Must have more than one View of Risk

Riskviews finds the headline Value-at-Risk model masked JP Morgan $2 bln loss to be totally appalling. JP Morgan is of course famous for having been one of the first large banks to use VaR for daily risk assessment.

During the late 1980’s, JP Morgan developed a firm-wide VaR system. This modeled several hundred risk factors. A covariance matrix was updated quarterly from historical data. Each day, trading units would report by e-mail their positions’ deltas with respect to each of the risk factors. These were aggregated to express the combined portfolio’s value as a linear polynomial of the risk factors. From this, the standard deviation of portfolio value was calculated. Various VaR metrics were employed. One of these was one-day 95% USD VaR, which was calculated using an assumption that the portfolio’s value was normally distributed.
With this VaR measure, JP Morgan replaced a cumbersome system of notional market risk limits with a simple system of VaR limits. Starting in 1990, VaR numbers were combined with P&L’s in a report for each day’s 4:15 PM Treasury meeting in New York. Those reports, with comments from the Treasury group, were forwarded to Chairman
Weatherstone.                        from History of Value-at-Risk:1922-1998 by Glyn Holten

JP Morgan went on to spin off a group, Riskmetrics, who sold the capability to do VaR calculations to all comers.

Riskviews had always assumed that JP Morgan had felt safe selling the VaR technology because they had moved on to something better.

But the story given about the $2 billion loss suggests that they were flubbing the measurement of their exposure because of a new risk measurement system.

Riskviews would suggest two ideas to JP Morgan:

1. A firm that makes its money taking risks should never rely upon a single measure of risk.  See Risk and Light and the CARE Report for further information.
2. The folks responsible for risk evaluation need to apply some serious standards for their work.  Take a look at the first attempt of the actuarial profession of standards for professionals performing risk evaluation in ERM programs.  This proposed standard suggests many things, but the most important idea is that a professional who is evaluating risk should look at three things: the risk taking capacity of the firm, the risk environment and the risk management program of the firm.

These are fundamental principles of risk management.  Not the only ones, but principles that speak to the problem that JP Morgan claims to have.

Advertisement

The Danger of Optimization

RISKVIEWS was recently asked “How do insurers Optimize Risk and Reward?”

The response was “That is dangerous. Why do you want to know that?” You see, a guru must always answer a question with a question. And in this case, RISKVIEWS was being treated as a guru.

Optimizing risk and reward is dangerous because it is done with a model.  Not all things that use a model are dangerous.  But Optimizing is definitely dangerous.

One definition of optimizing is

“to make as perfect as possible.”

Most often, optimization means taking maximum possible advantage of the diversification effect.  You will often hear someone talking about the ability to add risk without adding capital.  Getting a free ride on risk.

There are two reasons that optimizing ends up being dangerous…

1. The idea of adding risk without adding capital is a misunderstanding.  Adding risk always adds risk.  It may well not add to a specific measure of risk because of either size or correlation or both, but the risk is there.  The idea that adding a risk that is low correlation with the firm’s predominant risk is a free ride will sooner or later seep into the minds of the people who ultimately set the prices.  They will start to think that it is just fine to give away some or all of the risk premium and eventually to give up most of the risk margin because there is thought to be no added risk.  This free risk idea will also lead to possibly taking on too much of that uncorrelated risk.  More than one insurer has looked at an acquisition of a large amount of the uncorrelated risk where the price for the acquisition only makes sense with a diminished risk charge.  But with the acquisition, the risk becomes a major concentration of loss potential and suddenly, the risk charge is substantial.
2. In almost all cases, the best looking opportunities, based on the information that you are getting out of the model are the places where the model is in error, where the model is missing one or more of the real risks.  Those opportunities will look to have unusually fat risk premiums. To the insurer with the incorrect model, those look like extra margin.  This is exactly what happened with the super senior tranches of sub prime mortgage securities.  If you believed the standard assumption that house prices would never go down, there was no risk in the super senior, but they paid 5 – 10 bps more than a risk free bond.

The reliance on a model for optimization is dangerous.

That does not mean that the model is always dangerous.  The model only becomes dangerous when there is undue reliance is placed upon the exact accuracy of the model, without regard for model error and/or parameter uncertainty.

The proper use of the model is Risk Steering.  The model helps to determine the risks that should be held steady, which risks would be good to grow (as long as the environment stays the same as what the model assumes) and which risk to reduce.

Time to Ban RISK FREE!

Perhaps the very act of declaring something a RISK FREE ASSET guarantees that it will not be such. 

