Archive for the ‘Interest Rate Risk’ category

ERM in a Low Interest Rate Environment

June 14, 2011

(Excerpts from presenation at Riskminds USA)

A discussion of how the current low interest rate environment impacts choices for (1) interest rate risk, (2) other risks and (3) Enterprise Risk Management.
How an insurer might react to low interest rates depends to a large extent on risk taking strategy and their point of view about interest rate risk.  There are four primary strategies for interest rate risk:
  • Minimize Risk
    • The Classic ALM approach is designed to minimize risk.  Duration mismatch is a measure of the degree to which you failed to achieve risk minimization.  Most ALM programs allow for an acceptable level of mismatch which might be an operational risk acceptance or it might be an option to take some interest rate risk tactically.  Risk is evaluated compared to Zero (matched position).
  • Accumulate Risk
    • The classic approach of banks to interest rate risk is to accumulate it.  The Japan carry trade is an interest rate accumulation trade.  Life Insurers usually Accumulate Mortality Risk.  Non-Life Insurers usually Accumulate attritional Risks  Accumulation of risk usually means that there is no limit to the amount of the risk that may be taken if it is priced right.  Risk is evaluated compared to expected cost using Utility theory – accept risk if expected value >0.
  • Manage Risk
    • The New ERM approach to Risk is to Manage Risk by looking at Risk vs. Reward for the portfolio of risks including diversification effects.  Taking a Strategic or Tactical approach to making choices – Return Targets “Over the Cycle” or “Every Year”.  Risk is evaluate with an Economic Capital model.  Risk means increase in total enterprise Economic Capital.
  • Diversify Risk
    • Many firms pay attention to diversification, but few make it the cornerstone to their ERM.  Firms focused on diversification will accumulate a risk as long as it does not come to dominate their risk profile and if it is expected to be profitable, often taking a purely  Tactical approach to which risks that they will accumulate.  They may not even have a chosen Long Term Strategic view of most risks.  They evaluate each risk in comparison to other risks of the enterprise.  The target is to have no single large risk concentration.
There are two aspects of Point of View that you need to be clear about:
  • Long Term Strategic vs. Short Term Tactical
    • You might ignore both and imply avoid a risk
    • You might ignore Strategic and take risks tactically that might not make sense in the long run
    • You might Strategically decide to take a risk and ignore Tactical which means you take the risk no matter the environment
    • You might pay attention to both and always take the risk but vary the amount of the risk
  • Going Concern vs. Going out of Business
    • Classic ALM (and Economic Capital models) use a “going out of business” model
    • But the “Going Concern” model is much more complicated and requires assumptions about future business and should include a going out of business assumption
With these questions resolved a company can go about setting their strategy for interest rate risk taking in a low interest environment.
To do that they may want to look at three scenarios:
·Scenario 1 – Interest Rates stay low
·Scenario 2 – Interest Rates increase slowly
·Scenario 3 – Interest Rates increase quickly
For each scenario, look at the implications for both interest rate risk as well as all of the other aspects of their risk profile and their business strategy.  If a scenario shows results that are unacceptable, then the planners and risk managers need to develop strategies to avoid or mitigate the projected problem, should that scenario come to pass as well as triggers for initiating those activities should the scenario appear imminent.

A Risk Management Classic

May 20, 2010

I had occasion recently to search the Basel website to try to document the history of their involvement in risk management. 

The oldest document that is still available there that has the term Risk Management in its title is July 1994, Risk Management Guidelines for Derivatives.  That matches up with my impression that modern risk management can be traced back to the efforts of banks and banking supervisors to contain the risks associated with derivatives trading that had lead to several blow-ups in the early 1990’s. 

But the first real classic is the next oldest document on the Basel website,  Principles for the management of interest rate risk, from September 1997.  That document clearly lays out the structure and process for a full scale risk management system.  If you take that link, it will tell that the 1997 document has been superceded.  But if you look at the 2004 update and the 1997 original, you will see that they have added lots of details and lost most of the clarity to the original.  So if you want trees, take the 2004 version, if you want forest, like me, you would prefer the original 1997 version. 

