Risk management has today become a virtual issue for
financial institutions because some schools of thought claim that lack of
proper risk management practices has been a key factor in the present financial
crisis. Generally speaking, risk management is referred to the process of
measuring, analysing, controlling and assessing risks as well as developing
strategies to manage these risks. Some of the strategies used in managing these
risks include transferring the risks to other parties, avoiding the risks,
diversifying the risks, etc. Note that financial risk management focuses on
just risks that can be managed using financial instruments. All businesses
whether big or small do have risk management teams. Sometimes these risk
management teams need to use a combination of the risk management strategies to
be able to manage their risks.
There are certain principles that must be identified with
risk management. As a matter of principle, risk management should result in
value creation in any business, be part of any decision making process, be
systematic and well-structured and be very transparent. The processes of risk
management include the identification of the risk, planning what risk
management strategy/strategies to use, mapping out the basis upon which the
risks will be evaluated, a definition of a framework within which the
`job/task' will be carried out, a development of the analysis of the risks
involved in the process and finally implementing the risk management
strategy/strategies to be used.
Once the risk management process has been completed, that is
to say after the risks have been identified and assessed, all risks management
techniques fall into one or more of these categories-avoiding, transferring
(for example insurance companies), reducing and retaining (accepting and
budgeting). These risk management teams are always faced with a number of
risk options including that of designing a new business
process from the start with adequate built-in risk control measures.
In essence, we will like to define the role played by risks
within financial institutions, identify when these risks should be managed and
when they should be transformed (if possible), as well as the procedures that
must be followed for any successful risk management activity of any financial
institution. So far so good, it has been argued that risk is an essential
factor within the financial sector. It therefore implies that active risk
management has a major place in most financial institutions. In the light of
this, what techniques/procedures can be used / implemented in limiting and
managing these risks?
The answers to these questions are straight forward. It is
obvious that if management is to control risk, it has to establish a set of
procedures in order to achieve this goal. Note that for each risk type, a
four-step procedure is established and implemented to define, measure and
manage risk. This will go a long way to assist decision makers to manage risk
in a manner that is consistent with management's goals and objectives. These
steps include:
· Standards and reports-that is, the creation
of a standard setting and financial reporting method. These two activities are
the back bone of any risk management system. Therefore consistent evaluation
and rating is essential for management to understand the true embedded risks in
the portfolio and the extent to which these risks can be reduced if not totally
eliminated.
· Position rules-imposed to cover exposures to
counterparties and credits. This applies to traders, lenders and portfolio
managers. This is so because, in large organizations with thousands of
positions maintained and transactions done (on a daily bases), accurate and
timely reporting is quite difficult though it is perhaps the most essential.
· Investment guidelines (strategies)-these
guidelines and strategies for risk taking in the immediate future are outlined
in terms of commitments to particular areas of the market and the need to hedge
against systematic risk at a particular time. Guidelines offer advice to the
appropriate level of active risk management.
· Incentive contracts and compensation-this
explains the extent to which management can enter into incentive compatible
contracts with line managers and make compensation related to the risks borne
by these individuals, as such, the need for elaborate and costly controls is
lessened. These incentive contracts require accurate cost accounting analysis
together with risk weighting. Notwithstanding this difficulty, well designed
contracts align the goals of managers with other stakeholders.
Risk management need to be an integral part of any
institution's business plan. Decisions to either enter or leave or
concentrate on an existing business activity require careful assessment of both
risks and returns. These risk management procedures must be established so that
risk management begins at the point nearest to the assumption of risk. By
implication, any trade entry procedures, customer documentation as well as
client engagement methods of normal business activities must be adapted to
maintain management control and eliminate needless exposure to risk. As if this
is not enough, data bases and measurement systems must be developed in
accordance with the way the business is conducted. Moreover, for any accurate
daily business reports, trades must be recorded, entered and checked in a
timely fashion. This helps during an overall effective risk management system
put in place by senior management.
There exists three successive levels within any organization
corresponding to the levels at
which risk is considered to have been
typically managed. The senior management system
used in checking and evaluating business as well as individual
performances, need to be sure that these three levels of risks are attained.
Level I aggregates the standalone risks within a single risk
factor such as credit risk in a commercial loan portfolio.
Level II aggregates risks across different risk factors within a
single business line for instance the combination of assets, liabilities and
operating risks in a life insurance.
Level III aggregates risks across different business lines such
as banking and insurance. The diagram below summarises the risk management
process within financial institutions. Figure 4: Risk Management
Procedure.