Underneath that declaration of RISK FREE is a presumption that the RISK FREE entity can absorb an unlimited amount of debt.  When in fact, the thing that we are seeing over and over again is that it is the debt itself that causes the risk!

In insurance, if insurers allowed someone to insure a building that they own for five times its value in the event of a fire, we all understand that a fire becomes highly likely.

In banking, it is also a basic tenet of lending that if you lend someone much, much more than they could ever possibly repay, that they will not repay.  But in banking, we have let the concept of RISK FREE creep into our heads and let that overcome the basic tenet about lending and repayment.  Banks are actually encouraged to put more of their money into RISK FREE securities to make them more secure.  But in the case of both the sub prime and the sovereign crises, the problem comes from assets that were improperly designated RISK FREE.

But what if it is the designation of RISK FREE itself that leads to the problems?

In the US Life insurance sector, the regulators provide a Risk Based Capital (RBC) regime.  It assigns a level of capital based upon the regulators understanding of the risk of various activities.  Most life insurance products at the time of the creation of the RBC regime in the early 1990’s involved a guarantee from the general account of the insurer to the beneficiaries of the insureds.  Life insurers traditionally took large amounts of credit risk to support those guarantees.  The RBC originally was focused first on the largest risk of the life insurers, credit.

Variable Annuities did not involve a guarantee from the general account and were therefore considered RISK FREE.  Many insurers wrote that business and did not attribute any capital because the products were RISK FREE.  From the start, insurers paid a fixed commission to brokers who wrote the business.  Insurers did not directly charge the customers for those commissions, but instead recovered those payments from the accounts over time.  Later, life insurers started to also add guarantees from the general account of the benefits from the variable annuities.  The variable annuities were still considered to be RISK FREE so there was still no RBC charge.

It was not a surprise that valuable risk protection that was highly underpriced was attractive to buyers and these products became very heavy sellers for a dozen or more companies.  So much so that attempts to later change the RBC to require proper capital amounts for the product were potentially critically damaging to some of those firms. Eventually, when the financial crisis hit, some of those dozen insurers that wrote large amounts of these products were looking for help from the TARP program

So perhaps we should be rethinking this concept of RISK FREE.   When the activity deemed as RISK FREE starts to become risky, it starts (or in the case of the sub prime backed CDOs always) pays a higher return than the lowest risk activities.  When the denominator for RISK FREE is zero or very near zero, very tiny amounts of excess returns from growing risk of the activity which is now designated RISK FREE in error will look to be fantastically profitable.  A firm that is trying to optimize its return on capital will shift as much activity as possible into the improperly designated assets class.

As long as there is a RISK FREE class, there will be an incentive to shift as much activity as possible into any security in that class that is misclassified. 

And because the capital requirements for risk free are zero, there is no limit to how much banks can move into that class.  They actually look good if they leverage up to increase activity in RISK FREE.

We need to stop even saying that any class of investments is RISK FREE.  As we see where that idea has led us, we need to leave it in the universities where it belongs and keep it out of the business world.  They can keep it on a shelf right next to their bottles of perfect vacuum and along side their frictionless surfaces.  That is where it belongs.

In the real world, there are no RISK FREE assets.  The capital requirements need to be floored with a positive number and graded up with the level of returns.  The market really is telling us something about risk when returns are higher, not about the brilliance of the companies that are able to find the misclassified RISK FREE investments.

 

You Must Abandon All Presumptions

If you really want to have Enterprise Risk Management, then you must at all times abandon all presumptions. You must make sure that all of the things to successfully manage risks are being done, and done now, not sometime in the distant past.

A pilot of an aircraft will spend over an hour checking things directly and reviewing other people’s checks.  The pilot will review:

• the route of flight
• weather at the origin, destination, and enroute.
• the mechanical status of the airplane
• mechanical issues that may have been improperly logged.
• the items that may have been fixed just prior to the flight to make certain that system works
• the flight computer
• the outside of the airplane for obvious defects that may have been overlooked
• the paperwork
• the fuel load
• the takeoff and landing weights to make sure that they are within limits for the flight

Most of us do not do anything like this when we get into our cars to drive.  Is this overkill?  You decide.

When you are expecting to fly somewhere and there is a last minute delay because of something that seems like it should have really been taken care of, that is likely because the pilot finds something that someone might normally PRESUME was ok that was not.

Personally, as someone who takes lots and lots of flights, RISKVIEWS thinks that this is a good process.  One that RISKVIEWS would recommend to be used by risk managers.

THE NO PRESUMPTION APPROACH TO RISK MANAGEMENT

Here are the things that the Pilot of the ERM program needs to check before taking off on each flight.

1.  Risks need to be diversified.  There is no risk management if a firm is just taking one big bet.

2.  Firm needs to be sure of the quality of the risks that they take.  This implies that multiple ways of evaluating risks are needed to maintain quality, or to be aware of changes in quality.  There is no single source of information about quality that is adequate.

3.  A control cycle is needed regarding the amount of risk taken.  This implies measurements, appetites, limits, treatment actions, reporting, feedback

4.  The pricing of the risks needs to be adequate.  At least if you are in the risk business like insurers, for risks that are traded.  For risks that are not traded, the benefit of the risk needs to exceed the cost in terms of potential losses.

5.  The firm needs to manage its portfolio of risks so that it can take advantage of the opportunities that are often associated with its risks.  This involves risk reward management.

6.   The firm needs to provision for its retained risks appropriately, in terms of set asides (reserves) for expected losses and capital for excess losses.

A firm ultimately needs all six of these things.  Things like a CRO, or risk committees or board involvement are not on this list because those are ways to get these six things.

The Risk Manager needs to take a NO PRESUMPTIONS approach to checking these things.  Many of the problems of the financial crisis can be traced back to presumptions that one or more of these six things were true without any attempt to verify.

Looking at Risk through a Telescope, Reading Glasses or a Wide Angle Lens

Risk managers need to be looking at the risks that may nibble away at the firm, risks that may deliver swift killing blows as well as risks that will slowly strangle the firm.

Risk managers need to use the Telescope to look for risks that are remote.  The Emerging Risks.  Those risks may be tiny specks in the far distance.  The risk manager may need to use their imagination to see what harm those tiny specs might do.  They need to arrange things appropriately to prepare for the day when the speck might turn into a real threat.  The firms who use the telescope to view those risks will be able to take the actions far in advance that will make their eventual defense against the risk more effective and economical.

Risk managers also need to use the Reading Glasses to look at the fine details of the things that go by each and every day.  By a careful detailed review, the risk manager may find cracks in the structure or activity that appeared very sturdy up until then.  They can take actions to patch those cracks and to look for alternatives.

Risk managers should also look with a wide angle lens for risks coming at them.  The wide angle lens allows them to see risks coming at them from every direction.  When the risk manager crosses the one way street, they will often quickly look in the “wrong” direction to make sure that nothing is coming from that direction either.  They know that risk is not bound by any rules.  In fact, risk is often most dangerous when it moves directly in the opposite direction that the rules would have you think to look.

Risk managers who have built up processes with a fixed focus that look in only the directions that are required will find that the largest risks are not going to congregate in the spots where they have focused.

Risks will move out of those bright spots where the risk managers are focusing into the dark.  And they will move closer and closer and get larger and larger as long as no one looks at them.

Leave Something on the Table

What was the difference between the banks and insurers with high tech risk management programs that did extremely poorly in the GFC from those with equally high tech risk management programs who did less poorly?

One major difference was the degree to which they believed in their models.  Some firms used their models to tell them exactly where the edge of the cliff was so that they could race at top speed right at the edge of the cliff.  What they did not realie was that they did not know, nor could they know the degree to which the edge of that cliff was sturdy enough to take their weight.  Their intense reliance on their models, most often models that focused like a lazer on the most important measure of risk, left other risks in the dark.  And those other risks undermined the edge of the cliff.

Others with equally sophisticated models were not quite so willing to believe that it was perfectly safe right at the edge of the cliff.  They were aware that there were things that they did not know.  Things that they were not able to measure.  Risks in the dark.  They took the information from their models about the edge of the cliff and they decided to stay a few steps away from that edge.

They left something on the table.  They did not seek to maximize their risk adjusted returns.  Maximizing risk adjusted return in the ultimate sense involved identifying the opportunity with the highest risk adjusted return and taking advantage of that opportunity to the maximum extent possible, then looking to deploy remaining resources to the second highest risk adjusted return and so on.

The firms who had less losses in the crisis did not seek to maximize their risk adjusted return.

They did not maximize their participation in the opportunity with the highest risk adjusted return.  They spread their investments around with a variety of opportunities.  Some with the highest risk adjusted return choice and other amounts with lesser but usually acceptable return opportunities.

So when it came to pass that everyone found that their models were totally in error regarding the risk in that previously top opportunity, they were not so concentrated in that possibility.

They left something on the table and therefore had something left at the end of that round of the game.

Not About Capital

The reality is that regulatory capital requirements, no matter how much we try to refine them, will always be a blunt tool.  Certainly they should not create the wrong incentives, but we cannot micromanage firm behavior through regulatory capital requirements.  There are diminishing returns to pursuing precision in regulatory capital requirements.

Terri Vaughan, NAIC

These remarks were made in Europe recently by the lead US regulator of the insurance industry.  In Europe, there has never been a regulatory capital requirement that was risk related.  But the Europeans have been making the discussion all about capital for about 10 years now in anticipation of their first risk based capital regime, Solvency II.

The European assumption is that if they follow as closely as possible the regulatory regime that has failed so spectacularly to control the banking system, Basel II, then everything will be under control.

The idea seems to be that if you concentrate, really concentrate, on measuring risk, then insurance company management will really take seriously the idea of managing risk.   Of course, that conclusion is also based upon the assumption that if you really, really concentrate on measuring risk that you will get it right.

But the Law of Risk and Light tells us that our risk taking systems will lead us to avoid the risk in the light and to load up on the risk in the dark.

That means the risks that are properly measured by the risk based capital regulatory system will be managed.

But whatever risks that are not properly measured will come to predominate the system.  The companies that take those risks will grow their business and their profits faster than the companies that do not take those poorly measured risks.

And if everyone is required to use the same expensive risk measurement system, very, very few will invest the additional money to create alternate measures that will see the flaws in the regulatory regime.

The banking system had a flaw.  And many banks concentrated on risks that looked good in the flawed system but that were actually rotten.

What is needed instead is a system that concentrates on risk controlling.  A firm first needs a risk appetite and second needs a system that makes sure that their risks stay within their appetite.

Under a regulatory risk capital system, the most common risk appetite is that a firm will maintain capital above the regulatory requirement.  This represents a transfer of the duty of management and the board onto the regulator.  They never need to say how much risk that they are willing to take.  They say instead that they are in business to satisfy the regulator with regard to their risk taking.

The capital held by the firm should depend upon the firm’s risk appetite.  The capital held should support the risk limits allowed by the board.

And the heart of the risk control system should be the processes that ensure that the risk stays within the limits.

And finally, the limits should not be a part of a game that managers try to beat.  The limits need to be an extremely clear expression of the fundamental way that the firm wants to conduct business.  So any manager that acts in a way that is contrary to the fundamental goals of the firm should not continue to have authority to direct the activities of the firm.

Death by Solvency

Another great post by  Maggid.

It seems that Solvency II is perfectly designed to reproduce the conditions that led US banks to believe that they were impervious to risks.  They and the regulators believed that they knew what they were doing with regard to Risks and Risk Management.

In 2004, the US Federal Reserve allowed investment banks to cut their capital levels by 2/3, tripling their potential leverage!  Not to worry, they knew how to manage risk.

European insurers are all being told that they need to have economic capital models to manage risks.  A few firms have had these models for more than five years now.  Those models tell us that those firms can reduce their capital by a third or more.

But everyone leaves out of their thinking two important things that will always happen.

The first is called the Peltzman effect by economists.  John Adams calls it the Risk Thermostat effect.  In both cases, it means that when people feel risk decreasing due to safety measures, they often respond by increasing the riskiness of their behaviors.  So the success of Solvency II will make some firms feel safer and some of them will take additional risks because of that.

The second effect is what I call the Law of Risk and Light.  That says that you will accumulate risks wherever you are not looking out for them.  So anywhere that there is a flaw in the Economic Capital model, the activity that accentuates that flaw will look like the best, most desirable business to be in.

But read Maggid’s post.  He provides some actual analysis to support his argument.

Comprehensive Actuarial Risk Evaluation

The new CARE report has been posted to the IAA website this week.CARE_EN

It raises a point that must be fairly obvious to everyone that you just cannot manage risks without looking at them from multiple angles.

Or at least it should now be obvious. Here are 8 different angles on risk that are discussed in the report and my quick take on each:

1. MARKET CONSISTENT VALUE VS. FUNDAMENTAL VALUE   –  Well, maybe the market has it wrong.  Do your own homework in addition to looking at what the market thinks.  If the folks buying exposure to US mortgages had done fundamental evaluation, they might have noticed that there were a significant amount of sub prime mortgages where the Gross mortgage payments were higher than the Gross income of the mortgagee.
2. ACCOUNTING BASIS VS. ECONOMIC BASIS  –  Some firms did all of their analysis on an economic basis and kept saying that they were fine as their reported financials showed them dying.  They should have known in advance of the risk of accounting that was different from their analysis.
3. REGULATORY MEASURE OF RISK  –  vs. any of the above.  The same logic applies as with the accounting.  Even if you have done your analysis “right” you need to know how important others, including your regulator will be seeing things.  Better to have a discussion with the regulator long before a problem arises.  You are just not as credible in the middle of what seems to be a crisis to the regulator saying that the regulatory view is off target.
4. SHORT TERM VS. LONG TERM RISKS  –  While it is really nice that everyone has agreed to focus in on a one year view of risks, for situations that may well extend beyond one year, it can be vitally important to know how the risk might impact the firm over a multi year period.
5. KNOWN RISK AND EMERGING RISKS  –  the fact that your risk model did not include anything for volcano risk, is no help when the volcano messes up your business plans.
6. EARNINGS VOLATILITY VS. RUIN  –  Again, an agreement on a 1 in 200 loss focus is convenient, it does not in any way exempt an organization from risks that could have a major impact at some other return period.
7. VIEWED STAND-ALONE VS. FULL RISK PORTFOLIO  –  Remember, diversification does not reduce absolute risk.
8. CASH VS. ACCRUAL  –  This is another way of saying to focus on the economic vs the accounting.

Read the report to get the more measured and complete view prepared by the 15 actuaries from US, UK, Australia and China who participated in the working group to prepare the report.

LIVE from the ERM Symposium

(Well not quite LIVE, but almost)

The ERM Symposium is now 8 years old.  Here are some ideas from the 2010 ERM Symposium…

• Survivor Bias creates support for bad risk models.  If a model underestimates risk there are two possible outcomes – good and bad.  If bad, then you fix the model or stop doing the activity.  If the outcome is good, then you do more and more of the activity until the result is bad.  This suggests that model validation is much more important than just a simple minded tick the box exercize.  It is a life and death matter.
• BIG is BAD!  Well maybe.  Big means large political power.  Big will mean that the political power will fight for parochial interests of the Big entity over the interests of the entire firm or system.  Safer to not have your firm dominated by a single business, distributor, product, region.  Safer to not have your financial system dominated by a handful of banks.
• The world is not linear.  You cannot project the macro effects directly from the micro effects.
• Due Diligence for mergers is often left until the very last minute and given an extremely tight time frame.  That will not change, so more due diligence needs to be a part of the target pre-selection process.

• For merger of mature businesses, cultural fit is most important.
• For newer businesses, retention of key employees is key

• Modelitis = running the model until you get the desired answer
• Most people when asked about future emerging risks, respond with the most recent problem – prior knowledge blindness
• Regulators are sitting and waiting for a housing market recovery to resolve problems that are hidden by accounting in hundreds of banks.
• Why do we think that any bank will do a good job of creating a living will?  What is their motivation?
• We will always have some regulatory arbitrage.
• Left to their own devices, banks have proven that they do not have a survival instinct.  (I have to admit that I have never, ever believed for a minute that any bank CEO has ever thought for even one second about the idea that their bank might be bailed out by the government.  They simply do not believe that they will fail. )
• Economics has been dominated by a religious belief in the mantra “markets good – government bad”
• Non-financial businesses are opposed to putting OTC derivatives on exchanges because exchanges will only accept cash collateral.  If they are hedging physical asset prices, why shouldn’t those same physical assets be good collateral?  Or are they really arguing to be allowed to do speculative trading without posting collateral? Probably more of the latter.
• it was said that systemic problems come from risk concentrations.  Not always.  They can come from losses and lack of proper disclosure.  When folks see some losses and do not know who is hiding more losses, they stop doing business with everyone.  None do enough disclosure and that confirms the suspicion that everyone is impaired.
• Systemic risk management plans needs to recognize that this is like forest fires.  If they prevent the small fires then the fires that eventually do happen will be much larger and more dangerous.  And someday, there will be another fire.
• Sometimes a small change in the input to a complex system will unpredictably result in a large change in the output.  The financial markets are complex systems.  The idea that the market participants will ever correctly anticipate such discontinuities is complete nonsense.  So markets will always be efficient, except when they are drastically wrong.
• Conflicting interests for risk managers who also wear other hats is a major issue for risk management in smaller companies.
• People with bad risk models will drive people with good risk models out of the market.
• Inelastic supply and inelastic demand for oil is the reason why prices are so volatile.
• It was easy to sell the idea of starting an ERM system in 2008 & 2009.  But will firms who need that much evidence of the need for risk management forget why they approved it when things get better?
• If risk function is constantly finding large unmanaged risks, then something is seriously wrong with the firm.
• You do not want to ever have to say that you were aware of a risk that later became a large loss but never told the board about it.  Whether or not you have a risk management program.