What I particularly liked about the original is that it really wasn’t about interest rate risk at all.  It really captured the essence of risk management and applied that essence to interest rate risk.  Therefore, I believe that the document can easily be used as a guide to building a risk management system for any risk. 

The document is built around 1o Principles:

The role of the board and senior management

Principle 1: In order to carry out its responsibilities, the board of directors in a bank should approve strategies and policies with respect to interest rate risk management and ensure that senior management takes the steps necessary to monitor and control these risks. The board of directors should be informed regularly of the interest rate risk exposure of the bank in order to assess the monitoring and controlling of such risk.
 Principle 2: Senior management must ensure that the structure of the bank’s business and the level of interest rate risk it assumes are effectively managed, that appropriate policies and procedures are established to control and limit these risks, and that resources are available for evaluating and controlling interest rate risk.
Principle 3: Banks should clearly define the individuals and/or committees responsible for managing interest rate risk and should ensure that there is adequate separation of duties in key elements of the risk management process to avoid potential conflicts of interest. Banks should have risk measurement, monitoring and control functions with clearly defined duties that are sufficiently independent from position-taking functions of the bank and which report risk exposures directly to senior management and the board of directors. Larger or more complex banks should have a designated independent unit responsible for the design and administration of the bank’s interest rate risk measurement, monitoring and control functions.

Policies and procedures

Principle 4: It is essential that banks’ interest rate risk policies and procedures be clearly defined and consistent with the nature and complexity of their activities. These policies should be applied on a consolidated basis and, as appropriate, at the level of individual affiliates, especially when recognising legal distinctions and possible obstacles to cash movements among affiliates.
 Principle 5: It is important that banks identify the risks inherent in new products and activities and ensure these are subject to adequate procedures and controls before being introduced or undertaken. Major hedging or risk management initiatives should be approved in advance by the board or its appropriate delegated committee.

Measurement and monitoring system

 
Principle 6: It is essential that banks have interest rate risk measurement systems that capture all material sources of interest rate risk and that assess the effect of interest rate changes in ways that are consistent with the scope of their activities. The assumptions underlying the system should be clearly understood by risk managers and bank management.
 Principle 7: Banks must establish and enforce operating limits and other practices that maintain exposures within levels consistent with their internal policies.
Principle 8: Banks should measure their vulnerability to loss under stressful market conditions – including the breakdown of key assumptions – and consider those results when establishing and reviewing their policies and limits for interest rate risk.
Principle 9: Banks must have adequate information systems for measuring, monitoring, controlling and reporting interest rate exposures. Reports must be provided on a timely basis to the bank’s board of directors, senior management and, where appropriate, individual business line managers. 

Internal controls

Principle 10: Banks must have an adequate system of internal controls over their interest rate risk management process. A fundamental component of the internal control system involves regular independent reviews and evaluations of the effectiveness of the system and, where necessary, ensuring that appropriate revisions or  enhancements to internal controls are made. The results of such reviews should be available to the relevant supervisory authorities. 

 



 
  

 

I would generalize these with very simple editing.  Here is Generalized Principle 1:

Principle 1: In order to carry out its responsibilities, the board of directors in a firm should approve strategies and policies with respect to  risk management and ensure that senior management takes the steps necessary to monitor and control these risks. The board of directors should be informed regularly of the  risk exposure of the firm in order to assess the monitoring and controlling of such risk.

This was done by simply deleting 2 instances of the words “interest rate” and exchanging the word “firm” for the word “bank”. 

This mindless editing can be done to almost every one of the 10 principles and the result is not just usable, but is a very clear and basic guideline for any risk management program. 

That is what makes this a classic.

Managed Risk Taking

May 12, 2010

Is your ALM system a risk management system or is ALM a process at your firm for managed risk taking?

It appears that banks and insurers both use the term ALM to refer to the process that they use with interest rate change risk.  But in general, banks are using ALM as a part of a managed risk taking system, while insurers are most often using ALM as a risk management system.

The difference is in the acceptable targets.  Insurers most often have a target for matching of assets and liabilities to within a 0.50 tolerance in difference in duration for example.  The tolerance is most often justified as a practical consideration, allowing the managers of the ALM system to avoid making too many expensive small moves and to gently steer the portfolio into the matched situation.

Banks will have a much larger mismatch allowance.  A part of the basic business of banks is to borrow funds short term and to lend them long term.  There is a significant duration mismatch embedded into their business model.  The ALM managers are there to make sure that the interest rate risk does not grow beyond those tolerances.  The bank should be setting the limit for mismatch to a level of loss that they can afford.

It is fascinating that for the most part, insurers who are generally buy and hold risk takers are unwilling to take advantage of the generally upward sloping yield curve in anywhere near the level that banks are.  Insurers tend to look at their risks as good risks and bad risks and to avoid any exposure to the bad risks if possible.  Interest rate change risk is seen as a bad risk, probably because (a) there us no underwriting, no selection involved and (b) the risk is totally uncontrollable.

Insurers like risks where they can develop an expertise of underwriting the risk, selecting the better risks over the worse risks.  Interest rate risk, at least within economies has no specific risk component.  If there was underwriting involved, that underwriting would be trying to figure out the forces that drive interest rates up and down.  And that is very difficult to do.

The interest rate change risk is totally uncontrollable because there is no claims management.  There is a major subjective, personal element in the form of the central bankers setting the rates at the short end.  The rates at the long end are driven by both supply and demand as well as by inflation assumptions.  So to get interest rates risht, one would need to read the minds of the central bankers, predict the need for funding and the amount of capital available at various rate levels for various terms as well as the expectations of the market for inflation.  Good luck.

There is another difference between banks and insurers that perhaps explains the difference in strategies.  THe banks are usually able to get their money on a short term basis, paying the low short term interest rates.  Insurers, on the other hand usually get their funds for a longer term.  They may not always need to promise a long term interest rate, but they usually want to keep their customers for the long term, so they want to make plans to pay interest rates at a level consistent with long term.

And if you follow yield curves over time, you will notice that the steepest and most reliable part of the yield curve is at the very short end of the curve.  At the middle of the curve, there is not always an upward slant that is large enough to justify the risk of a significant mismatch, not is it reliable enough to build your business off of it.

So maybe the two segments have it right for their situations.  Banks can have their managed risk taking system while insurers need their risk management system.

Assumptions Embedded in Risk Analysis

April 28, 2010

The picture below from Dour VanDemeter’s blog gives an interesting take on the embedded assumptions in various approaches to risk analysis and risk treatment.

But what I take from this is a realization that many firms have activity in one or two or three of those boxes, but the only box that does not assume away a major part of reality is generally empty.

In reality, most financial firms do experience market, credit and liability risks all at the same time and most firms do expect to be continuing to receive future cashflows both from past activities and from future activities.

But most firms have chosen to measure and manage their risk by assuming that one or two or even three of those things are not a concern.  By selectively putting on blinders to major aspects of their risks – first blinding their right eye, then their left, then by not looking up and finally not looking down.

Some of these processes were designed that way in earlier times when computational power would not have allowed anything more.  For many firms their affairs are so very complicated and their future is so uncertain that it is simply impractical to incorporate everything into one all encompassing risk assessment and treatment framework.

At least that is the story that folks are most likely to use.

But the fact that their activity is too complicated for them to model does not seem to send them any flashing red signal that it is possible that they really do not understand their risk.

So look at Doug’s picture and see which are the embedded assumptions in each calculation – the ones I am thinking of are the labels on the OTHER rows and columns.

For Credit VaR – the embedded assumption is that there is no Market Risk and that there is no new assets or liabilities (business is in sell-off mode)

For Interest risk VaR – the embedded assumption is that there is no credit risk nor new assets or liabilities (business is in sell-off mode)

For ALM – the embedded assumption is that there is no credit risk and business is in run-off mode.

Those are the real embedded assumptions.  We should own up to them.

Burn out, Fade Away …or Adapt

February 27, 2010

When I was a kid in the 1960’s, I was sick and tired of how much time on TV and movies was taken up with stories of WWII.  Didn’t my parent’s generation get it?  WWII was ancient history.  It was done.  Move on.  Join the real world that was happening now.

