events is then, where P is probability and C is consequence. The total risk is then the sum of the individual class-risks. In the nuclear industry, ‘consequence’ is often measured in terms of off-site radiology release. Objective of Risk Management
Though it may be difficult to outline specific targets for risk management, some of the main objective of Risk management is to reduce different risks related to a pre-selected domain to the level accepted by society. It may refer to numerous types of threats caused by environment, technology, humans organizations and politics. On the other hand it involves all means available for humans, or in particular, for a risk management entities like person, staff and organization, apart form these some of the broad objectives includes • Mere survival • Peace of mind Lower risk management costs and thus higher profits • Fairly suitable earnings • Little or no interruption of operations • Continued growth • Satisfaction of the firm’s sense of social responsiblilties desire for good image • Satisfaction of externally imposed obligations. The above objectives are basically functions of ? Corporate goals ? The corporate environment and ? Attributes peculiar to a particular organization Areas of Risk management As applied to corporate finance, risk management is the techinquw for measuring, monitoring and controlling the financial or operational risk on a firm’s balance sheet.
The Basel II framework breaks risks into market risk (price risk), credit risk and operational risk and slo specifies methods for calculating capital requirements for each of these components. Steps in risk management process The steps in risk management process is establishing the context of risk and involves 1. Identification of risk in a selected domain of interest 2. Planning the remainder of the process. 3. Mapping out the following: the social scope of risk management, the identity and objectives of the stake holders, and the basis upon which risks will be evaluated, constraints. . Defining a framework for the activity and an agenda for identification. 5. Developing an analysis of risk involved in the process. Identification After establishing the context, the next step in the process of managing risk is to identify potential risks. Risks are about events that, when triggered, causes problems. Hence, risk identification can start with the source of problems, or with the problem itself • Source analysis Risk sources may be internal or external to the system that is the target of risk management. Ex. of risk sources are: stakeholders of a project, employees of a company or the weather over an airport. • Problem analysis Risks are related to identified threats. For Ex the threat of losing money, the threat of abuse of privacy information or the threat of accidents and causalities. The threats may exist with various entities, most important with shareholders, customers and legislative bodies such as the government. When either source or problem is known, the events that a source may trigger or the events that can lead to a problem can be investigated.
For Ex stakeholders withdrawing during a project may endanger funding of the project; privacy information may be stolen by employees even within a closed network; lightning striking a Boeing 747 during takeoff may make all people onboard immediate causalities Some of the common risk identification methods are • Objective-based risk identification • Scenario-based risk identification • Taxonomy-based risk identification • Common-risk checking • Risk charting Assessment Once risks have been identified, they must then be assessed as to their potential severity of loss and to the probability of occurrence.
These quantities can be either simple to measure, in the case of the value of a lost building, or impossible to know in the case of the probability of an unlikely event occurring. Therefore, in the assessment process it is critical to make the best educated guesses possible in order to properly prioritize the implementation of the risk management plan. Potential risk treatments Once risks have been identified and assessed, all techniques to manage the risk falls into one or more of the following 4 categories • Tolerate (Retention) • Treat (Mitigation) Terminate (Elimination) • Transfer (Buying insurance) However, the ideal use of these strategies may not be possible. Some of them may involve trade-offs that are not acceptable to the organization or person making the risk management decisions. Today firms are confronted with business risks that are greater and more varied than ever before. Instead the purpose of risk management is to identify which risk are relevant and in what amount for the smooth functioning of an business or an organization that helps in devising suitable strategies to handle relevant risks
Risk management and business continuity Risk management is simply a practice of systematically selecting cost effective approaches for minimizing the effect of threat realization to the organization. All risks can never be fully avoided or mitigated simply because of financial and practical limitations. Therefore all organizations have to accept some level of residual risk Since risk management tend to be anticipatory Business Continuity Planning (BCP) was invented to deal with consequences of realized residual risks.
The necessity to have BCP in place arises because even very unlikely events will occur if given enough time. Risk management and BCP are often mistakenly seen as rivals or overlapping practices. In fact these processes are so tightly tied together that such separation seems artificial. For EX, the risk management process creates important inputs for the BCP (assets, impact assessments, cost estimates etc). Risk management also proposes applicable controls for the observed risks. Therefore, risk management covers several areas that are vital for the BCP process.
However, the BCP process goes beyond risk management’s pre-emptive approach and moves on from the assumption that the disaster will realize at some point in managing the organization. It is said that the organization has to manage some level of risk in anticipating the unlikely events for the smooth functioning and process, and to the possibility that the actual outcome of an investment will differ firm its expected outcome. More specifically, most investors are concerned about the actual outcome being less than the expected outcome. The organization has three major risks to eliminate form several source, they are ?
Business Risk, ? Interest rate Risk and ? Market Risk Business Risk:- The organization as a share holder of corporate securities (equity shares or debentures), are exposed to the risk of poor business performance. This may be caused by a varity of factors like heightened competition, emergence of new technology, development of substitute products, shifts in consumer preference, change in governmental policies and so on. The poor business performance definitely affects the interest of equity share holders, who have a residual claim on the income and wealth of the firm.
In such a case, debenture holders face the prospect of default risk. Interest Rate Risk: The changes in interest rate have a bearing on the welfare of investors. As the interest rate goes up, the market price of existing fixed income securities falls, and vice versa. This happens because the buyer of a fixed income security would not buy it at its par value or face value if its fixed interest rate is lower than the prevailing interest rate on a similar security. While the changes in interest rate have a direct bearing in the prices of fixed income securities and they effect the equity price too some times indirectly.
Market Risk: In organization even if the earning power of the corporate sector and the interest rate structure remain more or less unchanged, prices of securities, equity share in particular, tend to fluctuate. While there can be several reasons for this fluctuation, a major cause appears to be the changing psychology of the investors. There are periods when investors become bullish and their investment horizons length, during such periods drives share prices to great heights, affecting almost all the shares.
On the other hand, when a wave of pessimism (which often is an exaggerated response to some unfavorable political or economic development)sweeps the market, investors turn bearish and myopic. Prices of almost all equity shares register decline as dear and in certainly pervade the market. These are some of the factors that an organization has to focus to manage the Risk. An example of Banking sector has been explained for in view of the risk measures being taken by the bank industry. The Value-at-Risk (VaR) has emerged as the primary risk management tool for market risk in the last few years.
The Bank of International Settlement (BIS) has suggested banks to measure their market risk using the VaR metrics. There are various VaR metrics, which gives different results for the same dataset and period. The example below compare various methods of VaR estimations for Fixed Income Securities (FIS) and Equity portfolios. Value-at-Risk measures the potential loss on market value of a security or a portfolio using estimated volatility and correlations within a given probability over a predetermined time horizon. VaR is an attempt to provide a single number summarizing the total risk in a portfolio of financial assets.
The basic idea behind VaR is to determine the probability distribution of the underlying source of risk and to isolate the worst given percentage of outcome. However, it must be remembered that VaR is not a unique number since, among other things. The organization’s appetite for risk is reflected in choosing the confidence level and time interval. Example of risk measures in Banking sector Risk, in simple terms is defined as the uncertainty associated with earnings, and therefore, quantification of the risk becomes the first step in risk management in any organization.
Bank , as financial organization, faces, different kinds of risk viz. , credit risk market risk, operation risk, etc. market risk is also gaining importance through credit risk contributes maximum to the total risk of any bank. Credit risk arises from the primary function of any banking business ie. , lending. Market risk is the uncertainty in the bank’s earning due to changes in the prices of equity, securities, foreign exchanges, interest rates, etc. , leading to an adverse impact on the banks’ portfolio.
This is a major concern as banks invest a considerable portion of their portfolios in these instruments. The Bank of International Settlements (BIS) defines market risk as “The risk that the value of ‘on’ or ‘off’ balance sheet positions will be adversely affected by movements in equity and interest rate markets, currency exchange rates and commodity price (www. bis. org). It is necessary that market risk be measured and maintained within an acceptable level. According to BIS, Value-at-Risk (VaR) has been widely accepted as a measure of markets risk.
The VaR of a portfolio of transactions is defined as the maximum loss from an adverse market move, within a given level of confidence, for a given holding period. In simple terms it helps a trader/risk manager in finding out “how much could we lose tomorrow”. With portfolio return following a probability distribution, VaR measures the expected loss with certain level of confidence. It is thus a probability based metric to quantify expected loss. The VaR method is gaining importance as it summarizes the maximum likely loss expected over a target horizon at a given confidence interval.
VaR reduce many risk factors to single number thus quantifying the risk in monetary terms and a finance manager can also easily related to it compared to other statistical tools like standard deviations that were earlier used to measure risk. Need for Comparison of VaR Calculation Methods The Basel Committee for Banking Service Supervision (BCBS) of the BIS has mandated that the central banks ie. , the Reserve Bank of India (RBI) has to satisfied that the Indian banks have appropriate measures in place to monitor and contain all risks that they face.
In case of market risk the BIS has suggested that VaR be used as a metric for the measurement of risk, so that risk-reducing action can be triggered when VaR exceeds a pre-defined level. The VaR measurement can be done in many ways i. e. , parametric approach, semi-parametric approach, historical simulation and Monte-Carlo simulation etc. Therefore choosing the right VaR model becomes important for measuring the risk profile of a portfolio. “The key to effective risk management is not necessarily to minimize the various risks but to earn profits by taking the risk”. VaR Calculation
The first step in VaR calculation is mark-to-market the portfolio, which is necessary to know the actual value of the portfolio means determining the value of the portfolio instantly as soon as the calculation is performed. Here the spot price of the securities which form a part of the portfolio are obtained and the portfolio is revalued at that instant. It is again re-priced at the end of the period and its return is calculated. Considering that it will get different returns under different conditions, a probability distribution of these returns is generated and a VaR number is calculated
As an overall, VaR is a useful tool for navigation through financial markets as well as the banking and portfolio markets. Appendix This appendix show how Microsoft has manage every Risk in its organization. Earlier the meaning of Risk management meant buying insurance against fire, theft and liability losses. However, today though, due to globalization, volatile markets and many looking for some one or other reasons to sue, and a multitude of risks are adversely affecting the organizations. Microsoft company has addressed these risks by creating a virtual consulting practice called Microsoft Risk Co. to help manage the risks faced by its sales, operations and products groups. In recent article in CFO, Scott Lange, head of Microsoft Risk, identified these 12 major sources of risk 1. Business partners (interdependency, confidentiality, cultural conflict, contractual risks) 2. Competition (market share, price wars, industrial espionage, antitrust allegations etc,. ) 3. Customers (product liability, credit risk, poor marketing timing, inadequate customer support. ) 4. Distribution system (transportation, service availability, cost, dependence on distributors) 5.
Financial (foreign exchange, portfolio, cash, interest rate stock market) 6. Operations (facilities, contractual risks, natural hazards, internal processes and control) 7. People (employees, independent contractors, training, staffing inadequacy) 8. Political (civil unrest, war, terrorism, enforcement of intellectual property rights change in leadership, revised economic policies) 9. Regulatory and legistlative (antitrust, export licensing jurisdiction, reporting and compliance, environmental) 10. Reputations (corporate image, brands, reputations of key employees) 11.
Strategic (mergers and acquisitions, joint ventures and alliances, resource allocation and planning, organizational ability) 12. Technological (complexity, obsolescence, the year 2000 problem, workforce skill-sets) According to Lange, it is important to resist the idea that risk should be categorized by how the insurance industry views it. He also defined the role of financial risk management, where the role is to put on paper all the risks that can be identified and to try to quantify them by numbers or by probability distribution.
At Microsoft, the finance department works with the product groups to determine the risk. Lange has a smaller goal for Microsoft-to have risk management permeate the thinking of all Microsoft managers and employees. (Source: Edward Teach, “Microsoft’s Universe of Risk, CFO, March 1997, 69-72) CONCLUSION: Business is all about taking risk. What matters is how the risk is handled. Often, there are so many permutations of risks that can affect the business that it will take away most of the profits if one were to reduce/eliminate all of them.
Ultimately, it is the organizational cultural and its appetite for risks that will determine risk management policies. Risk management is an integral part of corporate planning, it envisages a systematic approach for identification, measurement and control of a varity of risks faced by an organization. The top management is also becoming more cost conscious and more aware of how should risk management helps to minimize expenses. The organizations are learning to cope with a rapidly changing environment with hedging strategies which provide buffers to the bottom line.
Thus the organizations are having many strategies to focus on the managing on the risk that are facing in every way of its business life. References Investment Analysis and Portfolio Management (Second edition) by Prasanna Chandra Risk Management- Insurance and Derivatives by Dr. G. Kotreshwar Financial Institutions and Markets (Fourth Edition) by L M Bhole International Financial Management (7th edition) by Jeff Madura Future and Options (Second edition) N D Vohra & B R Bagri National Stock Exchange of India Limited Journals
Financial Risk Management- The ICFAI Journal- Vol. II No. 4 Dec-2005 Financial Risk Management- The ICFAI Journal-Vol. III No. 1 Mar-2006 Financial Risk Management- The ICFAI Journal-Vol. III No. 4 Dec-2006 Financial Risk Management- The ICFAI Journal-Vol. IV No. 1 Mar-2007 Development A Risk Assessment Process- Project & Profits-The ICFAI Journal- May 2007. Managing Construction Risk- The ICFAI Journal- Jan-2005 Websites www. bis. org www. google. com http://cve. mitre. org www. riskmetrics. com www. rotman,utoronta. ca