Archive for November 2013

Code of Conduct… for Baseball Players

November 29, 2013

1.   I will always play the game to the best of my ability.

2.   I will always play to win, but if I lose, I will not look for an excuse to detract from my opponent’s victory.

3. I will never take an unfair advantage in order to win.

4. I will always abide by the rules of the game—on the diamond as well as in my daily life.

5.   I will always conduct myself as a true sportsman—on and off the playing field.

6. I will always strive for the good of the entire team rather than for my own glory.

7.   I will never gloat in victory or pity myself in defeat.

8. I will do my utmost to keep myself clean—physically, mentally, and morally.

9.   I will always judge a teammate or an opponent as an individual and never on the basis of race or religion.

Connie Mack 1916

How does your company’s Code of Conduct compare to this?

Back in 1916, baseball players where not yet superstars who could write their own ticket.  Do your superstars (rather than management) set the conduct norms at your company?

Businesses all need a real code of conduct that is held by management to be just as important as the bottom line.  This code of conduct needs to become embedded in the corporate culture, if it isn’t already.

This is needed because the business that is run entirely on the principle of “shareholder value” will be inherently amoral.  Guided by the belief that if they do not do it, someone else will.  And this approach is excused because “the invisible hand” makes sure that when everyone operates in this manner, that the collective outcome will be the best.

But that invisible hand idea was written by the person who also authored “The Theory of Moral Sentiments”, a book that opened with the sentence:

How selfish soever man may be supposed, there are evidently some principles in his nature, which interest him in the fortunes of others, and render their happiness necessary to him, though he derives nothing from it, except the pleasure of seeing it.  A Smith 1759



Reviewing Board Level Engagement and Commitment to ERM

November 26, 2013

[The material following is the work of an ad hoc IAA working group.  It was produced in 2011 but never completed or published.  RISKVIEWS is sharing so that this good work can be viewed.]


Employee Turnover Risk – Update

November 25, 2013

Riskviews reported that Employee Turnover risk was Imminent in 2011.  But it hasn’t happened yet.

QuitsYou can see from this recent US BLS chart that employee quits are very slowly edging up, but they haven’t exactly popped.

But the points made in 2011 are still valid.

  • A large percentage of employees are somewhat dissatisfied with their jobs and would move given the right opportunity.
  • It is very expensive to replace experienced and highly productive employees.

Another factor, retirements of Baby Boomers, will gradually grow over the next twenty years, but will not create any sudden shift in these numbers.  The monthly retirements will gradually double, since the baby boomer cohort births were roughly double the annual number of births pre-1946 gradually adding roughly 150,000 to the monthly quit figures.  People do not generally all retire as soon as they reach eligibility age, and that practice has slowed slightly since a temporary spike in retirements after the Financial Crisis.

Extrapolation of the chart above suggests that it might take another three years for quits to reach the pre-crisis peak.

Lesson to learn from the 2011 statement – the statement that something is a risk is NOT a prediction that a loss event is going to happen.  Employee turnover is still a risk, but the velocity of emergence has proved to be less than expected.

Heads Banks Win, Tails Taxpayers Lose

November 20, 2013

Moody’s says that era is over.

Based on Moody’s updated views on US government support and standalone bank considerations, Moody’s lowered by one notch the senior holding company ratings of Morgan Stanley, Goldman Sachs, JPMorgan, and Bank of New York Mellon.

“We believe that US bank regulators have made substantive progress in establishing a credible framework to resolve a large, failing bank,” said Robert Young, Managing Director. “Rather than relying on public funds to bail-out one of these institutions, we expect that bank holding company creditors will be bailed-in and thereby shoulder much of the burden to help recapitalize a failing bank.”

Reviewing Risk Appetite

November 19, 2013

[The material below is the work of an ad hoc IAA working group.  It was produced in 2011 but never completed or published.  RISKVIEWS is sharing so that this good work can be viewed.]

Risk appetite setting and its implication on business strategy. 

