Enterprise Risk Management

tailpillowManagement

Nov 9, 2013 (3 years and 7 months ago)

78 views

Enterprise Risk Management

October
22
, 2010

A.V. Vedpuriswar

1



We had 20 people on the beach looking at grains of sand with microscopes
when the tsunami came along and wiped everybody out.

Cleaning up DRCM was, in the words of one UBS employee, like mopping up
spilt milk on the deck of the Titanic.

FT April 20, 2008



[OPTIONAL SLIDE]

2

Objectives


Understanding risk


Getting the big picture


Taking a holistic view


Recognising human infallibilities


Being clear about our priorities

3

Acknowledgements


Enterprise Risk Management: Theory and Practice, Brian W. Nocco, and
René M. Stulz, Journal of Applied Corporate Finance, Fall 2006


Strategic Risk Taking, Aswath Damodaran


The Black Swan, Nassim Nicholas Taleb


Integrated Risk Management for the Firm: A Senior Manager’s Guide,
Working paper by Lisa K. Meulbroek


Kenneth Froot, David Scharfstein & Jeremy Stein, “ A famework for risk
management”, Harvard Business Review, Nov
-
Dec1994


Options, futures and Derivative Securities, John C Hull


Risk Management and Financial Institutions, John C Hull


FRM Body of Knowledge

4

Ice breaker


What are the fundamental laws of Physics?


What are the fundamental laws of Economics?


What about Financial Economics?

5

A problem which took 160 years to solve


Luca Pacioli, an Italian monk framed a famous problem.


Two gamblers are playing a best
-
of
-
five dice game.


They are interrupted after three games with one gambler
leading 2 to 1.


What is the fairest way to divide the pot between the two
gamblers, taking into account the current status of the
game?


Blaise Pascal and Pierre de Format solved the problem after
about 160 years.


How? Assume all the 5 games are played.

6

Another teaser


I give you two options


Take Rs. 50


I toss a coin. Heads you get Rs. 100 and tails you get 0

Which will you choose?


I give you two options


Pay Rs. 50


I toss a coin. Heads you pay Rs. 100 and tails you pay 0

Which will you choose?

7

A third teaser


The bird flue epidemic is expected to hit your town and it is
estimated that 600 people die. Which of the following two
drugs, A or B, will people recommend to combat the
epidemic, given the following information?


If Drug A is used: 200 will be saved.


If Drug B is used: 1/3 chance that all 600 will be saved and
2/3 chance that nobody will be saved.


It seems a greater percentage of the respondents vote
for Drug A

8


The bird flue epidemic is expected to hit your town and it is
estimated that 600 people will die. Which of the following two
drugs, C or D, will people recommend to combat the
epidemic, given the following information?


If Drug C is used

: 400 will die.


If Drug D is used: 1/3 chance that nobody will die, and 2/3
chance that 600 will die.


It seems a greater percentage of the respondents vote
for Drug D.

9

Key messages


Our attitudes towards risk are highly perplexing.


The essence of good risk management is making the right
choices when it comes to dealing with different risks .


Risk management should not be equated with risk hedging.


The most successful companies have risen to the top by finding
particular risks that they are better at exploiting than their
competitors.


Some risks are “black swans”.


They come when we least expect them but their effects can be
catastrophic.


An integrated approach to risk management can be highly
rewarding.

10

How Enterprise Risk Management adds value


Enterprise Risk management creates value at both a “macro”
or company
-
wide level and a “micro” or business
-
unit level.


At the macro level, ERM enables senior managers to quantify
and manage the risk
-
return tradeoff that faces the entire firm .


At the micro level, ERM becomes a way of life for managers
and employees at all levels of the company.


Why did risk management fail during the financial melt down of
2007
-
08?

11

What determines the value of a firm?


The value of a firm can generally be considered a function of
four key inputs


Cash flow from assets in place or investments already
made


Expected growth rate in cash flows during a period of high
growth excess returns


Time before stable growth sets in and excess returns are
eliminated


Discount rate which reflects both the risk of the investment
and the financing mix used by the firm

12

What can a firm do to increase its value?


Generate more cash flows from existing assets


Grow faster or more efficiently during the high growth phase


Prolong the high growth phase


Lower the cost of capital


What is the role of risk management in adding value to firm?

13

How hedging can help?


Managers often under invest because of risk aversion.


By providing hedging tools, we can remove the disincentive
that prevents them from investing.


By hedging and smoothening earnings, firms can extend
their high growth/excess returns period .


Providing protection against firm specific risks may help
align the interest of stockholders and managers and lead to
higher firm value.


The pay off from risk hedging must be greater for firms with
weak corporate governance structures and managers with
long tenure.

14

How taking risk helps?


The way the firm strategically manages its risk exposure,
such as by making the right R&D investments, will clearly
help in extending the growth phase.


The pay off from risk management may be greater in
businesses that are volatile but earn high returns on
investment.


There must be unpredictable, but lucrative investment
opportunities.


Look for the positive black swans!

15


Strategy, Finance, and Operations : The need for
integration


Risk management as a discipline has evolved unevenly
across different functional areas.


In strategy, the focus has been on competitive advantage
and barriers to entry.


In finance, the preoccupation has been with hedging and
discount rates. Little attention has been paid to the upside.


People in charge of operations may not have the big picture.


Risk management at most organizations is splintered.


There is little communication between those who assess
risk and those who make decisions based on those risk
assessments.

Three ways to manage risk


Fundamentally, there are three ways to manage risk.


Which are these ways?

17

Different approaches to managing risk





Targeted

financial


instruments


(Transfer)


Modifying

operations,


(Hold)

Adjusting


capital structure

(Buffer)


Visualising

ERM

18

19

Integrated risk management


“Integration” refers to





the combination of these three risk management

techniques,




and to the aggregation of all the risks faced by the firm.


Integrated risk management is by its nature “strategic”, rather
than “tactical”.


Because the three ways to manage risk are functionally
equivalent in their effect on risk, their use connects seemingly
-
unrelated managerial decisions.


For instance, effective capital structure decisions cannot be
made in isolation from the firm’s other risk management
decisions.


Can we think of some examples?

20

Modifying the firm’s operations to gain competitive
advantage


Companies are in business to
take strategic and business
risks.


By reducing non
-
core exposures, ERM effectively enables
companies to take more strategic business risks.


Consider the following :


Pharma R&D


Human capital management in software company


Cricket pitch during rainy season


Environmental management


Oil company

21

When to hold the risk?


Companies should be guided by the principle of
comparative
advantage in risk
-
bearing.


A company that has no special ability to forecast market
variables has no comparative advantage in bearing the risk
associated with those variables.


In contrast, the same company should have a comparative
advantage in bearing information
-
intensive, firm
-
specific
business risks.


That is because it knows more about these risks than
anybody else.

22

Risk transfer using targeted financial instruments


When should firms use targeted financial instruments?


Some risks cannot be managed effectively through the
operations of the firm.



Either because no feasible operational approach exists.


Or an operational solution is simply too expensive to
implement or it is too disruptive of the firm’s strategic goals .


Targeted financial instruments are especially suited for firms
with large exposures to commodity prices, currencies, interest
rates, or the overall stock market.

23

Risk adjustment via the capital structure


By decreasing the amount of debt in the capital structure,
managers can reduce the shareholder’s total risk exposure.


Lower debt means that the firm has fewer fixed expenses.


This translates into greater flexibility in responding to any
type of volatility that affects firm value .


Lower debt also reduces the chance that the firm becomes
financially distressed.

24

Equity: An all purpose cushion


Equity provides an all
-
purpose risk cushion against loss.


There are some risks that a firm can both anticipate and
measure relatively precisely and these can be shed through
targeted risk management .


Equity provides ideal protection against those other risks
that cannot be readily anticipated or measured, or for which
no specific targeted financial instrument exists .


The larger the amount of risk that cannot be accurately
measured or shed, the larger the firm’s equity cushion
should be.


What is the current debate about banking?

The most important risks faced by Corporates

25

Ref :
Servaes,Tamayo
,
Tuffano
, “ The theory
and practice of
corporate risk
management”, Journal
of Applied Corporate
Finance, Fall 2009

Benefits of risk management for Corporates

26

Ref :
Servaes,Tamayo
,
Tuffano
, “ The theory
and practice of
corporate risk
management”, Journal
of Applied Corporate
Finance, Fall 2009

Costs of risk management for corporates

27

Ref :
Servaes,Tamayo
,
Tuffano
, “ The theory
and practice of
corporate risk
management”, Journal
of Applied Corporate
Finance, Fall 2009

The most important risk management products used
by corporates

28

Ref :
Servaes,Tamayo
,
Tuffano
, “ The theory
and practice of
corporate risk
management”, Journal
of Applied Corporate
Finance, Fall 2009

Measuring risk management

29

Ref :
Servaes,Tamayo
,
Tuffano
, “ The theory
and practice of
corporate risk
management”, Journal
of Applied Corporate
Finance, Fall 2009

The most important risk management products used
by corporates

30

Ref :
Servaes,Tamayo
,
Tuffano
, “ The theory
and practice of
corporate risk
management”, Journal
of Applied Corporate
Finance, Fall 2009

Liquidity, model and market risks


Liquidity, market and model risks are interrelated.


Breakdown of markets leads to liquidity problems.


When markets are not in place, models become necessary.


Models pose various risks.


Credit and market risks are inter related.


Consider bonds


Consider swaps


Financial Disintermediation has led to more integration

32

Credit and Market risks



Market and operational risks are interrelated


When positions move, losses may have to be booked.


Trader’s psychology may lead to systems and processes
being breached.


More risks may be taken than warranted.


Sound systems and processes can help.


33

Market and operational Risks

34

Behavioral issues in Risk Management


35

The duality of risk


It is part of human nature to be attracted to risk.


At the same time, there is evidence that human beings try to
avoid risk in both physical and financial pursuits.


Some individuals take more risk than others.

36

Behavioural finance and prospect theory


Decisions are affected by the way choices are framed.


Individuals may be risk seeking in some situations and risk
averse in others.


Individuals feel more pain from losses than from equivalent
gains.

37

Propositions about risk aversion (1/2)


Individuals are generally risk averse and more so when the stakes are large
than when they are small.


There are big differences in risk aversion across the population and noticeable
differences across sub groups.


Individuals are far more affected by losses than by equivalent gains.


The choices that people make when presented with risky choices or gambles
depend on how the choice is presented.


Individuals tend to be much more willing to take risk with what they consider
found money than with money they have earned.

38

Propositions about risk aversion (2/2)


There are two scenarios where risk aversion seems to
decrease and is even replaced by risk seeking.


One is when individuals are offered the chance of making an
extremely large sum with a small probability of success.


The other is when individuals who have lost money are
presented with choices made allow them to make their
money back.


When faced with risky choices, individuals often make
mistakes in assessing the probabilities of outcomes, over
estimating the likelihood of success.


The problem gets worse as the choices become more
complex.

39

Risk Management vs. Risk hedging


Risk management is aimed at generating higher and more
sustainable excess returns.


The benefits of risk management will be greatest in
businesses with high volatility and strong barriers to entry.


The greater the range of firm specific risks, the greater the
potential for risk management.


Risk management will create more value if new entrants can
be kept out of business.

40

Managing the upside


A simple vision of successful risk taking is that we should
expand our exposure to upside risk while reducing the
potential for downside risk.


The excess returns on new investments and the length of
the high growth period will be directly affected by decisions
on how much risk to take in new investments .


There is a positive pay off to risk taking but not if it is
reckless.


Firms that are selective about the risks they take can exploit
these risks to their advantage.


Firms that take risks without sufficiently preparing for their
consequences can be hurt badly.

41

Risk Management vs. Risk Hedging: A summary

Risk Hedging

Risk Management

View of risk

Risk is a danger

Risk is a danger & an opportunity

Objective

Protect against the downside

Exploit the upside

Approach

Financial, Product oriented

Strategy/cross functional process
oriented

Measure of success

Reduce volatility in earnings,

cash flows, value

Higher value

Type of real option

Put

Call

Primary impact on value

Lower discount rate

Higher & sustainable excess returns

Ideal situation

Closely held, private firms, publicly
traded firms with high financial
leverage or distress costs

Volatile businesses with significant
potential for excess returns

ERM : Managing the upside and the downside

42

Ref : Ten Common misconceptions about ERM, , by John R. S. Fraser, Hydro One, and Betty J.
Simkins
, Oklahoma State University, Journal of Applied Corporate Finance, Fall 2007

43

How to gain an advantage over competitors through
superior risk management


Information


Speed


Experience/Knowledge


Resource


Flexibility


Corporate governance


People


Reward/punishment mechanisms

44

Information advantage


Firms that take risk must invest in superior information networks.


Companies must be clear about the kind of information needed for decision
making in a crisis and put in place necessary information systems.


Early warning information systems must trigger alerts and preset responses.

45

The speed advantage


The speed of response can be critical in a crisis .


Speed depends on the quality of information, and understanding the potential
consequences and the interests of the stakeholders.


Organizational structure and culture also determine the speed of response.

46

The experience/knowledge advantage


Having experienced similar crises in the past can give us an advantage.


Firms must invest in learning .


They can enter new and unfamiliar markets, expose themselves to risk

and learn from mistakes.


They can acquire firms in unfamiliar markets .


They can form strategic alliances or poach people with the

necessary expertise.

47

The resource advantage


Having the resources to deal with crisis can give a company a significant
advantage over competitors.

48

Flexibility


A flexible response to changing circumstances can be a generic advantage.


For some firms, flexibility may come from production facilities that can be
modified at short notice to produce modified products that better fit customer
demand


For others, flexibility may come from lower overheads/fixed costs.


Flexibility also mean the ability to get rid of past baggage, cannibalising existing
product lines and having a “paranoid” culture.

49

Corporate governance


Interests of decision makers must be aligned with those of the owners.


Both managers with too little wealth and too much wealth tied up in their
business will not take risk.


The appropriate corporate governance structure for the risk taking firms would
call for decision makers to be invested in the equity of the firm but also to be
diversified.

50

People


When facing a crisis, some people panic, others freeze but a few thrive and
become better decision makers.

51

Reward/Punishment mechanisms


A good compensation system must consider both process and results.

52

Five questions about risk


Question #1: Have senior managers communicated the core values of the business in a
way that people understand and embrace?


Question #2: Have managers in the organization clearly identified the specific actions and
behaviors that are off
-
limits?


Question #3: Are diagnostic control systems adequate at monitoring critical performance
variables?


Question #4: Are the control systems interactive and designed to stimulate learning?


Question #5: Is the company paying enough for traditional internal controls?


53

Risk management: First principles (1/2)


Risk is everywhere:

Our biggest risks will come from places that we
least expect them to come from and in forms that we did not anticipate
that they would take


Risk is threat and opportunity:

Good risk management is about
striking the right balance between seeking out and avoiding risk


We are ambivalent about risks and not always rational:

A risk
management system is only as good as the people manning it


Not all risk is created equal:

Different risks have different implications
for different stakeholders .


Risk can be measured:

The debate should be about what tools to use
to assess risk than whether they can be assessed


Good risk measurement should

lead to better decisions :
The risk
assessment tools should be tailored to the decision making process.

54

Risk management: First principles (2/2)


The key to good risk management is deciding which risks to avoid, which
ones to pass through and which to exploit :
Hedging risk is only a small
part of risk management.


The pay off to better risk management is higher value:
To manage risk
right, we must understand the levers that determine the value of a business.


Risk management is part of everyone’s job :
Ultimately, managing risks well
is the essence of good business practice and is everyone’s responsibility.


Successful risk taking organizations do not get there by accident :
The
risk management philosophy must be embedded in the company’s structure
and culture.


Aligning the interests of managers and owners, good and timely
information, solid analysis, flexibility and good people is key :
Indeed,
these are the key building blocks of a successful risk taking organization.



55

Concluding remarks


Extreme negative outcomes are always a possibility, and the
effectiveness of risk management cannot be judged on whether such
outcomes materialize.


The role of risk management is to limit the probability of such outcomes
to an agreed
-
upon, value maximizing level.


A company where risk is well understood and well managed will
command the resources required to invest in the valuable projects
available to it because it is trusted by investors.


In such cases, investors will be able to distinguish bad outcomes that are
the result of bad luck rather than bad management, and that should give
them confidence to keep investing in the firm.