Archive for May 2011

Incorporating Risk into Planning and Strategy

May 31, 2011

Risk has traditionally been a minor part of strategy discussions in many firms.

Usually you get it out of the way at the very start with a Strengths, Weaknesses, Opportunities and Threats (SWOT) discussion.  As quickly as possible, the planners shift into concentrating on discussion of Opportunities.  That is what they are there for anyway – Opportunities.

Utility theory and the business education that flows from utility theory suggests very little consideration of risk.  Not none at all, but very little.  Opportunities where the gains from the expected opportunities exceed the losses from the expected threats are considered good.  That is one spot where risk creeps in.  In addition, risk might be also reflected as an externality – the capital required by a regulator or ratings agency.

Financial economics came along and offered a more complicated view of risk.  Instead of using a fuzzily determined present value of risk from utility theory, Financial Economics substitutes the market cost of risk.

Risk management suggests a completely different and potentially contradictory approach.

The risk management approach to bringing risk into planning and strategy is to make risk appetite central to strategy selection.  The internal risk appetite becomes the constraint instead of the external capital constraint.  For firms that were using that external capital constraint as a key factor in planning, this could be an easy switch.  But often is actually is not.

The boards and management of most firms have failed to choose their own risk appetite constraint.

Riskviews believes that this is because the folks who have spent their entire careers under and external constraint system are ill equipped to set their own limits.  They do not have the experience with trial and error of setting risk appetite unlike the long experience that they have with most of their other management decisions.  For most management decisions, they came up through the management ranks watching their predecessors make good and bad decisions and succeed or fail.  When they reached their current positions, they had a lifetime of experience with most of the types of decisions that they need to make.

Now risk managers and regulators and rating agencies and consultants tell them that they need to make an entirely new decision about risk appetite, and then lever all of their other important decisions off of that one decision.  And when they look back upon their education and experience there was no mention at all of this risk appetite stuff.

And as the discussion at the start of this post states, the business education did not include risk appetite either.

But there are other ways that risk can be incorporated into the planning and strategy.

  • Risk Profile.  A part of the statement of the impact that the plan will have on the company should be a before and after risk profile.  This will show how the plan either grows the larger risks of the firm or diversifies those risks.   Risk cannot be fully described by any one number and therefore there is not one single pie chart that is THE risk profile of the firm.  The risk profile should be presented so that it shows the key aspects of risk that are the consequences of the plan – intended or unintended.  That may mean showing the geographic risk profile, the product by product risk profile, the risk profile by distribution system or the risk profile by risk type.  By looking at these risk profiles, the planners will naturally be drawn to the strengths and weaknesses of the risk aspects of the plan.  They will see the aspects of risk that are growing rapidly and therefore need extra attention from a control perspective.  And even if there are none of those reactions, the exposure to the risk information will eventually lead to a better understanding of risk and a drift towards more risk aware planning.
  • Risk management view of gains and losses.  Planning usually starts with a review of recent experience.  The risk managers can prepare a review of the prior year that describes the experience for each risk in terms of the exceedence probability from the risk models.  This could lead to a discussion of the model calibration and possibly to either better credibility for the risk model or a different calibration that can be more credible.
  • Risk Controls review.  Each risk operated within a control system.  The above review of recent experience should include discussion of whether the control systems worked as expected or not.
  • Risk Pricing review.  The review of gains and losses can also be done as a review of the risk margins compared to the risks for each major business or product or risk type.  Comparison to a neutral index could be considered as well.  With this review, the question of whether the returns of the firm were a result of taking more risk or from better selection and management of the risks taken should be addressed.

Some management groups will be much more interested in one or another of these approaches.  The risk manager must seek to find the approach to discussing risk that fits management’s interests for risk to become a part of planning and strategy.  Without that match, any discussions of risk that take place to satisfy regulatory or rating agency pressures will be largely perfunctory.


A Cure for Overconfidence

May 30, 2011


  • 86% of a group of college students say that they are better looking than their classmates
  • 19% of people think that they belong to the richest 1% of the population
  • 82% of people say they are in the top 30% of Safe Drivers
  • 80% of students think they will finish in the top half of their class
  • In a confidence-intervals task, where subjects had to judge quantities such as the total egg production of the U.S. or the total number of physicians and surgeons in the Boston Yellow Pages, they expected an error rate of 2% when their real error rate was 46%.
  • 68% of lawyers in civil cases believe that their side will win
  • 81% of new business owners think their business will succeed, but also say that 61% of the businesses like theirs will fail

But on the other hand,

  • A test of 25,000 predictions by weather forecasters found no overconfidence

We all know what is different about weather forecasters.  The make predictions regularly with confidence intervals attached AND they always get feedback about how good that their forecast actually was.

So the Overconfidence effect, that is seen by psychologists as one of the most reliable of biases in decision making, is merely the effect of under training in developing opinions about confidence intervals.

This conclusion leads directly to a very important suggestion for risk managers.  Of course risk managers are trying to act like weather forecasters.  But they are often faced with an audience who are overconfident – they believe that their ability to manage the risks of the firm will result in much better outcomes than is actually likely.