Risk appetite is a high-level view of the risks the organization is willing to accept in pursuit of value. When an insurer defines the optimal level of risk, a common view of the ultimate priority is to serve shareholder’s benefits. This will facilitate the decision on the types of risks and magnitudes of the risks to be taken that are consistent with business strategies and market situation. At the same time, the desired risk profile should satisfy the explicit and implicit constraints set by other parties such as regulators, rating agencies, policyholders, debt holders, senior management, and employees. Some external changes have also expedited the process. S&P has required a clear statement of risk appetite as a foundation of “strong” or “excellent” ERM rating. Solvency II also requires insurers to explicitly consider their risk appetite.

Risk appetite framework normally includes three levels.

Enterprise risk tolerance: The aggregate amount of risk the company is willing to take, expressed in terms of

  1. capital adequacy
  2. earnings volatility
  3. credit rating target

It represents the company’s long term target and shall be revised only if there are fundamental changes to the company’s financial profile, market situation and strategic objective. Risk appetite helps prevent default by preserving capital position. This is required by regulators, rating agencies, policyholders, and debtholders. These stakeholders show little or no interest in the upside from risk taking. On the other hand, shareholders are interested in the upside resulted from risk taking and low earnings volatility.

Risk appetite for each risk category: Enterprise risk tolerance needs to be allocated to risk appetite for specific risk categories and business activities. For example, selling life insurance policies or underwriting property and casualty risks. Or taking more market risk versus credit risk. By doing this, the company’s resources, like capital, can be allocated to the areas that the company feels comfortable with, or has competitive advantages.  When determining or updating risk appetite for different risk categories, in addition to considering the constraints set by enterprise risk tolerance, it should aim to maximize the risk-adjusted return of risk-taking activities.

Risk limit: Risk limits are the most granular level which is used for business operation. It translates enterprise risk tolerance and risk appetite for each risk category into risk monitoring measures. The consistency between risk limit and enterprise risk tolerance help the company realize its risk objective and maximize risk adjusted return.

Risk appetite not only protects value, but also creates value for the business. It helps senior management make informed decisions to maximize risk adjusted return for the shareholder. Ensuring the consistency between risk appetite and risk limits is very important. Both rating agencies and investors are concerned about whether risk appetite is properly aligned with the risk limits being set for business operation. A sound risk management practice requires risk appetite being integrated into business strategy and corporate culture.

Desired actions/features of risks management by category:

Ad Hoc

1. Unsystematic description of the company’s willingness to take risk. This could possibly be by an answer to investors, regulators or rating agencies’ inquiry and not fully linked with the company’s ability to take risk.


  1. The company has a formal statement of enterprise risk tolerance which has been approved by Board of Directors (BOD). The statement should at least include target credit rating, capital adequacy, earnings volatility, and attitude to operational risk such as reputation risk and legal risk.
  2. Risk appetite statement is incorporated in the risk management policy and will be reviewed annually by risk management committee and BOD.
  3. When making a strategic decision, the impact is sometimes checked against enterprise risk tolerances to make sure they are not breached.


  1. The company has a well established risk appetite framework which includes enterprise risk tolerance, risk appetite for each identified risk category and risk limits. Those are reviewed and approved by BOD and updated at least annually or in market turmoil.
  2. The risk appetite framework considers all the constraints the company faces and reflects key stakeholders’ risk preference. They include regulators both at group level and local level, shareholders, debtors, and management.
  3. There exists a consistent framework to align risk limits with enterprise risk tolerance. This is essential to make sure all the business decision is made within the company’s tolerance of risk.
  4. Integration of risk appetite and strategic planning. Risk appetite framework plays an active role in providing information about risk exposures of business activities and risk reward trade off. Asset allocation and product mix are the two key areas.
  5. The whole company is involved in risk appetite framework to facilitate risk identification and foster a healthy risk culture.


  1. Risk appetite framework is integrated with all the business decision, including business operation constrained by risk limits and strategic decision to fit into enterprise risk tolerance. Strategic decisions include, but are not limited to strategic asset allocation, tactic asset allocation, new business planning, capital allocation, and risk management strategies.
  2. Performance measurement of management is linked to risk adjusted return or risk adjusted value.
  3. Effective and company wide education and communication of risk appetite framework are in place and regularly scheduled.
  4. Back testing of risk appetite framework is conducted to identify new risks, key assumption errors, and model errors.
  5. Risk appetite framework is considered more of strategic risk management than risk limit system.
  6. Risk appetite framework puts more efforts on emerging risks or risks hard to identify and quantify. Qualitative analysis becomes critical in corporate strategic decision.

Capital Allocation – Different Questions

November 18, 2013

RISKVIEWS has been confused by the vehemence of some people about the topic of capital allocation.

Some people feel that capital MUST be allocated to facilitate proper management.

Other feel that capital MUST NEVER be allocated because it leads to incorrect decisions.

But RISKVIEWS suspect that they may be talking about two different questions.

Those who think that they MUST allocate capital are trying to answer the question “How DID we do?”

Those who think that they MUST NEVER allocate capital are focused on the question “What SHOULD we do?”

Of course, the two questions often get mixed up.  But one is about the past and the other one is about the future.  The problem that folks who object to capital allocation are afraid of is that if capital is allocated for the purposes of answering the “How DID we do?” question, then the same sort of allocation will be used to answer the “What SHOULD we do?” question.

And that IS a problem.  The “What SHOULD we do?” question needs to be answered with projections of the future.  Many decisions that are worth worrying about do not settle within a single year, so the projections need to be multi year.

But the problem that they are worried about is the problem of making a multi year decision with a single year projection.  Whether capital is allocated or not, that is a poor way to go.

Multi year decisions need multi year projections.  The multi year capital impact needs to be included.  That can be done with a cost of capital factor or be a carefully constructed model that reflects capital inflows and outflows and then implicitly charges a cost for capital held.   The multi year calculation usually needs to be discounted at an appropriate risk adjusted discount rate.

RISKVIEWS rule of thumb for selecting a discount rate is that all risks should be included ONCE and only ONCE in the entire calculation.  So if the calculation is a stochastic one that includes scenarios that reflect the possible adverse effects of a risk, then the discount rate should not also include a charge for that risk.  If your projection includes ALL possible risks, then a risk free rate is an appropriate discount.  Remember that the market charges a risk premium for its perception of emerging risks.  And for the risk of strategic failure.

So RISKVIEWS concludes that there is no harm from allocating capital.  There is a harm from making multi year decisions with a one year projection.  Whether or not capital is allocated.  And multi year decisions need to include the effect of capital usage.

Are you using Enron Accounting?

November 14, 2013

Over 10 years ago the high flying ENRON corporation came crashing down.

enronOne of the things that was responsible for their high flying and for the delayed recognition of their actual underlying troubles was their accounting. Arthur Andersen, their external auditors, went up in smoke 10 years ago also over related issues.

At its heart, Enron’s problems were caused by greed and a 65 multiplier.  Their stock was valued at 65 times earnings at its peak.  So a $1 increase in earnings meant a $65 increase in stock price.

And earnings were determined by accounting rules.

In Enron’s case, they were taking an approach to long term projects that fronted profits to an early stage in the life of the long term contract.  They often reported present value of all future profits from a new project when the project was contracted.  A long term energy delivery contract would have 5 or 10 years of future projected profits reported when the deal was closed.

This was called a mark to market approach.  But in fact it was almost always a mark to model.

But both systems can lead to risk management problems.  The fronted profits may or may not emerge. Some of these contract’s value were subsequently marketed down as market conditions changed in future years.  And in Enron’s case, the later adjustments became more and more on the down side because of optimistic original booking.  This then put pressure on management to find a larger and larger quantity of “new” deals where they could report large up front and possibly inflated pv of future profits.  Eventually it crashed like the ponzi scheme that it was.  They got too big.  They just couldn’t find enough new deals to paper over the losses from write downs adjustments to previously deals.

There are two other choices to accounting for long term transactions.  The profits could be recognized over the life of the deal or the profits can be recognized when the deal is completed.  That later approach seems so, so dated.  How 19th century. Let’s call these three types of accounting Type E, Type L and Type C.

But the risk manager needs to understand the accounting treatment of every deal that is not closed in the same accounting period that it is opened.

  • Type E accounting means that the company probably put up an asset for future profits.  The risk capital that should be associated with that asset may well be very high.  The firm is at high risk that that asset will not be worth what the books say.  Proponents of this approach say that all it takes to get this right is the correct discount rate.  With the right discount rate, the E approach is more or less the same as the L approach.  That discount rate is the rate that makes the activity break even at inception.
  • Type L accounting means that in some cases, the company is still setting up an asset, albeit small, at the inception of the deal, since in many cases there are either more expenses or less revenues at the outset of a long term project than there are over the life o the deal on the average.  That is the usual objective of Type L accounting, to make every year look like an “average” year on an expected basis.  This smoothing also carries some accounting risk, but much less than Type E.
  • Type C accounting means that profits are realized when cumulative revenues exceed cumulative expenses on the deal.  Deals that are expected to be profitable (and what company enters into long term deals that are not?) are usually reported as losers at the outset.  You could argue that this is just another discount rate applied to the future cashflows.  But this discount rate is infinite, making future cashflows worthless until they happen.

RISKVIEWS opinion is that one approach is not necessarily superior to another.  However, if the financial statement contains various projects that are not treating the future consistently, then there will be major distortions of perception about results.  That distortion is itself a major risk.

New Cavalcade of Risk

November 13, 2013

Hosted at
Links to many risk related blog postings.
Check it out.

Reviewing Risk Culture

November 4, 2013

[The material below is the work of an ad hoc IAA working group.  It was produced in 2011 but never completed or published.  RISKVIEWS is sharing so that this good work can be viewed.]

Culture is the combination of the behaviours of people in the company  – often described as “the way we do things around here”.  All organisations have a risk management culture.  Risk culture is the shared attitudes, values and practices that characterize how a company considers risk in its day-to-day activities. For some companies, the risk culture flows from an explicit risk philosophy and risk appetite.  The risk culture should support the goals, activities and desired outcomes of the company while mitigating the risks of not achieving desired outcomes.  Appropriate risk management behaviours may vary according to the organisation, the industry context, the location of operations both within and across national boundaries together with the resultant jurisdictional requirements. However behaviours that allow , that inspire a culture of fear or retribution, that allow “shooting the messenger” or that help “bad news to travel slowly” are not likely to be conducive to good risk management.

Desired actions/features of risks management by category:

Ad Hoc

1.  Each part of the company has their own risk language.

2.  There is very little cross discipline communications and discussion of risk and risk management issues.

3.  Risk decisions are almost always made individually, without reference to any corporate goals or objectives for risk.

4.  Responsibility for dealing with risks is unclear.

5.  There is an expectation of negative consequences for those associated with any activity that makes unexpected losses.

6.  There is a possibility of negative consequences for those who report bad news.

7.  There is little discussion of past problems or losses either at the time or subsequently.

8.  Senior Management and Board at best pay lip service to an idea that a company has a culture.


1.  Company has a formal risk management program that follows an outside standard or requirement.

2.  Company has not adapted that program to the specific culture of the firm in any significant way.

3.  Risk management responsibility and discussion are concentrated with a small number of “risk management staff”.

4.  Risk culture is acknowledged as important by senior management and Board.


1.  There is a common specific risk language at the company.

2.  Company has communication tools,  cross-functional discussions about management of risks, reporting tools and risks matrices.

3.  There are common techniques for risk assessment and risk treatment methodologies.

4.  There is a consistent point of view from the enterprise and business levels with regard to risk management.

5.  There are common understandings of the corporate goals and objectives for risk management.

6.  Company usually carefully reviews unexpected losses seeking to learn from experiences.

7.  Incentive compensation scheme support the achievement of risk management objectives

8.  Risk culture is actively promoted by senior management and the Board.

Advanced  – in addition to the Standard Practices:

1.  Cultural is reinforced by frequent communications and training programs, and by senior management and Board being seen to act in line with corporate risk culture.

2.  The degree of employee knowledge application of the corporate risk culture is periodically monitored.

3.  The communications and training programs are updated in reaction to the monitoring inputs.

4. ERM thinking is automatically incorporated in to all management decision making

%d bloggers like this: