Why do you need an aggregate risk limit?
For the same reason that a dieter needs a calorie limit. There are lots and lots of fad diets out there. Cottege Cheese diets, grapefruit diets, low carb, low fat, liquid. And they might work, but only if you follow them exactly, with absolutely no deviation. If you want to make some substitution, many diets do not have any way to help you to adapt. Calories provide two things that are desparately needed to make a diet work. Common currency for substitutions and a metric that can be applied to things not contemplated in the design of the diet.
So if you do a calorie counting diet, you can easily substitute one food for another with the same calorie count. If some new food becomes available, you do not have to wait for the author of the diet book to come up with a new edition and hope that it includes the new food. All you need to do is find out how much calories the new food has.
The aggregate risk limit serves the exact same role role for an insurer. There may be an economic capital or other comprehensive risk measure as the limit. That risk measure is the common currency. That is the simple genius of VaR as a risk metric. Before the invention of VaR by JP Morgan, the risk limit for each risk was stated in a different currency. Premiums for one, PML for another, percentages of total assets for a third. But the VaR thinking was to look at everything via its distribution of gains and losses. Using a single point on that distribution. That provided the common currency for risk.
The diet analogy is particularly apt, since minimizing weight is no more desirable than minimizing risk. A good diet is just like a good risk tolerance plan – it contains the right elements for the person/company to optimum health.
And the same approach provided the method to consistently deal with any new risk opportunity that comes along.
So once an insurer has the common currency and ability to place new opportunities on the same risk basis as existing activities, then you have something that can work just like calories do for dieters.
So all that is left is to figure out how many calories – or how much risk – should make up the diet.
And just like a diet, your risk management program needs to provide regular updates on whether you keep to the risk limits.