But the example of weather forecasters seems to show that the ability to realistically forecast confidence intervals can be learned by a feedback process.  Risk managers should make sure that in advance of every forecast period that they make the model for frequency and severity of losses are widely known.  And then at the end of every forecast period that they show how actual experience does or does not confirm the forecast.

Many risk models allow for a prediction of the likelihood of every single exact dollar gain or loss that is seen to be possible.  So at the end of each period, when the gain or loss for that period is known, the risk manager should make a very public review of the likelihoods that were predicted for the level of gain or loss that actually occurred.

This sort of process is performed by the cat modelers.  After every major storm, they go through a very public process of discovering what the model said was the likelihood of the size loss that the storm produced.

The final step is to decide whether or not to recalibrate the model as a result of the storm.

Overconfidence can be cured by experience.

Was Lindberg really Lucky?

May 27, 2011

Charles Lindberg made the fist solo transatlantic flight in 1927.

He was called Lucky Lindy because he succeeded at something that was judged to be highly unlikely.  In fact, by analyzing prior experience you would give his solo trans Atlantic flight a ZERO likelihood.

So his flight was a freak occurrence.  A Black Swan.

Six years later, Italo Balboa led a group of 24 planes across the Atlantic.  By the 1940’s, flights across the Atlantic were a very regular thing.

Think about Lucky Lindberg when you imagine the next major catastrophe.  You may not be able to get the event right, but there will be something that never happened that will be significantly worse that we imagined.  And after it happens, there will be a few more larger events until events of that magnitude become commonplace.

Now instead of assigning that sequence a zero probability, figure out how to include that in your risk management system.

Major Regime Change – The Debt Crisis

May 24, 2011

A regime change is a corner that you cannot see around until you get to it.  It is when many of the old assumptions no longer hold.  It is the start of a new set of patterns.  Regime changes are not necessarily bad, but they are disruptive.  Many of the things that made people and companies successful under the old regime will no longer work.  But there will be completely new things that will now work.

The current regime has lasted for over 50 years.  Over that time, debt went all in one direction – UP.  Most other financial variables went up and down over that time, but their variability was in the context of a money supply that was generally growing somewhat faster than the economy.

Increasing debt funds some of the growth that has fueled the world economies over that time.

But that was a ride that could not go on forever.  At some point in time the debt servicing gets to be too high in comparison to the capacity of the economy.  The economy has gone through the stage of hedge lending (see Financial Instability) where activities are able to afford payments on their debt as well as repayment of principal long ago.  The economy is in the stage of Speculative Finance where activities are able to afford payments on the debt, but not the repayment of principal.  The efforts to pay down debt will tell us whether it is possible to reverse course on that.  If one looks ahead to the massive pensions crisis that looms in the moderate term, then you would likely judge that the economy is in Ponzi Financing land where the economy can neither afford the debt servicing or the payment of principal.

All this seems to be pointing towards a regime change regarding the level of debt and other forward obligations in society.  With that regime change, the world economy may shift to a regime of long term contraction in the amount of debt or else a sudden contraction (default) followed by a long period of massive caution and reduced lending.

Riskviews does not have a prediction for when this will happen or what other things will change when that regime change takes place.  But risk managers are urged to take into account that any models that are calibrated to historical experience may well mislead the users.  And market consistent models may also mislead for long term decision making (or is that will continue to mislead for long term decision making – how else to characterize a spot calculation) until the markets come to incorporate the impact of a regime change.

This may be felt in terms of further extension of the uncertainty that has dogged some markets since the financial crisis or in some other manner.

However it materializes, we will be living in interesting times.

The Cost of Risk Management

May 19, 2011

PNC Chairman and Chief Executive Officer James E. Rohr is quoted in the Balitomore Sun as saying that Dodd Frank would raise costs and that those costs would ultimately be passed along to the customers.

Now Riskviews is not trying to suggest that Dodd Frank is necessarily good risk management.

But risk management, like regulation, usually has a definite cost and indefinite benefits.

The opponents of Dodd Frank, like the opponents of risk management will always point to those sure costs and a reason not to do regulations or risk management.

But with Dodd Frank, looking backwards, it is quite easy to imagine that more regulation of banks could have a pennies to millions cost – benefit relationship.  The cost of over light regulation of the banks was in the trillions in terms of the losses in the banks plus the bailout costs to the government PLUS the costs to the economy.  Everyone who has lost a job or lost profits or lost bonuses or who will ultimately pay for the government deficit that resulted from the decreased economic activity have or will pay the cost of underregulated banks.

The same sort of argument can be made for risk management.  The cost of good risk management is usually an increase to costs or a decrease to revenues in good times.  This is offset by a reduction to losses that might have been incurred in bad times.  This is a view that is REQUIRED by our accounting systems.  A hedge position MUST be reported as something with lower revenues than an unhedged position.  Lack of Risk Management is REQUIRED to be reported as superior to good risk management except when a loss occurs.

Unless and until someone agrees to a basis for reporting risk adjusted financials, this will be the case.

Someone who builds a factory on cheap land by the river that floods occasionally but who does not insure their factory MUST report higher profits than the firm next door that buys expensive flood insurance, except in the year that the flood occurs.

A firm that operates in a highly regulated industry may look less profitable than a firm that is able to operate without regulation AND that is able to shed most of their extreme losses to the government or to third parties.

Someone always bears those risk costs.  But it is a shame when someone like Rohr tries to make that look as if the cost of regulation are the only possible costs.

Learning from Disaster – The Honshu Earthquake

May 17, 2011

Steve Covey called it Sharpening the Saw.  A good risk management program will be continually learning.  The school of hard knocks is an extremely expensive teacher.  It is much better to audit the course by observing the experiences of others and learning from them.  The effective risk management program will be actively working to audit the courses of others experiences.

With that in mind, Risk Management magazine has devoted the May 2011 issue to learning from the Honshu earthquake.  There are four articles that review some key aspects of the Japanese experience as it appears right now.

  • Nuclear Safety – the problems at the Fukushima Daiichi reactor came from the multiple events that struck.  The safety provisions were sufficient for the earthquake, but not for the tsunami.  There are specific questions raised in the article here about the specific design of the reactor cooling system.  But a greater question is the approach to providing for extreme events.  The tsunami was greater than any on the historical record.  Should it be necessary to prepare for adverse events that are significantly worse than the worst that has ever happened?  If so, how much worse is enough?  Do we even have a way to talk about this important question?
  • Building Codes – the conclusion here is that Japanese building codes worked fairly well.  Many larger buildings were still standing after both the quake and the tsunami.  Christchurch did not fare as well.  But New Zealand codes were thought to be very strict.  However, the fault that was responsible for the earthquake there was only discovered recently.  So Christchurch was not thought to be in a particularly quake prone area.  As they overhaul the building codes in NZ, they do not expect to get much argument from strengthening the codes significantly in the Canterbury region.  The question is whether any other places will learn from Christchurch’s example and update their codes?
  • Supply Chain – the movement over the past 10 years or more has been to “just-in-time” supply chain management.  What is obvious now is that the tighter that the supply chain is strung, the more that it is susceptible to disruption – the riskier that it is.   What we are learning is that great efficiency can bring great risk.  We need to look at all of our processes to see whether we have created risks without realizing through our efforts to improve efficiency.
  • Preparedness – ultimately, our learnings need to be turned into actions.  Preparedness is one set of actions that we should consider.  The Risk Magazine focuses on making a point about the interconnectedness of all society now.  They say “Even a simple sole proprietorship operating a company in rural South Dakota can be negatively affected by political and social unrest in Egypt.”  We risk managers need to be aware of what preparedness means for each of our vulnerabilities and the degree to which we have reached a targeted stage of readiness.
Whenever there is a major crisis anywhere in the world, risk managers should review the experience to see what they can learn.  They can look for parallels to their business.  Can systems at their firm  withstand similar stresses?  What preparedness would create enough resilience?  What did they learn from their adversity?

Imminent Risk – Employee Turnover

May 16, 2011

Many risks go in cycles.  And While it makes some sense to keep an eye on them during the part of the cycle when they are low, it makes much more sense to concentrate on them when they are imminent.

A recent report from Metlife “Study of Employee Benefits Trends” diverts from its primary topic to spend an entire chapter on The Erosion of Employee Loyalty.  One startling statistic that they report is that over one third of employees say that if they have the choice, they will change employers in 2011!

Risk managers often think of risks like employee turnover as being “soft” risks that are difficult to measure and model.  But that may be mostly due to lack of familiarity.  In this case, people have measured the costs.  The Society of Human Resources Management (SHRM) has estimated that turnover costs vary by the level of employee.  For minimum wage employees, the costs are 30% to 50% and goes up for more skilled employees – up as high as 400% of salary for the most skilled employees.

And that does not take into account that the people who are most able to leave are the most competent and productive of your employees.

So your firm has an imminent risk that will emerge when the job market in your industry opens up.  You will know exactly when that risk is going to hit.  You will know because your firm will start to hire more after several years of low or zero hiring.  Once you notice the actual turnover, it will be too late. So monitoring hiring by your own firm and in your part of the economy is your key risk leading indicator.

The risk treatment steps to take would be those that might impact either the frequency or severity of the losses from this risk.  (duh)

Metlife includes this discussion in their report on employee benefits so that they can make the case that more employee benefits would be an effective preventative.

But before setting out to define risk treatment plans, the risk manager will want to look at the loss estimates.  That SHRM study points to costs from the hiring process, from training costs as well as productivity losses.  Each firm should examine their practices and experience to refine the general estimate to their situation.  Some firms will always choose to hire highly experienced employees to minimize the training and lost productivity costs.  Other firms will go to the other extreme, hiring mostly at the entry level and expecting to promote from within to replace any higher level losses.

Salary costs are a large percentage of financial businesses costs.  The management of this cost could probably benefit from some good quantitative analysis, if that is not already the practice.

If the SHRM costs are correct and even half the people identified by Metlife are able to change jobs, then firms on the average are facing extra costs of as much as 20% of payroll.

Do the math, where does this put employee turnover risk in terms of your top ten risks list?

%d bloggers like this: