Lecture notes on financial risk management

what is investment risk management and investment risk management techniques. what is investment and financial risk management pdf free downlaod
Dr.MahakSingla Profile Pic
Published Date:11-09-2017
Your Website URL(Optional)
1 Introduction to Investment Risk A walk in the investment maze faces millions every day in our global trading community. There are countless investment opportunities right under our noses. Some are good, others smell instinctively bad. But, how are we to know if the whiff of the business opportunity is really “off”, or does our nose fail us? The scent of prestige used to be a leading indicator for investors. Yet, there have been spectacular failures at Andersen, Enron, Global Crossing, Tyco, Worldcom, Marconi, Equitable Life, Swissair and Sumitomo. These show that the value of a “big name” firm can be dubious. What have we really bought into? Management theory, backed up by advanced information technology, would like to come closer to guaranteeing a sound investment choice. Investment experts bring the risk and return together. But, the danger is that final selection is still based upon prestige and not value. It is worse when this value is exposed as fraudulent. An analytical survey of fraud in the USA found that firms were losing about 6 % of their revenues to occupational fraud and staff 1 abuse. This was estimated to be worth 400 billion. Furthermore, even good companies suffer from strategic misdirection by the executives, and their investors may find themselves on the sidelines watching the ship go down. We can be average at investing, and if the boat is sinking we are even worse at influencing the decisions of large corporations. H. Ross Perot said that trying to change the plans of the General Motors leaders was like: “Teaching an elephant to dance.” DREAM VERSUS RUDE AWAKENING Modern business theory has, undoubtedly, left us richer to manage our investments. Pricing theories and various portfolio models have provided a foundation for building future wealth. Later and more sophisticated theories have incorporated a discount for that omnipresent element in all business activities – risk. No enterprise is immune to the dangers that constitute risk. Yet, risk is in itself a good driving force to promote greater or more productive effort – the stock market feeds off two key motivators: fear and greed. Greed is a unidimensional factor that eggs us on to increase profits. There is no law that defines greed as an intrinsic criminal offence; CEOs and directors have been quick to extract as much pay and benefits from a company before they leave. Yet, excess greed comes before a fall. They should come to fear regulator and shareholder activists’ counter-attacks. Fear is the expression that we are about to suffer damage in some manner, primarily financial loss on the markets – we call the damage a potential hazard. Excess fear leads to stasis, and eventual business ruin. Risk is an ever-present factor in any enterprise, and profit is regarded as a proper reward for bearing the risk in the first place. The notion of a risk-reward ratio comes in, and the concept of “acceptable level of risk” is a natural result. 1 Association of Certified Fraud Examiners, Fraud Survey of 2608 Companies, 1996. TLFeBOOK2 Investment Risk Management Risk management is the modern discipline that answered the call to handle business risk; the prime example being company failure. Many of the failures listed above cannot be attributed to criminal acts – corporate fraud and CEO theft reflect sentiment that is fine for the sensationalistic press, less so for the court room. Furthermore, a company director is rarely brought to court for losing control of a company. It is extremely unlikely that they would have the personal assets to come close to refunding their shareholders in full. Insurance premiums are rising, and there is no guarantee that pay-outs are increasing pro rata; you get an insurance company’s assessment of damage, not your costs of replacement. In view of these shortcomings, traditional legal and insurance avenues of redress are not to be leant on as a crutch. A new look at risk management is required. This book targets those risk factors that threaten a loss in our portfolio value or investment. We adopt a view of business investment as a closed project. This enables us to use a more disciplined analysis of what governs enterprise success, and that involves project management. We focus upon what constitutes investment risk; how organisations handle investment risk; how we can manage investment risk better. Briefly speaking, we can bring sound engineering and actuarial tools to examine risk and risk management in depth. Forensic accounting is needed for a deeper investigation of a company over its statistics and corporate personalities. These views are, oddly, absent in many business books on risk management. These financial engineering methods are useful for the banking and fund management sector. Everyone harbours a dream, and high profits without risk are the ideal in the financial world. Saving is the obverse of consumption and real-life pressures come to the fore to make achieving this dream more problematical. Returns are dropping on average, as the recent falls in the global stock exchanges have shown. Furthermore, the world’s population is continuing to age, certainly so in the major developed nations. Pension funds are now reducing their benefits and/or finding themselves under-capitalised. So, where is the dream now? The changing demographics mean that, per capita, fewer people of working age are support- ing more retired folk. Pensions form the biggest average holding by value of any household, more expensive than their personal house. Add up all these pensions and they form the largest fund of private households in most Western countries. Pension fund managers and institu- tional investors now exert a larger block vote upon corporations than the majority of private investors. For example, CalPers and Teachers TIAA-CREF are large funds in the order of 148 and 270 billion, respectively. They are influential in the field of corporate governance – one 2 example being their near-success in scotching the HP–Compaq merger. Sadly, people often devote more attention to their house and all its accoutrements, rather than choosing their investment. They pore over home furnishings or kitchen equipment, but their choice of pensions comes