Berkshire Hathaway Risk Appetite

“we are far more conservative in avoiding risk than most large insurers. For example, if the insurance industry should experience a $250 billion loss from some mega-catastrophe – a loss about triple anything it has ever experienced – Berkshire as a whole would likely record a significant profit for the year because of its many streams of earnings. We would also remain awash in cash and be looking for large opportunities in a market that might well have gone into shock. Meanwhile, other major insurers and reinsurers would be far in the red, if not facing insolvency.”

Warren Buffett, Berkshire Hathaway Letter to Shareholders, 2014

So Berkshire is prepared to pay out claims on an event that is three times as large as anything that has ever happened.

What are Berkshire’s competitors prepared for?

Here is an excerpt from the Swiss Re 2013 Annual Report:

Risk tolerance and limit framework

Swiss Re’s risk tolerance is an expression of the extent to which the Board of Directors has authorised the Group and Business Units’ executive management to assume risk. It represents the maximum amount of risk that Swiss Re is willing to accept within the constraints imposed by its capital and liquidity resources, its strategy, its risk appetite, and the regulatory and rating agency environment within which it operates. Risk tolerance criteria are specified for the Group and Business Units, as well as for the major legal entities.

A key responsibility of Risk Management is to ensure that Swiss Re’s risk tolerance is applied throughout the business. As part of this responsibility, Risk Management ensures that our risk tolerance targets are a key basis for our business planning processes. Furthermore, both our risk tolerance and risk appetite – the types and level of risk we seek to take within our risk tolerance – are clearly reflected in a limit framework across all risk categories. The limit framework is approved at the Group EC level through the Group Risk and Capital Committee. The individual limits are established through an iterative process to ensure that the overall framework complies with our Group-wide policies on capital adequacy and risk accumulation.

So they have a number but they are not saying what it is.  But they are telling us what they do with that number.

Now here is the Risk Limit Framework from the 2013 Partner Re annual report.

They have a number and here it is.  But look at how much more Buffet has disclosed.  He told that for Berkshire, an event that is three times the largest event experienced by the insurance industry, the loss would be significantly less than the earnings from the investments of Berkshire’s insurance and reinsurance companies plus the earnings of its non-insurance businesses.

Partner Re, whose disclosure is light years more specific than almost any other (re)insurer, is not quite so helpful.  It is good to know that they have the disclosed limits, but they have not provided any information to tell us how much that this adds up to in their mind.  If RISKVIEWS adds them up, these limits come to $21.5B.  Adding like that is the same as assuming that they all happen at once.  If we make the opposie assumption, that they are totally independent, we get a little more than $10B.  Partner Re’s capital is $7.5B.  So when they accept these risks, they must not think that it is likely to pay out their full limit, even on a fully diversified independent risk scenario.

So even with more specific disclosure than almost any other insurer, Partner Re has not revealed how they think of their risk appetite.

On the other hand, while Berkshire has given a better sense of their risk appetite, Buffett hasn’t revealed any number.

But this seems to RISKVIEWS to be real progress.  Perhaps some combination of these three disclosures would be the whole story of risk appetite at a (re) insurer.

We shall wait and see if somehow this evolution continues until investors and policyholders can get the information to understand how well prepared a (re) insurer is to pay its claims and remain in business in a extreme situation.

 

 

Advertisement

ERM Disclosure (2)

In a post last week, it was noted that US insurers are starting to admit to managing their risks in their public disclosures.  The 671 word discussion of the ERM process of Travelers was reproduced.  (Notice that over 100 of those words talk about the unreliability of the ERM system. )

But disclosure of ERM processes has been much more widespread and much more extensive in other parts of the world for more than 5 years.

For Example, Munich Re’s 2010 annual report has a 20 page section titled Risk Report.  That section has sub headings such as:

Risk governance and risk management system

Risk management organisation, roles and responsibilities

Control and monitoring systems

Risk reporting

Significant risks

Underwriting risk: Property-casualty insurance

Underwriting risk: Life and health insurance

Market risk

Credit Risk

Operational risk

Liquidity risk

Strategic risk

Reputation Risk

Economic Capital

Available Financial Resources

Selected Risk Complexes

It is not just Munich Re.  Manulife’s Risk Management disclosure is 22 pages of their annual report.  Below is the introduction to that section:

Manulife Financial is a financial institution offering insurance, wealth and asset management products and services, which subjects the Company to a broad range of risks. We manage these risks within an enterprise-wide risk management framework. Our goal in managing risk is to strategically optimize risk taking and risk management to support long-term revenue, earnings and capital growth.
We seek to achieve this by capitalizing on business opportunities that are aligned with the Company’s risk taking philosophy, risk appetite and return expectations; by identifying, measuring and monitoring key risks taken; and by executing risk control and mitigation programs.
We employ an enterprise-wide approach to all risk taking and risk management activities globally. The enterprise risk management (“ERM”) framework sets out policies and standards of practice related to risk governance, risk identification, risk measurement, risk monitoring, and risk control and mitigation. With an overall goal of effectively executing risk management activities, we continuously invest to attract and retain qualified risk professionals, and to build, acquire and maintain the necessary processes, tools and systems.
We manage risk taking activities against an overall risk appetite, which defines the amount and type of risks we are willing to assume. Our risk appetite reflects the Company’s financial condition, risk tolerance and business strategies. The quantitative component of our risk appetite establishes total Company targets defined in relation to economic capital, regulatory capital required, and earnings sensitivity.
We have further established targets for each of our principal risks to assist us in maintaining appropriate levels of exposures and a risk profile that is well diversified across risk categories. In 2010, we cascaded the targets for the majority of our principal risks down to the business level, to facilitate the alignment of business strategies and plans with the Company’s overall risk management objectives.
Individual risk management programs are in place for each of our broad risk categories: strategic, market, liquidity, credit, insurance and operational. To ensure consistency, these programs incorporate policies and standards of practice that are aligned with those within the enterprise risk management framework, covering:

■ Assignment of risk management accountabilities across the organization;
■ Delegation of authorities related to risk taking activities;
■ Philosophy and appetite related to assuming risks;
■ Establishment of specific risk targets or limits;
■ Identification, measurement, assessment, monitoring, and reporting of risks; and
■ Activities related to risk control and mitigation.

Such frank discussion of risk and risk management may be seen by some US insurers’ management to be dangerous.  In the rest of the world, it is moving towards a situation where NOT discussing risk and risk management frankly and openly is a risk to management.

Which would you prefer?

ERM Discosure

Here is a tip from the IRMI about how to get started with a new ERM program:

✓ If  you  are  a  public  company,  begin  by asking  the  person  or  group  that  identifies  risks  for  SEC  reports  to  also  identify
the top three corrective actions for the next quarter. Update the list quarterly.

That sounds like a great suggestion.  RISKVIEWS has always been amazed that the standard for disclosure in the US has been to disclose risks but not to say anything about what the firm is doing about those risks.  Based upon the standard disclosures, it is almost impossible to tell the difference between a firm with state of the art risk management and a firm with almost none.

But recently, companies, even in the US, are increasingly including a mention of their risk management activities along with the required laundry list of risks.

