M7

avatar
Created by
ANGELITO ECLIPSE

Cards (40)

  • Risk management
    The process of measuring or assessing risk and developing strategies to manage it
  • Risk management
    • It is a systematic approach in identifying, analyzing and controlling areas or events with a potential for causing unwanted change
    • It includes risk planning, assessing risk areas, developing risk handling options, monitoring risks to determine how risks have changed and documenting overall risk management program
  • ISO 31000 definition of risk management
    The identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor and control the probability and/or impact of unfortunate events and to maximize the realization of opportunities
  • Basic principles of risk management (ISO)

    • Create value - resources spent to mitigate risk should be less than the consequence of inaction
    • Address uncertainty and assumptions
    • Be an integral part of the organizational processes and decision-making
    • Be dynamic, iterative, transparent, tailorable, and responsive to change
    • Create capability of continual improvement and enhancement considering the best available information and human factors
    • Be systematic, structured and continually or periodically reassessed
  • Risk management process (ISO 31000)

    1. Establishing the context
    2. Identification of potential risks
    3. Risk assessment
  • Elements of risk management
    • Identification, characterization, and assessment of threats
    • Assessment of the vulnerability of critical assets to specific threats
    • Determination of the risk (expected likelihood and consequences of specific types of attacks on specific assets)
    • Identification of ways to reduce those risks
    • Prioritization of risk reduction measures based on a strategy
  • Risks associated with investments

    • Business risk
    • Financial risk
    • Liquidity risk
    • Default risk
    • Interest rate risk
    • Management risk
    • Purchasing power risk
  • Business risk
    The uncertainty about the rate of return caused by the nature of the business, including uncertainty about the firm's sales and operating expenses
  • Default risk
    The probability that some or all of the initial investment will not be returned, related to the financial condition of the company issuing the security and the security's rank in claims on assets in the event of default or bankruptcy
  • Financial risk
    The risk introduced by the firm's capital structure or sources of financing, where fixed interest payments or preferred dividends can cause net income to vary more than operating income
  • Interest rate risk
    The risk that fluctuations in interest rates will cause the value of an investment to fluctuate, affecting the discount rate used to estimate the present value of future cash flows
  • Liquidity risk
    The uncertainty created by the inability to sell the investment quickly for cash, including the uncertainty about the price that will be received and how long it will take to sell the asset
  • Management risk
    The risk that decisions made by a firm's management and board of directors will materially affect the risk faced by investors
  • Purchasing power risk
    The risk that the purchasing power of the return earned on an investment will decline due to inflation, even if the nominal or stated rate of return is positive
  • Risks associated with manufacturing, trading and service concerns
    • Market risk (product risk, competitor risk)
    • Operations risk (process stoppage, health and safety, after sales service failure, environmental, technological obsolescence, integrity)
    • Financial risk (interest rates volatility, foreign currency, liquidity, derivative)
    • Business risk (regulatory change, reputation, political, regulatory and legal, shareholder relations, credit rating, capital availability, business interruptions)
  • Risks associated with financial institutions
    • Financial risks (liquidity risk, market risk, credit risk, counterparty risk, trading risk, commercial risk, market liquidity risk, hedged positions risk, portfolio exposure risk, derivative risk, accounting information risk, financial reporting risk)
    • Non-financial risks (operational risk, regulatory risk, environment risk, integrity risk, leadership risk)
  • ISO 31000 suggests that once risks have been identified and assessed, techniques to manage the risks should be applied
  • Institutions
    • Financial
    • Non-Financial
  • Market Risk
    • Currency
    • Equity
    • Commodity
  • Credit Risk
    • Counterparty
    • Trading
    • Commercial
  • Market Liquidity Risk
    • Currency Rates
    • Interest Rates
    • Bond and Equity Prices
  • Accounting Information Risk
    • Completeness
    • Accuracy
  • Financial Reporting Risk
    • Adequacy
    • Completeness
  • Operational Risk
    • Systems
    • Information
    • Processing
    • Technology
    • Customer satisfaction
    • Human Resources
    • Fraud and illegal acts
  • Regulatory Risk

    • Capital Adequacy
    • Compliance
    • Taxation
    • Changing laws and policies
  • Environment Risk
    • Politics
    • Natural disasters
    • War
    • Terrorism
  • Leadership Risk
    • Turnover
    • Succession
  • Risk Avoidance
    • Performing an activity that could carry risk
    • Losing out on potential gain
  • Risk Reduction
    • Reducing severity of loss or likelihood of loss
    • Finding balance between negative risk and benefit
  • Risk Sharing
    • Sharing burden of loss or benefit of gain with another party
  • Risk Retention
    • Accepting loss or benefit of gain when risk occurs
    • Self-insurance
    • Retaining risk over insured amount
  • Risk management is the technique for measuring, monitoring and controlling the financial or operational risk on a firm's balance sheet
  • The Basel II framework breaks risks into market risk, credit risk and operational risk and specifies methods for calculating capital requirements for each
  • Areas of risk management
    • Enterprise risk management
    • Risk management in project management
    • Risk management for megaprojects
    • Risk management of information technology
    • Risk management in petroleum and natural gas
  • Enterprise-wide Risk Management Process
    1. Define goals, objectives, roles, responsibilities, common language, oversight structure
    2. Set management policy, establish context, set limits and tolerance
    3. Assess risks: identify source, measure
    4. Develop/design action plans: reduce, avoid, retain, transfer, exploit
    5. Implement action plans
    6. Monitor and report risk management performance
    7. Continuously improve risk management capabilities
  • SEC requires publicly-listed corporations to have a sound enterprise risk management (ERM) framework to effectively identify, monitor, assess and manage key business risks
  • The Board is responsible for defining the company's level of risk tolerance and providing oversight over its risk management policies and procedures
  • The Board should establish a separate Board Risk Oversight Committee (BROC) to oversee the company's Enterprise Risk Management system
  • The company should have a separate risk management function to identify, assess and monitor key risk exposures
  • Steps in the risk management process
    1. Set up a separate risk management committee chaired by a board member
    2. Ensure a formal comprehensive risk management system is in place
    3. Assess if the formal system possesses necessary elements
    4. Evaluate effectiveness of risk assessment
    5. Assess if management has developed and implemented suitable risk management strategies
    6. Evaluate if management has designed and implemented risk management capabilities
    7. Assess management's efforts to monitor overall company risk management performance and improve continuously
    8. See that best practices and mistakes are shared by all
    9. Assess regularly the level of sophistication of the firm's risk management system
    10. Hire experts when needed