last. Some CEOs, like Dennis Kozlowski of Tyco, preferred to use company funds to help deck out his apartment in style. It is no surprise that the public patience with modern corporate leaders is wearing thin. The CEOs’ avowed duty to shareholders is now plainly exhibiting a tenuous link to reality. People are beginning to experience real disappointment when their pension returns are given upon retirement. A Robert Maxwell comes along occasionally to rob a pension fund, or an Equitable Life fund catastrophe occurs to destroy public confidence in the future. But these crooks are in the minority. Can the public prosecutors ever prove conclusively that there was any criminal activity within the Tyco, Marconi or ABB losses? Given this doubt or mistrust, 2 www.Calpers.ca.org, 2002. TLFeBOOKIntroduction to Investment Risk 3 should the public pull all their money out of pensions and invest it elsewhere? If so, where? This disillusioned attitude alone would lead to a strain on the pensions system, particularly that managed by the professionals. It is said that wars are fought over oil; yet, the 21st century could see the real investor battling over corporate profits, and the pension funds will figure largely. The changing demographics of the larger older population stresses pension funds to provide for the retired. There will be a stark separation of expectations and reality as people struggle with the net sums left to survive on. The new defined contributions plans and the closing of some pension funds to new entrants further splits the retired world into the haves and the have-nots. Yet, investment funds such as Fidelity Investments – the world’s biggest fund, will definitely continue to be numbered among the “haves”. Furthermore, with nearly 900 billion in assets under management, such funds will move stock markets around the world through their sheer size and influence. Investment funds will continue to exercise significant authority upon how money is invested. More recently, some funds have become vocal advocates for socially responsible investment, 3 such as the Coalition for Environmentally Responsible Economies (CERES) with more than 300 billion in assets. It is not just a mere focus upon corporate profits, but an explicit drive for accurate institutional reporting. These are to be conducted under stricter ethical guidelines 4 on environmental, economic and social grounds. Recent years have not been entirely kind to funds. Fund managers could have lulled them- selves into projecting glowing consistent returns of 10+ % p.a. on the stock market. Now, a long-term average of 4 % to 6 % p.a. could seem more probable. We have to link reality to a suitable investment risk vision. Furthermore, a fall of −25 % was not only realistic, but a sad result in many stock exchanges during 2002. We are faced with the snowballing prospect of client and business pressures to “beat the market” in finding returns to investment. Over-eagerness is an enemy of caution, and that can only lead to added danger or “unreasonable risk”. We look to restore a balance between risk and return within this book. BOOK STRUCTURE This book looks at the uneasy marriage between investment and risk. Given the importance and increasing role of funds within the markets, there is an emphasis upon institutional investors. We have aimed this book towards those who work in the banking, fund management and insurance sectors. It does not take a pure accounting, engineering, IT, banking legal, or insurance treatment of risk – such a limited stand would probably impoverish profitable analysis. There is input from the actuarial and the forensic accounting professions, and methodologies from the project management discipline. This is a synthetic view of risk management, also looking at the organisations that operate in the financial sector. The manner in which people work together to reduce risk is analysed in organic risk management. Previous studies of risk management have concentrated too much on the mechanics and numbers – this is not a healthy fixation. 3 www.CERES.org. 4 “The global 100 investors: the most influential investors on the planet.” Lori Calabro and Alix Nyberg, CFO Magazine, 25 June, 2002. TLFeBOOK4 Investment Risk Management This has tended to cover a multitude of reasons for risk or business hazard. The dangers of operational risk, and proposed solutions, will be detailed in later chapters. This introduction to the category of risk known as operational risk is within Chapter 1. We look at the concept of risk, and the undeniable link it has to return in Chapter 2 “The Beginning of Risk”. The basic union between risk and return is detailed in the summary of results borne out in the early study of portfolio management within Chapter 3 “Investing under Risk”. The divorce between reality and theory has worsened under recent corporate failures. Shining the occasional spotlight on previous business cases helps the reader to understand the course of investment history in Chapter 4 “Investing under Attack”. Explanation of the leading trends in investment theory and financial regulation offer the benefit of making better-informed decisions based upon an investment methodology. These are examined in Chapter 5 “Investing under Investigation”. So, learning danger signs from past failures offers a profitable business warning radar for professional investors. These are outlined in Chapter 6 “Risk Warning Signs”. Technology has played a large part in the development of risk management as a modern business discipline. We examine some of the state-of-the-art financial techniques and their associated IT-based risk management systems in Chapter 7 “The Promise of Risk Management Systems”. Yet, technology never solved all our business problems. There is some prospect that de- mystifying current investment dogma will offer a better and balanced return in the future. We present an overall view of realistic risks in Chapter 8 “Realistic Risks”. Over-simplification of some business ideologies led us into a false lead of risk management. One symptom was the classic “one-size-fits-all” business response. Financial leaders have reworked business theory and regulations into a more appropriate cogent investment strategy. One such development is the release of the new banking regulations for banks around the world known as the “Basel II” guidelines. Their new views on banking risks are outlined in Chapter 9 “Risk-managed Banking and Basel II”. The evolving paradigms on investment risk have led to new ideas on modelling risk. These are summarised in Chapter 10 “Future-Proofing against Risk”. Visiting the past has shown us the potential graveyard of many previous, proud companies and investment dreams. Even a current examination of the current state of investment risk management demonstrates the splintered thinking of the business community. The business orthodoxy is hide-bound by mechanistic theory; we require treatment of corporations more like living beings requiring “organic” risk management. These can, and should be, joined up by integrated risk management detailed in Chapter 11 “Integrated Risk Management”. Whether we engage in simple personal investments, or much larger and more complex corporate business decisions, we can all benefit from risk management to preserve the value of our investments. These are summarised in Chapter 12 “Summary and Conclusions”. TLFeBOOK2 The Beginning of Risk We look at what risk entails at the beginning. These hazards are linked to the actual result, but humans tend to focus on the danger only when it materialises. The fear of investment failure has led to risk management emerging as a more visible business skill and discipline. We introduce risk management within an investment project management methodology. The three investment risks: credit, market and operational are defined. Recent financial disasters are listed as case studies. There is a greater need to find true information about companies and their leaders getting beyond their reputation. These form part of our warning system in our risk management methodology. RISK AND BUSINESS Profits are created through business activity, with bread often used as slang for money. Risk and business come together more often than a peanut butter and banana sandwich. Yet, risk is the banana skin upon which many businesses slip. Look at the recent crashes of those considered as “safe investment vehicles”. As if the collapses at Enron, Andersens, Worldcom and Equitable Life were not enough, these came on the public crashes of dot-coms. A lot of banana skin, but no bread for those poor investors. Thus, it is surprising to some that the financial sector, while claiming to be well risk- managed professions, continues to experience losses on a significant scale. The increasing public opinion is that Wall Street (or the City of London) is a road that leads from a shark-filled pool at one end, to a graveyard at the other. Maybe, we have to get used to conducting risk management for ourselves to ward off attack. Investing is becoming akin to swimming with sharks. CASE STUDY: THE SHARK AND ITS RISK This type of natural risk is feared on the shores of the USA, Africa and Australia. The attack can kill in seconds in the larger and more deadly species. Within other countries, it is considered a delicacy; gourmands in Asia relish eating sharks’ fin soup as an appetising dish. So, the jaws of this shark are potentially fatal, while the other parts are very tasty. Risk is a different among people according to their cultural risk appetites. Others prefer just to avoid the fatal risk completely. 1. The potential death from a shark attack is a “hazard” phenomenon in the first line of risk analysis. 2. The intrusion into its path is the second element or “risk catalyst” in a shark attack. Within the process, the victim is open to injury through “risk exposure”. TLFeBOOK6 Investment Risk Management 3. The third element is the “risk result” or event. Death is rare within the total population, so it can be termed a low-frequency, high-impact risk. However, for interested observers, in truth, the real statistics for shark-attack fatalities are not generally very high. The shark attack is a potential risk for all swimmers in tropical marine waters, but bees, wasps and snakes are responsible for far more deaths. The annual likelihood of death from lightning is 30 times greater than a shark attack in the USA. Statistics point to far higher chances of dying from drowning or cardiac arrest than from any shark attack. Many more people are killed driving to and from the beach than by 1 sharks. One characteristic danger sign of many sharks is that it is a relatively fast-moving aquatic with a prominent dorsal fin. There are some familiar warning signs for investors too. Yet, substandard companies that lose your money or suspect business counter-parties do not necessarily exhibit such glaring warnings. Nevertheless, we can establish a corporate risk profile to sway us from investment-risk sharks. Corporate victims from bankruptcy or share price collapse are more frequent. A careful observation of the whole investment market distribution of probabilities, outcomes and their utilities, is necessary to profile the risks from suffering such a bad attack. Just as an intuitive view of this shark-risk profile is strongly biased to overestimating the downside risk and the final risk event (death), the rarity of company bankruptcy attack has had a perceived lower risk or probability. Most non-financial industries characterise risks as hazards. Yet, the end result need not be a loss event; in fact, there are several event results where there is a happier and more profitable event. There is a one-in-a-million risk that you will win the jackpot lottery prize. Then, we can apply mathematical and computer techniques to derive analytical results. Defining a risk event, and categorising it in the frequency-impact risk matrix is one start for analysing risk. Then we can see how a loss occurs. A loss, then, is a three-step process, starting by a hazard, with the help of contributing factor or catalyst, a risk event itself, and with it a concomitant loss or result (see Figure 2.1). The chances of this hazard resulting are conceivably higher when there are deep individual and political connections involved. Hazard Risk catalyst Risk result Failure of public Appointment new Near-bankruptcy bank with extreme CEO with highly with huge government ambitious global government bail-out involvement market goals Figure 2.1 Structure of a risk 1 Florida Museum of Natural History, 2002. TLFeBOOKThe Beginning of Risk 7 ´ CASE STUDY: THE RUIN OF CREDIT LYONNAIS (CL) This was a proud bank that expanded rapidly from 1987 onwards. New drives then aimed to take CL to a global scale that would rival the major US investment banks. The ambitious growth was fuelled by hubris and additional funds from the French government. A business culture locked in the depths of the Paris Elysee ´ sought to be as skilled and powerful as the top global US financial players. This goal was a goal that pushed CL towards bankruptcy. The catastrophic moves inadvertently linked strategic risk with a lax risk management function. Middle office risk management played no significant part when political power and individual ambitions were supremely dominant. The bank nearly went bankrupt after 2 1993; its bail-out estimated variously in the region of 25 billion. However, spectacular corporate implosions need not be attributed to political chicanery or dot-coms. SwissAir and Equitable Life are examples of highly respected companies that had the gloss taken off in no uncertain terms. Investors should take the responsibility to arm themselves with the required company information to beware the hazards that lurk under the label of “operational risk”. Sources of historical data could prove beneficial for potential investors. We have to go outside the usual ambit of corporate profits or financial losses quoted in the newspapers and online media. We need analysis to determine actual company performance, as distinct from company PR and spin. Take the once-respected engineering firm, ABB. CASE STUDY: ABB ENGINEERING A glorious reign for Percy Barnevik seemed to good to be true. He was reckoned to be Europe’s top CEO for quite some time. The ABB share price fell 80 % from its peak share price of over 50 SFr in 1999. It has lost 96 % of its peak value into 2002 (Figure 2.2). Then, he and his colleague were meant to take 136 million in a pension pay-off. The directors prosper and the company suffers. There was a mini-revolt among many investors. Barnevik ended up with less. The ABB bonds had become graded by Moody’s in 2002 as junk. Ironically, the shares of ABB rose significantly in 2003 once it had agreed a rescue plan 3 for its US subsidiary Combustion Engineering (CE), amidst its rising asbestos legal claims. The extent of damages in the 1950s reappearing as a hazard 50 years later shows that our risk horizon can be too short. A loss database or a risk register has to be compiled that details such hidden legal risks. In fact ABB survives, but its reputation is slightly tarnished. Some newspapers will look upon this episode unkindly, especially as they were probably among those that put a halo upon Barnevik’s head as the most-respected European CEO. There is no suggestion that ABB was pushed among the junk of many tech shares that went bankrupt. Actually, the ABB share price recovered partly as investors began to separate perceived reputation from real company worth. 2 See “A new scandal at Credit ´ Lyonnais”, Economist, 11 January 2001 and “Credit ´ Lyonnais”, Erisk case study, March 2002. 3 “ABB shares rise on asbestos claims deal”, Financial Times, 17 January 2003. TLFeBOOK8 Investment Risk Management 60 50 40 30 20 10 0 1234 5678 Figure 2.2 ABB share price (SFr) 1995–2002 Source: Bloomberg, January 2003. What we have witnessed are the countless dot-com scams that were publicised following the extensive media coverage and US lawsuits. The dot-com shares were being “pumped and dumped” by reputable brokers and investment banks. The UK Financial Services Authority (FSA) has somewhat belatedly taken measures against “spinning”, but it is unlikely that investors who have lost from the popular IPOs will recover much of their original assets. It seems the regulatory authorities can seek to prevent future financial malfeasance, but cannot recover compensation for investors, especially when another pump-and-dump scam 4 occurs. It is more like “bread yesterday, bread today, but never bread tomorrow” for the investor. Investors’ confidence has fallen to epic lows, and continued dissatisfaction is expressed by investor disillusionment in company management following recent corporate accounting 5 scandals. The regulator is called in to monitor the business environment, but a lot of this seems to be after the crash. We live and breathe in a market where having financial regulators around means in no way that investment risk is dead. A common recurring problem arises when the public buys seemingly riskless or “safe” investments from licensed financial companies. Risk perception has become separated from actual risk. The next crisis is going to be borne by unaware consumers again, and they need protection. That is what laws and financial regulations are for; but the true success of any code is that companies and individuals: 4 FSA press release, www.FSA.gov.UK, FSA/PN/102/2002, 23 October 2002. 5 “Private share ownership in Britain 2002”, www.Proshare.org.uk, 23 September 2002. TLFeBOOK ABB share price (Sfr)The Beginning of Risk 9 1 Table 2.1 US white-collar crime Number of Financial institutions – % cleared % arrests business victims number of victims Fraud 33.12 79.52 47 907 2989 Bribery 61.78 93.22 16 0 Counterfeiting/Forgery 29.83 88.70 55 676 5310 Embezzlement 38.37 86.74 17 627 182 1 “Measurement of white-collar crime using uniform crime reporting (UCR) data”, Cynthia Barnett, FBI statistics, 2001.  follow these regulations;  be punished for contravening these regulations;  suffering loss from illegal business activity can seek to obtain some form of compensation. Numerous headlines in the news show the get-outs. Bernie Cornfeld of “Fund of Funds” infamy fled to the Bahamas. BCCI lost billions for account-holders. No one from Andersen or Enron has yet been jailed for their part in the scandal. Asil Nadir of the failed Polly Peck fled to Cyprus and was never extradited. Ernest Saunders had his trial stopped for his Alzheimer’s disease, from which he recovered. Peter Young of DMG was deemed mentally unfit after appearing for trial wearing a woman’s dress. These cases took a lot of time and money to come to court. In most examples, shareholders got little compensation or next to nothing. Both punishment and financial redress are missing. Naturally, public dissatisfaction with the legal system continues. How are you going to protect yourself in the financial markets? The most public view of regulation is to guard yourself against numerous forms of investment fraud or con-tricks. Investment scams The plain truth is that white-collar crime pays well, it is the fastest-growing business, and there is little risk of being put away. See Table 2.1. Securities and commodities fraud in the USA was reported as 40 billion per year in 2001. 6 So it is worth keeping an eye out for this risk hazard. Banking risk and sharks Yet, there is not a single government or agency on this planet that can legislate against risk completely. Taking “appropriate measures...to prevent financial crime” does not mean that financial services companies should have to spend enormous sums on reducing financial crime to zero. That is not 7 possible. Financial regulatory authorities tend to be underfunded and understaffed. Often, even if punished, only minimal fines are meted out for the guilty parties, and few lawsuits are launched every year compared to the number of customer complaints. Worse still, the downsizing trend means that financial regulators and banks will be less well-equipped to police the risk arena. 6 “Securities and commodities fraud”, www.fbi.gov 2002. 7 “The reduction of financial crime”, House of Commons Standing Committee, 15 July 1999. TLFeBOOK10 Investment Risk Management The ratio of internal audit staff to total staff in some institutions today can be as low as 60 % of what it was about five years ago and banks are bigger, trading more complex instruments, and 8 money is moving faster around the system. So, within the financial markets the odds of detection and punishment are both relatively low for:  being caught; and  being punished. RISK MANAGEMENT AS A DISCIPLINE The idea of risk management is certainly not a new one; it is certainly as old as that great risk mitigation practice – building an ark. The business theme is the same, believe that the risk event can strike us, act constructively to mitigate or lessen the damage when it strikes us. 1. There is the first school of investment risk management – the fatalistic business philosphy; you are inevitably going to be hit by a risk event, so better be covered. Bear the load yourself – retaining the risk under self-insurance. Risk management means keeping a contingency fund for your company. 2. This is can be the second paradigm of investment risk management – the technological school. We are mathematically and technically developed in our understanding of risk event, so we can avoid or mitigate risk through smart moves in advance. Risk management is the study and practice that offers some answers for choices in the financial markets. Many of these models are mathematically based, aided by sophisticated computers and telecoms. Given all the collected brains, university degrees, sophisticated mathematical models, powerful computers and market reports, we should feel pretty reassured. Yet, why do some companies continue to make such appalling business decisions? One possible answer is that the investor passes the money, and management mandate, over to the CEO to run the company. But, does it mean that Buffett is asleep at the wheel? No. Company directors are going to make money for you if properly monitored and goaded; inevitably, they slip up now and then, so prod them when needed. 3. This is maybe the third school of investment risk management – the watcher school. Another view is that the huge amount and complexity of numbers and accounts cloud the central issues, we just have to watch our staff and business partners. Technology in a global economy enabled Nick Leeson of Barings or John Rusnak of the AIB in USA get away with “rogue trading”. All were human-based errors and they should have been monitored closely. 4. This is the organic risk management school – there is a need to link up separate initiatives in order to deal with various risk events and the actions of human beings, so better integrate all these developments for “joined-up” thinking. Thus, there is little understanding of how human staff behave or adequate integration of high-technology. Integrating all the risk management technology, plus knowledge of investor behaviour leads us forward. Recent developments in banking, insurance, law, accountancy, IT, project management and forensic accountancy will provide us stronger holistic organic risk management. 8 “Operational risk”, Middle Office, spring 1999. TLFeBOOKThe Beginning of Risk 11 Process initiation Define objectives and the scope of what we are trying to achieve Estimate what staff, skill mix, budget and time required Risk analysis Identify the risks that face us, now and later Study and estimate the probabilities of these hazards occurring Estimate the impact (profit or damage) associated with these hazards Collate these choices in a matrix for evaluation Recommend best decisions available under various conditions Risk management Devise risk management plan Assign key staff for completion of project Allocate risk management budget Implement risk management IT systems Run investment risk model Execute risk management decisions: ignore risks (prepare to bear all burden yourself) mitigate risks (lessen damage e.g. write a hedging contract) transfer risk to insurer sell off risk operation to an external party Take on partners and business counterparties Monitor and amend risk management plan where necessary Project close-down Review progress Log experiences in a risk register or loss database Recommend follow-up actions Figure 2.3 Risk management of an investment project The last school puts business processes and actions within a methodology. This can be outlined within an investment project as shown in Figure 2.3. Humans and risk Whatever view we take, given the size and complexity of managing companies, we rely upon “experts” to keep a watch out. So, risk hovers around even the most “respectable” company to its very core. Thus, we have entered into the grey forest of artistic accounting and interpretation. The inability of some notable corporations to state the true health of their accounts is a worry that we must address. The Andersen–Enron case demonstrates some of the ground for confusion. We have tended to focus too much upon auditors and analysts’ lack of common sense or ethics. Numbers and balance sheets are not even half the corporate and investment problem – they are just a common symptom. We need to thrust our noses purposefully into companies, past the financial details, and into the corporate reality of how human staff operate. We investigate two cases of retail store theft. 9 Centre for Retail Research, UK, 2002. TLFeBOOK12 Investment Risk Management 9 CASE STUDY: HIGH-STREET RETAIL STORE LOSSES UK high-street stores lose more goods to shoplifting than any other EU country, an asset loss worth approximately £4 billion. This is about 2 % of annual turnover, against Germany 1.19 %. A lot of this loss is an “inside” job – UK company staff are responsible for 28 % of the merchandise stolen. We can see that banks often lose some of their annual turnover likewise, and a part can be considered an “insider job” too. The costs of security control and surveillance is somewhat negated by the inability of the UK justice system to deal with the large numbers of store thieves. Nationally, 675 000 thieves were arrested in 1999, but fewer than 10 % make a court appearance. Of these, only 4000 are given a prison sentence. Threat of imprisonment can become viewed as empty. We have included an example of shoplifting and theft, but we have not expressed the sig- nificance of fraud. Businesses acknowledge the negative impact of fraud, which costs UK companies and public agencies around £15 billion per year. The costs of prevention and inves- 10 tigation add a further £1.8 billion to the total. The summary of personnel checks, corporate research and the formation of a loss database now become seen as a necessity for sound busi- ness in the light of the potential damage suffered. A loss database under Basel II could be part of the answer to documenting a bank’s equivalent of pilfering or leakage. It is interesting to know how many banks and investment funds do not conduct such basic exercises. It is not just risk management, it is the concept of business pure and simple. As we have seen, banking fraud and poor trading supervision can enable staff to lose millions. Worse still, our experience in banking risk management has shown that the omission of such sound business monitoring can be costlier, if not deadly. 11 CASE STUDY: ALLIED IRISH BANK (AIB) 1 John Rusnak was sentenced to 7 / years in prison. He traded foreign currency for Allfirst, 2 the US arm of Allied Irish Bank. He pleaded guilty causing losses of 691 million in a trading fraud to make hundreds of thousands of dollars in bonuses. Former US comptroller of the currency, Eugene Ludwig, conducted an investigation that cited Mr Rusnak for fraud, but he also criticised AIB for creating the conditions for this fraud to continue for such a long time. AIB’s lax management and weak corporate controls sowed the seeds of down that eventually grew into one of the largest banking scams since the rogue trading of Nick Leeson that led to the collapse of Barings. Such operational errors also occur in Western banks to an alarming degree. They will continue to do so as long as banks and investment funds have business operations and practices that are vulnerable to suffer extensive loss. These companies are vulnerable because their risk culture is sloppy and has atrophied, just like the risk sensors that help us avoid being bitten by snakes. The problem with some banks is that: once bitten, not really any shier. 10 Department of Trade and Industry, www.DTI.gov.uk, 2002. 11 “Jail for £430 m rogue trader”, Economist, 17 January 2003. TLFeBOOKThe Beginning of Risk 13 The state of the investment game Much of the financial industry story has been built upon foundations of professional invest- ment management and accounting. Risk management as a discipline took off in recent years within the banking and investment funds sector. Front-office sales are backed by in-house investment analysis and efficient regulation. These generate huge amounts of information and analyses. A truck-load of data and associated computer processing techniques have been created. Lately, the financial “experts” have tended to jump on the bandwagon and subject the corpo- rate numerical data to intensive analysis. Much in vogue is the variety of mathematically based modelling techniques. These models include computing variables for Value-at-Risk (VaR), Asset-Liquidity Management, Asset-Liability Management, CAMEL and Capital Adequacy Ratios and so on. These techniques are believed by many to offer adequate protection for the investors. But, we feel that there is something missing to the aggregate financial expertise in the market. The mathematically based causal modelling can lead us to ignore some human-based risks. This is where organic risk management can help us. The loss database is just one possible tool for compiling a list of human-based risks. These are potentially damaging corporate actions that are difficult to detect from balance- sheets and numerical data. The Enron–Andersen catastrophe showed that mathematics and the number-crunching have limited use outside the bounds of competence, ethics and common sense. We are faced with a myriad of risks. RISK TYPES Risk is the possibility of an event happening. Risk is often associated with negative outcomes; although there are some beneficial possibilities too, people generally connote risk with loss or damage. We normally take the insurance and everyday life custom of linking risk automatically with an unpleasant event. It is necessary to consider to recap on our views of risk within a multi-step process:  hazard – the risk of an outcome or event;  danger or risk catalyst that allowed this risk to occur;  impact of the event upon your group;  risk management – the process in which you can limit or avoid the potential damage. There are four risk types that we wish to examine in depth within this book. 1. Reputation risk 2. Market risk 3. Credit risk 4. Operational risk These last three are the same major risk types outlined in the latest Basel II banking regula- 12 tions. 12 “New capital accord – an explanatory note”, Basel Committee on Banking Supervision, January 2001. TLFeBOOK14 Investment Risk Management Reputation risk The time-worn way to avoid risk was the tactic of keeping silent (“there is no danger, keep shtum”), or hiring a big name with a good reputation to reduce your investment risk. Thus, taking on the services of the top Wall Street or London City investment banks, lawyers, accountants and specialists was a sure way or reducing risk because they were “safe” business partners. One of the drawbacks of this method is that we are relying on heuristics that are either unfounded or out of date. The rule of thumb: “prestigious reputation = great service”. CASE STUDY: EQUITABLE LIFE The notion that a large, old and well-established firm means a “good risk” took a bit of a knock after the Queen’s bank (Barings) of England went down after the Leeson disaster. History repeats itself when we are faced with a respected company founded in the 18th century facing a struggle for survival. It seems to have been a case of damage by acting in a risk-ignorant and not by intention or criminal act. Damage limitation provided by the UK life insurance company Equitable Life shows us where risk management often comes in after a risk hazard surfaces, not before. 1. The damage from the mis-selling scandal was quite severe, many funds found culpable of selling inappropriate pensions to the public. 2. Most funds were enamoured of the guaranteed annual repayment whereby the funds essentially bet that they could assure the policy-holder of a fixed amount each year upon retirement. The stock-market slump threatened their ability to pay out to customers, plus it jeopardised the capital adequacy base. The new management went on a damage-limitation exercise. This eventually succeeded in keeping the company afloat, despite hard knocks to its former prestige. It is a process of reputation risk recovery, which could not have been conducted by a low-level risk management exercise. In this case, top management:  recognised the hazards;  evaluated the impact of the risks;  allocated vast resources to damage control;  set about retrieving reputation and clients’ trust;  put in procedures to limit further similar damage in the future. A better use of communication and efficient PR could have triumphed over mechanistic risk management. Equitable Life was under such financial pressure that it dropped 50 000 pensioners from its schemes. Pay-outs fall, the number of lives insured decreases and the number of satisfied policy-holders has shrivelled to almost zero. If only they had known beforehand. Equitable Life struggles on, but survives. We can just regret that these damage- 13 limitation measures were not done before, but post facto (see Figure 2.4). 13 Financial Times, 16 November 2002. TLFeBOOKThe Beginning of Risk 15 2500 2000 1500 Total solvency £m Minim. Reqd. solvency £m 1000 500 0 Figure 2.4 Equitable Life monthly solvency Dec 2001 – July 2002 Credit risk Credit risk is the ancient hazard of suffering loss because of not being able to extract the promised return from a business partner. We also include counterparty and country risk within this category. Various examples exist: sovereign risk on issue of bonds and debt default such as the Russian economic crisis of 1998, or the Argentinian debt crisis in 2002. Few banks only lend to one sector but actively diversify their portfolio. A modern bank (Commerzbank, 2001) shows how it makes arrangements for the projected level of domestic bad debt. See Figure 2.5. Market risk Market risk is the loss in value of the bank or fund’s portfolio caused by changes in price (or price-related) factors. Currency rate, interest rate, equity price levels, volatility levels are changes or risks that come under this heading. A bond-dealing desk taking positions is a typical Figure 2.5 Credit risk Source: “Provisioning for borrower risks by customer group – ‘Commerzbank in 2000’,” Annual report, 2001. TLFeBOOK16 Investment Risk Management example of a portfolio under market risk. The large foreign exchange market trading feeds of these risks for good and bad where those who estimate the market risk well benefit, whilst those who calculate market risk wrongly generally fail. Operational risk This is a wide-embracing term that refers to the danger of losses from business system or process failure. This can include mechanical and human operations, faults in procedural design and system function. The Basel Committee on Banking Supervision adopts a narrower definition: “. . . the risk of loss resulting from inadequate or failed internal processes, people and systems 14 or from external events.” It includes legal risk and all errors from trading and settlement not previously covered in the above categories, to the criminal/fraudulent actions, up to the IT and system failures from human and external changes. Strategic, systemic and reputational risks are excluded. These are the categories of risk that are often said to be the hardest to model and predict – the human side. When we have redesigned bank business processes, created dealing operations, or inspected fund managers, we work in a complex network of people and their varying skills. Some of these skills and experience are not really definable in numerical terms, but involve an element of intuition. Thus, investment risk management is an art, and not a science in many ways. Risk management used to be a staid and reactive exercise, where the auditors would be called in after a company crashed or suffered loss. Now, it has become a specialist field in its own right encompassing several disciplines geared towards a proactive stance to mitigate against risk consequences. Formerly, risk management was just like an optional feature that you could choose to buy later. Lately, risk management is becoming an inherent part of the processes of wealth creation and a sought-after skill. We include some of the essential skills for modern risk management. The variety of risk is so wide, and potential damage so deep, that risk management has become high profile in itself. See Figure 2.6. Directors are less able to pay lip-service to operational risk because of the high impact when the hazards happen. Compliance was such a boring and low-key event that companies devoted fewer resources to it. Now the regulators are devising stricter rules, and the public wants to see that these are met by the company, that directors do not wish to face the reputation risk of being known as inept or hiding something disastrous when it comes to complying with the disclosure regulations. Risk management skills often involve a combination of financial training and an intuitive sense to sniff out suspect investment opportunities or partners. It has a strong mathematical foundation, but recently, some of this modelling has demonstrated weak underpinning. So, we come back to having a good “nose” for business – intuition and experience, instead of paper qualifications. Then, we define where we come into the grey area that calls for the artistic gift of subjective interpretation. The Andersen–Enron–WorldCom (AEW) cases demonstrate where confusion led to crooked chicanery. Then, we define where we come into the nebulous area that calls for the artistic gift of subjective interpretation. Yet, we can hover above the company risk horizon and see dangers surrounding us. 14 “Sound practices for the management and supervision of operational risk”, Basel Committee for Banking Supervision, www.BIS.org, July 2002. TLFeBOOKThe Beginning of Risk 17 Operational risk (external) Strategic risk (external) Outside Internet hacker Loss of tied supplier Weather damage Change of government Electrical supply or circuit fire New compliance regulations Directors’ Reputation improper damage advice and External actions Internal Strategic risk (internal) Operational risk (internal) Bad process design Improper M&A targets Loss of talented staff Wrong product mix Loss of customer contact Figure 2.6 Risks inside and outside the corporation The concept of an AEW risk-alert system would work in the same way as an AEW (airborne early warning) radar detects potential enemy action. It is tempting to point the finger at An- dersen’s accounting arm and try to fix the fault just there. Risk management is truly concerned with the fundamental source of errors and lack of control in modern corporate business, not just the symptom. The post-Enron quick-fixes and assurances must offer superficial comfort. We offer a view on the investor’s AEW corporate risk-alert system in Chapter 6. RISK AND DAMAGE The fact is that although financial regulatory procedures for protecting the investor are well documented, financial redress and net loss are less well recorded. This means that even when the stock exchange and the regulatory organisations have given a good-housekeeping seal of approval to large numbers of listed companies, some records of company operations and the more truthful balance sheets take an opposite view. The imperfect relay of information, or interpretation by the investors, shows a divorce between extant risk and likely damage. The finance industry wallowed in a “If it ain’t broke, don’t fix it” mentality for decades. Mistakes were made partly because of lack of proper execution in planning for extreme events, matched to negative impact. Every business builds a risk register with relative probability and associated impact. See Figure 2.7. The different risk impacts and frequencies need to be dealt with by different people with various risk management skills. This varies from company to company, and from risk culture to risk culture. Where losses occur, these should be recorded in the loss database. Insurance and fund managers form a highly organised risk-seeking profession that aims to share these risks for profit. It tries not to take on too much risk, or even too much risk that it does not understand. Otherwise, it stands the risk of dying as a business. Insurance, even with its avowed expertise in risk management, is just as likely to face insolvency, as the crashes in their stock-market portfolios have revealed. Because banks, in- surance companies and pension funds have a large slice of the entire stock market capitalisation, TLFeBOOK18 Investment Risk Management Figure 2.7 The risk register (frequency vs. impact) corporate inadequacy can force a sell-off of shares in their portfolios. This can create a systemic 15 or pro-cyclical risk where continued selling destroys the stock-market value. See Figure 2.8. The threat of stock-market crash or some terrorist activity after September 11th may seem so uninsurable that some clients opt-out or go for self-insurance (bear the risk burden yourself). Otherwise, pay higher insurance premiums. A large corporation can retain a large risk because of the size and strength of its balance sheets. Risk retention or self-insurance is troubling the insurance industry. Insurers’ efforts to cope with loss of business have tried to offer alternative products or to cut premiums – both carry considerable risk. Cutting premiums or guaranteeing the pay-outs endangers the very same insurance companies that are meant to protect investors. Risk retention is also a prospect that troubles some investors – there is a tacit admission that they take a bet on an extremely low-frequency, high-impact risk. This means that their company can go bust, with little com- pensation for the investor. Business looks more like a gamble at the horse races. Viable alternatives There are loop-holes when we seek to protect ourselves through the financial regulators, the legal system, accounting or insurance. The validity of auditing and due diligence can be called into question. Rushed business diagnoses are superficial, and their foundations for defining a business conclusion are clearly limited. 15 “New capital accord – an explanatory note”, Basel Committee on Banking Supervision, January 2001. TLFeBOOKThe Beginning of Risk 19 Life insurance company Stock market crashes. Profits Life company reneges on guarantees annuity pay-outs dry up. Life insurance and guaranteed annuity pay-out. in a rising market. Fund pension fund capital falls so Pensions reduced or entrants guarantees pension. Stock- alarming regulators. to scheme excluded. Clients market performance varies. Guaranteed annuity or threatened with bankruptcy of company. Policy-holders take pension threatened. losses on annuities. Hazard Risk catalyst Loss result Stock- market value Time Figure 2.8 Risk in a life insurance company or pension fund These severely reduce the effectiveness of traditional risk management avenues. The growing feeling among investors is that prevention is better, and cheaper, than a cure. Accumulating a pool of corporate information might come in very useful. These avenues are explored in further depth in the following chapters. Some are:  Traditional sources of corporate news in current events coverage.  Prior company case studies and relevant industrial experiences from media sources logged in a “risk register”.  A deeper investigation of performance track-record of key company staff, counter-parties and business partners under detective and forensic accounting initiatives.  Additional company reports filed under the Basel II new banking regulations.  Procedure for early warning (AEW). Those who have suffered enough from previous investments understand that reputation risk means perceived corporate value becomes rapidly uncoupled from real worth. We can now attempt to detect and discard undesirable business elements from our future plans using these data sources. One of the ways we can help to achieve this is to use an investment risk methodology. This is outlined in succeeding chapters within a view of a methodology for an investor’s closed-end project, i.e. a launch and a desired end. So, when it comes to investing or building a portfolio, the increasing feeling is to do everything yourself. TLFeBOOKTLFeBOOK