Just picking a public firm at random, here is an excerpt from Allstate’s risk disclosure:

As a property and casualty insurer, we may face significant losses from catastrophes and severe weather events

Because of the exposure of our property and casualty business to catastrophic events, our operating results and financial condition may vary significantly from one period to the next. Catastrophes can be caused by various natural and man-made disasters, including earthquakes, volcanoes, wildfires, tornadoes, hurricanes, tropical storms and certain types of terrorism. We may incur catastrophe losses in our auto and property business in excess of: (1) those experienced in prior years, (2) those that we project would be incurred based on hurricane and earthquake losses which have a one percent probability of occurring on an annual aggregate countrywide basis, (3) those that external modeling firms estimate would be incurred based on other levels of probability, (4) the average expected level used in pricing or (5) our current reinsurance coverage limits.Despite our catastrophe management programs, we are exposed to catastrophes that could have a material adverse effect on operating results and financial condition. For example, our historical catastrophe experience includes losses relating to Hurricane Katrina in 2005 totaling $3.6 billion, the Northridge earthquake of 1994 totaling $2.1 billion and Hurricane Andrew in 1992 totaling $2.3 billion. We are also exposed to assessments from the California Earthquake Authority and various state-created catastrophe insurance facilities, and to losses that could surpass the capitalization of these facilities. Our liquidity could be constrained by a catastrophe, or multiple catastrophes, which result in extraordinary losses or a downgrade of our debt or financial strength ratings.

In addition, we are subject to claims arising from weather events such as winter storms, rain, hail and high winds. The incidence and severity of weather conditions are largely unpredictable. There is generally an increase in the frequency and severity of auto and property claims when severe weather conditions occur.

Green text coloring added by RISKVIEWS to highlight mention of risk management activities.

Another example from Travelers:

Catastrophe losses could materially and adversely affect our results of operations, our financial position and/or liquidity, and could adversely impact our ratings, our ability to raise capital and the availability and cost of reinsurance. Our property and casualty insurance operations expose us to claims arising out of catastrophes. Catastrophes can be caused by various natural events, including, among others, hurricanes and other windstorms, earthquakes, hail, wildfires, severe winter weather, floods and volcanic eruptions. Catastrophes can also be man-made, such as a terrorist attack (including those involving nuclear, biological, chemical or radiological events), explosions, infrastructure failures or a consequence of political instability. The geographic distribution of our business subjects us to catastrophe exposures in the United States, which include, but are not limited to: hurricanes from Maine through Texas; tornadoes throughout the Central and Southeast United States; earthquakes in California, the New Madrid region and the Pacific Northwest region of the United States; wildfires, particularly in the Southwest; and terrorism in major cities in the United States. In addition, our international operations subject us to catastrophe exposures in the United Kingdom, Canada and the Republic of Ireland, as well as to a variety of world-wide catastrophe exposures through our Lloyd’s operations. The incidence and severity of catastrophes are inherently unpredictable, and it is possible that both the frequency and severity of natural and man-made catastrophic events could increase. Some scientists believe that in recent years changing climate conditions have added to the unpredictability and frequency of natural disasters (including, but not limited to, hurricanes, tornadoes, other storms and fires) in certain parts of the world and created additional uncertainty as to future trends and exposures. For example, in recent years hurricane activity has impacted areas further inland than previously experienced, thus expanding our overall hurricane exposure. The catastrophe modeling tools that we use, or that we rely on from outside parties, to help manage certain of our catastrophe exposures are based on assumptions and judgments that are subject to error and mis-estimation and may produce estimates that are materially different than actual results. In addition, our increased presence in certain geographic areas, such as in the Midwest and Western regions of the United States, and any changes in climate conditions could cause our data to be more limited and our catastrophe models to be even less predictive, thus limiting our ability to effectively evaluate and manage such exposures. See ‘‘Item 7— Management’s Discussion and Analysis of Financial Condition and Results of Operations—Catastrophe Modeling’’ and ‘‘—Changing Climate Conditions.’’ The extent of losses from a catastrophe is a function of both the total amount of insured exposure in the area affected by the event and the severity of the event. Increases in the value and geographic concentration of insured property and the effects of inflation could increase the severity of claims from catastrophic events in the future. In addition, states have from time to time passed legislation, and regulators have taken action, that has the effect of limiting the ability of insurers to manage catastrophe risk, such as legislation prohibiting insurers from reducing exposures or withdrawing from catastrophe-prone areas or mandating that insurers participate in residual markets. Participation in residual market mechanisms has resulted in, and may continue to result in, significant losses or assessments to insurers, including us, and, in certain states, those losses or assessments may not be commensurate with our direct catastrophe exposure in those states. If our competitors leave those states having residual market mechanisms, remaining insurers, including us, may be subject to significant increases in losses or assessments following a catastrophe. In addition, following catastrophes, there are sometimes legislative initiatives and court decisions which seek to expand insurance coverage for catastrophe claims beyond the original intent of the policies. Also, our ability to increase pricing to the extent necessary to offset rising costs of catastrophes, particularly in the Personal Insurance segment, requires approval of regulatory authorities of certain states. Our ability or our willingness to manage our catastrophe exposure by raising prices, modifying underwriting terms or reducing exposure to certain geographies may be limited due to considerations of public policy, the evolving political environment, changes in the general economic climate and/or social responsibilities. We also may choose to write business in catastrophe-prone areas that we might not otherwise write for strategic purposes, such as improving our access to other underwriting activities. There are also risks that impact the estimation of ultimate costs for catastrophes. For example, the estimation of reserves related to hurricanes can be affected by the inability to access portions of the impacted areas, the complexity of factors contributing to the losses, the legal and regulatory uncertainties and the nature of the information available to establish the reserves. Complex factors include, but are not limited to: determining whether damage was caused by flooding versus wind; evaluating general liability and pollution exposures; estimating additional living expenses; the impact of demand surge; infrastructure disruption; fraud; the effect of mold damage; business interruption costs; and reinsurance collectability. The timing of a catastrophe’s occurrence, such as at or near the end of a reporting period, can also affect the information available to us in estimating reserves for that reporting period. The estimates related to catastrophes are adjusted as actual claims emerge and additional information becomes available. Exposure to catastrophe losses or actual losses following a catastrophe could adversely affect our financial strength and claims-paying ratings and could impair our ability to raise capital on acceptable terms or at all. Also, as a result of our exposure to catastrophe losses or actual losses following a catastrophe, rating agencies may further increase capital requirements, which may require us to raise capital to maintain our ratings or adversely affect our ratings. A ratings downgrade could hurt our ability to compete effectively or attract new business. In addition, catastrophic events could cause us to exhaust our available reinsurance limits and could adversely impact the cost and availability of reinsurance. Such events can also impact the credit of our reinsurers. For a discussion of our catastrophe reinsurance coverage, see ‘‘Item 1—Business—Reinsurance—Catastrophe Reinsurance.’’ Catastrophic events could also adversely impact the credit of the issuers of securities, such as states or municipalities, in whom we have invested. In addition, coverage in our reinsurance program for terrorism is limited. Although the Terrorism Risk Insurance Program Reauthorization Act of 2007 (the Act) provides benefits in the event of certain acts of terrorism, those benefits are subject to a deductible and other limitations. Under this law, once our losses exceed 20% of our commercial property and casualty insurance premium for the preceding calendar year, the federal government will reimburse us for 85% of our losses attributable to certain acts of terrorism which exceed this deductible up to a total industry program cap of $100 billion. Our estimated deductible under the program is $2.08 billion for 2011. In addition, because the interpretation of this law is untested, there is substantial uncertainty as to how it will be applied to specific circumstances. It is also possible that future legislative action could change the Act. Because of the risks set forth above, catastrophes such as those caused by various natural events or man-made events such as a terrorist attack, including ‘‘unconventional’’ acts of terrorism involving nuclear, biological, chemical or radiological events, could materially and adversely affect our results of operations, financial position and/or liquidity. Further, while we seek to manage our exposure to man-made catastrophic events involving conventional means, there can be no assurance that we would have sufficient resources to respond to claims arising out of one or more man-made catastrophic events involving so-called weapons of mass destruction, including nuclear, biological, chemical or radiological means.