Risk Management in 2009 – Reflections

Perhaps we will look back at 2009 and recall that it is the turning point year for Risk Management.  The year that boards ans management and regulators all at once embraced ERM and really took it to heart.  The year that many, many firms appointed their first ever Chief Risk Officer.  They year when they finally committed the resources to build the risk capital model of the entire firm.

On the other hand, it might be recalled as the false spring of ERM before its eventual relegation to the scrapyard of those incessant series of new business management fads like Management by Objective, Managerial Grid, TQM, Process Re-engineering and Six Sigma.

The Financial Crisis was in part due to risk management.  Put a helmet on a kid on a bicycle and they go faster down that hill.  And if the kid really doesn’t believe in helmets and they fail to buckle to chin strap and the helmet blows off in the wind, so much the better.  The wind in the hair feels exhilarating.

The true test of whether the top management is ready to actually DO risk management is whether they are expecting to have to vhange some of their decisions based upon what their risk assessment process tells them.

The dashboard metaphor is really a good way of thinking about risk management.  A reasonable person driving a car will look at their dashboard periodically to check on their speed and on the amount of gas that they have in the car.  That information will occasionally cause them to do something different than what they might have otherwise done.

Regulatory concentration on Risk Management is. on the whole, likely to be bad for firms.  While most banks were doing enough risk management to satisfy regulators, that risk management was not relevant to stopping or even slowing down the financial crisis.

Firms will tend to load up on risks that are not featured by their risk assessment system.  A regulatory driven risk management system tends to be fixed, while a real risk management system needs to be nimble.

Compliance based risk management makes as much sense for firms as driving at the speed limit regardless of the weather, road conditions or the conditions of the car’s breaks and steering.

Many have urged that risk management is as much about opportunities as it is about losses.  However, that is then usually followed by focusing on the opportunities and downplaying the importance of loss controlling.

Preventing a dollar of loss is just as valuable to the firm as adding a dollar of revenue.  A risk management loss controlling system provides management with a methodology to make that loss prevention a reliable and repeatable event.  Excess revenue has much more value if it is reliable and repeatable.  Loss control that is reliable and repeatable can have the same value.

Getting the price right for risks is key.  I like to think of the right price as having three components.  Expected losses.  Risk Margin.  Margin for expenses and profits.  The first thing that you have to decide about participating in a market for a particular type of risk is whether the market in sane.  That means that the market is realistically including some positive margin for expenses and profits above a realistic value for the expected losses and risk margin.

Most aspects of the home real estate and mortgage markets were not sane in 2006 and 2007.  Various insurance markets go through periods of low sanity as well.

Risk management needs to be sure to have the tools to identify the insane markets and the access to tell the story to the real decision makers.

Finally, individual risks or trades need to be assessed and priced properly.  That means that the insurance premium needs to provide a positive margin for expenses and profits above the realistic provision for expected losses and a reasonable margin for risk.

There were two big hits to insurers in 2009.  One was the continuing problems to AIG from its financial products unit.  The main lesson from their troubles ought to be TANSTAAFL.  There ain’t no such thing as a free lunch.  Selling far out of the money puts and recording the entire premium as a profit is a business model that will ALWAYS end up in disaster.

The other hit was to the variable annuity writers.  In their case, they were guilty of only pretending to do risk management.  Their risk limits were strange historical artifacts that had very little to do with the actual risk exposures of the firm.  The typical risk limits for a VA writer were very low risk retained from equities if the potential loss was due to an embedded guarantee and no limit whatsoever for equity risk that resulted in drops in basic M&E revenue.  A typical VA hedging program was like a homeowner who insured every item of his possessions from fire risk, but who failed to insure the house!

So insurers should end the year of 2009 thinking about whether they have either of those two problems lurking somewhere in their book of business.

Are there any “far out of the money” risks where no one is appropriately aware of the large loss potential ?

Are there parts of the business where risk limits are based on tradition rather than on risk?

Have a Happy New Year!

Black Swan Free World (7)

On April 7 2009, the Financial Times published an article written by Nassim Taleb called Ten Principles for a Black Swan Free World. Let’s look at them one at a time…

7. Only Ponzi schemes should depend on confidence. Governments should never need to “restore confidence”. Cascading rumours are a product of complex systems. Governments cannot stop the rumours. Simply, we need to be in a position to shrug off rumours, be robust in the face of them.