From that statement, you can tell that I am a Boomer.  But I am already sick and tired of how much ink and TV and movies and Web time is devoted to the passing of the world as the Boomers remember the golden age of our youth.  Gag me.  Am I going to have to hear this the entire rest of my life?  Get over it.  Move on.  Live in the current world.

Risk managers need to carefully convey that message to the folks who run their companies as well.  What ever way the world was in the “Glory Days” of the CEO or Business Unit manager’s career, things are different.  Business is different.  Risks are different.  Strategies and companies must adapt.  Adapt, Burn Out or Fade Away are the choices.  Better to Adapt.

I saw this happen once before in my career.  Interest rates steadily rose from the late 1940’s through the early 1980’s.  A business strategy that emphasized amassing cash, locking in a return promise and investing it in interest bearing instruments could show a steady growth in profits almost every single year without too much difficulty.  Then suddenly in the mid-1980’s that didn’t work anymore.  Interest rates went down more than up for a decade and have since stayed low.  Firms either adapted, burned out or faded away.

We have just concluded a (thankfully) brief period of massive financial destruction and are in an uncertain period.  When we come out of this uncertainty, some of the long held strategies of firms will not work.  Risks will be different.

The risk manager needs to be one of the voices that helps to make sure that this is recognized.

In addition, the risk manager needs to recognize that one or many of the risk models that were used to assess risk in past periods will no longer work well.  The risk manager needs to stand ready to adapt or fade away.

And the models need to be calibrated to the new world, not the old.  Calibrating to include the worst of the recent past might seem like prudent risk management, but it may well not be realistic.  If the world reverts to a reasonable growth pattern, the next such event may well not happen for 75 years.  Does your firm really need to avoid exposures to the sorts of things that lost money in 2008 for 75 years?  Or would that mean forgoing most of the business opportunities of that period?

Getting the correct answers to those questions will mean the different between Growth, burn out or fading away for your firm.

Any Road Will Do

February 20, 2010

Is what the Cheshire Cat told Alice.  Since she did not know where she was going.

And unfortunately, that is where the European Bank Supervisors seem to be regarding Risk Management.  They just published a short paper entitled “High level principles for risk management”, which despite the lofty title gives very little clear guidance at a high level.   I will instead point you to something along the same lines that WAS well written that DOES represent actual principles of risk management.  I refer you to the BIS report in Interest Rate Risk Management from 1997.  Their 11 top principles are listed below.

A. The role of the board and senior management

Principle 1: In order to carry out its responsibilities, the board of directors in a bank should approve interest rate risk management policies and procedures, and should be informed regularly of the interest rate risk exposure of the bank.

Principle 2: Senior management must ensure that the structure of the bank’s business and the level of interest rate risk it assumes are effectively managed, that appropriate policies and procedures are established to control and limit these risks, and that resources are available for evaluating and controlling interest rate risk.
Principle 3: Banks should have a risk management function with clearly defined duties that reports risk exposures directly to senior management and the board of directors and is sufficiently independent from the business lines of the bank. Larger or more
complex banks should have units responsible for the design and administration of the bank’s interest rate risk management system.

B. Policies and procedures

Principle 4: It is essential that banks’ interest rate risk policies and procedures be clearly defined and consistent with the nature and complexity of their activities. These policies should address the bank’s exposures on a consolidated basis and, as appropriate, also at the level of individual affiliates.

Principle 5: It is important that banks identify the risks inherent in new products and activities and ensure these are subject to adequate procedures and controls before being introduced or undertaken. Major hedging or risk management initiatives should be approved in advance by the board or its appropriate delegated committee.

C. Measurement and monitoring system

Principle 6: It is essential that banks have interest rate risk measurement systems that capture all material sources of interest rate risk and that assess the effect of interest rate changes in ways which are consistent with the scope of their activities. The assumptions underlying the system should be clearly understood by risk managers and bank management.
Principle 7: Banks must establish and enforce operating limits and other practices that maintain exposures within levels consistent with their internal policies.