Travelers actually has a section of the 10k devoted to Catastrophe modeling:

CATASTROPHE MODELING

The Company uses various analyses and methods, including computer modeling techniques, to analyze catastrophic events and the risks associated with them. The Company uses these analyses and methods to make underwriting and reinsurance decisions designed to manage its exposure to catastrophic events. In making underwriting and reinsurance decisions for hurricane and earthquake exposures, the Company uses third-party proprietary computer modeling in an attempt to estimate the likelihood that the loss from a single event occurring in a one-year timeframe will equal or exceed a particular amount. The tables below set forth the estimated probabilities that losses from a single event occurring in a one-year timeframe will equal or exceed the indicated loss amounts (expressed in dollars and as a percentage of the Company’s common equity). For example, on the basis described below the tables, the Company estimates that there is a one percent chance that the Company’s loss from a single U.S. hurricane occurring in a one-year timeframe would equal or exceed $1.1 billion, or 5% of the Company’s common equity at December 31, 2010. Dollars (in billions) Single U.S.

The last disclosure does provide good context for their risk level.  And their ability to even disclose this information suggests a likelihood that they may be actually using this information to manage the risk.

Travelers goes on to take the unusual step for a US insurer of actually directly addressing their ERM program in their 10k:

ENTERPRISE RISK MANAGEMENT

As a large property and casualty insurance enterprise, the Company is exposed to many risks. These risks are a function of the environments within which the Company operates. Since certain risks can be correlated with other risks, an event or a series of events can impact multiple areas of the Company simultaneously and have a material effect on the Company’s results of operations, financial position and/or liquidity. These exposures require an entity-wide view of risk and an understanding of the potential impact on all aspects of the Company. It also requires the Company to manage its risk-taking to be within its risk appetite in a prudent and balanced effort to create and preserve value for all of the Company’s stakeholders. This approach to Company-wide risk evaluation and management is commonly called Enterprise Risk Management (ERM). ERM activities involve both the identification and assessment of a broad range of risks and the execution of synchronized strategies to effectively manage such risks. Effective ERM also includes the determination of the Company’s risk capital needs, which takes into account regulatory requirements and credit rating considerations, in addition to economic and other factors. ERM at the Company is an integral part of business operations. All risk owners across all functions, all corporate leaders and the board of directors are engaged in ERM. ERM involves risk-based analytics, as well as reporting and feedback throughout the enterprise in support of the Company’s long-term financial strategies and objectives. The Company uses various methods, including sophisticated computer modeling techniques, to analyze catastrophic events and the risks associated with them. These analyses and methods are used in making underwriting and reinsurance decisions as part of managing the Company’s exposure to catastrophic events. In addition to catastrophe modeling and analysis, the Company also models and analyzes its exposure to other extreme events. These analytical techniques are an integral component of the Company’s ERM process and further support the Company’s long-term financial strategies and objectives. In addition to the day-to-day ERM activities within the Company’s business units, other key internal risk management functions include the Management Committee (comprised of the Company’s Chief Executive Officer and the other most senior members of management), the Enterprise and Underwriting Risk Committees of management, the Credit Committee, the Chief Compliance Officer, the Business Conduct Officer, the Corporate Actuarial group, the Corporate Audit group, the Accounting Policy group, the Enterprise Underwriting group and many others. A senior executive oversees the ERM process. The mission of this executive is to facilitate risk assessment and to collaborate in implementing effective risk management strategies throughout the Company. Another strategic ERM objective of this executive includes working across the Company to enhance effective and realistic risk modeling capabilities as part of the Company’s overall effort to understand and manage its portfolio of risks to be within its risk appetite. Board oversight of ERM is provided by the Risk Committee of the board of directors, which reviews the strategies, processes and controls pertaining to the Company’s insurance operations and oversees the implementation, execution and performance of the Company’s ERM program. The Company’s ERM efforts build upon the foundation of an effective internal control environment. ERM expands the internal control objectives of effective and efficient operations, reliable financial reporting and compliance with applicable laws and regulations, to fostering, leading and supporting an integrated, risk-based culture within the Company that focuses on value creation and preservation. However, the Company can provide only reasonable, not absolute, assurance that these objectives will be met. Further, the design of any risk management or control system must reflect the fact that there are resource constraints, and the benefits must be considered relative to their costs. As a result, the possibility of material financial loss remains in spite of the Company’s significant ERM efforts. An investor should carefully consider the risks and all of the other information set forth in this annual report, including the discussions included in ‘‘Item 1A—Risk Factors,’’ ‘‘Item 7A—Quantitative and Qualitative Disclosures About Market Risk,’’ and ‘‘Item 8—Financial Statements and Supplementary Data.’’

And finally, Travelers does disclose in the list of management that there are two senior executives, out of about 50 listed, with the words “Enterprise Risk Management” as a part of their title.

Reporting on an ERM Program

In a recent post, RISKVIEWS stated six key parts to ERM.  These six ideas can act as the outline for describing an ERM Program.  Here is how they could be used:

1.  Risks need to be diversified.  There is no risk management if a firm is just taking one big bet.

REPORT: Display the risk profile of the firm.  Discuss how the firm has increased or decreased diversification within each risk and between risks in the recent past.  Discuss how this is a result of deliberate risk and diversification related choices of the firm, rather than just a record of what happened as a result of other totally unrelated decisions. 

2.  Firm needs to be sure of the quality of the risks that they take.  This implies that multiple ways of evaluating risks are needed to maintain quality, or to be aware of changes in quality.  There is no single source of information about quality that is adequate.

REPORT:  Display the risk quality of the firm.  Discuss how the firm has increased or decreased risk quality in the recent past and the reasons for those changes.  Discuss how risk quality is changing in the marketplace and how the firm maintains the quality of the risks that are chosen.

3.  A control cycle is needed regarding the amount of risk taken.  This implies measurements, appetites, limits, treatment actions, reporting, feedback.

REPORT:  The control cycle will be described in terms of who is responsible for each step as well as the plans for remediation should limits be breached.  A record of breaches should also be shown.  (Note that a blemish-less record might be a sign of good control or it might simply mean that the limits are ineffectively large.)  Emerging risks should have their own control cycle and be reported as well.

4.  The pricing of the risks needs to be adequate.  At least if you are in the risk business like insurers, for risks that are traded.  For risks that are not traded, the benefit of the risk needs to exceed the cost in terms of potential losses.

REPORT:  For General Insurance, this means reporting combined ratio.  In addition, it is important to show how risk margins are similar to market risk margins.  Note that products with combined ratios over 100% may or may not be profitable if the reserves do not include a discount for interest.  This is accomplished by mark-to-market accounting for investment risks.  Some insurance products have negative value when marked to market (all-in assets and liabilities) because they are sold with insufficient risk margins.  This should be clearly reported, as well as the reasons for that activity.  

5.  The firm needs to manage its portfolio of risks so that it can take advantage of the opportunities that are often associated with its risks.  This involves risk reward management.

REPORT:  Risk reward management requires determining return on risk for all activities as well as a planning process that starts with projections of such and a conscious choice to construct a portfolio of risks.  This process has its own control cycle.  The reporting for this control cycle should be similar to the process described above.  This part of the report needs to explain how management is thinking about the diversification benefits that potentially exist from the range of diverse risks taken.  

6.   The firm needs to provision for its retained risks appropriately, in terms of set asides (reserves or technical provisions) for expected losses and capital for excess losses.

REPORT:  Losses can be shown in four layers, expected losses, losses that decrease total profits, losses that exceed gains from other sources but that are less than capital and losses that exceed capital.  The likelihood of losses in each of those four layers should be described as well as the reasons for material changes.  Some firms will choose to report their potential losses in two layers, expected losses, losses that reach a certain likelihood (usually 99.5% in a year or similar likelihood).  However, regulators should have a high interest in the nature and potential size of those losses in excess of capital.  The determination of the likelihood of losses in each of the four layers needs to reflect the other five aspects of ERM and when reporting on this aspect of ERM, discussion of how they are reflected would be in order.  

Risk Management Success

Many people struggle with clearly identifying how to measure the success of their risk management program.

But they really are struggling with is either a lack of clear objectives or with unobtainable objectives.

Because if there are clear and obtainable objectives, then measuring success means comparing performance to those objectives.

The objectives need to be framed in terms of the things that risk management concentrates upon – that is likelihood and severity of future problems.

The objectives need to be obtainable with the authority and resources that are given to the risk manager.  A risk manager who is expected to produce certainty about losses needs to either have unlimited authority or unlimited budget to produce that certainty.

The most difficult part of judging the success of a risk management program is when those programs are driven by assessments of risk that end up being totally insufficient.  But again the real answer to this issue is authority and budget.  If the assumptions of the model are under the control of the risk manager, that is totally under the risk manager’s control, then the risk manager would be prudent to incorporate significant amounts of margin either into the model or into the processes that use the model for model risk.  But then the risk manager is incented to make the model as conservative as their imagination can make it.  The result will be no business – it will all look too risky.

So a business can only work if the model assumptions are the join responsibility of the risk manager and the business users.

But there are objectives for a risk management program that can be clear and obtainable.  Here are some examples:

1. The Risk Management program will be compliant with regulatory and/or rating agency requirements
2. The Risk Management program will provide the information and facilitate the process for management to maintain capital at the most efficient level for the risks of the firm.
3. The Risk Management program will provide the information and facilitate the process for management to maintain profit margins for risk (pricing in insurance terms) at a level consistent with corporate goals.
4. The Risk Management program will provide the information and facilitate the process for management to maintain risk exposures to within corporate risk tolerances and appetites.
5. The Risk Management program will provide the information and facilitate the process for management and the board to set and update goals for risk management and return for the organization as well as risk tolerances and appetites at a level and form consistent with corporate goals.
6. The Risk Management program will provide the information and facilitate the process for management to avoid concentrations and achieve diversification that is consistent with corporate goals.
7. The Risk Management program will provide the information and facilitate the process for management to select strategic alternatives that optimize the risk adjusted returns of the firm over the short and long term in a manner that is consistent with corporate goals.
8. The Risk Management program will provide information to the board and for public distribution about the risk management program and about whether company performance is consistent with the firm goals for risk management.

Note that the firm’s goals for risk management are usually not exactly the same as the risk management program’s goals.  The responsibility for achieving the risk management goals is shared by the management team and the risk management function.

Goals for the risk management program that are stated like the following are the sort that are clear, but unobtainable without unlimited authority and/or budget as described above:

X1  The Risk Management program will assure that the firm maintains profit margins for risk at a level consistent with corporate goals.

X2  The Risk Management program will assure that the firm maintains risk exposures to within corporate risk tolerances and appetites so that losses will not occur that are in excess of corporate goals.

X3  The Risk Management program will assure that the firm avoids concentrations and achieve diversification that is consistent with corporate goals.

X4  The Risk Management program will assure that the firm selects strategic alternatives that optimize the risk adjusted returns of the firm over the short and long term in a manner that is consistent with corporate goals.

The worst case situation for a risk manager is to have the position in a firm where there are no clear risk management goals for the organization (item 4 above) and where they are judged on one of the X goals but which one that they will be judged upon is not determined in advance.

Unfortunately, this is exactly the situation that many, many risk managers find themselves in.

Reconciling Risk Concerns

From Jean-Pierre Berliet

Discussions with senior executives have suggested that decision signals from ERM would be more credible and that ERM would be a more effective management process if ERM were shown to reconcile the risk concerns of policyholders and shareholders.

Creditors, including policyholders, and rating agencies or regulators whose mission it is to protect creditors, and shareholders are all interested in the financial health of an insurer, but in different ways. Creditors want to be assured that an insurance company will be able to honor its obligations fully and in a timely manner. For creditors, the main risk question is: what is the risk of the business? This is another way to ask whether the company will remain solvent.

Shareholders, however, are interested in the value of the business as a going concern, in how much this value might increase and by how much it might decline. For shareholders, the main risk question is: what is the risk to the business? Shareholders are interested in what ERM can do to increase and protect the value of their investment in a company. While both creditors and shareholders are interested in the tail of the distribution of financial results, as an indicator of solvency risk, shareholders are also very interested in the mean of these financial results and their volatility, which could have an adverse impact on the value of their investment.

Policyholders and shareholders’ views are different but not incompatible: a company could not stay in business if it were not able to persuade regulators that it will remain solvent and should be allowed to keep its license, or obtain from rating agencies a rating suitable for the business it writes.  Its value to investors would be significantly impaired..

Insurers recognize that the main drivers of their risk profile are financial risks, including insurance risk accumulations and concentrations, and the related market risk associated with their investment activities. They understand that resulting risks are best controlled at the point of origination through appropriate controls on underwriting and pricing and through reinsurance and asset allocation strategies that limit the volatility of financial outcomes. Stochastic modeling is being used more broadly by companies to understand how such risks accumulate, interact and develop over time and to evaluate strategies that enhance the stability of outcomes. Capital adequacy is the ultimate defense against severe risk “surprises” from insurance and investment activities. It is of interest to policyholders who want to be certain to collect on their claims, but also to shareholders who want assurance that a company can be viewed as a going concern that will write profitable business in the future.

Methodologies used by rating agencies on behalf of creditors describe in detail how the rating process deals with the three main drivers of a company’s financial position and of the volatility (risk) of this position. In response to rating agency concerns, insurance companies focus on determining how much “economic capital” they need to remain solvent, as a first step toward demonstrating the adequacy of their capital. Analyses they perform involve calculation of the losses they can suffer under scenarios that combine the impact of all the risks to which they are exposed. This “total risk” approach and the related focus on extreme loss scenarios (“high severity/low frequency” scenarios) are central to addressing creditors’ concerns.

To address the solvency concerns of creditors, rating agencies and regulators and the value risk of shareholders, insurance companies need to know their complete risk profile and to develop separate risk metrics for each group of constituents. Knowledge of this risk profile enables them to identify the distinct risk management strategies that they need to maintain high ratings while also protecting the value of their shareholders’ investment. Leading ERM companies have become well aware of this requirement and no longer focus solely on tail scenarios to develop their risk management strategies.

(more…)

Window Dressing

The Wall Street Journal reported today that banks are again very actively doing significant amounts of end out the quarter clean-up that is otherwise known as “window dressing“.

This is a practice that works well, allowing banks to hold capital (figured on their quarter end balance sheets) that is much lower than the risk levels that they are using to create their profits.  This makes them look safer to investors in addition to boosting their ROE.

And while it probably is within the rules of Basel II, it violates the underlying idea behind Pillar 1 and Pillar 3.

The idea behind Pillar 1 is that the banks should hold capital for their risks.  This window dressing practice clearly illustrates one of the major logical flaws in the application of Pillar 1.

To understand the flaw, you need to think for a minute about what the capital is for.  It is not actually for the risks that the bank held during the quarter, nor is it mostly for the risks that happen to be on the balance sheet as of the end of the quarter.  It is primarily to protect the bank in the event of losses form the risks that the banks will be exposed to during the next quarter.  The beginning of quarter balance sheet is being used as a proxy for the risks over the coming quarter.

For a firm that has a highly disciplined risk management process, it would actually make more sense for the firm to hold capital for the RISK LIMITS that it has extended for the coming quarter.  That would be a firm where you could rely upon them to keep their risks within their risk limits for the most part. This makes more sense than holding capital for some arbitrary point in time.  The window dressing proves that point better than any possible theoretical argument.  Besides being the wrong idea, it is subject to easy manipulation.

For firms that are not disciplined in keeping their risks within their risk limits, something higher than the level of capital on their risk limits would be the logical level.  For these firms it would make sense to keep track of the degree to which they exceed their limits (at maximum) and charge them for capital at a level above that.  Say for example 200%.  So if a firm exceeds its risk limits by 10% at maximum in a quarter, their capital for the next quarter would be 120% of the capital needed to support their risk limits for the following quarter.

This check on risk discipline would have several benefits.  It moves the easy possibility of manipulation away from the capital level.  The “legal” window dressing would have to be replaced by fraudulent manipulation of risk reports to fix the capital level.  In addition, disclosure of the degree to which a bank exceeds its risk limit could be disclosed under Pillar 3 and then investors and counterpraties could give their reaction to a bank that cannot control its risks exposures.

In addition, this same logic could be applied to insurers under Solvency II.  There is no reason why insurance regulators need to follow the flawed logic of the banking regulators.

Addendum:  Above I say that the window dressing works well.  That is only partly true.  Sometimes, it does not work at all.  And banks can become stuck with risks and losses from those risks that are far larger than what they had been disclosing.  That happens when markets freeze up.

You see, if many banks are doing the same sorts of window dressing, they all run the risk that there will be too many sellers and not enough buyers for those couple of days at the end of the quarter.  Or maybe just for that one night.  And the freeze is likeliest when the losses are about tho strike.

So in reality, window dressing is not a good plan if you believe that things can ever go poorly.

Dangerous Words

One of the causes of the Financial Crisis that is sometimes cited is an inappropriate reliance on complex financial models.  In our defense, risk managers have often said that users did not take the time to understand the models that they relied upon.

And I have said that in some sense, blaming the bad decisions on the models is like a driver who gets lost blaming it on the car.

But we risk managers and risk modelers do need to be careful with the words that we use.  Some of the most common risk management terminology is guilty of being totally misleading to someone who has no risk management training – who simply relies upon their understanding of English.

One of the fundamental steps of risk management is to MEASURE RISK.

I would suggest that this very common term is potentially misleading and risk managers should consider using it less.

In common usage, you could say that you measure a distance between two points or measure the weight of an object.  Measurement usually refers to something completely objective.

However, when we “measure” risk, it is not at all objective.  That is because Risk is actually about the future.  We cannot measure the future.  Or any specific aspect of the future.

While I can measure my height and weight today, I cannot now measure what it will be tomorrow.  I can predict what it might be tomorrow.  I might be pretty certain of a fairly tight range of values, but that does not make my prediction into a measurement.

So by the very words we use to describe what we are doing, we sought to instill a degree of certainty and reliability that is impossible and unwarranted.  We did that perhaps as mathematicians who are used to starting a problem by defining terms.  So we start our work by defining our calculation as a “measurement” of risk.

However, non-mathematicians are not so used to defining A = B at the start of the day and then remembering thereafter that whenever they hear someone refer to A, that they really mean B.

We also may have defined our work as “measuring risk” to instill in it enough confidence from the users that they would actually pay attention to the work and rely upon it.  In which case we are not quite as innocent as we might claim on the over reliance front.

It might be difficult now to retreat however.  Try telling management that you do not now, not have you ever measured risk.  And see what happens to your budget.

LIVE from the ERM Symposium

(Well not quite LIVE, but almost)

The ERM Symposium is now 8 years old.  Here are some ideas from the 2010 ERM Symposium…

• Survivor Bias creates support for bad risk models.  If a model underestimates risk there are two possible outcomes – good and bad.  If bad, then you fix the model or stop doing the activity.  If the outcome is good, then you do more and more of the activity until the result is bad.  This suggests that model validation is much more important than just a simple minded tick the box exercize.  It is a life and death matter.
• BIG is BAD!  Well maybe.  Big means large political power.  Big will mean that the political power will fight for parochial interests of the Big entity over the interests of the entire firm or system.  Safer to not have your firm dominated by a single business, distributor, product, region.  Safer to not have your financial system dominated by a handful of banks.
• The world is not linear.  You cannot project the macro effects directly from the micro effects.
• Due Diligence for mergers is often left until the very last minute and given an extremely tight time frame.  That will not change, so more due diligence needs to be a part of the target pre-selection process.

• For merger of mature businesses, cultural fit is most important.
• For newer businesses, retention of key employees is key

• Modelitis = running the model until you get the desired answer
• Most people when asked about future emerging risks, respond with the most recent problem – prior knowledge blindness
• Regulators are sitting and waiting for a housing market recovery to resolve problems that are hidden by accounting in hundreds of banks.
• Why do we think that any bank will do a good job of creating a living will?  What is their motivation?
• We will always have some regulatory arbitrage.
• Left to their own devices, banks have proven that they do not have a survival instinct.  (I have to admit that I have never, ever believed for a minute that any bank CEO has ever thought for even one second about the idea that their bank might be bailed out by the government.  They simply do not believe that they will fail. )
• Economics has been dominated by a religious belief in the mantra “markets good – government bad”
• Non-financial businesses are opposed to putting OTC derivatives on exchanges because exchanges will only accept cash collateral.  If they are hedging physical asset prices, why shouldn’t those same physical assets be good collateral?  Or are they really arguing to be allowed to do speculative trading without posting collateral? Probably more of the latter.
• it was said that systemic problems come from risk concentrations.  Not always.  They can come from losses and lack of proper disclosure.  When folks see some losses and do not know who is hiding more losses, they stop doing business with everyone.  None do enough disclosure and that confirms the suspicion that everyone is impaired.
• Systemic risk management plans needs to recognize that this is like forest fires.  If they prevent the small fires then the fires that eventually do happen will be much larger and more dangerous.  And someday, there will be another fire.
• Sometimes a small change in the input to a complex system will unpredictably result in a large change in the output.  The financial markets are complex systems.  The idea that the market participants will ever correctly anticipate such discontinuities is complete nonsense.  So markets will always be efficient, except when they are drastically wrong.
• Conflicting interests for risk managers who also wear other hats is a major issue for risk management in smaller companies.
• People with bad risk models will drive people with good risk models out of the market.
• Inelastic supply and inelastic demand for oil is the reason why prices are so volatile.
• It was easy to sell the idea of starting an ERM system in 2008 & 2009.  But will firms who need that much evidence of the need for risk management forget why they approved it when things get better?
• If risk function is constantly finding large unmanaged risks, then something is seriously wrong with the firm.
• You do not want to ever have to say that you were aware of a risk that later became a large loss but never told the board about it.  Whether or not you have a risk management program.

The Use Test – A Simple Suggestion

Many are concerned about what the “Use Test” will be. Will it be a pop quiz or will companies be allowed to study?

Well, I have a suggestion for a simple and, I believe, fairly foolproof test. That would be for top management (not risk management or modeling staff) to be able to hold a conversation about their risk profile each year.

Now the first time that they can demonstrate that would not be the “Use Test”. It would be the second or third time that would constitute the test.

The conversation would be simple. It would involve explaining the risk profile of the firm – why the insurer is taking each of the major risks, what do they expect to get out of that risk exposure and how are they making sure that the potential losses that they experience are not worse than represented by their risk model. This discussion should include recognition of gross risk before offsets as well as net retained risk.

After the first time, the discussion would include an explanation of the reasons for the changes in the risk profile – did the profile change because the world shifted or did it change due to a deliberate decision on the part of management to take more or less or to retain more or less of a risk.

Finally a third part of the discussion would be to identify the experience of the past year in terms of its likelihood as predicted by the model and the degree to which that experience caused the firm to recalibrate its view of each risk.

To pass the test, management would merely need to have a complete story that is largely consistent from year to year.

Those who fail the test would be making large changes to their model calibration and their story from year to year – stretching to make it look like the model information was a part of management decisions.

Some firms who might have passed before the crisis who should have failed were firms who in successive years told the same story of good intentions with no actions in reducing outsized risks.

For firms who are really using their models, there will be no preparation time needed for this test. Their story for this test will be the story of their firm’s financial management.

Ideally, I would suggest that the test be held publicly at an investor call.

Crisis Pre-Nuptial

What is the reaction of your firm going to be in the event of a large loss or other crisis? 

If you are responsible for risk management, it is very much in your interest to enter into a Crisis Pre-Nuptial. 

The Crisis Pre-Nuptial has two important components. 

1. A protocol for management actions in the event of the crisis.  There is likely a need for there to be a number of these protocols.   These protocols can be extremely valuable, their value will most likely far exceed the entire cost of a risk management function.  Their value comes because they eliminate two major problems that firms face in the event of a crisis or large loss.  First is the deer in the headlights problem – the delay when no one is sure what to do and who is to do it.  That delay can mean that corrective actions are much less effective or much more expensive or both.  Second is the opposite, that too many people take actions, but that the actions are conflicting.  This again increasses costs and decreases effectiveness.  Just as with severe medical emergencies, prompt corrective actions are almost always more likely to have the most favorable results. 
2. Setting up an expectation that the crises and losses either are or are not an expected part of the risks that the firm is taking.  If the firm is taking high risks, but does not expect to ever experience losses, then there is a major disconnect between the two.  Just as a marital pre-nuptial agreement is a conscious acknowledgement that marriages sometimes end in divorce, a Crisis Pre-Nuptial is an acknowledgement that normal business activity sometimes involves losses and crises. 

Risk managers who have a Crisis Pre-Nuptial in place might, just might, have a better chance to survive with their job in tact after a crisis or large loss. 

And if someday, investors and/or boards come to the realization that firms that plan for rainy days are, in the long run, going to be more valuable, the information that is in the Crisis pre-nuptial could be very important information for them.

Why the valuation of RMBS holdings needed changing

Post from Michael A Cohen, Principal – Cohen Strategic Consulting

Last November’s decision by the National Association of Insurance Commissioners (NAIC) to appoint PIMCO Advisory to assess the holdings of non-agency residential mortgage-backed securities (RMBS) signaled a marked change in attitude towards the major ratings agencies. This move by the NAIC — the regulatory body for the insurance industry in the US, comprising the insurance commissioners of the 50 states – was aimed at determining the appropriate amount of risk-adjusted capital to be held by US insurers (more than 1,600 companies in both the life and property/casualty segments) for RMBS on their balance sheets.

Why did the NAIC act?

A number of problems had arisen from the way RMBS held by insurers had historically been rated by some rating agencies which are “nationally recognized statistical rating organizations” (NRSROs), though it is important to note that not all rating agencies which are NRSROs had engaged in this particular rating activity.

RMBS had been assigned (much) higher ratings than they seem to have deserved at the time, albeit with the benefit of hindsight. The higher ratings also led to lower capital charges for entities holding these securitizations (insurers, in this example) in determining the risk-adjusted capital they needed to hold for regulatory standards.

Consequently, these insurance organizations were ultimately viewed to be undercapitalized for their collective investment risks. These higher ratings also led to lower prices for the securitizations, which meant that the purchasers were ultimately getting much lower risk-adjusted returns than had been envisaged (and in many cases losses) for their purchases.

The analysis that was performed by the NRSROs has been strenuously called into question by many industry observers during the financial crisis of the past two years, for two primary reasons:

• The level of analytical due diligence was weak and the default statistics used to evaluate these securities did not reflect the actual level of stress in the marketplace; as a consequence ratings were issued at higher levels than the underlying analytics in part to placate the purchasers of the ratings, and a number of industry insiders observed that this was done.
• Once the RMBS marketplace came under extreme stress, the rating agencies subsequently determined that the risk charges for these securities would increase several fold, materially increasing the amount of risk-adjusted capital needed to be held by insurers with RMBS, and ultimately jeopardizing the companies’ financial strength ratings themselves.

Flaws in rating RMBS

Rating agencies have historically been paid for their rating services by those entities to which they assign ratings (that reflect claims paying, debt paying, principal paying, etc. abilities). Industry observers have long viewed this relationship as a potential conflict of interest, but, because insurers and buyers had not been materially harmed by this process until recently, the industry practice of rating agencies assigning ratings to companies who were paying them for the service was not strenuously challenged.

Further, since the rating agencies can increase their profit margins by increasing their overall rating fees while maintaining their expenses in the course of performing rating analysis, it follows that there is an incentive to increase the volume of ratings issued by the staff, which implies less time being spent on a particular analysis. Again, until recently, the rated entities and the purchasers of rated securities and insurance policies did not feel sufficiently harmed to challenge the process.

(more…)

Moral Hazard

Kevin Dowd has written a fine article titled “Moral Hazard and the Financial Crisis” for the Cato Journal.  Some of his very well articulated points include:

• Moral Hazard comes from the ability for individuals to benefit from gains without having an equal share in losses.  (I would add that that has almost nothing to do with government bailouts.  It exists fully in the compensation of most executives of most firms in most economies. )
• Bad risk model (Gaussian).  That ignore abnormal market conditions. 
• Ignoring the fact that others in the market all have the same risk management strategy and that that strategy does not work for the entire market at once. 
• Mark to Model where model is extremely sensitive to assumptions. 
• Using models that were not designed for that purpose. 
• Assumption of continuously liquid markets. 
• Risk management system too rigid, resulting in easy gaming by traders. 
• “the more sophisticated the [risk management] system, the more unreliable it might be.”
• Senior management was out of control.  (and all CEOs are paid as if they were above average!)
• Fundamental flaw in Limited Liability system.  No one has incentive to put a stop to this.  Moral Hazard is baked into the system.

Unfortunately, there are two flaws that I see in his paper. 

First, he misses the elephant in the room.  The actual exposure of the financial system to mortage loan losses in the end was over 400% of the amount of mortgages.  So without the multiplication of risk that happened under the guise of risk spreading had not happened, the global financial crisis would have simply been a large loss for the banking sector and other investors.  However, with the secret amplification of risk that happened with the CDO/CDS over the counter trades, the mortgage crisis became a depression sized loss, exceeding the capital of many large banks. 

So putting all of the transactions out in the open may have gone a long way towards allowing the someone to react intelligently to the situation.  Figuring out a way to limit the amount of the synthetic securities would probably be a good idea as well.  Moral Hazard is a term from insurance that is important to this situation.  Insurable interest in one as well. 

The second flaw of the paper is the standard Cato line that regulation should be eliminated.  In this case, it is totally outrageous to suggest that the market would have applied any discipline.  The market created the situation, operating largely outside of regulations. 

So while I liked most of the movie, I hated the ending. 

We really do need a Systemic Risk Regulator.  And somehow, we need to create a system so that 50 years from now when that person is sitting on a 50 year track record of no market meltdowns, they will still have enough credibility to act against the mega bubble of those days.

RISK USA Conference – October 2009

Many, many good questions and good ideas at the RISK USA conference in New York.  Here is a brief sampling:

• Risk managers are spending more time showing different constituencies that they really are managing risk.
• May want to change the name to “Enterprise Uncertainty Management”
• Two risk managers explained how their firms did withdraw from the mortgage market prior to the crisis and what sort of thinking by their top management supported that strategy
• Now is the moment for risk management – we are being asked for our opinion on a wide range of things – we need to have good answers
• Availability of risk management talent is an issue.  At both the operational level and the board level. 
• Risk managers need to move to doing more explaining after better automating the calculating
• Group think is one of the major barriers of good risk management
• Regulators tend to want to save too many firms.  Need to have a middle path that allows a different sort of resolution of a troubled firm than bankrupcy.
• Collateral will not be a sufficient solution to risks of derivatives.  Collateral covers only 30 – 50% of risk
• No one has ever come up with a theory for the level of capital for financial firms.  Basel II is based upon the idea of keeping capital at about the same level as Basel I. 
• Disclosure of Stress tests of major banks last Spring was a new level of transparency. 
• Banking is risky. 
• Systemic Risk Regulation is impossibly complicated and doomed to failure. 
• Systemic Risk Regulation can be done.  (Two different speakers)
• In Q2 2007, the Fed said that the sub-prime crisis is contained.  (let’s put them in charge)
• Having a very good system for communicating was key to surviving the crisis.  Risk committees met 3 times per day 7 days per week in fall 2008. 
• Should have worked out in advance what do do after environmental changes shifted exposures over limits
• One firm used ratings plus 8 additional metrics to model their credit risk
• Need to look through holdings in financial firms to their underlying risk exposures – one firm got red of all direct exposure to sub prime but retained a large exposure to banks with large sub prime exposure
• Active management of counterparties and information flow to decision makers of the interactions with counter parties provided early warning to problems
• Several speakers said that largest risk right now is regulatory changes
• One speaker said that the largest Black Swan was another major terrorist attack
• Next major systemic risk problem will be driven primarily by regulators/exchanges
• Some of structured markets will never come back (CDO squareds)
• Regret is needed to learn from mistakes
• No one from major firms actually went physically to the hottest real estate markets to get an on the ground sense of what was happening there – it would have made a big difference – Instead of relying solely on models. 

Discussions of these and other ideas from the conference will appear here in the near future.

The Glass Box Risk Model

I learned a new term today “The Glass Box Risk Model” from a post by Donald R. van Deventer,

Glass Boxes, Black Boxes, CDOs and Grocery Lists

You can read what he has to say about it.  I just wanted to pass along the term “Glass Box.”

A Glass Box Risk Model is one that is exactly the opposit of a Black Box.  With a Black Box Model, you have no idea what is going on inside.  WIth a Glass Box, you can see everything inside.

Something is needed, however, in addition to transparency, and that is clarity.  To use the physical metaphor further, the glass box could easily be crammed with so, so much complicated stuff that it is only transparent in name.  The complexity acts as a shroud that keeps real transparency from happening.

I would suggest that argues for separability of parts of the risk model.  The more different things that one tries to cram into a single model, the less likely that it is separable or truely transparent.

That probably argues against any of the elegance that modelers sometimes prize.  More code is probably preferable to less if that makes things easier to understand.

For example, I give away my age, but I stopped being a programmer about the time when actuaries took up APL.  But I heard from everyone who ever tried to assign maintenance of an APL program to someone other than the developer, that APL was a totally elegant but totally opaque programming language.

But I would suggest that the Glass Box should be the ideal for which we strive with our models.

An Al-Chet for Risk Managers:

From James McCallum

I was not strong enough to stand up to my boss

I put selfish gain ahead of ethical considerations

I falsified or hid data to conceal results

I failed to be objective

My risk model was too subjective

I ignored warning signs

I was in over my head

I did not understand all the risk factors

I failed to get an outside opinion

I was beholden to monetary gain

I was victim to group think

I placed institutional interest before ethical considerations

I failed to admit I was wrong

I was not honest with regulators

I was not honest with shareholders

I looked the other way

I failed to act

I conveniently overlooked infractions

I turned a blind eye to irregularities

I made exemptions

I did not understand the depth of the problem

I know there are many more.

Please help me to uncover, understand, make right and overcome.

Shalom

From

Audit, Risk & Controls Community Blog

Black Swan Free World (1)

On April 7 2009, the Financial Times published an article written by Nasim Taleb called Ten Principles for a Black Swan Free World. Let’s look at them one at a time…

1. What is fragile should break early while it is still small. Nothing should ever become too big to fail. Evolution in economic life helps those with the maximum amount of hidden risks – and hence the most fragile – become the biggest.

It does seem safer to that fragile things break when they are small.  Unfortunately, what seems to have happened was that big things were permitted to become fragile.  So large things need to be encouraged to avoid becoming fragile.  It is hard to imagine why such encouragement might be needed.  For something to be large, it is usually very valuable. (Unless it is a US auto manufacturer)  And most sane people work very hard to protect their valuable possessions.  And most of the people who are engaged to run large firms are sane people who would be expected to avoid fragility as well.

So one explanation that fits the facts is that almost everyone did not know that the large firms were fragile.

Which leads to the third sentence.  The easy conclusion is that the risks of the big banks were hidden.  Some they hid themselves – such as all of the off balance sheet risks.  Other risks was hidden even from them.

And fortune favors those with hidden risks because they will hold capital based upon the visible risks and report profits from the actual risks.

So how do we solve the riddle? How do we make sure that large organizations do not become fragile?

The only sensible answer seems to be that there needs to be better risk assessment, probably independent reliable risk assessment.

And because of the extreme complexity of the larger firms, the resources applied to this independent assessment need to be quite substantial.

Time will be required for a thorough risk assessment.  It is unlikely that a good job could be done in time for a financial statement, unless the independent assessors are working inside the institutions with full knowledge of positions at all times.

The second sentence suggests that the risk assessments should have a negative size bias- the larger the firm the more risk would be assumed.  There seems to be some talk in that direction from the regulators.  But the thing that will put that to an abrupt end will be if one or more of the countries with major international banks fails to adopt the same sort of anti-size bias, tilting competition in the favor of their banks.

What can a risk manager take from this?  For assessing investment risk, it may make sense for risk models to take a sector, rather than an index or ratings approach to looking at investment risk.  The financial sector tends to lead the real economy in timing and severity of downturns.  More robust modeling may reveal better strategies for investing that reflect the real risks in financial firms.

And finally, the risk manager should really question whether it ever makes sense to invest in financials unless their risk disclosures become much, much better.  There was really no hint to investors that the large banks had built up so much risk.  Why, from a risk management point of view, does it make any sense to make an investment that you cannot find out the nature or extent of the underlying risks or any usable information about when that risk materially changes.

Black Swan Free World (10)

Black Swan Free World (9)

Black Swan Free World (8)

Black Swan Free World (7)

Black Swan Free World (6)

Black Swan Free World (5)

Black Swan Free World (4)

Black Swan Free World (3)

Black Swan Free World (2)

DISLOCATION

Guest post from Mike Cohen

http://www.cohenstrategicconsulting.com/index.php

Dislocation: dis-lo-ca-tion (\,dis-(,)lō-’ka-shən): a disruption of an established order

The financial world has undergone a dislocation of epic proportions, one that is rivaled by only two such situations in our lifetimes: the Great Depression and to a lesser magnitude the interest spike and related chain of events of the early 1980’s. Financial institutions, and even more profoundly the world financial order, have been found to be standing on foundations of sand, and dynamics/financial behaviors/paradigms/systems that we took for granted are not effective, or at the very least stumbling along in a state of disarray and confusion.

As our ‘rose-colored glasses’ (spawned by over-optimism, greed, laziness, ignorance and unjustified trust) have been taken away and replaced with optical devices fitted with Coke-bottle lenses with Vaseline smeared on them, we are confronted with the critical endeavor of recreating nothing less than our way of life and arguably the most important underpinning of it, our financial system.

Our World Has Changed: This dislocation is different and more troubling than any other in history, in large part because it almost triggered the collapse of the world’s financial system.  The crisis we are faced with today was caused by widespread business practices where society’s hard learned lessons were ignored:

–       The financial system is based on trust (in people, in the system itself), and the resulting belief that it works; there has been a considerable amount of activity that almost any observer would describe as untrustworthy

–       Accurate, objective analysis is critical

–       Greed kills, sooner or later

Joseph Schumpeter, the famous Czechoslovakian economist, observed in the 1920’s:

Capitalism moves forward following a process of creative destruction. Inevitable cycles of expansion and retraction are not only survivable but are in fact the secret of capitalism’s extraordinary power to inspire innovation and progress.”

It would be completely inaccurate to describe the financial crisis that has occurred as the result of ‘creative destruction’. The root causes of this crisis are much darker.

How did we get to where we are?

–       Unjustifiably easy credit was offered to homebuyers who very logically couldn’t have been expected to be able to service their mortgage loans.  A substantial price bubble was created and inevitably burst, as many have before it, but this time the entire American society was hurt badly as opposed to individual investors in past bubbles.

–       Asset managers making ambitious claims about investment returns they said they couldn’t possibly achieve, and others committing outright fraud

–       Rating analysts not adequately analyzing securities, causing them to be overrated and underpriced

–       Investment bankers and others facilitating transactions built on elements that had not been properly vetted, and which have turned out to have crushing levels of risk and unforeseen financial liabilities

Macro Issues Abounded:

– The banking system almost collapsed, and may have had it not been for considerable government intervention, which has raised a host of other profound issues. An enormous amount of bad loans were made as the result of capricious underwriting, leading to huge amounts of bad assets on banks’ books and causing a paralyzing level of fear for making further loans.

– The financial markets ‘froze’. The flow of capital slowed to a trickle because lenders did not believe that borrowers were credit-worthy; ironically, the thought process evolved from lending money to anybody to lending money to no one. The markets are just beginning to thaw, a year later.

– Complicated financial instruments confused and overwhelmed the system, creating enormous risk. Counterparties, partners in transactions, did not understand these vehicles they were buying and selling (and in many cases how their counterparts were managing their own enterprises) … and the risks they were taking on. A certain notorious business operation has long held the notion that “Be close to your friends, and closer to your enemies”.

– The real estate market plunged into its worst cycle in decades, and possibly ever. This collapse was caused by a number of dynamics:

* Selling housing/making loans to individuals or companies whose financial positions were not strong enough to service their financial obligations

– The rating agencies have been called to task over their role in the current situation, and a number of vexing questions have been raised:

* How are they analyzing companies and investment vehicles?

* How are they to be paid for their rating services? Are there conflicts of interest imbedded in their client relationships?

* How will they be operating going forward?

* How will they be regulated?

– Consumer attitudes have been more negative than ever since they began being monitored in the 1960’s, although recently they have improved marginally as economic and financial stabilization is beginning to occur.  The widespread view is that the current situation is beyond a cyclical downturn and is perceived as a failure of the system. Uncertainty about the financial system, rising unemployment, restricted credit, and a depressed housing market have all contributed to plummeting consumer sentiment.

– Government responses in the form of rescue programs of various types are beginning to fix the problems within the financial system (banks and insurers) and key industries (automotive), and are gradually beginning to calm fears. Substantial efforts to revise the nation’s financial services regulatory infrastructure are underway, conceived to both address current issues and create a more shock-free system in the future. A number of vexing problems have arisen, however, that will be very difficult to solve:

* Well intentioned programs to interject capital to troubled sectors of the economy have been slow to take effect

* Massive budget deficits are building, which will lead to substantial debt servicing obligations in the future and consequentially depressed economic growth

* The government owns stakes in huge corporations (with the implication of socialistic-type government in the United States, for crying out loud!), and is being perceived as making broad decisions on which corporations will survive or fail.

* Understanding that things that can go wrong (either known or unknown), and making sure the adverse affects do not cause crippling and irreversible harm

* A fundamental question begging to be asked is “how did so many elements of this financial disaster occur that had aspects and implications of risk that no one either understood or quantified anywhere close to properly, or didn’t bother to look at?”

The Black Swan Test

Many commentators have suggested that firms need to do stress tests to examine their vulnerability to adverse situations that are not within the data set used to parameterize their risk models. In the article linked below, I suggest the adoption of a terminology to describe stress tests and also a methodology that can be adopted by any risk model user to test and
communicate a test of the stability of model results. This method can be called a Black Swan test. The terminology would be to set one Black Swan equal to the most adverse data point. A one Black Swan stress test would be a test of a repeat of the worst event in the data set. A two Black Swan stress test would
be a test of experience twice as adverse as the worst data point.

So for credit losses for a certain class of bonds, if the historical period worst loss was 2 percent, then a 1BLS stress test would be a 2 percent loss, a 4 percent loss a 2BLS stress test, etc.

Article

Further, the company could state their resiliency in terms of Black Swans. For example:

Tests show that the company can withstand a 3.5BLS stress test for credit and a 4.2BLS for equity risk and a simultaneous 1.7BLS credit and equity stress.

Similar terminology could be used to describe a test of model stability. A 1BLS model stability test would be performed by adding a single additional point to the data used to parameterize the model. So a 1BLS model stability test would involve adding a single data point equal to the worst point in the data set. A 2BLS test would be adding a data point that is twice as bad as the worst point.