Hyman Minsky’s Financial Instability Hypothesis talks about the financial markets working in three regimes, Hedge, Speculative and Ponzi.   Under Hedge financing, investments generally have sufficient cashflow to pay both principle and interest.  Under Speculative financing, investments generally have cashflows sufficient to pay interest, but depend upon rolling over financing to continue.  Ponzi financing does not have sufficient cashflows to pay either interest or principle.  Ponzi financing requires that values will increase enough to pay both principle and interest to repay financing.

Speculative financing requires a belief that the value of the collateral will be stable to justify future refinancing or rolling over of the financing.  That belief could be called confidence.

Ponzi financing requires a belief that the value of collateral will grow faster than the interest rate charged.  That belief requires a significantly higher amount of confidence.

There are several other levels that a financial business could operate.  For example, the value of the collateral could be viewed in terms, not of its current value, but of its value in an adverse scenario.  A very conservative lender could then make sure that each investment used that adverse value as the actual amount of collateral granted.  In that situation, the investor does not want to rely upon the belief that the asset value will be stable.  A significantly more aggressive investor will want to make sure that their portfolio in total adjusts the value of collateral for the possible loss in an adverse situation, allowing for the effects of diversification in the portfolio.

Credit practices in the US have drifted against the path of having the borrower put up cash for that difference between adverse value and current value.  Instead, practice has changed so that the lender will hold capital against that adverse scenario and charge the borrowed the cost of holding that capital.

What has changed with that drift, is who will bare the losses in the adverse scenario.  That has shifted from the borrower to the lender.  So the loan transaction has changed from a simple credit transaction to a combined credit and asset value insurance transaction.  (Which makes me wonder if the geniuses who thought of this thought to charge appropriately for the insurance or if they just believed that if the market bought it when they securitized it, then the price must be right.)

This will look different from the former loan business where the borrowed bore the asset value risk because the lender will have fluctuations in their balance sheet when the adverse scenarios hit and the collateral value falls below the loan value.  And that is exactly what we are seeing right now.

In addition, as we are seeing now, when there is a extremely severe drop in the value of collateral, having the banks hold the risk of the decline in collateral value, then a drop in the collateral will have a significant impact on bank capital.  The impact on bank capital may have a major impact on the bank’s ability to lend which will impact on all of the rest of the economy that had no connection to the impaired asset class.

So to Taleb’s point about confidence,  it seems that he is stating that lending practices should revert to their prior level where collateral was valued under an adverse scenario.  Then there will be little if any confidence involved in the lending business.  And less chance that a steep drop in any one asset class will spill over to the rest of the economy.

So the dividing line would be that the financial firms that could be subject to future government bailouts would need to value collateral pessimistically and to avoid loans that are not fully collateralized.

Sounds SAFE.

But here is the problem with that proposal…

If any other firms, outside of that restriction are permitted to lend in the same markets, business will ultimately shift to those institutions.  They will be able to offer better loan terms and larger loans for the same collateral AND in most years, they will show much higher profits.

Bad risk management will drive out good.  The institutions that take the most optimistic view of risk, those who have the most confidence, will drive the firms with the more pessimistic view (whether that is their own view or the view imposed by the regulators) out of the market.

And then when the next crisis hits, regulators will find that the business has shifted to the non-regulated firms and they they will instead need to bail them out, unless they make it illegal for non-regulated firms to do any of the kinds of finance that is related to a government’s need to bailout.

Then the bank would almost always have real collateral and any drop in confidence could be resolved by assigning that collateral over to someone with cash and settling any needs for cash that the lack of confidence creates.

Taleb is not clear however whether he is referring to banks or the financial system in general or to the government with his statement.  The discussion above is about banks.

Trying to think about this idea in the context of the entire financial system, I wonder if he was suggesting a return to the gold standard.  When there was a gold standard, there was no need for confidence in the currency.  If you stay with the current currency regime, then the confidence idea, I suppose, relates to the question of inflating the currency.  If the government does seem to consistently hold the money supply at a reasonable level in proportion to the economy, then there will not be a problem.  However, I cannot think of any way of looking at the floating currency system that does not REQUIRE confidence that the government will hold inflation in check.

Applying the idea to the government, I would also say that confidence is required there as well.  A government that could be counted on to fund fully for spending programs would instill confidence, but there could be no surity, especially under the US system where the next congress could immediately trample on the good record of a all preceding governments.

Black Swan Free World (10)

Black Swan Free World (9)

Black Swan Free World (8)

Black Swan Free World (7)

Black Swan Free World (6)

Black Swan Free World (5)

Black Swan Free World (4)

Black Swan Free World (3)

Black Swan Free World (2)

Black Swan Free World (1)

Gresham’s Law of Risk Management

Those who do not see a risk will drive those who see the risk out of the market.

Gresham’s law is of course “bad money will drive out good.” Its application to risk can be stated as the above and is well known to many market participants even though they might not have named it. Many business managers will blame their lack of success in a market to fools who are inappropriately undercutting their price and losing money doing so. For the most part, in most markets, participants are price takers, not price makers.
If someone comes into a market and wants to take a risk at half the going rate, then there is a new going rate. Market participants who do see the risk can take the new going price or withdraw.

From this you can infer that there is no benefit to better modeling of risk if it results in a significantly higher value for the risk.  Simple techniques should be used to broadly size a risk to see if your view of the risk puts you near the market or not.  Then if you are near to the market, you can spend the time and money to more carefully evaluate the risk.

It makes no sense to spend lots of time an money carefully evaluating a risk that you will not be seeing because someone who is more optimistic, or someone who does not see that risk at all will be writing all of that business.

Law of Risk & Light

Risk management is all about making conscious decisions about risk taking.  Fully recognizing the potential losses that could result from a risky undertaking.  But in many camps, risk management is being simplified and simplified to a point where it may well mislead CEOs and Boards about the potential effectiveness of an oversimplified risk management regime.

These simplified risk management regimes are often in violation of the Law.  The Law of Risk and Light…

Risks in the light shrink, Risks in the dark grow
Return for Risks in the light shrinks faster than risk
Return for Risks in the dark does not grow as fast as risk

What this means is that risks that are visible to the market (in the light) will be managed by the market. The degree of uncertainty around the risk will shrink. With decreased uncertainty, the risk premium will shrink. With broad comfort, demand will rise; with increased demand, risk premium will shrink further.

Risks in the dark are risks that are not visible or known to the market. If the market charges little or nothing for a risk, then those who are aware of the risk will bring more and more of that risk to market. And if the market continues to be unaware of a risk, then more and more extreme versions of the risk will be brought to market, the risk will grow.
As the risks grow and grow, that growth might be noticed faintly by the market as a shadow of a risk. Some market participants are canny enough to know that if someone really wants to do a transaction, then a higher price for that transaction is probably in order, even if they do not fully understand the underlying reasons.

This law is as fundamental to risk management as supply and demand is fundamental to micro economics.  Any risk management actions that are taken or planned without recognition of the risks that may be in the dark initially could end up to be as flawed as management without consideration of risk.

Risk & Light was the winner of the Practical Paper Award at the 2009 Enterprise Risk Management Symposium

VaR is not a Bad Risk Measure

VaR has taken a lot of heat in the current financial crisis. Some go so far as to blame the financial crisis on VaR.

But VaR is a good risk measure. The problem is with the word RISK. You see, VaR has a precise definition, RISK does not. There is no way that you could possible measure an ill defined idea as RISK with a precise measure.

VaR is a good measure of one aspect of RISK. Is measures volatility of value under the assumption that the future will be like the recent past. If everyone understands that is what VaR does, then there is no problem.

Unfortunately, some people thought that VaR measured RISK period. What I mean is that they were led to believe that VaR was the same as RISK. In that context VaR (and any other single metric) is a failure. VaR is not the same as RISK.

That is because RISK has many aspects. Here is one partial list of the aspects of risk:

Type A Risk – Short Term Volatility of cash flows in 1 year
Type B Risk – Short Term Tail Risk of cash flows in 1 year
Type C Risk – Uncertainty Risk (also known as parameter risk)
Type D Risk – Inexperience Risk relative to full multiple market cycles
Type E Risk – Correlation to a top 10
Type F Risk – Market value volatility in 1 year
Type G Risk – Execution Risk regarding difficulty of controlling operational losses
Type H Risk – Long Term Volatility of cash flows over 5 or more years
Type J Risk – Long Term Tail Risk of cash flows over 5 years or more
Type K Risk – Pricing Risk (cycle risk)
Type L Risk – Market Liquidity Risk
Type M Risk – Instability Risk regarding the degree that the risk parameters are stable
(excerpted from Risk & Light)

VaR measures Type F risk only.