Principle 8: Banks should measure their vulnerability to loss under stressful market conditions – including the breakdown of key assumptions – and consider those results when establishing and reviewing their policies and limits for interest rate risk.

Principle 9Banks must have adequate information systems for monitoring and reporting interest rate exposures to senior management and boards of directors on a timely basis.

D. Independent controls

Principle 10: Banks must have adequate internal controls for their interest rate risk management process and should evaluate the adequacy and integrity of those controls periodically. Individuals responsible for evaluating control procedures must be independent of the function they are assigned to review.

Principle 11: Banks should periodically conduct an independent review of the adequacy and integrity of their risk management processes. Such reviews should be available to relevant supervisory authorities.

These principles are so universal that you will find that if you simply substitute the name of any other risk for the words “interest rate” in the sentences above, you will still have an excellent list of risk management principles.  In fact, just substitute the words “Bank”  or even “Insurer” for interest rate above and you now have a complete and coherent set of PRINCIPLES FOR RISK MANAGEMENT.

The most puzzling thing to me is that this BIS report has long been superseded by something with wording much more like the meandering and fuzzy report of the CEBS.  Don’t take my word for it, the newest version of this BIS interest rate risk management paper is available on their website.  Compare the wording of that report to these crystal clear principles and let me know where you see any improvements.

Does Bloomberg Understand Anything about Risk Management?

December 18, 2009

On December 18, Bloomberg posted a story about losses on interest rate swaps at Harvard.   The story says that in 2004, Harvard entered into long term swaps to lock in future rates for planned borrowing.  That seems like ok risk management.  But as it happened, interests did not rise, they fell.  So the hedge was not needed.  They type of hedging strategy that they chose had no initial cost.  The cost of risk management was incurred only if the hedged event did not happen.   If interest rated did risk, then the swaps would have resulted in a gain so that Harvard’s costs were limited to a predetermined amount.  If Interest rates fell, then Harvard would pay on the swaps, but save on the interest costs, bring the sum of interest paid on their borrowing and the swap payments to a fixed predetermined total in all cases.

However, Bloomberg chooses to say is this way:

Harvard was betting in 2004 that interest rates would rise by the time it needed to borrow.

The bulk of the story is about how Harvard lost their “bet” and how much money that they lost because they lost the “bet” when interest rates fell, and Harvard had to postpone their planned borrowing.

No wonder it is difficult for firms to disclose any information about actual risk management actions and plans.  If a reasonable, but not perfect risk management action is seen as a “bet”, rather than a move to stablize interest costs.

Every risk management action will have a cost.  Harvard’s real bad move, similar to the one by Soc Gen in January 2008, the choice to lock in losses, and at the worst time.  Interest rates cannot go below zero, so there is absolutely no reason to get out of those swaps, unless their cashflow was so, so poor that they had no way to pay the monthly interrest swap amount (even though they somehow had the cash to settle all of the swaps, presumably paying the present value of the long term swap amounts as viewed at a time ov very low interest rates).

Their other bad move was to fail to hedge the possibility that they would not even do the project and therefore not need the hedge.  To identify how to hedge that situation, they would have had to do some scenario testing of scenarios of extreme losses in their endownment that would have resulted in the situation that they now find themselves.  That analysis should have resulted in some far out of the money hedges on the investments in Harvard’s portfolio.  And the fact that much of their portfolio may be unhedegable should have been a warning about the wisdom of making forward committments like the swaps that presume that the endownment will not tank.

Seeing how wrongheaded the coverage of the transactions was, Harvard probably felt that they had long term reputational risk from paying the monthly payments.

Alternately, if as the article says, the swap markets are so much more liquid at periods for up to 3 years, they why didn’t they enter into trades to reverse the first 3 years of the payments?

No matter what the market says right this minute, I find it hard to believe that interest rates for Harvard will never again reach 4.72% that the swaps were locking in as the rate.

But that is not the point.  The point is that Bloomberg reports Risk Management as a “bet” implying that lack of risk management is not a “bet”.

But, how many companies are implicitly taking a “bet” that the future will never get worse than the present by not hedging anything?

Why is that NEVER a story?


%d bloggers like this: