CH 1 Foundations of Risk Management L9H2JR04CB

FRM Part I Exam
By AnalystPrep
Study Notes - Foundations of Risk Management
Last Updated: Jun 16, 2023
1
©2023 AnalystPrep “This document is protected by International copyright laws. Reproduction and/or distribution of this document is
prohibited. Infringers will be prosecuted in their local jurisdictions. ”

Table of Contents
1 - The Building Blocks of Risk Management 3

2 - How Do Firms Manage Financial Risk? 20
3 - The Governance of Risk Management 29
4 - Credit Risk Transfer Mechanisms 44
Modern Portfolio Theory (MPT) and the Capital Asset Pricing
5 - 58
Model (CAPM)
The Arbitrage Pricing Theory and Multifactor Models of Risk
6 - 75
and Return
7 - Risk Data Aggregation and Reporting Principles 87
8 - Enterprise Risk Management and Future Trends 96
9 - Learning From Financial Disasters 109
10 - Anatomy of the Great Financial Crisis of 2007-2009 139
11 - GARP Code of Conduct 154
2
© 2014-2023 AnalystPrep.
Reading 1: The Building Blocks of Risk Management
After compl eti ng thi s readi ng, you shoul d be abl e to:
Explain the concept of risk and compare risk management with risk-taking.
Evaluate, compare, and apply tools and procedures used to measure and manage risk,
including quantitative measures, qualitative risk assessment techniques, and enterprise
risk management.
Distinguish between expected loss and unexpected loss and provide examples of each.
Interpret the relationship between risk and reward, and explain how conflicts of interest
can impact risk management.
Describe and differentiate between the key classes of risks, explain how each type of risk
can arise, and assess the potential impact of each type of risk on an organization.
Explain how risk factors can interact with each other and describe challenges in
aggregating risk exposures.
Risk and Its Management
Risk refers to the potential variability of returns around an expected return from a portfolio or an
expected outcome. T he financial risk that arises from uncertainty can be managed and mitigated.
Modern risk management refers to the ability, in many instances, to price risks and to provide
adequate compensation for the risk taken in business activities.
T he building blocks of risk management include:
1. T he classic risk management process
2. Identifying knowns and the unknowns
3. Expected loss, unexpected loss, and the tail loss
4. Risk factor breakdown
5. Structural change from tail risk to a systemic crisis
3
6. Human agency and conflicts of interest
7. T ypology of risks and risk interactions
8. Risk aggregation
9. Balancing Risk and Reward
10. Enterprise risk management
1. Types of Risk and Their Interactions
Risk can be grouped depending on different types of business environments. Grouping the risks is
essential for the business institutions to factor into specific risks while managing them. T his is true
because each type of risk needs different skills to manage it.
A typical typology of risks should always be flexible to accommodate new forms of risks that are
ever-emerging (such as cyber risks). T he following diagram gives the typical modern typology of
corporate risks:
Market Risk
4
T his is the risk associated with the potential reduction in the value of a portfolio or security due to
changes in financial market prices and rates. Price risk can be decomposed into a general market risk
component (the risk that the market as a whole will fall in value) and a specific market risk
component (idiosyncratic component), unique to the particular financial transaction under
consideration. In trading activities, a risk arises from open (unhedged) positions and imperfect
correlations between market positions intended to offset one another.
Market risk can be further classified into the following categories:
Interest Rate Ri sk – It arises from fluctuations in the market interest rates, which may cause a
decline in the value of interest-rate-sensitive portfolios. For example, the bond market is affected by
interest rates in the market. Curve risk can arise in portfolios in which long and short positions of
different maturities are effectively hedged against a parallel shift in yields, but not against a change in
the shape of the yield curve. If the rates of the positions are imperfectly correlated, basis risk may
arise in offsetting positions having the same maturity.
Equi ty Pri ce Ri sk – T his is the risk that is associated with the volatility in the stock prices. T he
market risk component is the sensitivity of the equity or a portfolio to a change in the level of a
market index. T his risk cannot be done away with by diversification. T he idiosyncratic or
5
specific threat is the component of volatility determined by firm-specific characteristics like its
management, production line, etc. T his can be done away with by diversification.
Forei gn Exchange Ri sk – Due to operations that involve foreign currencies, imperfectly hedged
positions in certain currencies may arise, which may cause exposure to exchange rates. Major
factors influencing foreign exchange risk are imperfect correlations in currency prices and
fluctuating international interest rates.
Credit Risk
T he risk associated with a counterparty not fulfilling its contractual obligations is the credit risk. For
example, the default on a credit card loan is the scenario in which credit risk materializes for a credit
card company.
Credit risk can be further classified into:
Bank ruptcy Ri sk – T he risk associated with a borrower's inability to clear his debt
leading to a takeover of his collateralized assets.
Downgrade Ri sk – T he risk that there might be a decline in the borrower's credit
ratings because of a drop in his creditworthiness.
Credit risk is a matter of concern only when the position is an asset and not a liability. If the position
is an asset, then a default by the counterparty may cause a loss of the position's total or partial value.
T he value that is likely to be recovered is called recovery value, while the amount that is expected
to be lost is called loss given default.
At the portfolio level, the issues to be addressed are the following:
T he creditworthiness of the obligor: Based on this, an appropriate interest rate or spread
should be charged to compensate for the risk undertaken.
Concentration risk: T he extent of diversification of the obligor should be a concern.
T he state of the economy: When the economy is booming, the frequency of defaults is
comparatively lower than when there is a recession.
6
Liquidity Risk
It comprises funding liquidity risk and market liquidity risk.
Funding liquidity risk is associated with the risk that a firm will not be able to settle its obligations
immediately when they are due. It relates to raising funds to roll over debt and to meet margin calls
and collateral requirements. Funding liquidity risk can be managed by holding highly liquid assets like
cash.
T rading liquidity risk (also called market liquidity risk) is the risk associated with the inability of a
firm to execute transactions at the prevailing market price. It may reduce the institution's ability to
hedge market risk, and also it is the capacity to liquidate assets when necessary.
Operational Risk
It refers to the risk that arises from operational weaknesses like management failure, faulty
controls, and inadequate systems. Human factor risk is one of the essential operational risks, and it
results from human errors like entering wrong parameter values and using wrong controls, among
others. Technology risk arises from a computer system's failure.
Business Risk
It arises from the uncertainties in demands, the cost of production, and the cost of delivery of
products. Business risk is managed by framing appropriate marketing policies, inventory policies,
choices of products, channels, suppliers, etc. Business risk is affected by the quality of a firm's
strategy and its reputation too.
Strategic Risk
It is the risk associated with the risk of significant investments for which the uncertainty of success
and profitability is high. It is related to the strategic change in the company's policies to make it more
competitive in the marketplace.
Reputation Risk
7
It comprises the belief that an enterprise can settle its obligations to counterparties and creditors
and secondly, it follows ethical practices. T rust and fair dealing are two essential things that drive
businesses. For example, reputation is of crucial importance in the financial industry.
Interactions of Risk Types
Risks can flow from one type to another. For instance, during hard business times, the risk can flow
from the credit risk to liquidity risk and then to market risk. T his kind of flow was seen in the 2007-
2009 financial crisis.
Another example is where operational risk (as a form of lousy trading activity by the traders) flows
to market risks by creating unfavorable market positions. Moreover, this can move to become a
reputation risk to the concerned company.
2. The Risk Management Process
Given below is the flow chart of the risk management process:
8
Risk management includes identifying the type and level
of risk that is appropriate for the firm to assume, analyze,
and measure the risk, and assess the possible outcomes
of each risk. The final stage is the management of the
risks.
Methods of Risk Management
1. Avoi di ng the ri sk : some risks can be managed by avoiding them. For instance, closing
down the business unit or changing the business strategy.
2. Retai ni ng or k eepi ng the ri sk : if the company can accommodate the risk, it can be
retained by methods such as insurance of the risk.
3. Mi ti gati on of the ri sk : this method involves an attempt to decrease the exposure,
frequency, and severity of the risk. A good example is the improvement of a firm's
infrastructure and putting collateral on credit exposure.
4. Transfer ri sk : this method applies to risks that can be transferred to a third party. An
example is in derivative products where a company pays a premium to a party to accept a
certain level of risk.
3. Known and Unknown Risks
According to Donald Rumsfeld (1921), risk managers should not concentrate on known risks only but
also the unknown risks. He also classified the risks, as seen in the diagram below.
9
Unknown risks can be very significant and essential, even though their measurement may be difficult
or outright impossible. However, unknown risks can be managed using the usual forms of risk
management.
Rumsfeld's classification implies that risk managers should focus not only on measurable risks but
also on an unknown risks. T hey should strive to unravel the "unknown unknowns," which include
threats that do hide away.
10
4. Expected, Unexpected, and Tail Loss
The Expected Loss
T he expected loss can be defined as the mean loss an investor (position taker) might expect to
experience from a portfolio. T he expected risks are those that may be large in size, are predictable,
and could be avoided with the risk management process.
T heoretically, portfolios usually bear a loss that is near to the average loss, which can be statistically
measured with some degrees of freedom.
Expected loss can be calculated from the underlying risk factors. Such factors include:
T he probability of occurrence of a risk event
T he size (severity) of the loss
T he exposure to risk
Let us take an example of credit risk to the bank. Denote the probability of default by PD, bank's
exposure at default by EAD, and severity of loss given default by LGD. So, the EL is given by:
EL = EAD × LGD × P D
So, how does the bank's manager make sure that they make a profit? T he bank management should
come up with the price that covers the expected loss. It is important to note that the computation of
expected loss is based on assumptions.
The Unexpected Loss
T he unexpected loss is the level at which the losses in a portfolio defer from the average loss.
Unexpected risks due to unanticipated variability in the losses.
For instance, in a credit portfolio, an unexpected loss can be caused by a difference in the number
and severity of the loans. T hat is, a large number of small loans are diversified, and hence we can
estimate the expected loss. However, if the EL continuously changes due to macroeconomic factors,
11
it leads to unexpected loss.
In some cases, some portfolios (such as credit) can show extreme loss variance over some interval
of time. In this case, the expected loss (EL) is calculated by averaging the loss from the long-run good
years and the short-run bad years. However, in bad years, the losses can rise to an unexpected level
and even to extreme levels. Consequently, the banks are forced to increase the risk capital and
include an expected loss in pricing their products to guard themselves against huge unexpected
losses, which can cause insolvency and defaults.
Value-at-Risk (VaR)
VaR is a statistical measure that defines a particular level of loss in terms of its chances of
occurrence, i.e., the confidence level of the analysis. In other words, VaR utilizes loss distribution
relative to a portfolio or a position to approximate losses at a given level of confidence.
For example, suppose a position in an option has a one-day VaR of $1 million at the 99% confidence
level. In that case, the risk analysis will show that there is only a 1 percent probability of a loss that
is greater than $1 million on any given trading day.
12
T he VaR measure works under normal market conditions and only over a short period, such as one
trading day. Potentially, it is a poor and misleading measure of risk in abnormal markets, over more
extended periods, or for illiquid portfolios. VaR also depends upon the control environment. T rading
controls can be circumvented. T his usually happens when back-office staff, business line managers,
and even risk managers do not have a proper understanding of the critical significance of routine
tasks, such as an independent check on volatility estimates, for the integrity of key risk measures.
Expected Shortfall
Despite the significant role VaR plays in risk management, it stops short of telling us the amount or
magnitude of the actual loss in the tail. What it tells us is the maximum value we stand to lose for a
given confidence level. T his drawback can be overcome by a measure known as an expected
shortfall.
Expected shortfall (ES) is the expected loss given that the portfolio return already lies below the
pre-specified worst-case quantile return, e.g., below the 5th percentile return. Put differently, the
expected shortfall is the mean percent loss among the returns found below the q-quantile. It helps
answer the question: If we experience a catastrophic event, what is the expected loss in our
financial position?
T he expected shortfall (ES) provides an estimate of the tail loss by averaging the VaRs for increasing
confidence levels in the tail. It is also called the expected tail loss (ET L) or the conditional VaR.
5. Breakdown and Interactions of Risk Factors
T he risk managers must subdivide the risk into discrete risk factors so that each factor and the
interactions between these factors can be studied. An excellent example is the credit risk, which we
have studied earlier-where credit risk was divided into the probability of default (PD), bank's
exposure at default (EAD), and severity of loss given default (LGD).
However, there is an obvious challenge of how granular risk should be, given the loss of data.
Dividing the data into very small sub-factors is impractical since it is time-consuming and tiresome.
Secondly, analytical resources might be limited. Moreover, the data might be limited in terms of
13
quantity, quality, or descriptive ability.
T he solution to this challenge is the emergence of machine learning. In machine learning and
substantial cloud-based calculation, power can help in isolating risk granules into smaller details.
6. Structural Change from Tail Risk to Systemic Crisis
Tail risks are those that rarely occur. T hey can be explained as the extreme version of unexpected
loss that is hard to find in the given data. T hey are usually revealed in time series data of long periods.
T he tail risk can be detected using statistical methods such as the Extreme Value T heory (EVT ).
When the structure of a financial system changes, the risks increases. T hat is, events associated
with large losses may increase as well as risk factor levels. Unless the structural problem is fixed or
proper risk management is adopted, new losses relative to a risk type might occur, which changes
the amount of tail risk, expected and unexpected losses.
7. Human Agency and Conflicts of Interest
Financial systems are run by intelligent human beings who can adapt to change in a personal and
cunning manner. T hat is, those who are more experienced in risk management can play up their
game by hiding their risk analysis from other participants for their gain.
Having said this, many financial firms have employed three ways to control human agency and
conflicts of interest:
i. Firms create business models that can identify and manage risk.
ii. Employing risk managers that are qualified in risk management and day-to-day oversight.
iii. Periodic independent oversight and assurance (e.g., internal audit)
T hese defense mechanisms do not always work due to industry innovations, which sometimes leave
loopholes in the risk management sector. Moreover, sometimes traders and the industry leadership
willingly alter the credibility of the risk management systems. T hat is why grasping the role of
human agency, self-interest, and conflicts of interest are some of the cornerstones of risk
14
management.
8. Risk Aggregation
T he risk manager should be able to identify the riskiest businesses and determine the aggregate risks
of a firm. For instance, market risks are easily quantified and controlled by comparing the notional
amount in each asset held. T his, most of the time is impractical since different stocks and industries
have different volatilities.
Since the mushrooming of derivative markets in the 1970s, measurement of market risk became
relatively achievable. T his is because the value and the risk of the derivatives depend on the price of
the underlying portfolio.
Derivative traders developed risk measures referred to as the Greeks. T hey include delta and theta.
Greeks are still used up to date, but they cannot be added up, rendering them limited at the
enterprise level.
Another measure of risk is VaR. VaR was a useful aggregation method up to the year before the
crisis, but it involves too many assumptions. However, VaR is marred with shortcomings but remains
to be essential to ask managers.
T he disadvantages of these aggregate risk measurements have motivated the managers to come up
with total risk measures to replace the traditional measures but, most of the time, fail to include
critical dimensions of the risk and must be supplemented with other methods. Conclusively,
understanding how risks are aggregated and the drawbacks and advantages that come with them, is an
essential risk management building block.
9. Risk and Reward Equilibrium
Normally, the assumption of higher systematic risk is associated with higher returns from portfolios.
However, the demanded returns from risky assets may not be apparent unless the asset's market is
efficient and transparent. For example, the bond prices, solely, may not imply the return demanded,
15
taking additional risks. T his can be the case because of liquidity and tax effects. A key objective of
risk management is to make transparent potential risks for the firm and identify activities that may
be detrimental to the firm in the long term.
For instance, a bank can include the cost of both the expected and unexpected costs by using the
following formula for risk-adjusted return on capital (RAROC):
Reward
RAROC =
Risk
Note the Reward can be After-Tax Risk-Adjusted Expected return, and the risk is described as the
economic capital so that:
After-Tax Risk-Adjusted Expected return

RAROC =
Economic capital
If the RAROC is higher than the cost of equity capital, then the portfolio is valuable to the investor.
T he cost of equity capital is the minimum return on equity capital required by the shareholders to
compensate for the risk.
Apart from the banking industry, RAROC is applied across different industries and institutions, with
the formula varying accordingly (but its purpose remains constant).
Uses of RAROC
1. Investment Anal ysi s: RAROC formula is used to anticipate the likely returns from future
investments.
2. Compari ng busi nesses: RAROC can be used to compare different units of a company that
needs varying amounts of economic capital.
3. Pri ci ng strategi es: A company can re-determine the pricing strategy of its products so
the risk-adjusted returns.
4. Ri sk management cost (benefi t anal ysi s): A firm can use RAROC to compare the cost
of risk management to the benefit of the firm.
16
10. Enterprise Risk Management (ERM)
Enterprise management risk (ERM) is the process of planning, organizing, leading, and controlling the
activities of an organization in order to minimize the effects of risk on an organization's capital
and earnings as a whole. ERM overcomes the challenge of "siloed" risk management, where each
unit of an institution manages its own risk independently.
Since the financial crisis of 2007-2009, risk cannot be represented by a single number but rather:
i. Risk is multi-dimensional. T hat is, it should be approached from all angles and using diverse
methods.
ii. Risk demands specialized judgment that is seconded by statistical science application.
iii. Risk develops across all risk types, and thus one may miss the point by analyzing one risk at a
time.
More clearly, firms need to adopt a 360-degree view of risk by using different tools and appropriate
levels of curiosity. T hus, ERM is not only about aggregating the risk across the risk types and
business lines but also taking a comprehensive risk management process while taking into
consideration the strategic decisions of a business. A simplified ERM is shown below:
17
18
Question
Which of the following form is NOT included in the expected loss formula?
A. Probability of default
B. Loss given default
C. Unexpected loss
D. Exposure at default
Sol uti on
T he correct answer is C.
EL = EAD × LGD × P D
Unexpected loss is the level at which the losses in a portfolio defer from the average
loss as calculated by the expected loss.
19
Reading 2: How Do Firms Manage Financial Risk?
After completing this reading, you should be able to:
Compare different strategies a firm can use to manage its risk exposures and explain
situations in which a firm would want to use each strategy.
Explain the relationship between risk appetite and a firm’s risk management decisions.
Evaluate some advantages and disadvantages of hedging risk exposures and explain
challenges that can arise when implementing a hedging strategy.
Apply appropriate methods to hedge operational and financial risks, including pricing,
foreign currency, and interest rate risk.
Assess the impact of risk management tools and instruments, including risk limits and
derivatives.
Financial institutions are required to manage financial risks. However, it is an uphill task given that
risk management should go hand with the firm’s owners’ objectives, the reason for risk management
strategy and the type of risks, risks to be retained, and types of instruments available.
Modern risk management follows an iterative road map which involves five key areas:
Identification of the Risk Appetite
T his involves taking note of the corporate objectives and risks, and deciding whether to manage risk
and in case risks are managed, what type of risks.
Risk Appetite
Risk appetite refers to the types of risk the firm is willing to accommodate. It, however, should be
differentiated with the ri sk capaci ty, whi ch i s the highest level of risk that a firm can handle.
Another term is the ri sk profi l e, which the current level of risk to which the firm is exposed.
20
T he practical risk appetite is stated in two ways:
1. A statement that gives the preparedness of a firm to accommodate risks in wanting to
achieve its goals. T his is usually an internal document which the board must approve.
2. T he tools in which the risk appetite is related to the daily risk management operations of the
firm. T hese include the risk policy of the firm, business lines’ risk statements, and risk
limits.
Many financial institutions have developed risk appetite as an essential factor. From the above
diagram, the risk appetite of a firm should be below the risk capacity and above the risk profile of the
firm. T he dotted lined represents the upper and lower levels at which the risk must be reported.
Risk Mapping
T he assessment of magnitudes of risks is required after a general policy structure pertaining to risk
management has been set up by the board of directors. First, the concerned officials from the firm
should identify the risks affecting their divisions, record all the assets and liabilities that have
exposure to the risks, and should list orders falling in the horizon set for hedging activities. Once the
business risk, market risk, credit risk, and risks associated with operations are identified, the
management should look into appropriate instruments to hedge the risks. For example, a firm with
21
foreign exchange rate exposure may list all the assets and liabilities, having exposure to the exchange
rate on the horizon of hedging policy. It should also list sales and expenses that are exposed to the
exchange rate. After this, it can find the appropriate financial instrument to hedge these risks.
Risk Management Strategies
After understanding the firm’s risk appetite and mapping risks, a risk manager can decide the best
way to address the risk while prioritizing the most severe and urgent risks. Moreover, risk must put
into consideration the cost and the benefits of each risk management strategy. Risk management
strategies include:
Avoiding the risk: some risks can be managed by avoiding them. For instance, closing down
the business unit or changing the business strategy.
Retaining the risk: some risks can be accommodated by the company, through insurance.
Mitigating the risk: this method attempts to decrease the exposure, frequency, and
severity of the risk. A good example is the improvement of a firm’s infrastructure and
putting collateral on credit exposure.
T ransferring the risk: involves transferring some portion of the risk to a third party. Such
methods include insurance and the application of derivatives.
T he type of strategy is decided by the senior management, the board, and the firm's risk manager.
T he strategy should enable the firm to operate efficiently within the risk appetite.
Now let us turn our attention a little bit on the transfer of risks. T he tools of risk transfer (Hedging)
include forwards, futures, options, and swaps.
Forwards: A forward is an agreement where a given amount of asset is exchanged at a
predetermined price in the future.
Futures: A future is a financial agreement that obligates the parties involved to transact an
asset at a predetermined future date and price. T he buyer must buy, or the seller must sell
22
the underlying asset at the predetermined price, irrespective of the current market price
at the expiration date.
Options: T hese are financial instruments that are derivatives that give an investor the
right, but not the obligation, to buy or sell a predetermined asset on a specified future date.
Examples of the options include call option, put option, exotic option, and swaption.
Swap: T his is an over-the-counter (OT C) agreement to swap the cash value or the cash
flows associated with a business transaction at (until) the maturity of the deal. For
example, an interest rate swap involves paying a fixed interest rate on an agreed notional
cash amount for a specified period while the other party agrees to pay a variable interest
rate.
T he type of transfer tool used depends on the desired goals of the firm. For instance, options might
be more flexible than the forward contracts—moreover, the trading mechanism of the risk transfer
instrument. For example, firms may decide to use either exchange-traded or over-the-counter (OT C)
instruments to hedge their risks. Exchange-traded instruments are standardized products with
maturities and strikes set in advance while over-the-counter derivatives are traded by investment
banks, among others, and can be tailored to the firm’s needs. For example, the size of the contract,
strike, and maturity can all be customized. However, the credit risk is higher for OT C contracts as
compared to exchange-traded instruments. In addition, a firm should take into account the liquidity
and transaction costs related to the instrument that it wants to use for hedging.
Advantages of Hedging Risk Exposure
Hedging can reduce the cost of capital, reduce cash flow volatility, check liquidity crunch, and
improve the debt capacity of a firm. Firms with tight financial constraints might always want to
minimize cash flow volatilities to capitalize on growth opportunities. If there are synergistic effects
of hedging on the firm’s operation, then it should actively hedge to reduce volatilities that may
adversely affect its business. For example, if a firm’s core business is to manufacture using some
crop as an input, then it may use futures on the crop to hedge the price of that crop. In so doing, the
firm may go about managing its core business rather than worrying about the price fluctuations in
23
the crop.
Disadvantages of Hedging Risk Exposure
Hedging can only lead to stable earnings for a limited period. Moreover, hedging is costly (for
example, an option requires premiums). Hedging might not be appropriate in a diversified portfolio
because risk might be diversified away.
Challenges of Implementing Hedging Strategy
A firm risk management team may miscomprehend the type of risk to which it is exposed,
incorrectly measuring or mapping the risk, fail to detect variation in market structure or maybe
among the rogue traders, is their own.
Moreover, hedging might involve complex derivatives or strategies which can be compromised by
certain events such as interest rate movements.
Poor communication concerning the risk management strategy can lead to dire consequences.
T herefore, a hedging program should be well communicated.
Operationalization of Risk Appetite
As mentioned earlier, the risk management roadmap is iterative. To operationalize the risk appetite,
the risk manager evaluates the risk policies, sets the risk limit, and rightsizes the risk management
team.
A firm can choose to hedge against volatilities related to its operations. For example, a firm may
hedge the cost of an input material required for a firm’s operations. Since this type of hedging can
help reduce the risks associated with the firm’s inputs, a firm can concentrate on its core business.
It has an impact on the prices of final products and also the scale of products being sold. Hedging
currency exposures to reduce risks of losses in exports constitutes an example of hedging risks
24
related to operations. A tomato ketchup company may choose to hedge its exposure to tomato prices
so that it may concentrate on the quality and marketing of its ketchup rather than worrying about the
losses it may incur if the prices of tomatoes were to increase.
Hedging risks related to financial positions can be performed by hedging interest rate risks, interest
rate swaps, among others. If the marketplace is assumed to be perfect, then there is no need for
such hedging because this will not alter the financial health of a firm. However, if hedging is
attempted, it would be even for both parties in the hedge, as both will have equal information about
the markets. If the market is assumed to be inefficient, then there can be benefits from hedging to
one party in the transaction. T he benefits may be an increase in debt capacity and tax advantage,
economies of scale, or having comparatively better information than individual investors. Firms
should essentially hedge their operations, and if they hedge their financial positions, they should be
transparent about their policies. So, accepting some form of risk, hedging other risks, and
management of costs of hedging to benefit the firm constitute the activities underlying risk
management.
Rightsizing Risk Management
When the firm has a clear picture of its objectives in risky areas, it needs to see that the risk
management team can come up and execute the approach. T hat is, risk management should fit its
purpose.
Rightsizing of the risk management team ensures that if a firm uses complex risk management
instruments, the firm is independent of risk management providers such as investment banks.
Rightsizing also involves ensuring that the risk management function has an elaborate accounting
treatment, which can be cost or a profit center. Moreover, the firm should also decide whether to
proportionally redistribute the cost of risk management to areas where risk management is
concerned, depending on the risk culture and appetite of the firm.
Risk Limits
25
Rightsizing risk management may also involve setting up a risk-limiting system. A good example is the
stress, sensitivity, and scenario analysis limits. Scenario analysis limits are linked to determining how
bad the situation in a hypothesized worst-case scenario. T he stress test concentrates on unique
stresses while the sensitivity looks at the sensitivity of the portfolio to variables changes. However,
stress, sensitivity, and scenario analysis limits are sophisticated, require excellent expertise, and in
the case of scenario analysis, is challenging to be sure if all bases are covered.
Value-at-Risk (VaR) limits give an aggregate statistical digit as a limit, but the management can easily
misinterpret it. Moreover, it does not indicate the extent of an unfavorable condition in a stressed
market.
T he Greek limits provide the risk positions of options using Greeks such as delta, gamma, and theta.
However, their calculations may be compromised, given the lack of management and independence.
Risk concentration limits can also be used. Recall that the risk concentrations include product and
geographical risk concentrations. To set these limits, a risk manager ought to have expertise in
dealing with correlations because capturing correlation risk in a stressed market is a bit challenging.
Risk-specific limits involve setting limits concerning specific risk types such as Liquidity ratios for
Liquidity risks. On the contrary, these limits are difficult to aggregate and require expert knowledge.
Maturity (gap) limits state the limits of the transactions at maturity at each period. T hese limits are
aimed to decrease the risk associated with large-size transactions in a given time frame. However,
they are not evident in delivering price risk. Other limits include stop-loss limits and notional limits.
Risk Management Implementation
Risk management involves choosing the right instruments, coming up with the day-to-day decisions,
and establishing oversight authority. Consider risk hedging, for instance.
Access to all relevant information, data, and statistical tools is required to frame a strategy for
hedging. T he risk management team should know the background of the statistical tools being
employed to create hedges. T he nature of strategy, i.e., static or dynamic, is an important decision.
Static strategies are more of a hedge and forget strategies, where a hedge is placed almost exactly to
26
match the underlying exposure. T his hedge remains in place till the exposure ends. Dynamic
strategies require more managerial effort and involve a sequence of trades that are used to offset the
exposure as nearly as possible. Moreover, dynamic strategies may result in higher transaction costs
and require monitoring of positions closely. Proper implementation and communication are the key
requirements for the success of any hedging strategy.
T he horizon for the hedging position and accounting considerations related to the hedge often has
important implications for the way the strategy is planned. Accounting rules require that marked-to-
market profit or loss be duly recorded if the position in a derivative and underlying asset are not
perfectly matched with regards to dates and quantities. Tax laws vary among countries, and there are
differences in tax laws for different derivatives.
27
Question
Which of the following best describes the risk capacity?
A. T he amount of risk the firm is willing to accommodate
B. T he total amount of risk that a firm can accommodate without becoming insolvent
C. T he current level of risk to which the firm is exposed
D. None of the above
Sol uti on
T he correct answer is B.
Recall that, risk capacity is the highest level of risk that a firm can handle. T his implies
that it is the highest amount of risk a firm can handle without running insolvent.
Option A is incorrect because it describes the risk appetite.
Option C is incorrect because it describes the risk profile of a firm.
28
Reading 3: The Governance of Risk Management
Explain changes in regulations and corporate risk governance that occurred as a result of
the 2007-2009 financial crisis.
Describe best practices for the governance of a firm’s risk management processes.
Explain the risk management roles and responsibilities of a firm’s board of directors.
Evaluate the relationship between a firm’s risk appetite and its business strategy, including
the role of incentives.
Illustrate the interdependence of functional units within a firm as it relates to risk
management.
Assess the role and responsibilities of a firm’s audit committee.
Corporate governance can be defined as the way the firms are run. T hat is, corporate governance
postulates the roles and the responsibilities of a company's shareholders, a board of directors, and
senior management. T he relationship between corporate governance and risk has become
fundamental since the 2007-2009 financial crisis. T he critical questions to be answered in the
following text are about the relationship between corporate governance practices and risk
management practices, the organization of risk management authority through committees, and the
transmission of risk limits to lower levels so that they can be observed in daily business decisions.
Lack of transparency, lack of correct and sufficient information about economic risks, and a
breakdown in the transmission of relevant information to the board of directors are some of the
leading causes of corporate failures in nonfinancial as well as financial sectors in 2001-03 and 2007-
09. T he subprime crisis was caused by the relegation of risk management activities in the boom
years. T he risk associated with structured financial products was almost ignored, and this resulted in
failed institutions and a global financial crisis.
T he post-discussion of corporate governance includes some key issues, especially in the banking
industry. T hese include the composition of the board, the risk appetite, compensation, and
29
stakeholder priority.
Risk Appetite
T he regulators have forced banks to come up with a formal and board-approved risk appetite that
reflects the firm's willingness to accommodate risk without the risk of running insolvent. T his can
be amplified to enterprise risk limits while engaging the board.
T he boards have been tasked with the responsibility to cap overcompensation settings. T he payment
structure should capture the risk-taking adjustment to capture the long-term terms' risks. A good
example is where some banks have limited the bonus compensation schemes and also introduce
delayed bonus structures.
Board Composition
T he financial crisis led to a discussion on the firm's board's independence, engagement, and financial
industry skills. However, statistical analysis on the failed banks does not show any correlation
between the prowess of a bank and the predominance of either the insiders or outsiders.
Stakeholder Priority
T he 2007-2009 financial crisis analysis led to the realization that there was little attention to
controlling the tail risks and worst-case scenarios. T his has led to discussions on the stakeholders of
a bank and their impact on corporate governance.
Board Risk Oversight
After the crisis, the significance of the boards being proactive in risk oversight became a significant
issue. Consequently, the boards have been educated on the risks and the direct relationship of the
risk management structure, such as delegating CRO's power to report to the board directly.
Compensation
To determine risk behavior, the board takes control over compensation schemes. Boards should
30
assess the impact of pay structures on risk-taking and also examine whether risk-adjustment
mechanisms carters for all key long-term risks. Several banks have already started practicing this for
example, by limiting the spread of bonuses in compensation schemes, deferred bonus payments, and
clawback provisions.
The Infrastructure of Risk Governance
A clear understanding of business strategies and associated risks and returns is necessary for risk
governance. T he risks associated with business activities should be made transparent to the
stakeholders. Appropriate risk appetite should be set for the firm, and the board should oversee the
managerial operations and strategy formulation process. Risk management should be involved in
business planning, and risks associated with every target should be adequately assessed to see if they
fit into the firm's risk appetite. T he choices in risk management are as follows:
Scrapping activities to avoid the risk
Reducing risk exposure by hedging/buying insurance
Risk mitigation, for example, reduction of operational risks by control measures
Accepting risks to generate values for the shareholders.
31
Risk management strategies should be directed to impact economic performance rather than
accounting performance. Policies, directives, and infrastructure related to risk management should
be appropriately placed in a firm. T he seriousness of a firm about its risk management process can
be gauged by assessing the career path in the risk management division of the firm, the incentives
awarded to the risk managers, the existence of ethics within the firm, and the authority to whom the
risk managers report.
The Board and the Corporate Governance
T he primary responsibility of the board of directors is:
To steer the firm according to the interests of the shareholders. Other stakeholders like
the debt holders must also be kept in mind while making strategies at the corporate level.
T he assumption of particular risks to attain projected returns should be weighed against
the sustainability of the profits from such activities. Agency risks, i.e., the conflict of
32
interests between the management and the stakeholders, should be avoided at all costs. For
example, managers may turn to short-term profit-making while assuming long-term risks, to
make some bonuses. Corporate governance roles should be independent of the roles of the
executive, i.e., the board and the CEO should act independently of each other. Chief risk
officers have been put to task in many corporations to integrate corporate governance and
risk management activities.
T he board should ensure that staff gets rewarded according to their risk-adjusted
performance—this checks fraud related to financial manipulation and stock price boost.
T he board should check the quality and reliability of information about risks, and it should
be able to assess and interpret the data. T his ensures that all the risk management-related
operations are aligned to value creation for shareholders.
T he board should be educated on risk management and should be able to determine the
appropriate risk appetite for the firm. T here should also be an assessment of risk metrics
over a specified time horizon that the board may set. Some technical sophistication is
required to build clear strategies and directives concerning crucial risk disciplines. A risk
committee of the board should be qualified enough to handle these technicalities. It should
also be separated from the audit committee because of the differences in skills and
responsibilities.
The Transition of Corporate Governance to Best-Practice Risk

Management
As stated earlier, the 2007-2009 financial crisis reflected the weakness in the risk management and
oversight of the financial institutions. Consequently, the post-crisis regulatory has emphasized risk
governance with an aim to check both the financial risks.
Risk governance is all about coming with an organizational structure to address a precise road map of
defining, implementing, and authoritative risk management. Moreover, it touches on the transparency
and establishment of channels of communication within which an organization, stakeholders, and
regulators engage.
33
For instance, the board of directors has the responsibility for shaping and authority in risk
management. T he board of directors to analyze the major risk and rewards in a chosen firm's
business strategy.
In other words, the risk governance must ensure that it has put a sound risk management system in
place to enable it to expand its strategic objectives within the limits of the risk appetite.
The Risk Appetite Statement (RAS)
A statement of risk appetite is one of the critical components of corporate governance. RAS
contains a precise aggregated amount and types of risks a firm is willing to accommodate or avoid to
achieve its business objectives.
Clear articulation of the risk appetite for a firm helps maintain the equilibrium between the risks and
return, cultivating a positive attitude towards the tail and even risks, and attaining the desired credit
rating.
T he RAS should contain the risk appetite, and the risk tolerance measures the maximum amount of
risks taken at the business level as well as an enterprise risk. Moreover, it should be the relationship
between the risk appetite, the risk capacity, the risk profile, and the risk tolerance.
34
Risk tolerance is the number of acceptable results relative to business objectives (dotted line on the
diagram above). Risk tolerance is a tactical measure of risk, while risk appetite is the aggregate
measure of risk. Note that the risk appetite is below the risk capacity of a firm. A firm operating
within the risk tolerance can attain the risk-adjusted return objectives relative to the amount of risk.
Implementation of the Board-Level Risk Governance
In the banking industry, the board of directors charges the committees like risk management
committees, among others with ratifying policies and directives for activities related to risk
management. T he committees frame policies related to division-level risk metrics in relation to the
overall risk appetite set by the board. T hey also look after the effective implementation of these
35
policies.
Role of Audit Committee of the Board
T he audit committee's responsibility is:
To look into the accuracy of financial and regulatory reporting of the firm and the quality
of processes that underlie such activities.
It also ensures that a bank complies with standards in regulatory, risk management, legal,
and compliance activities.
T he audit committee verifies the activities of the firm to see if the reports outline the
same.
T he members should ideally be nonexecutives to keep the audit committee clear from executive
influence. T he audit committee should interact with the management productively and should keep
all channels of communication open.
The Role of the Risk Advisory Director
T here may be a few nonexecutives on the board of directors, who may not have the necessary
expertise to understand the technicalities behind the risk management activities of a sophisticated
firm. In this case, executives may dominate the nonexecutives, and this may lead to corporate
scandals. T raining programs and support systems may be put in place to aid such nonexecutives.
Another method is to have a specialist in risk management as a risk advisory director on the board.
Its functions are:
T he risk advisory director would oversee risk management policies, reports, risks related
to the overall business.
Mitigation of risks like credit risk, market risk, etc. T he risk advisory director should be
familiar with financial statements and accounting principles.
36
T he risk advisory director should oversee financial reporting and the dealings between the
firm and its associates, including issues like intercompany pricing, transactions, etc.
T he risk advisory director should look into the requirements from regulatory agencies and
should lay appropriate directives for the firm to comply with the requirements.
Participation in audit committee meetings, outlining risk profiles of strategic business
segments, sharing insights into corporate governance and risk management policies, and
overseeing the conduct of business.
The Role of the Risk Management Committee
T he risk management committee in a bank independently reviews different forms of risks like
liquidity risk, market risk, etc., and the policies related to them. T he responsibility of approving
individual credits also usually rests with the risk management committee. It monitors securities
portfolios and significant trends in the market as well as breakdowns in the industry, liquidity crunch,
etc. It reports to the board about matters related to risk levels, credits, and it also provides
opportunities for direct interaction with the external auditor, management committees, etc.
The Role of the Compensation Committee
Its responsibility is to determine the compensation of top executives. Since the CEO could convince
the board to pay the executives at the expense of shareholders, compensation committees were put
in place to check such occurrences. In the previous decade, compensation based on short-term
profits, without much concern about long-term risks, have sealed the fate of many institutions.
Since then, compensation based on risk-adjusted performance has gained recognition. Such
compensation helps in aligning business activities with long-term economic profitability.
Various caps have also been put in place on the bonuses of executives across the world to prevent a
reckless risk-bearing attitude while eying for the upside but bearing no responsibility for the
downside of the risky activity. Stock-based compensation may encourage risk-taking as the upsides
are not capped while the downsides are. To make employees concerned about the firm's financial
health, they may be made the firm's creditors by providing compensations in the form of bonds. For
example, UBS has adopted such a strategy.
37
The Risk Appetite and the Business Strategy
Many firms wish to examine how the regular activities of a firm run within the confines of the set
risk appetite and limits defined by the board and executive committees. T he process of examining
the firm's risk appetite include:
Risk approval by the board risk committee: T he board risk committee approves the risk
appetite statement on an annual basis.
T he firm's senior management (such as the CEO and CRO) is tasked by the board with
implementing the risk appetite framework.
With the approval from the board, the senior management comes up with the limiting
financial risk parameters (for example, credit risk) and nonfinancial risk (for instance,
operational risk) excited by the firm. At this point, the subcommittees can be set up to deal
with each risk type independently.
After setting the risk limit, the senior risk committee then reports the outcome to the
board risk committee accompanied by the recommendations on the total risk acceptable,
which again subject to the board risk committee's consideration and approval.
The Role of the Chief Risk Officer (CRO)
T he CRO is a member of the risk committee whose responsibilities are:
Designing the risk management program of the firm;
Risk policies, analysis dimensions, and methodologies;
Risk management infrastructure and governance in the firm;
Monitoring the firm's risk limits set by the senior risk management; and
In many financial institutions such as banks, the CRO is an intermediary between the board
and the management. T he CRO keeps the board informed on the firm's risk tolerance and
condition of the risk management infrastructure and informs the management on the state
38
of the risk management.
The Role of Incentive
As realized in the global crisis, the executive compensation schemes at many financial institutions
motivated short-run risk-taking, leading to management ignoring the long-term risks. T hat is, the
bankers were rewarded based on short-run profits. Consequently, it led to the formation of the
compensation committee to cap executive compensation. T his prevents a scenario where the CEO
can convince the board member to compensate themselves at the expense of other shareholders.
T he compensation is part of the risk culture of a firm. T hus, it should be made in accordance with
the long-term interest of the shareholders and other stakeholders and the risk-adjusted return on the
capital.
For instance, the central bank governors and the finance ministers of the G-20 countries met in
September 2009 to discuss the framework for financial stability, one of which is reforms on
compensation. T he reforms included:
Scrapping of the multi-annual guaranteed bonuses;
Controlling the amount of variable compensation given to the employees with respect to
total net revenues;
Promoting transparency through disclosure;
Recognizing the interdependence of the compensation committee to ensure that they
work either with respect to performance and risk; and
T he inclusion of the executive downside exposure by deferring an appropriate
compensation, implementing the share-based incentives, and introducing the clawback
mechanism where the bonuses are reimbursed if the longer-term losses are incurred after
the bonuses are made.
The Interdependence of Organizational Units in Risk
39
Governance
Primary responsibility is put on the firm's staff to implement the risk management at all scopes of
the firm. T he executives and the business line managers should work collaboratively to manage,
monitor, and report the various types of risk being undertaken. T he figure below illustrates the risk
management lows and divided by various management functions.
The Role of the Audit Function
T he audit function is responsible for an independent assessment of the framework and
implementation of risk management. It reports to the board about the strategies of business
managers and executives, and whether these strategies are in line with the board's expectations.
40
Regulatory guidelines require audit groups to monitor the adequacy and reliability of documentation,
the effectiveness of the risk management process, etc. For example, suppose the market risk is
under consideration. In that case, auditors are required to assess the process by which derivative
pricing models are examined, changes in measures for quantifying risks, and the scope of risks
captured by the models in use. T he integrity and independence of position data should also be
examined.
T here should be an evaluation of the design and conceptual soundness of risk metrics and measures,
and stress testing methodologies. T he risk management information system, including the process of
coding and implementing models, should also be checked and evaluated. T he same would include
examining controls over market position data capture and that over the process of parameter
estimation. T he audit function reviews the design of the financial rates database, which is used to
generate parameters for VaR models, and things like risk management system upgrade, adequacy of
application controls in risk management information system, etc. Documentation related to
compliance should be examined, and the audit function should independently assess VaR reliability.
T he guidelines for the audit function are provided in the International Professional Practices
Framework (IPPF). T he audit should, essentially, be independent of operational risk management.
T his ensures that the assessment done by the audit function is reliable.
Conclusion
It is not possible to control the financial health of a firm without an excellent risk management
function and appropriate risk metric. Historically, many corporate failures have been associated with
the relegation of risks, which would turn fatal later. An important example of this is the subprime
crisis in the United States. T herefore, a clear risk management policy should guide the strategies of
the firm, and an appropriate risk appetite should limit the exposures of the firm. Such directives
make it easy for the executives down the business line to understand their role in the risk
management activity.
T he risk committees should participate in framing risk management methodologies, and they should
have appropriate knowledge of all the risks as well as their metrics so that they can clearly
understand the risk reports. A careful delegation of authorities and responsibilities to each risk
41
management mechanism should ensure that all the gaps are filled, and all the activities are
complementary to each other. After taking risk into account, risk measures like VaR, economic
capital, etc. can be used to set risk limits, and also be used to determine the profitability of various
business lines.
Risk infrastructure can be used as a tool in the analysis and pricing of various deals. It can also be
used to formulate incentive compensation schemes so that business decisions and strategies are
aligned with risk management decisions.
42
Question
Which of the following statements best describes the role of the board in risk
management?
A. Issuing guidelines on how to manage risks
B. Developing the risk appetite statement and objectives the managers should strive to
meet within the risk management framework.
C. Regularly reviewing decisions made by managers regarding risk exposures
D. Choosing the risk exposures to hedge, the risks to mitigate, and those to avoid
altogether
Sol uti on
T he board sits above the managers in the hierarchy of management in most for-profit
organizations. T he board assembles and develops a comprehensive risk appetite
statement, specifying the risks the company should assume and those to avoid, including
the preferred methods of risk mitigation. T he managers consult the risk appetite
statement when choosing the projects to undertake.
43
Reading 4: Credit Risk Transfer Mechanisms
Compare different types of credit derivatives, explain their application, and describe their
advantages.
Explain different traditional approaches or mechanisms that firms can use to help mitigate
credit risk.
Evaluate the role of credit derivatives in the 2007-2009 financial crisis and explain changes
in the credit derivative market that occurred as a result of the crisis.
Explain the process of securitization, describe a special purpose vehicle (SPV), and assess
the risk of different business models that banks can use for securitized products.
Overview of Credit Risk Management
Lending is undoubtedly one of the most profitable investment avenues for banks. T raditionally, banks
take short-term deposits and pool them together to provide long-term loans. However, these loans
introduce credit risk – the possibility that the funds disbursed may not be recovered following an
event of default by the borrower. T here are several ways used by banks to deal with credit risk
exposure. Banks can
Accept the risk, where the bank simply provides loans and takes no further action
Avoi d the risk, which means the bank turns down credit applications
Reduce the risk by taking measures that eliminate at least part of the exposure, for
example, by adopting a rigorous screening process at the application stage
Transfer the risk to some other entity or person (collectively referred to as the
counterparty)
In this chapter, we will extensively look at various methods used by banks to transfer credi t ri sk
44
exposure.
The Role of Credit Derivatives in the 2007-2009 Financial

Crisis
Risk transfer among banks began in earnest towards the end of the 20th century. Indeed, onetime
Federal Reserve Chairman Allan Greenspan is on record admitting that credit derivatives and
securitizations are the main reason why the United States banking system emerged from the largely
unscathed 2001-2002 economic slowdown. Some of the instruments that had been in use at the time
included credit default swaps, collateralized debt obligations, and collateralized loan obligations.
However, in the aftermath of the 2007/2009 financial crisis, credit derivatives took a significant
share of the blame. It has since emerged that the problem was not the instruments themselves but
how they were used. While some of these instruments virtually disappeared from the market in the
years following the crisis, others continued to thrive. In particular, the CDS and CLO markets
remained robust and are still being used widely by banks to manage and transfer credit risk. T he very
complex instruments, such as collateralized debt obligations squared (CDOs-squared) and single-
tranche CDOs, are unlikely to be revived. In recent years, new credit risk transfer mechanisms have
also emerged.
Types of Credit Risk Derivatives
Credi t deri vati ves are financial instruments that transfer the credi t ri sk of an underlying
portfolio of securities from one party to another party without transferring the underlying portfolio.
T hey are usually privately held, negotiable contracts between two parties. A credit derivative allows
the creditor to transfer the risk of the debtor’s default to a third party.
Credit derivatives are over-the-counter: instruments, meaning they are non-standardized, and the
Securities and Exchange Commission regulations do not bound their trading.
T he main types of credit derivatives include:
45
Credit default swaps
Collateralized debt obligations
Collateralized loan obligations
Total return swaps
Credit spread swap options
Credit Default Swaps (CDS)
In a CDS, one party makes payments to the other and receives in return the promise of
compensation if a third party defaults.
Exampl e:
Suppose Bank A buys a bond issued by ABC Company. In order to hedge the default of ABC Company,
Bank A could buy a credit default swap (CDS) from insurance company X. T he bank keeps paying the
insurance company fixed periodic payments (premiums) in exchange for default protection.
Debt securities often have longer terms to maturity, sometimes as much as 30 years. Consequently,
it is difficult for the creditor to develop reliable credit risk estimates over such a long investment
period. For this reason, over the years, credit default swaps have become a popular risk management
tool. As of June 2018, for example, a report by the U.S. Comptroller of the Currency office placed
the size of the entire credit derivatives market at $4.2 trillion, of which credit default swaps
accounted for $3.68 trillion (approx. 88%).
Like other derivatives, the payoff of a CDS is contingent upon the performance of an underlying
instrument. T he most common underlying instruments include corporate bonds, emerging market
bonds, municipal bonds, and mortgage-backed securities.
T he value of a CDS rises and falls as opinions change about the likelihood of default. An actual event
of default might never occur. A default event can be difficult to define when dealing with CDSs.
Although bankruptcy is widely seen as the “de facto” default, there are companies that declare
bankruptcy and yet proceed to pay all of their debts. Furthermore, events that fall short of default
46
can also cause damage to the creditor. T hese events include late payments or payments made in a
form different from what was promised. T rying to determine the exact extent of damage to the
creditor when some of these events happen can be difficult to determine. CDSs are designed to
protect creditors against such credit events.
Advantages of CDSs
CDSs can serve as shock absorbers during a corporate crisis. As happened during the
2001/2002 economic slowdown in the U.S., many creditors from firms such as Worldcom
and Enron had transferred the risk, and as a result, these corporate scandals did not spread
into the banking sector.
CDS contracts ultimately result in more liquidity (access to capital) since banks have an
incentive to lend more at favourable terms.
T he pricing of credit default swaps serves as evidence of the prevailing financial health of
the debtor. When used alongside credit ratings, CDSs offer an opportunity further to
improve market information about the creditworthiness of the debtor.
Disadvantages of CDSs
Speculators may increase trading on a CDS resulting in an increase in the CDS premium
concerning a given entity. As a result, such an entity could face increased borrowing rates
if it tries to access the financial markets for a loan. For sovereign name CDS contracts
(where the borrower is a sovereign country), high premiums may force investors to stay
away or switch investments to avoid losses.
T he termination event (i.e., default event) may not be specified, and even if a clear
definition exists, the credit protection seller may find it difficult to price some events.
CDS contracts can be abused and manipulated, creating the illusion that the protection
buyer is protected when, in fact, they are not.
Example: Assume that we have five parties – A, B, C, D, and E. We assume that party B buys
47
protection from party C for the loan made to party A, but C also transfers this risk to party D, and D
does the same and buys protection from monoline insurer E. In this scenario, there are three
individual agreements made, but economically, only the last buyer (the monoline insurer) bears the
ultimate risk. Most important, the gross notional amount is inflated three ti mes more than the
aggregate net exposure.
T he participation of banks in the CDS market can introduce a moral hazard in the sense
that the CDS (which is an insurance policy against default) may result in laxity in credit
monitoring. Take the case of Enron. For example, several lenders had debt exposure to
Enron, and to protect their investments, the banks bought a massive amount of insurance
in the form of CDSs. It is estimated that about 800 swaps were bought to insure $8 billion
on Enron’s risk. By so doing, the banks neglected their speci al i ty for moni tori ng,
despite having the necessary tools and access to Enron’s financial system.
Collateralized Debt Obligations
Collateralized debt obligations (CDOs) are structured products created by banks to offload risk. T he
first step entails forming diversified portfolios of mortgages, corporate bonds, and various other
assets. T hese portfolios are then sliced into different tranches and sold to investor groups with
different risk appetites.
T he safest tranche is also known as the seni or tranche. It offers the lowest interest rate, but it
is the fi rst to receive cash flows from the underlying asset portfolio. T he mi ddl e tranche offers
a slightly higher interest rate and ranks just below the senior tranche. T hus, it takes the second spot
48
during cash flow distribution. T he most junior tranche, also called the equi ty tranche, offers the
highest interest rate but ranks during cash flow distribution. It is also the first tranche to absorb any
loss that may be incurred. T he amount available for distribution to the equity (junior) tranche is
whatever is left from the two other tranches, the m management fees. T hese fees can range from
0.5% to 1.5% annually.
Investors in these tranches can protect themselves from default by purchasing credit default swaps.
T he CDS guarantees a pre-specified compensation if a given tranche defaults. In turn, the investors
must make regular payments to the credit protection seller (writer of the CDS).
Each tranche is assigned its credit rating, except the equity tranche. For instance, the senior tranche
is constructed to receive an AAA rating. Highly rated tranches are sold to investors, but the junior-
ranking ones may end up being held by the issuing bank. T hat way, the bank has an incentive to
monitor the underlying loans.
Example: Calculating Cash Flows for CDO Tranches
Let us assume there is a $100 million collateral portfolio that is composed of debt at 6%. To pay for
this collateral, the CDO is divided into three tranches:
$85m of Class A securities, with a credit rating of AAA, senior debt paying 5.0%
$10m of Class B securities, with a credit rating of BBB, mezzanine debt paying 9.0%
$5m of Class C securities (equity tranche)
In this scenario, the $85m of Class A would pay out $4.25m (= $85m x 5.0%) in interest each year,
Class B pays out $0.9 ($10m x 9.0%). Of the remaining $0.85m ($6m - $4.25m - $0.9m), $0.2m is used
to pay for fees, leaving the equity holders with a return of 13% ($0.65m/$5m).
Advantages of CDOs
When used responsibly, CDOs can be excellent financial tools that can increase the
avai l abi l i ty and fl ow of credi t in the economy. By selling CDOs, banks can free up
more funds that can be lent to other customers.
49
CDOs take into account the di fferent l evel s of ri sk tol erance among investors. An
investor without much risk tolerance could buy the senior tranche of a CDO, which
represents the highest-quality loans. On the other hand, an investor with higher risk
tolerance could buy the junior tranche that’s backed by somewhat riskier loans.
Collateralized debt obligations allow banks to transform relatively illiquid security (a single
bond or loan) into relatively liquid security.
Disadvantages of CDOs
CDOs can result in rel axed l endi ng standards among banks, as happened in the run-up
to the 2007/2009 financial crisis. Most of the CDOs sold at the time were composed of
mortgage loans made to borrowers with questi onabl e banks that were not so keen to
establish accurate and reliable borrower profiles because they would repackage and sell
the mortgages to third parties, essentially taking the risk of default off their books.
Market fears can result in a near standstill in trading, thereby creating a l i qui di ty
probl em and financial loss for the investor. For example, in the run-up to the 2007/2009
financial crisis, the CDOs market grew at an astonishing rate, particularly because there
was an overly positive forecast of the mortgage market. It was expected that home prices
would continue going up indefinitely. So, when prices stopped going up, defaults
skyrocketed, and panic set in. All of a sudden, banks stopped selling CDOs, and the housing
market plunged. As CDOs dropped in value, billions were lost by investors, including
pension funds and corporations.
Collateralized Loan Obligations
A collateralized loan obligation is similar to a collateralized debt obligation, except that the underlying
debt is a company loan instead of a mortgage. T he investor receives scheduled debt payments from
the underlying loans, bearing most of the risk if borrowers default.
As with CDOs, CLOs use a waterfall structure to distribute revenue from the underlying assets. T he
structure dictates the priority of payments when the underlying loan payments are made. It also
50
indicates the risk associated with the investment since investors who are paid last (equity holders)
have a higher risk of default from the underlying loans.
CLOs have the same set of advantages and disadvantages as CDOs.
Total Return Swap
A total return swap is a credit derivative that enables two parties to exchange both the credit and
market risks. In a total return swap, one party, the payer, can confidently remove all the economic
exposure of the asset without having to sell it. T he receiver of a total return swap, on the other
hand, can access the economic exposure of the asset without having to buy it.
For example, consider a bank with significant (but risky) assets in the form of loans in its books.
Such a bank may want to reduce its economic exposure concerning some of its loans while still
retaining a direct relationship with its customer base. T herefore, the bank can enter into a total
return swap with a counterparty that desires to gain economic exposure to the loan market. What
happens is that the bank (payer) pays the interest income and capital gains coming from its customer
base to these investors. In return, the counterparty (receiver) pays a variable interest rate to the
bank and also bears any losses incurred in the loan.
51
Advantages of Total Return Swaps
T he T RS allows one party (receiver) to derive the economic benefit of owning an asset
without putting that asset on its balance sheet and allows the other party (payer), which
does retain that asset on its balance sheet) to buy protection against loss in the asset’s
value. T his makes T RSs one of the most preferred forms of financing for hedge funds and
special purpose vehicles.
Disadvantages of Total Return Swaps
T RSs carry counterparty ri sk . Consider a T RS between a bank (payer) and a hedge fund
(receiver) to see how this manifests. Any decline in the value of the underlying loans will
reduce returns, but the fund will have to continue making regular payments to the bank. If
the decline in the value of assets continues over a significant period, the hedge fund could
suffer financial strain, and the bank will be at risk of the fund’s default. T hat hedge funds
almost always operate with much secrecy only serves to heighten default risk.
T RSs are exposed to i nterest rate ri sk . T he payments made by the total return
receiver are often equal to LIBOR plus a spread. An increase in LIBOR during the
52
agreement increases the payment due to the payer, while a decrease in LIBOR decreases
the payments to the payer.
Credit Default Swap Option
A credit default swap option (CDS option), also known as a credit default swaption, is an option on a
credit default swap. It gives its holder the right, but not the obligation, to buy or sell protection on a
specified reference entity for a specified future period for a certain spread.
CDS options can either be payer swaptions or receiver swaptions.
A payer swaption gives the holder the right to buy protection (pay premiums)
A receiver swaption gives the option holder the right to sel l protection (receives
premiums)
Traditional Approaches That Firms Can Use to Help Mitigate

Credit Risk.
Banks use several ways to reduce their exposure to credit risk, both individually and on an aggregate
basis. Such credit protection techniques include the following:
Insurance
Credit Risk insurance is a critical risk-mitigation technique when protecting against a bad debt or
slow payments that are not in line with the initial agreement. If the counterparty cannot pay due to a
host of issues such as insolvency, political risk, and interest rate fluctuations, the credit insurer will
pay. By the principle of subrogation, the insurer can then pursue the counterparty for payment.
When insurance is sought on an i ndi vi dual obl i gor basis, this is termed a guarantee.
Netting
Netting is the practice of offsetti ng the value of multiple positions or payments due to be
exchanged between two or more parties. Netting entails looking at the difference between the
53
asset and liability values for each counterparty involved, after which the party that is owed is
determined. For netting to work, there must be documentation that allows exposures to be offset
against each other.
Netting frequently occurs when companies file for bankruptcy. T he entity doing business with the
defaulting company offsets any money they owe the defaulting company with money owed. T he
parties then decide how to settle the amount that cannot be netted through other legal mechanisms.
Marking-to-Market/Margining
T his refers to the settlement of gains and losses on a contract daily. It avoids the accumulation of
large losses over time, which can lead to a default by one of the parties. As with netting, an
agreement has to be in place allowing counterparties to periodically revalue a position and transfer
any net value change between them so that the net exposure is minimized.
Termination
Termination describes a situation where parties develop tri gger cl auses in a contract that gives
the counterparty the right to unwind the position using some predetermined methodology. T rigger
events may include:
A rating downgrade
Exceedance of a borrowing/leverage limit
Performance below a specified threshold
The Securitization Process
Historically, banks used to originate loans and then keep them on their balance until maturity. T hat
was the ori gi nate-to-hol d model. With time, however, banks gradually and increasingly began to
distribute the loans. By so doing, the banks were able to limit the growth of their balance sheet by
creating a somewhat autonomous investment vehicle to distribute the loans they originated. T his is
known as the ori gi nate-to-di stri bute business model.
54
From the perspective of the originator, the OT D model has several benefits:
It introduces specialization in the lending process. Functions initially designated for a single
firm are now split among several firms.
It reduces banks’ reliance on the traditional sources of capital, such as deposits and rights
issues.
It introduces flexibility into banks’ financial statements and helps them diversify some
risks.
To borrowers, the OT D model led to an expanded range of credit products and reduced as well as
from borrowing costs.
T he OT D model, however, has its disadvantages:
Allowing banks to hive off part of their liabilities can relax lending standards and contribute
to riskier lending. T his implies that borrowers who previously would be turned away -
possibly because of poor credit history - are now able to access credit.
By splitting functions among multiple firms, the model can make it difficult for borrowers
to renegotiate terms.
A direct result of the shift to the originate-to-distribute model is securi ti zati on, which involves
repackaging loans and other assets into new securities that can then be sold in the securities
markets. T his eliminates a substantial amount of risk (i.e., liquidity, interest rate, and credit risk)
from the originating bank’s balance sheet when compared to the traditional originate-to-hold strategy.
Apart from loans, various other assets, such as residential mortgages and credit card debt obligations,
are often securitized.
To reduce the risk of holding a potentially undiversified portfolio of mortgage loans, several
originators (financial institutions) work together to pool residential mortgage loans. T he loans pooled
together have similar characteristics. T he pool is then sold to a separate entity, called a special
purpose vehicle (SPV), in exchange for cash. An issuer will purchase those mortgage assets in the
SPV and then use the SPV to issue mortgage-backed securities to investors. MBSs are backed by
55
mortgage loans as collateral.
T he simplest MBS structure, a mortgage pass-through, involves cash (interest, principal, and
prepayments) ﬂowing from borrowers to investors with some short processing delay. Usually, the
issuer of MBSs may enlist the services of a mortgage servi cer whose main mandate is to manage
the cash flow from borrowers to investors in exchange for a fee. MBSs may also feature mortgage
guarantors who charge a fee and, in return, guarantee investors the payment of interest and
principal against borrower default.
56
Question
What are the contractual specifications for the protection seller of a credit default
swap?
A. T he protection buyer pays a premium to the protection seller at regular time
intervals, until a credit event occurs, in which case the protection seller pays the
protection buyer compensation for the credit event
B. If a credit event occurs, the protection seller is obliged to exchange contractually
specified assets for government bonds.
C. T he protection seller pays a premium to the protection buyer at regular time
intervals until a credit event occurs, in which case the protection buyer pays the
protection seller compensation for the credit event.
D. If the underlying of the credit default swap is a bond issued by a specific corporation,
only this corporation can act as a protection seller.
The correct answer i s: A)
In a CDS, one party makes payments to the other and in return, receives the promise of
compensation if a third party defaults.
Example: Suppose Bank A buys a bond issued by ABC Company. In order to hedge the
default of ABC Company, Bank A could buy a credit default swap (CDS) from insurance
company X. T he bank keeps paying fixed periodic payments (premiums) to the insurance
company, in exchange for the default protection. In the event of default, the bank would
receive compensation from the insurance company, usually equal to the bond's face
value.
D i s i ncorrect. T he issuer of a bond cannot double up as the protection seller of the
security issued.
57
Reading 5: Modern Portfolio Theory (MPT) and the Capital Asset
Pricing Model (CAPM)
Explain modern portfolio theory and interpret the Markowitz efficient frontier.
Understand the derivation and components of the CAPM.
Describe the assumptions underlying the CAPM.
Interpret and compare the capital market line and the security market line.
Apply the CAPM in calculating the expected return on an asset.
Interpret beta and calculate the beta of a single asset or portfolio.
Calculate, compare, and interpret the following performance measures: the Sharpe
performance index, the T reynor performance index, the Jensen performance index, the
tracking error, information ratio, and the Sortino ratio.
Exam ti p: Be sure to understand the cal cul ati ons behi nd the CAPM because there i s a
strong l i k el i hood you wi l l be getti ng mathemati cal questi ons on thi s i n your FRM part
1 exam.
Modern Portfolio Theory
Modern portfolio theory is attributed to Harry Markowitz, who postulated that a rational investor
should evaluate the potential portfolio allocations based on means and variances of the expected
return distributions.
Assumptions of the Modern Portfolio Theory
I. T he capital markets are perfect. Perfect market implies that:
58
T here are no transaction costs and taxes.
All market participants can access available information without any cost.
T here is perfect competition in the market.
II. T he returns from the portfolios are normally distributed. T his allows the characteristics of the
returns to be stated in terms of the mean and the variance.
Markowitz suggested that the size of investment made by an institution should be based on the
contribution of the assets to the entire portfolio's return (in terms of mean and return). T he assets'
performance is not evaluated independently but rather with the performance of other assets.
Portfolio diversification is one method of decreasing the risk exposure to each asset. T hus, investors
must be compensated for accepting the risk in each asset. Diversification enables the maximization
of the level of returns at any provided level of risk.
Markowitz Efficient Frontier
T he Markowitz Efficient Frontier (or only efficient frontier) is a curved solid curve with a plot of
the optimal returns for each level of risk. Each point on the curve represents the maximum level of
portfolio return for a given level of risk.
59
Now, consider the following efficient frontier.
60
Portfolio P gives the best return for the same level of risk. On the other hand, portfolio K is termed
as suboptimal since there are other portfolios (located on the vertical distance between the portfolio
K and the efficient frontiers) that can offer better returns for the same level of risk, namely
portfolio M.
Portfolio M is referred to as the market portfolio. T he market portfolio assumes that the market
attains the equilibrium and appropriately includes all the risky assets in the economy weighted by
their respective market values.
Portfolio P is also an efficient portfolio, but representing a lower level of risk than portfolio M.
61
From the efficient frontier, it is easy to see that the expected return is increased by increasing the
portfolio's risk level and vice versa. T he dotted line represents the most inefficient portfolios; in
this case, portfolio L. Inefficient portfolios imply that the investor achieves the lowest level of
return given any level of risk.
The Capital Asset Pricing Model (CAPM)
T he Capital Asset Pricing Model, derived by Sharpe, Lintner, and Mossin, stipulates assumptions
regarding the market and how investors behave to enable the creation of an equilibrium model of
prices in the whole market. CAPM explains that the market equilibrium is attained when all investors
hold portfolios whose constituents are a combination of riskless assets and the market portfolio.
Assumptions Underlying the CAPM
Assumptions of the CAPM model include:
T here are no transaction costs
T here are no taxes
Assets are infinitely divisible
Unlimited short-selling is permissible
All assets are marketable/liquid
Investors are price takers whose individual buy and sell transactions do not affect the
price
Investors' utility functions are based solely on expected portfolio return and risk
T he only concern among investors are risk and return over a single period, and the single
period is the same for all investors.
Under these assumptions, the expected rate of return over a given holding time is given by:
62
E (R i ) = R f + βi (R m − R f )
Where
E(R i ): the expected return of asset i over the holding period
R f : rate of return on the risk-free asset
R m : Expected market return over the holding period
βi: the Beta factor of the asset i
Note that (R m − R f ) is the expected return per unit risk (beta) and βi (R m − R f ) is the expected
return above the risk-free rate of return.
Interpreting Beta
Beta is a measure of the systematic risk associated with a particular stock, asset, or portfolio.
Systemati c ri sk is the portion of risk that cannot be eliminated by any amount of diversification.
63
A value of beta above 1 indicates a stock/asset/portfolio that has, historically, amplified the return of
the whole market (positive or negative). A beta close to zero would indicate a stock/asset/portfolio
that provides a more stable return than the market as a whole. A negative beta would signify a
stock/asset/portfolio whose performance is counter-cyclical, i.e., offsets the overall market
experience.
For company i:
Cov(i, m) σim
βi = =
σm
2 σm
2
Where σm is the variance of the market index and σim the covariance between the individual
stock’s/asset’s return and that of the market.
Alternatively, by using the fact that:
Cov(i,m) σi
Corr(i, m) = ρim = = m
σiσm σiσm
64
⇒ σim = ρim . σi σm
We can write:
σi
βi = ρim
σm
Where
ρim : correlation coefficient between returns of asset i and that of the market portfolio.
σi: standard deviation of asset i
σm : standard deviation of the market portfolio
T herefore, we can write:
Rm − Rf
E(R i) = R f + σi ρim ( )
σm
T his is the equation of the security market line (SML). T he equation implies that the expected
return on any asset is equivalent to a risk-free rate of return plus the premium. T he SML implies
that the expected return on any asset can be expressed as the linear function of assets covariance
with the whole market.
Derivation of CAPM
T he derivation of CAPM involves three major steps:
1. Recognize that investors are only compensated for bearing systematic risk, not specific
risks that can easily be diversified away. Note that, beta is an appropriate measure of
systematic risk.
2. Suppose we recognize that portfolio expected return is a weighted average of individual
expected returns and portfolio beta is a weighted average of the individual betas. In that case,
we can show that portfolio return is a linear function of portfolio beta. And because
arbitrage prevents mispricing of assets relative to systematic risk, then an individual asset's
expected return is a linear function of its beta.
65
3. We can then use the risk-free asset and the market portfolio to solve for the intercept and
slope of the CAPM.
E(R i ) = R f + β (R m − R f )
The Capital Market Line
T he capital market line expresses the expected return of a portfolio as a linear function of the risk-
free rate, the portfolio's standard deviation, and the market portfolio's return and standard deviation.
E (R m ) − R f
E(R C ) = R f + [ ] σC
σm
Where
E(R C ) is the expected return of any portfolio on the efficient frontier
σC is the standard deviation of the return on portfolio C
E(R m ) is the expected return on the market portfolio
σm is the standard deviation of the return on the market portfolio
R f is the risk-free rate of return.
66
T he capital market return implies that the return on any portfolio is a linear function of its standard
E(Rm )−Rf
deviation. T he variable [ ] is termed as the market price of risk or the risk premium.
σm
Single-Index Performance Measurement Indicators
The Sharpe Performance Index (SPI)
T he Sharpe ratio is equal to the risk premium divided by the standard deviation:
E (R p) − R f
SP I =
σ (R P )
Where:
E (R p) = portfolio’s expected return
67
R f = risk-free rate
σ (R P ) = standard deviation of returns of the portfolio
T he Sharpe ratio, or reward-to-variability ratio, is the slope of the capital allocation line (CAL). T he
greater the slope (higher number), the better the asset. Note that the risk being used is the total risk
of the portfolio, not its systematic risk, which is a limitation of the measure. T he portfolio with the
highest Sharpe ratio has the best performance, but the Sharpe ratio by itself is not informative. In
order to rank portfolios, the Sharpe ratio for each portfolio must be computed.
A further limitation occurs when the numerators are negative. In this instance, the Sharpe ratio will
be less negative for a riskier portfolio resulting in incorrect rankings.
The Treynor Performance Index (TPI)
T he T reynor measure (1965) of a portfolio is explained by the expression below.
E (R p ) − R f
T PI =
βp
Where:
E (R p) = portfolio’s expected return
R f = risk-free rate
βp = beta of the portfolio
T reynor measures the risk premium per unit risk (Beta). As with the Sharpe ratio, the T reynor ratio
requires positive numerators to give meaningful comparative results and, the T reynor ratio does not
work for negative beta assets. Also, while both the Sharpe and T reynor ratios can rank portfolios,
they do not provide information on whether the portfolios are better than the market portfolio or
information about the degree of superiority of a higher ratio portfolio over a lower ratio portfolio.
The Jensen Performance Index (JPI)
68
Jensen's alpha (Jensen, 1968) is described as an asset's excess return over and above the return
predicted by CAPM.
Jensen’s measure of a portfolio = α p = E (R p ) − [R f + βp (E (R m ) − R f )]
Jensen's alpha is based on systematic risk. T he daily returns of the portfolio are regressed against
the daily market returns to compute a measure of this systematic risk in the same manner as the
CAPM. T he difference between the actual return of the portfolio and the calculated or modeled risk-
adjusted return is a measure of performance relative to the market.
If αp is positive, the portfolio has outperformed the market, whereas a negative value indicates
underperformance. T he values of alpha can be used to rank portfolios or the managers of those
portfolios, with the alpha being a representation of the maximum an investor should pay for the
active management of that portfolio.
Relationships Between Treynor and Jensen Performance Indices
Denote the JPI by α p which is the y-intercept of the regression equation:
E (R p) − R f = α p + βp (E (R m ) − R f )
Divide the equation above by βp to get:
E (R p) − R f αp
= + (E (R m ) − R f )
βp βp
T he left-hand side of the equation above is just T PI. So,
αp
T reynor Performance Index = T P I = + (E(R m ) − R f )
βp
αp
For a greater performance, T P I > E (R m ) − R f and thus > 0. Also, βp > 0 for almost all assets and
βp
thus it must be true that α p > 0. From these results is evident to say that if a superior performance
is demonstrated by T PI, then is also the case for JPI and vice versa.
69
The Tracking-Error (TE)
T racking error measures the difference between a portfolio's return and that of a benchmark level,
which was meant to be surpassed by the tracking error. We need to calculate the quantity:
T E = (R P − R B)
Where
R P : the return of the portfolio is considered
R B : Return on the benchmark portfolio
Another way of calculating the T E is to calculate the standard deviation of the difference in the
portfolio and the benchmark return:
∑ (R P − R B )2
T E =√
N −1
Where N is the number of periods under consideration.
The Information Ratio (IR)
T he information ratio is similar to SPI only that it is the active return relative to the benchmark
portfolio divided by the standard deviation of the active return (R P − R B) :
E(R P − R B )
IR =
√V ar(R P − R B )
Where:
R P =portfolio return and
R B =benchmark return
IR can be used in place of T E
70
The Sortino Ratio (SR)
T he Sortino ratio is much like the Sharpe ratio, but there are two glaring differences:
T he risk-free rate is replaced with a minimum acceptable return, denoted as R m in
T he standard deviation is replaced by a semi-standard deviation, which measures the
variability of only those returns that fall below the minimum acceptable performance.
T he measure of risk is the square root of the mean squared deviation from T of those observations
in period t where T > R P t , else zero.
(E(R P ) − T
SR =
1 N
√ N ∑t=1 min(0, R P t − T )2
Where T is the target or required rate of return (which can be a risk-free rate or any other rate) for
an investment decision. It is also termed as the minimum acceptable rate of return (MAR).
71
Question 1
Given the following information for a security:
R f = 5%
Std. dev. of security = 40%
Security correlation with market = 0.80
Std. dev. of market = 20%
R m = 10%
What is the expeceted return for the security?
A. 16%
B. 13%
C. 21%
D. 24%
First, find Beta;
Beta = (0.80 x 0.40)/0.20 = 1.6
Next, use the CAPM model to find the expected return;
E(R i ) = R f + βi(R m − R f )
E(R i ) = 5% + 1.6(10% - 5%) = 13%
Question 2
72
Given the following information:
Risk-free asset: R f = 3%
Market portfolio: E(R p) = 10%
Standard deviation: σ = 26%
What is the expected return from a portfolio which has 130% weight invested in the
risky asset?
A. 14.8%
B. 8.4%
C. 12.1%
D. 13%
Here, we’re borrowing 30% in the risk-free asset and investing the proceeds plus the
whole portfolio in the market portfolio.
Return with -30% in the risk-free asset and 130% in the risky asset:
E(R i ) = -0.3 × 3% + 1.3 × 10% = 12.1%
Question 3
A portfolio has an expected return of 18% and a volatility of 10%. If the risk-free rate of
interest is 4%, then what is the Sharpe ratio of the portfolio?
A. 0.14
B. 0.18
C. 1.8
73
D. 1.4
T he correct answer is D.
E (R p) − R f
SP =
σ (R P )
Sharpe Ratio of the portfolio = (0.18-0.04)/0.10 = 1.4
Question 4
Your portfolio had a value of EUR 1,000,000 at the start and EUR 1,150,000 at the end of
the year. Over the same period, the benchmark index has had a return of 4%. If the
tracking error is 11%, then what is the information ratio?
A. 1
B. 0.11
C. 0.733
D. 1.36
T he correct answer is A.
T he return of the portfolio is (1,150,000 - 1,000,000) / 1,000,000 = 0.15 or 15%
E(R P ) − E (R B )
IR =
T racking error
= (15% - 4%) / 11% = 1
74
Reading 6: The Arbitrage Pricing Theory and Multifactor Models of
Risk and Return
Explain the arbitrage pricing theory (APT ), describe its assumptions, and compare the APT
to the CAPM.
Describe the inputs (including factor betas) to a multifactor model and explain the
challenges of using multifactor models in hedging.
Calculate the expected return of an asset using a single-factor and a multifactor model.
Explain how to construct a portfolio to hedge exposure to multiple factors.
Describe and apply the Fama-French three-factor model in estimating asset returns.
In the previous reading, we discussed the Capital Asset Pricing Model (CAPM). CAPM is a single-
factor model that gives the expected return of a portfolio as a linear function of the markets’ risk
premium above the risk-free rate, where beta is the gradient of the line.
On the other hand, the Arbitrage Pricing Model (APT ) uses the same analogy as CAPM, but it includes
multiple economic factors.
The Arbitrage Pricing Theory
According to APT, multiple factors (such as indices on stocks and bonds) can explain the expected
return rate on a risky asset. APT has three common assumptions.
Assumptions of the APT Model:
1. T he returns from the assets can be explained using systemic factors.
2. No arbitrage opportunities exist in a well-diversified portfolio. (Arbi trage refers to the
action of buying an asset in the cheaper market and simultaneously selling that asset in the
75
more expensive market to make a risk-free profit.)
3. By using diversification, the specific risks can be eliminated from the portfolios by the
investors.
According to APT, return on given security i is given by:
R i = E(Ri) + βi1 [I1 − E(I1)] + ⋯ + βi K [IK − E(IK )] + ei
Where
R i: rate of return on security i (i = 1, 2, …, N)
E(R i ): the expected return of security i.
IK − E(IK ) : Surprise factor (the difference between the observed and expected values in factor k)
βiK : measure the effect of changes in a factor I_k on the rate of return of security i
ei: noise factor also called idiosyncratic factor
T he APT was put to trial by Roll and Ross (1980) and Chen, Roll, and Ross (1986) while determining
the factors that explained the average returns on traded stocks on New York Securities Exchange
(NYSE).
According to Roll, a well-diversified portfolio are volatile, and that the volatility of a long portfolio is
equivalent to half of the average volatility of its constituent assets. T herefore, he concluded that
systematic risk drivers limit the impact of diversification within the asset groups.
According to Ross (1976), assuming that there is no arbitrage opportunity, the expected return on a
well-diversified is given by:
E(R P ) = E(R Z) + βP 1 [E(I1 ) − E(R Z )] + ⋯ + βP K [E(IK ) − (R Z)]
where
E(R P ): Expected return on a well-diversified portfolio
βP K : Factor loading for portfolio relative of factor k
76
E(R Z ): Expected rate of return on a portfolio with zero betas (such as risk-free rate of return)
E(IK ) − E(R Z ): Risk premium relative to factor k
Moreover, Roll realized that a portfolio that has been adequately diversified possesses a high
correlation when drawn from a similar asset class and less correlated when diversification occurs
across multiple asset groups.
Example: Calculating Expected Return Under APT
T he following data exists for asset A:
Risk-free rate = 3%,
GDP factor beta = 0.40,
Consumer sentiment factor beta = 0.20,
GDP risk premium = 2%,
Consumer sentiment risk premium = 1%
Calculate the expected return for Asset A using a 2-factor APT model.
E (R A ) = 0.03 + 0.4(0.02) + 0.2(0.01) = 0.04 = 4%
Note: Both CAPM and APT describe equilibrium expected returns for assets. CAPM can be
considered a special case of the APT in which there is only one risk factor – the market factor.
Many investors prefer APT to CAPM since APT is an improved version of CAPM. T his is because
CAPM is a one-factor model (only the market index is used to calculate the expected return of any
security). At the same time, the APT is a multifactor model where numerous indices are used to
explain the variation of the expected rate of return of any security.
Multifactor Models
77
A multifactor model is a financial model that empl oys mul ti pl e factors in its calculations to
explain asset prices. T hese models introduce uncertainty stemming from mul ti pl e sources.
CAPM, on the other hand, limits risk to one source – covariance with the market portfolio.
Multifactor models can be used to calculate the required rate of return for portfolios as well as
individual stocks.
CAPM uses j ust one factor to determine the required return – the mark et factor. However,
the market factor can be spl i t up even further into different macroeconomic factors. T hese may
include inflation, interest rates, business cycle uncertainty, etc.
A factor can be defined as a variable that explains the expected return of an asset.
A factor-beta is a measure of the sensitivity of a given asset to a specific factor. T he bigger the
factor, the more sensitive the asset is to that factor.
A multifactor appears as follows:
R i = E (R i) + βi1F1 + βi2 F2 + ⋯ + βik Fk + ei
Where:
R i=rate of return on stock i
E (R i) =expected return on stock i
βik=sensitivity of the stock's return to a one-unit change in factor k
Fk=Macroeconomic factor k
ei=the firm-specific return/portion of the stock's return unexplained by macro factors
T he expected value of the firm-specific return is al ways zero.
The Expected Return of an Asset Using the Single-Factor

Model
T he single-factor model assumes there’s just one macroeconomic factor, and appears as follows:
78
R i = E (R i ) + βi F + ei
E (R i) is the expected return on stock i. In case the macroeconomic factor has a value of zero in any
particular period, then the return on the security will equal its initially expected return E (R i) plus
the effects of firm-specific events.
Example of a Single-Factor Model
Assume the common stock of Blue Ray Limited (BRL) is examined with a single-factor model, using
unexpected percent changes in GDP as the single factor. Assume the following data is provided:
Expected return for BRL = 10%
GDP factor-beta = 1.50
Expected GDP growth = 4%
Compute the required rate of return on BRL stock, assuming there is no new information regarding
firm-specific events.
Solution
We know that:
Ri = E (Ri ) + βi F + ei
= 10% + 1.5 × 4%
= 16%
The Expected Return of an Asset Using the Multi-Factor

Model
Example of a Multi-Factor Model
Assume the common stock of BRL is examined using a multifactor model, based on two factors:
unexpected percent change in GDP and unexpected percent change in interest rates. Assume the
79
following data is provided:
Expected return for BRL = 10%
GDP factor beta = 1.50
Interest rate factor beta = 2.0
Expected growth in GDP = 2%
Expected growth in interest rates = 1%
Compute the required rate of return on BRL stock, assuming there is no new information regarding
firm-specific events.
R i = E (R i) + βi1F1 + βi2 F2
= 10% + 1.5 × 2% + 2.0 × 1%
= 15%
Hedging Exposures to Multiple Factors
T he specific risks (idiosyncratic risks) can be removed by diversification, but the factor betas
(systematic risk) can only be removed by hedging strategy. Each factor can be regarded as
fundamental security and can be utilized to hedge the same factor relative to given security.
Consider an investor who manages a portfolio with the following factor betas:
GDP beta = 0.4
Consumer sentiment beta = 0.20
Case 1:
Assume the investor wishes to hedge away GDP factor risk, yet maintain the 0.20 exposure to
consumer sentiment. How would they achieve this?
T he investor should combine the original portfolio with a 40% short position in the GDP factor
80
portfolio. T he GDP factor-beta on the 40% short position in the GDP factor portfolio equals -0.40,
which perfectly offsets the 0.40 GDP factor-beta on the original portfolio.
Case 2:
Assume the investor might want to hedge away consumer sentiment (CS) factor risk, yet maintain
the 0.40 exposure to GDP. How would they achieve this?
T he investor should combine the original portfolio with a 20% short position in the consumer
sentiment factor portfolio. T he CS factor-beta on the 20% short position in the GDP factor portfolio
equals -0.20, which perfectly offsets the 0.20 GDP factor-beta on the original portfolio.
Case 3:
Assume the investor wants to hedge away both factor risks. How would they achieve this?
T he investor would have to form a portfolio that’s 40% invested in the GDP factor portfolio, 20% in
the CS factor portfolio, and 40% in the risk-free asset (note that total = 100%). Let us refer to this
portfolio as portfolio H.
Portfolio H can be used to hedge away all the risk factors of the original portfolio. T hat would
involve combining the original portfolio with a short position in portfolio H. T he original portfolio
betas (0.4 and 0.2) would be perfectly offset by the short position in portfolio H, the hedge portfolio.
Challenges of Using Multifactor Models in Hedging
T he main challenge of using multi-factor models in hedging is determining the frequency of adjusting
the hedge. It is worth noting that there exists a tradeoff between the cost of hedging and the need to
keep the portfolio and the hedge aligned. T racking errors are most likely to occur if the hedging is
not adjusted frequently. However, if the hedging is adjusted more frequently, the costs of trading will
be higher and this will likely lower overall performance.
Model risk is another challenge faced while hedging using multi-factor models. Model risk comprises
model errors and the potential for errors in implementing the hedging strategy. Factor model errors
occur when a model contains mathematical errors or is based on biased assumptions. A hedging
81
strategy based on linear factor models that do not put into consideration nonlinear relationships
among factors will be biased.
Another challenge is assuming stationarity in the underlying asset distribution, forgetting that such
distributions can change as time goes by. Furthermore, some assumptions may fail to hold in certain
conditions, e.g., in stressed market conditions.
The Fama-French Three-Factor Model
One widely used multifactor model that has been developed in recent times is the Fama and French
three-factor model. A major weakness of the APT model is that it is silent on the relevant risk
factors for use. T he FF three-factor model puts three factors forward:
Size of firms
Book-to-market values
Excess return on the market
T he firm size factor, also known as SMB (small minus big) is equal to the difference in returns
between portfolios of small and big firms (R s − R b) .
T he book-to-market value factor, also known as HML (high minus low) is equal to the difference in
returns between portfolios of high and low book-to-market firms (R H − R L ).
Note: book-to-market value is book value per share divided by the stock price.
Fama and French put forth the argument that returns are higher on small versus big firms as well as
on high versus low book-to-market firms. T his argument has indeed been validated through historical
analysis. Fama and French contend that small firms are inherently riskier than big firms, and high
book-to-market firms are inherently riskier than low book-to-market firms.
T he equation for the Fama-French three-factor model is:
E(R P ) − r = βP M [E(R M ) − r] + βP ,SMB E(SMB) + βP ,H ML E(H ML)
82
Where,
E(R P ): is the expected return on portfolio P
r: risk-free interest rate;
E(R M − r), E(SMB) and E(H ML) : expected premiums;
βP M , βP ,SM B , bP ,HM L : the coefficients for the time-series regression:
R P − r = aP + βPM (R M − r) + βP ,SM BSMB + βP ,HM L H ML + ϵ P
T he intercept term, α p, equals the abnormal performance of the asset after controlling for its
exposure to the market, firm size, and book-to-market factors. As long as the market is in
equilibrium, the intercept should be equal to zero, assuming the three factors adequately capture all
systematic risks. ϵ i represents random error.
Exam ti p: SMB is a hedging strategy – long small firms, short big firms. HML is also a hedging
strategy – long high book-to-market firms, short, low book-to-market firms.
Fama and French expanded their model in 2015 by proposing two factors:
Robust Minus Weak (RMW). RMW is the difference between the return of firms with high
(robust) and weak (low) operating profitability.
Conservative Minus Aggressive (CMA): the difference between the returns of the firms
that conservatively invest and those with aggressive kinds of investment.
Example: Calculating the Expected Return of a Portfolio Based on the

Fama-French Three-Factor Model
A Firm’s financial analyst believes the Fama-French dependencies are given in the table below.
Value
Beta 0.3
SMB 1.25
HML -0.7
83
Sol uti on
T he firm earns an extra 4% yearly due to its competitive advantage. Moreover, the firm earns a
15% return on equities, an SMB of 2.5%, an HML of 0%, and a risk-free rate of 2%. What is the
expected return of the firm?
According to the Fama-French T hree-Factor Model the expected return is given by:
R P − r = aP + βP M (R M − r) + βP ,S MB SMB + βP ,HM L H ML
R P − 2% = 4% + 0.30(15% − 2%) + 2.5% × 1.25 − 0.70 × 0% = 13.03%
84
Question
Suzy Ye is a junior equity research analyst at a research firm based in South Korea. For
the first time, she is using the multifactor model to compute the return of Wong Kong
Corp (WK). She has compiled the following data for the computation of the return:
Wong Kong's expected return: 7%
Expected GDP growth: 4.5%
Expected Inflation: 2.5%
GDP factor-beta: 1.5
Inflation factor-beta: 2
Risk-free rate: 2%
Suppose the actual GDP growth and actual inflation of South Korea are 3% and 2.9%,
respectively, then which of the following is an accurate estimate of the return?
A. 7.55%
B. 10.05%
C. 5.55%
D. 18.75%
A multifactor model (2-factor model in the given question) only includes the expected
return of the stock, macroeconomic factor and the factor-beta, and firm-specific risk,
which in this case is zero.
R WK = E(R WK) + βGDPFGDP + βIFI
= 0.07 + 1.5(0.03 - 0.045) + 2(0.029 - 0.025)
85
= 0.07 - 0.0225 + 0.008 = 5.55%
86
Reading 7: Risk Data Aggregation and Reporting Principles
Explain the potential benefits of having effective risk data aggregation and
reporting.
Explain challenges to the implementation of a strong risk data aggregation and
reporting process and the potential impacts of using poor-quality data.
Describe key governance principles related to risk data aggregation and risk
reporting.
Describe characteristics of effective data architecture, IT infrastructure, and
risk-reporting practices.
Risk Data Aggregation and Reporting
One lesson learned from the 2007-2009 Global Financial Crisis was that banks' information
technology (IT ) and data architectures were inadequate to support the broad management of financial
risks. Some financial institutions could not aggregate risk exposures and identify concentrations
across business lines. Others were unable to manage their risks properly because of weak risk data
aggregation capabilities and risk reporting practices.
T his weakened the financial system's stability. In response, the Basel Committee issued
supplemental Pillar 2 (supervisory review process) guidance to enhance banks' ability to identify and
manage bank-wide risks.
Benefits of Effective Risk Data Aggregation and Reporting
T he Basel Committee defines ri sk data aggregati on as "defining, gathering, and processing risk
data according to a bank's risk reporting requirements to enable the bank to measure its
performance against its risk tolerance/appetite."
87
Some of the activities carried out during risk data aggregation include sorting, merging, and breaking
down sets of data.
However, how exactly do effective risk data aggregation and reporting benefit a bank? T he benefits
include:
An i ncreased abi l i ty to anti ci pate probl ems. Aggregated data gives
managers a holistic view of risk exposure and enables them to foresee problems.
An i ncreased abi l i ty to fi nd routes back to fi nanci al heal th in times of
financial stress. For example, a bank may negotiate better credit deals or identify
a suitable merger partner.
Improved resol vabi l i ty. For global systemically important banks (G-SIBs) in
particular, resolution authorities must have access to aggregate risk data that is
compliant with FSB's Key Attributes of Effective Resolution Regimes for
Financial Institutions.
Improved capability of the risk function to make judgments that can bring about
i ncreased effi ci ency and profi tabi l i ty
Key Governance Principles Related to Risk Data Aggregation

and Risk Reporting
One of the issues widely blamed for the quick escalation of the 2007/09 financial crisis was the
inability of banks to identify concentrations of risk across business lines as well as at the bank group
level. Furthermore, the main reason why the banks were unable to identify such concentrations has
much to do with the absence of aggregate risk data and bank-wide risk analysis.
In response, the Basel committee has since pushed for higher corporate governance and issued
supplementary Pillar 2 guidance regarding bank capital models and risk management models (e.g.,
VaR). T he following principles have specifically been set out:
Principle 1-Governance
88
Quoting the Basel committee,
"A bank's risk data aggregation capabilities and risk reporting practices should be subject to strong
governance arrangements consistent with other principles and guidance established by the Basel
Committee."
T his principle suggests that risk data aggregation should be a central part of risk management. Senior
management should make sure the risk management framework incorporates data aggregation before
approving it for implementation.
A bank's risk data aggregation capabilities and risk reporting practices should be:
Fully documented.
Validated and independently reviewed by individuals well versed in IT, data, and risk
reporting functions.
Unaffected by the bank's group structure.
Senior management should go to great lengths to ensure risk data aggregation is part and
parcel of the risk management function.
Considered part of any new initiatives, including acquisitions and divestitures, IT change
initiatives and new product development.
Data Architecture and IT Infrastructure Features That Can

Contribute to Effective Risk Data Aggregation and Risk
Reporting Practices
T he importance of having a robust IT system cannot be underestimated, but building one for
purposes of risk aggregation and reporting can be quite expensive. T he benefits of such a system are
realized in the long term. T he Basel Committee believes that in the long-term, IT benefits outweigh
the costs.
Principle 2-Data Architecture and Infrastructure
89
Quoting the committee,
"A bank should design, build and maintain data architecture and IT infrastructure which fully supports
its risk data aggregation capabilities and risk reporting practices not only in normal times but also
during times of stress or crisis, while still meeting the other Principles."
Principle 2 goes ahead to implore banks to:
Make risk data aggregation and reporting practices a crucial part of the bank's planning
processes.
Establish integrated data classifications and architecture across the banking group.
Appoint individuals tasked with various data management responsibilities. For example, risk
managers, business managers, and IT specialists should be tasked with ensuring that data is
relevant, entered correctly, and aligned to data taxonomies.
Characteristics of a Strong Risk Data Aggregation Capability
Firms should monitor their data continuously to ensure the accuracy and integrity of data. Risk data
should be complete and consistent with sources and include all material risk disclosures at a granular
level. To ease reporting to the executive management, data should be categorized and classified
accordingly. Note, however, that when the classifications of the data are too broad, information can
be lost.
Banks are required to produce aggregate risk information in a timely manner. However, the
timeliness is often compromised in an attempt to extract and map data from different trading systems
into other systems.
Effective risk data aggregation involves certification of data elements, data quality documentation,
data quality assurance mechanisms, and assessment of data quality per risk type.
On the other hand, ineffective risk data aggregation capabilities may involve a lack of well-established
data quality rules such as minimum standards for data quality reporting thresholds; absence of a
designated authority; lack of an effective escalation model; and weaknesses in quality control and
90
overreliance on manual processes without proper documentation; lack of consistency for some key
reports; inability to promptly source risk data from foreign subsidiaries and lack of standardized
reference data.
Principle 3-Accuracy and Integrity
Quoting the committee,
"A bank should be able to generate accurate and reliable risk data to meet normal and stress/crisis
reporting accuracy requirements. Data should be aggregated on a largely automated basis to minimize
the probability of errors."
According to Principle 3:
Data aggregation and reporting should be reliable.
Controls surrounding risk data should be as robust as those applicable to accounting data.
A bank should strive to have a single authoritative source of risk data for each type of risk.
A bank's risk management personnel should be granted access to risk data to ensure they
can aggregate, validate, and properly reconcile data.
A bank must strike a balance between automated and manual systems. Where professional
judgment is paramount, human intervention can be quite necessary.
Banks should have policies designed to keep the accuracy of risk data in check and correct
poor data quality.
All manual, as well as automated risk data aggregation systems, should be well documented.
Besides, they should explain manual workarounds and propose actions that could minimize
the impact of manual workarounds.
When a bank is relying on manual processes and desktop applications such as spreadsheets,
there should be effective controls that safeguard the quality of data.
Data should be defined consistently across a bank.
91
Data should always be reconciled with other bank data, including accounting data, to ensure
its accuracy.
Principle 4-Completeness
"A bank should be able to capture and aggregate all material risk data across the banking group. Data
should be available by business line, legal entity, asset type, industry, region, and other groupings, as
relevant for the risk in question, that permit identifying and reporting risk exposures,
concentrations, and emerging risks."
Principle 4 requires that:
Both on- and off-balance sheet risks should be aggregated.
Banks should ensure that risk data is always complete. If the data is not complete, the
banks should explain the reasons to bank supervisors.
It is not necessary to express all forms of risk in a common metric or basis, but risk data
aggregation capabilities should be the same regardless of the choice of risk aggregation
systems implemented.
Principal 5-Timeliness
"A bank should be able to generate aggregate and up-to-date risk data promptly while also meeting the
principles relating to accuracy and integrity, completeness, and adaptability. T he precise timing
depends on the nature and the volatility of the risk being measured as well as its criticality to the
overall risk profile of the bank. T he precise timing will also depend on the bank-specific frequency
requirements for risk management reporting, under both normal and stress/crises, set based
on the characteristics and overall risk profile of the bank."
Banks need to build their risk systems to produce aggregated risk data rapidly during times of stress
or crisis for all critical risks. Critical risks include:
Counterparty credit risk exposures (derivatives);
92
T rading exposures;
Operational risk indicators;
Aggregated credit exposure to a large corporate borrower, among others.
Principle 6-Adaptability
"A bank should be able to generate aggregate risk data to meet a broad range of on-demand, ad hoc
risk management reporting requests, including requests during stress or crises, requests
due to changing internal needs, and requests to meet supervisory queries."
A bank's risk data aggregation capabilities should be flexible:
To assess emerging risks;
To incorporate changes in the regulatory framework;
To produce quick summary reports, etc.
Characteristics of Effective Risk Reporting Practices
Principle 7-Accuracy
"Risk management reports should accurately and precisely convey aggregated risk data and
accurately reflect risk. In addition, reports should be reconciled and validated."
Risk management reports should be accurate and precise to ensure a bank's board and senior
management can rely with confidence on the aggregated information to make critical risk-related
decisions.
Approximations are an integral part of risk reporting and risk management (scenario analyses, and
stress testing, among others.) T herefore, banks should follow the reporting principles in this
document and establish expectations for the reliability of approximations (accuracy, timeliness, etc.)
Principle 8-Comprehensiveness
93
"Risk management reports should cover all material risk areas within an organization. T he depth and
scope of these reports should be consistent with the size and complexity of a bank's operations and
risk profile, as well as the requirements of the recipients."
Risk management reports should include exposure and position information for:
Significant risk areas (e.g., credit risk, market risk, liquidity risk, operational risk)
Significant components of those risk areas (e.g., single name, country, and industry sector
for credit risk).
Risk-related measures (e.g., regulatory and economic capital).
Emerging risk concentrations through forward-looking forecasts and stress tests.
Principle 9-Clarity and Usefulness
"Risk management reports should communicate information clearly and concisely. Reports should be
easy to understand yet comprehensive enough to facilitate informed decision-making. In addition,
reports should include meaningful information tailored to the needs of the target audience,”
Risk reports should ensure that information is meaningful and tailored to the needs of the target
audience, in particular, the board and senior management. T he board is responsible for determining
its risk reporting requirements and complying with its obligations to shareholders and other relevant
stakeholders.
Moreover, the right balance of qualitative and quantitative information is important. T herefore, the
board should alert senior management when risk reports do not meet its requirements.
Principle 10-Frequency
"T he board and senior management (or other recipients as appropriate) should set the frequency of
risk management report production and distribution. Frequency requirements should reflect the
needs of the recipients, the nature of the risk reported, and the speed at which the risk can change,
as well as the importance of reports in contributing to sound risk management and effective and
efficient decision-making across a bank. T he frequency of reports should be increased during times
94
of stress/crisis."
A bank should routinely test its ability to produce accurate reports within established timeframes,
particularly in times of stress/crises. Some exposure information may be needed intraday to allow
for timely reactions.
Principle 11-Distribution
"Risk management reports should be distributed to the relevant parties while ensuring confidentiality
is maintained."
Banks should strike a balance between the need to ensure confidentiality and the timely
dissemination of reports to all appropriate recipients.
Supervisory Review, Tools, and Cooperation
Principle 12-Review
"Supervisors should periodically review and evaluate a bank's compliance with the eleven Principles
above."
Principle 13-Remedial Actions and Supervisory Measures
"Supervisors should have and use the appropriate tools and resources to require effective and timely
remedial action by a bank to address deficiencies in its risk data aggregation capabilities and risk
reporting practices."
"Supervisors should have the ability to use a range of tools, including Pillar 2."
Principle 14-Home/Host Cooperation
"Supervisors should cooperate with relevant supervisors in other jurisdictions regarding the
supervision and review of the principles and the implementation of any remedial action if necessary."
95
Reading 8: Enterprise Risk Management and Future Trends
Describe Enterprise Risk Management (ERM) and compare an ERM program with a
traditional silo-based risk management program.
Describe the motivations for a firm to adopt an ERM initiative.
Explain best practices for the governance and implementation of an ERM program.
Describe risk culture, explain characteristics of strong corporate risk culture, and
describe challenges to the establishment of a strong risk culture at a firm.
Explain the role of scenario analysis in the implementation of an ERM program and
describe its advantages and disadvantages.
Explain the use of scenario analysis in stress testing programs and in capital planning.
A company must analyze risks with each risk type to define and measure the risk, aggregate the risk
within diverse business lines, and develop hedging strategies.
However, companies should address each of their significant risks and the interdependence of risks.
Since risks are highly dynamic and correlated, an integrated approach is required to manage them.
Suboptimal performance may result from a fragmented approach towards risk management in which
case, risk is managed in organizational silos. If the interdependence of risks such as credit risk,
market risk, operational risk, etc. is not considered in the risk management activities, attempts to
address risks are bound to remain inefficient and faulty.
Enterprise Risk Management (ERM)
Enterprise risk management (ERM) is responsible for organizing and coordinating an integrated risk
management framework for a firm. It establishes policies and directives for managing risks across
business units and provides the senior management with overall control and monitoring of an
organization’s exposure to significant risks and incorporates them into strategic decisions. ERM,
96
therefore, goes beyond silo-based risk management by providing a broader and consistent enterprise
view of risk. T herefore, it pinpoints the significant threats facing a firm’s life and its core
operations.
Motivations for a Firm to Adopt an ERM Initiative
Risks between and among different silos are highly dynamic and correlated.
Suboptimal performance may result from a fragmented approach towards risk management
in which risk is managed in organizational silos.
If the interdependence of various risks such as credit risk and market risk is not captured
in risk metrics, such metrics are faulty, misleading, and unhelpful.
97
Since ERM integrates risks of business units, it most often requires a centralized risk management
unit so as to provide the Board of Directors and the CEO with an organization-level risk report.
Due to an integration of risk management functions and strategies to deal with risks and their
transfer, the ERM approach diversifies risks within an organization across business units. T his
approach departs from the tendency of the silo technique of risk management to use financial
instruments separately for business units and take a portfolio view accounting for all the units
together. As such, this approach optimizes the use of derivatives, insurances, etc. to hedge and
transfer risks.
By integrating risk management activities with business processes, ERM improves the functioning of
business units and influences business decisions.
98
ERM changes the outlook of risk management from a defensive approach to a strategic offensive tool
for making an organization more profitable.
Comparison of ERM Program with Traditional Silo-Based Risk

Management Program
Enterprise Risk Management T raditional Silo-Based Risk Management

Risk management is executed as an integrated unit
Risk management is executed in isolated parts of a firm.
using global risk management and chief risk
firm.
officer (CRO).
Risks are viewed across business lines by
Risks are viewed at business lines, type of risk,
looking at the diversification and the
and functional silos.
concentration of the risk.
Rational risk management is based on
Various risk metrics are used, which cannot be
cross-universal metrics such as VaR and
compared.
scenario Analysis to aggregate risk.
It is easy to measure and track enterprise risk
Seeing the bigger picture of risks is not
since the risk is aggregated across multiple risk-
possible, if at all, the risks are aggregated.
types.
It is possible to reduce the costs of risk transfer Risks are managed differently using
and integrating instruments. diverse instruments, making it costly.
Each risk management approach is viewed as
one component of a total cost of risk,
Each risk management approach is often treated
measured in a single currency with the
separately without optimizing the strategy.
inclusion of risk/reward and cost/benefit
optimization using the same currency.
It is possible to integrate risk management It is impossible to integrate the management
with balance sheet management, capital and transfer of risk with balance sheet
management, and financing strategies. management and financing strategies.
The Risk Culture
Risk culture refers to defined norms and traditions of how an individual or a group of individuals
within a firm can identify, understand, and discuss the risks that confront a firm and the firm's risk
appetite. Strong risk culture in a firm makes ERM most effective.
Post-financial crisis reports of 2007-2009 emphasized that lack of risk culture led to risk
management failure in large financial institutions. Other signs of lack of risk culture include money
99
laundering and embargo breaches. Absence of risk culture leads to dire consequences, emphasizing
the need by firms to establish and maintain a risk culture.
Creating a risk culture can be challenging because it involves different stakeholders: individuals, the
whole enterprise, and individual groups.
T he risk perspective of each layer can overlap, creating a gap between the stated goals of an
enterprise and the employees. Moreover, risk culture is not easily reared in the way of investigating
enterprise progress.
Forming a view of risk culture in an institution assists in taking note of the risk appetite of the
institution. One of the approaches in viewing risk culture is using the critical risk culture indicators.
The Risk Culture Indicators
T he Financial Stability Board (FSB) has indicated four key risk culture indicators which include:
100
1. Incentives
T his can be seen in terms of risk-related compensations, which should support a firm’s risk appetite
and desired risk culture.
2. The Tone from the Top
T he leadership tone of a firm should be able to go in line with the firm’s core value and communicate
and assess business strategies relative to risk appetite.
3. Accountability
T here should be a clear expectation of monitoring and accountability of risks for significant risks in a
firm.
4. Effective Communication and Challenge
T here should be clear communication among individuals. Divergence of views should be tolerated and
risk management approached with open discussions among a firm’s stakeholders.
T he indicators set by FSB are just broad internal culture indicators.
T he firm should also consider the environmental (external) culture indicators, which include:
1. Regulatory standards
2. Professional Standards
3. Risk or Corruption indices in a country
4. Economic cycles such as the credit cycle
Modern firms have started addressing the issue of risk using the stated internal indicators or by
conducting surveys to know the level of risk culture in their respective firms.
Characteristics of a Strong Risk Culture
Risk culture is a key element of an organization’s enterprise risk management framework, which
101
encompasses the general awareness, attitudes, and behavior of an organization’s employees toward
risk and how risk is managed within an organization. It is a key indicator of how widely an
organization’s risk management policies and practices have been adopted.
Risk-Related Behavior
Strong risk culture has generally been associated with more desirable risk-related behavior (e.g.,
speaking up) and less undesirable behavior.
Personal Characteristics
Personal characteristics are important when it comes to strong risk culture. Long-tenured and less
risk-tolerant employees and employees with a positive attitude towards risk management are more
likely to display desirable risk-related behavior. T hose with high personal risk tolerance are more
likely to display undesirable risk-related behavior.
Risk Structures
Good risk structures such as policies, controls, IT infrastructure, training, and remuneration
systems, etc. appear to support a strong culture and ultimately a less undesirable risk behavior. Good
risk structures do not necessarily guarantee good behavior. T here have been suggestions that
structures such as remuneration are interpreted through the lens of culture.
Staff Ranking
Senior staffs tend to have a significantly more favorable perception of culture than junior staff. T his
highlights the importance of anonymous and independent risk culture assessments where staff feel
safe enough to reveal their true beliefs.
Challenges Facing the Establishment of a Strong Risk Culture in a

Firm
Some challenges stand in the way of developing sound risk management. T hese are:
102
1. Conflict Between Risk Indicator and Risk Level
T he industry wishes to identify indicators, which show the level of their risk culture. However,
sometimes these indicators can be used as levers of behavior change comprising the purpose of the
indicators and hence the risk culture.
2. Lack of Enough Education
To develop a robust risk culture, the firm should employ simple language in the definition of risk
management terms, key concepts, and the role of ERM stakeholders.
3. Time and Space
T he risk culture might not have developed in all parts of a firm. Moreover, an enterprise can fail to
detect early signs of risk due to lack of proper identification mechanism when multiple signals occur.
4. Cursive Data
Lack of adequate data undermines the development of risk culture to analyze the level of risk culture
in an enterprise. However, in the coming years, technological processes such as machine learning
have enabled the gathering of enormous data for analyzing signs of risk.
5. Culture cycle
T he true nature of an organization's risk culture is perhaps visible only during times of stress. A risk
culture that seems strong today may not survive a crisis in the future. In an effort to withstand
buffeting like this, regulators want risk managers to bear real weight within firms; however, as
memories of the last crisis fade, this weight diminishes.
Scenario Analysis
Scenario analysis involves visualizing a framework, developing a coherent explanation of why
103
variables do change and assessing its impact on a firm’s risk portfolios.
A scenario analysis should be distinguished from sensitivity testing, which involves varying one
parameter or variable in a risk model to determine how sensitive the model is to the variation.
Scenario analysis and Sensitivity testing are the primary identification tools of the ERM, which come
in handy since the probabilistic risk metrics such as VaR proved to be weak.
Scenario analysis might be qualitative, but many firms have come up with excellent ways of building
quantitative models to assess the effect of each scenario on their portfolios and businesses.
Scenario analyses assist firms to determine the impact of unfavorable events and events that do not
have historical data.
Advantages of Scenario Analysis
1. T here is no need to consider risk frequency beyond its soundness
2. Scenarios can take the form of transparent and intuitive explanations.
3. It challenges a firm to imagine the worst and control the effects.
4. It enables the firms to identify warning signals and build contingency plans for the risk.
5. Scenario analysis does not depend on historical data. Instead, it can be based on either past
events or forward-looking hypotheteses
6. Firms have the freedom to make scenario analysis as complicated or straightforward as they
want, without the regulator’s interference.
Disadvantages of Scenario Analysis
1. In scenario analysis, it is difficult to determine the probability of events because it does not
lead to risk quantification.
2. T he future scenarios can become complicated with many choices in place.
3. T he extent of firms’ imagination is limited. For example, scenarios might underestimate the
effect of an extreme loss occurrence or remove significant risk exposures.
4. T he number of appropriate situations that can be developed is limited.
5. T he last central crisis often motivates the scenarios chosen; imaginative future scenarios
may be dismissed as inappropriate.
104
6. Scenario analyses are different in terms of quality and sophistication, and so their credibility
and assumptions can be challenging to analyze.
7. T he applicability of scenario analysis depends on the accuracy, comprehensiveness, and
predictive qualities of the firm’s stress test program.
Scenario analysis had been one of the risk management tools even before the global financial crisis.
For instance, banks used the short-run selection of historical and hypothetical occurrences from
listed events. T hey compared them with their portfolios to determine which variable applied to the
current portfolios and tried to offer an explanation.
After the global financial crisis, banks realized that they had been ignoring the integrated risks along
the business lines, the interaction of risks, and behavioral change of market participants in times of
stress. Moreover, evidence showed that scenario analysis of that time was not thorough.
T herefore, regulators have reiterated the need for financial institutions to demonstrate their
capability to withstand adverse scenarios after the financial crisis. For instance, US regulators insist
that big banks should use macroeconomic stress scenarios such as reduction of GDP and
employment across their enterprise exposures.
Scenario analysis is applied to stress testing. For instance, if a bank can prove that it can maintain
minimum levels of capital ratios and raise capital in a time of stress, then it must revise the business
plans of its various departments while lowering its level of risk appetite.
T he US stress tests mushroomed when the Supervisory Capital Assessment (SCAP) was conducted
in 2009 (after the crisis), whose outcomes assured banks of their stability. From 2011 going forward,
the Dodd-Frank Act catalyzed the US Federal Reserve to conduct two annual stress tests using
scenario analysis. T hese tests include:
1. Dodd-Frank Act stress test (DFAST ) which is executed in mid-year for the banks with assets
above $ 10 billion.
2. Comprehensive Capital Analysis and Reviews (CCAR) which is conducted at the end of each
year for the banks with assets above USD 50 billion.
Both of the above methods require banks to develop their scenarios and supervisory situations.
105
However, DFAST is less demanding and applies fewer capital assumptions as compared to CCAR.
T he Federal Reserve comes up with three critical supervisory macroeconomic scenarios which are:
1. Baseline scenario represents the consensus arrived at by the bank economist.
2. T he adverse scenario is a moderately falling economy.
3. T he severely adverse scenario is considered severe with a broad global recession and a
decline in demand.
CCAR requires banks to anticipate how these scenarios will impact their income statements and
balance sheets over nine quarters. In addition to this, they must also:
1. Give a detailed assessment of capital sourcing and utilization over the planning period.
2. Submit the descriptions of the firm’s procedures and ways of controlling the capital
adequacy of the firm
3. Submit a detailed copy of the capital policy
4. Descriptions of the expected changes in business loans that might affect the capital adequacy
of the firm.
In each of the stated scenarios, each bank must prove its capacity to maintain minimum levels of
capital ratios and raise capital in a time of stress. T hey also need to predict the behavior of all risk
factors impacting their portfolios.
In Europe, stress testing using scenario analysis has developed. A good example is the European
Banking Authority (EBA). Even then, it is not as improved as it is in the US. EBA is more static, less
complicated, and more flexible in altering risk and business strategies as compared to CCAR because
it includes a large number of banks.
ERM and Strategic Formulations
Enterprise risk managers must take part in strategy formulation. One of the latest industries to
encourage the application of ERM is corporate planning and strategy. ERM builds a secure link
between risk and reward.
Stochastic stress testing is the latest stress testing technique. It provides the practicality of the
106
strategy that ERM applies. Moreover, technology development has made positive scenario simulation
easy. T his has facilitated macroeconomic stress testing as a part of panning activities such as growth
plans and strategic risk management.
107
Question
Which one of the following is one of the external risk culture indicators?
A. Regulatory standards
B. Country’s corruption indices
C. Professional Standards
D. All of the above
Sol uti on
The correct answer i s D
T he environmental (external) indicators which include: Regulatory standards,
Professional Standards, Risk or Corruption indices in a country and Economic cycles
such as credit cycle.
108
Reading 9: Learning From Financial Disasters
Analyze the key factors that led to and derive the lessons learned from case studies involving the
following risk factors:
Interest rate risk, including the 1980s savings and loan crisis in the US
Funding liquidity risk, including Lehman Brothers, Continental Illinois, and Northern Rock
Implementing hedging strategies, including the Metallgesellschaft case
Model risk, including the Niederhoffer case, Long Term Capital Management, and the
London Whale case
Rogue trading and misleading reporting, including the Barings case
Financial engineering and complex derivatives, including Bankers T rust, the Orange County
case, and Sachsen Landesbank
Reputational risk, including the Volkswagen case
Corporate governance, including the Enron case
Cyber risk, including the SWIFT case
In this chapter, we look at famous financial disasters that have been witnessed over the years.
Although each case study has its distinctive elements, they all have something in common: Certain
risk factors were ignored, resulting in major financial loss. We are going to look at how each of these
disasters came up, identify the warning signs that were ignored, and attempt to draw relevant lessons
that can help avert similar disasters in the future.
Interest Rate Risk
Interest rate ri sk is the danger that a change in interest rates will cause the value of assets to
109
decline and that of liabilities to increase. Over the last century, thousands of firms have failed as a
result of interest rate risk. Between 1986 and 1995, for example, nearly a third of the 3,234 savings
and loan associations in the United States failed.
The Savings and Loan Crisis
In the 1980s, the savings and loans industry in the United States suffered through a period of distress.
Savings and Loans (S&Ls) associations were founded in the 18th century with the sole purpose of
funding homeownership. At the time, banks did not lend money for residential mortgages. S&L
members would pool their savings and lend the money to a few members to finance their home
purchases. After repaying the funds, other members would also get a chance to borrow.
Notably, S&Ls were governed by the so-called "Regulation Q," which set their minimum capital
requirements and capital adequacy standards. Under regulation Q, S&Ls were required to pay
depositors a rate of interest that was significantly lower than that offered elsewhere. Furthermore,
S&Ls were not allowed to offer commercial loans to avoid risky lending. T he overriding goal among
policymakers and the government was to make thrifts focus solely on promoting housing and
homeownership.
For a long period, these regulations worked well for S&Ls as it meant they could pay low rates on
short-term deposits, pool the funds, and then provide mortgage loans at a higher interest rate. To
their advantage, the demand for homes continued to rise, especially in the first half of the
19thcentury.
In the 1970s, however, there was a dramatic increase in both interest rates and inflation. T his had
two main implications:
Depositors trooped into S&Ls to withdraw their money, eying higher rates elsewhere.
T his meant that the amount available for lending reduced significantly.
Funding costs for S&Ls increased significantly, wiping out the interest rate spread they
depended on to make a profit. In other words, short-term deposits became costlier, and
therefore the margin between the cost of funds and profit from long-term fixed-rate
110
mortgages decreased.
A high rate of inflation also meant that the number of mortgage applications reduced, further
reducing revenue for S&Ls. T he low demand for mortgages combined with higher interest rates
elsewhere resulted in an unprecedented loss in the value of outstanding mortgages. As a result, the
net worth of most S&Ls was essentially wiped out. And because the existing regulations severely
restricted alternative profit-making investments, S&Ls had to stick with a dwindling portfolio of low-
interest mortgages as their only income source. While all this was happening, alternative
investments were increasingly gaining popularity, especially money market funds, which offered
higher returns.
In an attempt to stem the tide and restore some financial stability among S&Ls, the US government
relaxed the regulations that had been in place for decades.
Several changes were introduced to allow S&Ls to "grow" out of their problems. For the first time,
the government was explicitly seeking to influence S&L profits as opposed to promoting housing and
homeownership. For instance, interest rate caps were removed, and S&Ls were allowed to offer
commercial loans. What's more, S&Ls could choose to be under either a state or a Federal charter.
Federally-chartered thrifts took full advantage of the deregulation and rushed to become federally
chartered, because of the advantages associated with a federal charter. Deposit insurance was also
increased from $40,000 to $100,000 in an attempt to restore some confidence among depositors.
T hese regulatory changes did not quite generate the intended effect. For instance, the availability of
deposit insurance led to a moral hazard. S&Ls engaged in even riskier lending activities. Ultimately, it
is estimated that S&Ls suffered a combined loss of more than $160 billion. To bail them out,
taxpayers paid $132 billion. T he Federal Savings and Loan Insurance Corporation paid $20 billion to
depositors of failed S&Ls before it went bankrupt. T he S&Ls paid the remaining amount.
Lessons Learned
1. Regulation is good, but overregulation can be dangerous!
One of the root causes of the S&L industry's woes was overregulation. Federal regulation had some
very strict and precise conditions under which all S&Ls operated. Initially, for example, S&Ls were
111
barred from offering commercial loans; they were only allowed to offer mortgages to facilitate
homeownership. T hat prevented them from experimenting with different ways to adapt to changing
market conditions. Regulators charged with defining "acceptable assets" in insurance and banking
should take heed.
2. Deposit insurance can result in increased market indiscipline
T he introduction of federal insurance guarantees can inadvertently trigger greater risk-taking among
banks and insurance firms. It may create a situation where both lenders and depositors feel they
have nothing to lose.
To mitigate interest rate risk, there's a need for banks to have assets that are highly
correlated with liabilities. T hat can be achieved by having a diversified portfolio of assets
and making use of interest rates derivative products such as caps, floors, and swaps.
Funding Liquidity Risk
Fundi ng l i qui di ty ri sk refers to the possibility that a bank could find itself unable to settle
obligations with immediacy. It has much to do with:
T he ri sk that bank will be unable to pay its debts when they fall due
T he ri sk that the bank cannot meet the demand of customers wishing to withdraw their
deposits
T he risk that a bank will be unable to roll over short-term credit, e.g., commercial paper.
T here are two main sources of funding liquidity risk:
1. External market conditions, such as changes in supply and demand.
2. Structural balance sheet risks (Balance sheet risk is uncertainty about future values of
balance sheet items not directly related to business or financing activities. Examples are
interest rate risk and liquidity risk).
112
Let's look at a few case studies where funding liquidity risk played a starring role:
Lehman Brothers
T he collapse of Lehman Brothers presents the most spectacular and perhaps the most documented
event during the 2007/2009 financial crisis. Here's how the crisis unfolded.
One Henry Lehman founded Lehman Brothers in 1884 as a general and dry goods store. Soon
afterward, Mr. Henry was joined by his brothers Emanuel and Mayer, and that's how the name
" Lehman Brothers" came about. For many years, the company conducted business as a private
institution until the year 1994 when it opened its ownership to the public through an IPO that
generated well over $3.3 billion. At this point, the company ventured into commercial and
investment banking activities.
Lehman Brothers' entry into the commercial and investment banking market coincided with the
change from the ori gi nate-to-k eep business model to the ori gi nate-to-di stri bute model. Most
banks were increasingly offering securitized assets built upon mortgages sold to residential
customers. Lehman Brothers became one of the pioneers of securitization, and its fortunes greatly
improved. Between 2003 and 2004, for example, the company acquired five mortgage lenders in an
attempt to consolidate its grip on the securitization market further. For a while, Lehman Brothers
recorded fast growth fueled by the house price bubble. In early 2007, the firm surpassed Bear Sterns
and became the largest underwriter for mortgage-backed securities.
It wasn't until the second half of 2007 when cracks started to appear in the originate-to-distribute
business model. It became evident that the US housing bubble had burst and that the subprime
mortgage market was in deep trouble. As a result, investor confidence began to erode, and firms
heavily invested in subprime securities all of a sudden found themselves unable to borrow at similar
terms as before. In July of that year, the conditions were so bad that Bear Stearns (Lehman's
Brothers' top competitor) had to support two of its hedge funds following steep losses caused by
their subprime mortgage exposure.
Banks are naturally leveraged institutions that prefer debt to equity, and Lehman Brothers followed
the script. In the run-up to the crisis, however, Lehman pursued leverage to levels not seen before.
To put things in perspective, the bank had an assets-to-equity ratio of approximately 31:1 by mid-
113
2007. Critically, the bank turned to short-term debt to fund its day-to-day operations, particularly the
repo market.
As it turned out, the bank's overreliance on the repo market exposed it to serious funding problems
because it had to keep investors (counterparties) happy at a time when the industry was witnessing
dwindling fortunes. T hat meant the bank had to offer guarantees continually and sometimes above-
market returns to stay in business. T he fact that the borrowed funds were used to fund relatively
illiquid long-term real estate assets made the situation even worse.
All hell broke loose in 2008. First to go down was Bear Sterns after its repo lenders and bank
counterparties lost confidence in the firm's ability to repay its debts. As a sign of just how low Bear
Sterns had sunk, J.P. Morgan bought the collapsed firm at just 10% of its prior market value. After
this, the focus shifted to Lehman Brothers, who had so far avoided large-scale eye-catching losses
through a combination of short-term borrowing and corporate restructuring strategies aimed at
cutting costs. Lehman's share price declined sharply by more than 48% following the collapse of
Bear Stearns.
For a while, Lehman was able to restore some consumer confidence by announcing better than
expected profits. Lehman also watered-down concerns that it was too leveraged by announcing that
$4 billion in preferred stock had been raised, and the whole amount could be converted to common
stock at a 32% premium to its current value.
T he upturn turned out to be short-lived because soon after, news broke alleging that the firm had
overvalued its real estate-based assets. At this point, Lehman could no longer cling to market
confidence, so critical to the firm's funding strategy (and therefore its liquidity). As the crisis
mounted, many of Lehman's major counterparties began to demand even more collateral to fund its
operations. Others began reducing their exposure, and some institutions flatly refused to do business
with the firm. Attempts were made to merge the firm or to sell it to another large bank, but none of
them materialized.
In the early hours of 15th September 2008, Lehman was forced to file for bankruptcy, triggering a
global financial crisis that saw a virtual meltdown of financial markets.
Lessons Learned
114
Firms (and investors), in general, should never resort to extreme l everage that far surpasses the
capacity to repay. Lehman Brothers took on huge amounts of short-term debt to fund long-term
assets, exposing itself to serious liquidity problems. Too much debt means that a firm cannot absorb
a major loss.
Lehman's failure has also highlighted the need to have tougher regulations in the securitization
market, particularly because mortgage-backed securities and related instruments such as credit
default swaps result in a highly interconnected financial market that is highly vulnerable to a total
collapse in case one or two "big names" fail.
Continental Illinois National Bank and Trust Company
T he failure of Continental Illinois National Bank and T rust Company in 1984 presents the biggest US
liquidity debacle in the banking sector before the 2007/2009 financial crisis. Its subsequent rescue
gave rise to the term "too big to fail."
At its prime, the Chicago-based lender was the seventh-largest bank in the US, with an asset pool of
approximately $40 billion. Its roots go back in time to 1910 through a merger, but what especially
stood out was the management's aggressive growth strategy. At the time, banks were not allowed to
open branches across state lines. Any bank intending to lend outside its state of origin could only
purchase loans from other banks. In line with its fast growth strategy, Continental Illinois took up the
task head-on.
T he bank developed a network of contacts across the country and positioned itself as a willing buyer
of some of the most complex and riskiest loans. Initially, the bank's strategy seemed to bear fruit, and
this served as further evidence for the management that the plan was working. In the 5 years before
1981, the bank's commercial and industrial lending jumped from USD 5 billion to over USD 14 billion.
During that time, the bank's total assets grew from USD 21.5 billion to USD 45 billion. What the
management didn't know was that things would soon head south.
Continental Illinois had developed an informal business partnership with Oklahoma-based Penn
Square Bank. T his smaller bank had issued loans to oil and natural gas companies in Oklahoma during
the boom of the late 1970s. If a loan was too large for it to service, PennSquare Bank would pass it
over to Continental Illinois. T hrough this arrangement, Continental Illinois purchased $1 billion in
115
speculative energy-related loans. In July 1982, Penn Square Bank collapsed after a large number of
borrowers failed to honor their contracts following an unprecedented decline in the price of oil. T his
put Continental Illinois firmly in the spotlight.
Over the next few months, defaults continued to mount. At the same time, Continental found itself
increasingly unable to fund its operations from the US markets. As a result, it began to raise money
at much higher rates in foreign wholesale money markets (e.g., Japan).
In the first quarter of 1984, the bank announced that its nonperforming loans had suddenly increased
by $400 million to a total of $2.3 billion. T his heightened anxiety among investors and the general
public; most analysts and industry experts were of the view that it was just a matter of time before
Continental Illinois suffered the same fate as Penn Square Bank. By 10th May 1984, the rumors about
the bank's insolvency had spread far and wide, sparking a crippling run. Before the trouble, the bank
held $28.3 billion in deposits. Out of fear, depositors trooped into the bank to withdraw their funds,
most of them wiping their accounts clean. Foreign investors also turned their back on the bank. In
the end, a total of $10.8 billion was withdrawn in the space of a few days.
In the second half of May 1984, Continental Illinois attempted to project stability by maintaining its
operations. At the same time, the bank borrowed from the Federal Reserve Bank of Chicago as well
as several other big banks across the country in an attempt to cope with the ongoing run. However,
the run did not subside, and regulators realized they were now staring at a full-blown liquidity crisis
that would spill over to other banks. It is estimated that nearly 2,300 banks had some exposure to
Continental Illinois, with a majority holding at least $100,000.
Regulatory authorities eventually stepped in to prevent a domino effect on other banks.
Lessons Learned
Classifying institutions as "too big to fail" may lead to greater risk-taking. Banks that expect
government support may take greater risks, safe in the knowledge that if the going gets
tough, neither the bank nor its depositors will absorb most of the loss. T he US congress
later attempted to limit rescues of "too big to fail" institutions by passing the Federal
Deposit Insurance Corporation Improvement Act (1991).
116
Reliance on the so-called hot money (short-term loans from the money market) is perilous.
A large number of depositors at Continental Illinois were local and international
institutional investors. A run on these deposits led to Continental Illinois's failure.
Rumors alone can bring down even the biggest of banks. Although there was significant
mismanagement and financial strain at Continental Illinois, the end was not nigh, and post-
crisis analysis suggests the bank would have carried on despite the losses arising from its
relationship with Penn Square Bank. Unfounded rumors that the bank was on the verge of
bankruptcy proved to be the stroke that broke the camel's back.
Northern Rock
T he 2007 failure of mortgage bank Northern Rock in the UK presents a more recent illustration of
liquidity risk arising from structural weaknesses in a bank's business model. T he bank's failure can
be traced down to two key things: (I) excessive funding of long-term assets using short-term finance
and (II) a sudden loss of market confidence. It was the first run on a UK bank in 140 years.
Northern Rock was a fast-growing lender based in the North East of the United Kingdom. T he bank
had forged a success story enviable by any other bank within and outside the UK For example, assets
had been growing at around 20% per year for several years thanks to specialization in residential
mortgages. T he bank continued to expand aggressively in the marketplace into the first quarter of
2007. T hings were going so well that the bank had reached a multimillion sponsorship deal with
Newcastle United, one of the biggest and most successful football clubs in the country.
T he bank's growth was strongly anchored in the originate-to-distribute business model, where it
raised money through securitizing mortgages and selling covered bonds. Unlike many of its peers, the
bank did not rely on customer deposits for funding. Instead, it borrowed heavily in the international
money markets, particularly within the interbank market.
To mitigate possible weaknesses in its funding strategy, Northern Rock tapped markets across the
globe – Europe, the Americas, as well as in the United Kingdom. In early 2007, concerns about
mortgage-related assets began to surface among investors. Of significance was the rising number of
defaults in the US subprime mortgage market, which eventually spread globally.
117
When the interbank funding market froze in early August 2007, all of Northern Rock's global funding
channels dried up simultaneously. Interestingly, the bank had announced increased interim dividends
just a few weeks prior, after UK regulators approved a Basel II waiver that allowed the bank to adopt
so-called "advanced approaches" for calculating credit risk that looked likely to reduce its minimum
required regulatory capital.
After getting wind of Northern Rock's inability to fund itself through the interbank market, UK
authorities started exploring discussed a range of rescue alternatives. But these plans leaked,
immediately setting in motion a run on deposits between 14th September and 17th September. Calm
only (slowly) returned after UK authorities came out publicly to reassure everyone that deposits
would be repaid. Eventually, Northern Rock accepted emergency capital injection from the
government and then public ownership.
Funding Liquidity Risk: General Lessons
Following the 2007/2009 financial crisis, guidelines by the US Federal Reserve require large banks to
put in place l i qui di ty testi ng programs. T hese programs aim to ensure that banks have liquidity
and funding strategies that will survive system-wide stress scenarios. To manage funding liquidity
risk, a bank should optimize its borrowing sources and their composition.
T rade-offs drive decisions regarding the composition of assets and liabilities as discussed below:
1. The trade-off between funding liquidity and interest rate risk
When funding liabilities have a shorter duration than loan assets, the bank is exposed to less interest
rate risk and more funding liquidity risk. But when funding liabilities have a longer duration than loan
assets, the bank is exposed to more interest rate risk and less funding liquidity risk.
2. The trade-off between cost and risk mitigation
To mitigate funding liquidity risk in a positively sloped yield curve environment, institutions can
increase the maturity of their funding liabilities to push them farther away into the future. However,
this will cost more than cheaper shorter-duration funding.
118
To a limited extent, banks can also mitigate funding liquidity risk by reduci ng the maturi ty of
thei r assets. However, this is usually not possible because asset maturity is driven by borrower
demand, and reducing the term to maturity may force the bank to settle for a smaller risk premium.
It is also important to have a standby emergency l i qui di ty cushi on to ensure that the bank can
meet unforeseen commitments. T he larger and better quality of the cushion, the lower the risk.
However, such a cushion may require the bank to invest in short-term highly liquid assets that will
often earn lower returns compared to less longer-term, less liquid assets.
Constructing and Implementing Hedging Strategies
For both financial and non-financial institutions, the development and implementation of effective
hedging strategies come with benefits as well as challenges. Nonetheless, certain constants must be
present in any strategy that an institution comes up with:
T he function or individual(s) responsible for developing hedging strategies should have
access to relevant information and tools, including market data, corporate information, and
advanced statistical tools. T his will help them to choose the appropriate models to use for
both pricing and hedging.
T he firm must decide whether to use static hedging or dynamic hedging
A stati c hedge is one that does not need constant re-balancing as the price and other
characteristics (such as volatility) of the securities it hedges change. A static hedge usually involves
the purchase of a hedging instrument that very closely matches the position to be hedged. T he
hedging instrument is typically held for as long as the underlying position is kept.
A dynami c hedge, on the other hand, involves adj usti ng the hedge through a series of ongoing
trades to continuously (or frequently) calibrate the hedge position to the (changing) underlying
exposure. As expected, this strategy demands greater managerial input and may come with higher
transaction costs.
T he firm must decide on the ti me hori zon over which a hedging strategy will be
119
implemented. Horizons can be fixed (e.g., quarter-end or year-end) or rolling. No matter
the choice of the horizon, performance evaluations, and investment horizons should be
aligned.
Accounti ng i ssues and potenti al tax i mpl i cati ons need to be considered when
devising a hedging strategy. For example, derivatives come with complex accounting
requirements that may be subject to change. A derivative and the corresponding position it
is intended to hedge must be perfectly matched (e.g., in terms of dates and quantities) for
them to be reported together in operational profit without the need to report an
accounting profit or loss.
Tax can have implications on the cash flows of a firm, and therefore getting competent professional
guidance on tax matters is critical when developing and implementing a hedging strategy.
Finally, the success of any hedging strategy depends on how effective the i mpl ementati on process
is. T his is especially true because markets are in constant movement, and prices keep on changing.
As such, what appears to be an attractive hedging opportunity can suddenly become unattractive.
Metallgesellschaft: A Case of Dynamic Hedging Gone Wrong
Metallgesellschaft Refining and Marketing (MGRM) was an American subsidiary of Metallgesellschaft
(MG), an international conglomerate with interests in trading, engineering, and chemicals. In 1991,
MGRM designed a marketing strategy to insulate from the volatility associated with the price of
petroleum.
MGRM committed to selling, at prices fixed in 1992, certain amounts of petroleum every month for
up to 10 years. T he contracts initially proved to be masterstrokes since they guaranteed a price
over the current spot. T he profit margin was between $3 and $5. By Sept 1992, MGRM had sold
forward contracts amounting to the equivalent of around 160 million barrels. T he contracts were
attractive, particularly because they gave customers the option to exit if the spot price rose above
the fixed price in the contract.
If a customer chose to exit a contract, MGRM would pay in cash one-half of the difference between
120
the futures price and the fixed price times the total volume remaining to be delivered on the
contract. A customer had the choice to exercise this option if they did not need the product or in the
face of financial difficulties.
In effect, the contracts gave MGRM a short position in long-term forward contracts. To hedge these
positions, MGRM turned to long positions in near-term futures using a stack-and-roll hedging strategy.
A stack -and-rol l hedge involves purchasing futures contracts for a nearby delivery date and, on
that date, rolling the position forward by purchasing a fewer number of contracts. T he process
continues for future delivery dates until the exposure at each maturity date is hedged.
MGRM used short-term futures to hedge because of a lack of alternatives. Besides, the long-term
futures contracts available were highly illiquid. As it turned out, MGRM's open interest in unleaded
gasoline contracts was 55 million barrels in the fall of 1993, compared to an average trading volume
of 15-30 million barrels per day.
MGRM encountered problems in the timing of cash flows required to maintain the hedge. Over the
entire life of the hedge, these cash flows would have canceled out. MG's problem was a lack of
necessary funds needed to maintain its position. T he fundamental problem manifested in the form of
inadequate funds to mark positions to market and meet margin requirements. In December 1993,
MGRM was forced to cash out its positions, incurring a loss of $1.5 billion in the process.
Model Risk
Model ri sk is the risk of loss resulting from the use of i nsuffi ci entl y accurate models to make
decisions when valuing financial securities. Model risk can stem from using an incorrect model,
incorrectly specifying a model, and using insufficient data and incorrect estimators.
A major pitfall when using a model to value security is the use of fl awed assumpti ons. For
example, a stock pricing model might assume an upward sloping yield curve when it is, in fact,
downward sloping or even flat. T his type of risk is both common and dangerous and can be among the
most difficult risks to detect.
We now look at well-known cases where model risk plays a prominent role:
121
Wrong Assumptions—The Niederhoffer Put Options
Victor Niederhoffer was a trading guru who had set up a very successful hedge fund in the 1990s.
T he fund had come up with a strategy it considered low risk: writing uncovered, deep out-of-the-
money put options on the S&P 500 index. In other words, the fund sold a very large number of
options on the S. & P. index, taking millions of dollars from other traders (in the form of premiums).
In exchange, the fund was promising to buy a basket of stocks from them at current prices, if the
market ever fell. And because these options were deep OT M, the premium received was relatively
smaller than that of at-the-money options sold at the time.
In essence, therefore, Mr. Niederhoffer was betting in favor of a large probability of making a small
amount of money, and betting against the small probability of losing a large amount of money.T he
overriding assumption underlying this strategy was that a one-day market decline of more than 5%
would be extremely rare. If market returns were normally distributed; a fall of this magnitude was
next to impossible. As it turned out, this assumption was wrong.
On 27th October 1997, the market plummeted 7%. T he sharp drop in US equity prices was a
spillover effect following a large overnight plummeting of the Hang Seng Index in Asia. Immediately
after this, the holders of the many put options Mr. Nierderhoffer had written came calling all at once,
intent on exercising their right to sell their stocks to the fund at the pre-crash prices. T he fund
struggled to meet the demands of all option holders, forcing Mr. Nierderhoffer to wipe out all his
cash reserves, including his savings.
Besides the put options, the fund had several outstanding derivatives. Ultimately, the fund was unable
to meet over USD 50 million in margin calls. T he fund's brokers had no choice but to liquidate
Neiderhoffer's positions for pennies on the dollar, a move that effectively wiped out the fund's
equity.
What lesson do we learn from Mr. Nierderhoffer's failed strategy?
T he lesson here is that there is nothing like a sure bet in today's competitive financial markets. A
strategy designed to make small profits while betting against a large market move can unravel
literally in the blink of an eye, however small the probability of loss is.
122
Long Term Capital Management and Model Risk: When "Normal"
Relationships Breakdown
Long Term Capital Management (LT CM) was a multi-billion hedge fund founded by John Meriwether,
a Salomon Brothers trader. T he principal shareholders were Nobel-prize-winning economists Myron
Scholes and Robert Merton. All the three were experts in derivatives and had carved out a
reputation for unrivaled market analysis.
To join the fund, investors were required to part with a whopping $10 million each. Despite this huge
outlay, LT CM gave away very little in terms of the nature of its investments. What's more, investors
were not allowed to liquidate their positions during the first three years of their investment. T his
allowed the fund to lock in the funds in long-term investments. T he founders and major shareholders
went as far as investing a large portion of their net worth in the fund, which demonstrates just how
convinced they were that the fund would succeed.
At first, the fund recorded a stellar performance unheard of before. LT CM boasted annual returns of
42.8 percent in 1995 and 40.8 percent in 1996. T his was even after the management set aside about
27% of the proceeds for their compensation and other fees. In 1997, LT CM successfully hedged
most of the risk from the Asian currency crisis. T hat year, the fund earned a return of 17.1% for
investors. By 1998, however, the fund was on the brink of bankruptcy as a result of its trading
strategies.
Like many hedge funds at the time, LT CM adopted a hedging strategy hinged upon a predictable range
of volatility in foreign currencies and bonds. T he management believed that the probability of market
moves larger than the fund's hedges was very small. To estimate future volatility, LT CM's models
relied heavily on historical data. However, all historical models are only reliable in the absence of
large economic shocks, especially the ones that haven't been experienced in history. External
shocks make correlations that are historically low to increase sharply. And so, it proved to be.
In mid-1998, Russia declared its intention to devalue its currency and followed that up by defaulting
on its bonds. T hat event was beyond the normal range of volatility predicted by LT CM's models,
which means the existing hedges proved insufficient. T he US stock market dropped by 20 percent,
while European markets fell by 35 percent. Most investors turned to T reasury bonds for refuge,
triggering a significant drop in long-term interest rates.
123
LT CM's highly leveraged positions took a strong hit and started to crumble. A multitude of banks and
pension funds had heavily invested in LT CM. So, when trouble rocked LT CM, the solvency of all
these institutions was at stake. In September, Bear Stearns landed the knock-out punch. T he bank
managed all of LT CM's bond and derivatives settlements. Bear Stearns called in half a billion dollars
payment, out of fear of losing all its considerable investments.
To save the US banking system, the Federal Reserve Bank of New York convinced 15 banks to save
LT CM by pumping in some $3.5 billion.
In summary, LT CM's crisis could be attributed to the following:
Overreliance on historical models that did not simulate the occurrence of large economic
shocks.
LT CM's models further assumed that low-frequency/high-severity events were
uncorrelated over time. As it turned out, one economic shock triggered another, such that
extremely low probability events were occurring several times per week.
All of LT CM's trading strategies were hinged on the assumption that risk premiums and
market volatility would ultimately decline. As a result, the firm had failed to diversify its
investments wide enough.
Several suggestions have been put forth to avoid a recurrence of a similar crisis:
T here's a need for large-scale stress testing using not just historical data but also simulated
stress scenarios, even if such scenarios haven't yet played out on the market.
T he initial margin in derivative contracts should always be enforced. In many cases, LT CM
had to mark its positions to market, but the initial margin was waived.
T here's a need to incorporate potential liquidation costs into prices to recognize the
possibility of adverse market movements.
The VaR of Hedge Funds
LT CM made heavy use of a Value-at-Risk (VaR) model as part of its risk control. VaR is a measure of
124
the worst-case loss for investment or set of investments, given normal market conditions, over a
specific time horizon, and at a given confidence level. It is the maximum expected loss given certain
assumptions (to do with volatility) and a level of confidence.
T he management at LT CM felt that it had structured the fund's portfolio such that there was an
extremely small chance of the fund's risk exceeding that of the S&P 500. But the problems
encountered, later on, show that hedge funds are not necessarily subject to the same set of
assumptions as other firms when calculating regulatory VaR. In particular,
A 10-day horizon is too short to determine a hedge fund's VaR. T he time horizon for
economic capital should be the time it takes to raise new capital, liquidate positions
without duress, or the period over which a crisis scenario will unfold.
T raditional VaR models fai l to capture l i qui di ty risk. T hese models incorrectly assume
that liquidity will remain fairly constant throughout all market conditions.
It is nearly impossible to capture correlation and volatility risks (i.e., the risk that the
realized correlations and volatilities significantly deviate from expectations) without stress
testing.
Model Risk and Governance—The London Whale
In 2012, J.P. Morgan Chase lost more than 6.2 billion dollars from exposure to a massive credit
derivatives portfolio in its London office. T he main culprit in the whole saga was one Bruno Iksil, a
synthetic credit portfolio trader. Bruno Iksil was given the title of the "London Whale" by media
outlets in the aftermath of the scandal.
Here's a summary of the London whale debacle:
JPM set up the Chief Investment Office (CIO) with the sole purpose of investing the excess cash
(deposits) of the bank. Initially, most of the money was channeled into high-quality securities such as
loans, mortgage-backed securities, corporate and sovereign securities. At the height of the
2007/2009 financial crisis, the bank constructed a synthetic credit portfolio (SCP) motivated by the
need to protect the bank against adverse credit scenarios such as widening credit spreads. T he bank
cited the need to make financial bets that would offset risks the bank took elsewhere, such as by
125
loaning money to homeowners or trade engagements with other banks that could fail. T his begs the
question: what exactly was a synthetic credit portfolio?
T he bank's synthetic credit portfolio (SCP) was essentially a basket of credit default swaps featured
in standardized credit default swap indices. T he bank took both buyer and seller positions in these
swaps. As a protection buyer (short risk position holder), the bank would pay premiums and, in turn,
receive the promise of compensation in the event of default. As a protection seller (long risk
position holder), the bank would receive premiums and, in turn, promise to compensate the buyer in
the event of default.
In the first few years, the SCP performed well. In 2009, for example, the SCP netted the CIO about
$1 billion. At that point, the notional size of the SCP was $4 billion. By 2011, the notional size of the
SCP had risen to about $51 billion – a more than tenfold increase. For a while, the SCP continued to
perform well, with 2011 trading (bets) producing a gain of $400 million.
In December 2011, the management at JPM directed the CIO to reduce the exposure of the SCP and
its risk-weighted assets following a more positive outlook of the economy. By so doing, the bank
wanted to reduce its regulatory requirements. To achieve this, the CIO would have had to unwind
SCP positions by selling them off. In the CIO's estimates, such a move would have led to an estimated
loss of $500 million – in the form of loss of premiums and trade execution costs. T he CIO decided not
to take that route and instead came up with a different strategy – one that would prove "fatal" in
financial terms.
T he CIO launched a trading strategy that focused on purchasing additional long credit derivatives to
offset its short derivatives positions and lower the CIO's RWA. T hat strategy ended up increasing the
portfolio's size, risk, and RWA. Besides, the strategy took the portfolio into a net long position,
thereby eliminating the hedging protections the SCP was originally supposed to provide. Notably, the
strategy's assumptions about the market environment and correlation between positions did not play
out as expected. What followed were trading losses that continued accumulating with each passing
trading day.
As losses mounted, CIO traders tried to defend their existing positions by further growing their
portfolios with huge trades to support market prices. But the markets proved rather illiquid, and CIO
traders became significant market movers in these securities. T hat reduced their ability to exit the
126
markets without suffering losses in the process.
Operational Risk
In the first three months of 2012, the number of days reporting losses exceeded the number of days
reporting profits. In an attempt to conceal these losses, the CIO came up with a new valuation
system. T he CIO had hitherto valued credit derivatives by marking them at or near the midpoint
price in the daily range of prices (bid-ask spread) offered in the market. By using midpoint values, the
resulting prices were considered to be the "most representative of fair value."
T he new valuation system set marks that were at significant variance to the midpoints of dealer
quotes in the market. T he end goal was to paint a rosier picture of the outstanding derivative
positions and, therefore, a better than the actual marking-to-market picture on the books. In
particular, the new system resulted in smaller losses being reported in the daily profit/loss reports.
Despite the new valuation system, the CIO continued to make losses. As of 16th March 2012, the
SCP had reported year-to-date losses of $161 million. If the old system making use of midpoint prices
had been used, those losses would have been $593 million – a whopping $432 million more.
Absence of Regulatory and Corporate Oversight
T he London whale case exposed a culture of poor regulatory oversight in which risk limits were
repeatedly breached, risk metrics disregarded, and risk models manipulated without any concrete
steps being taken by the management to correct these anomalies. Since the CIO wasn't a client-
facing unit of the bank, it was not subject to the same regulatory scrutiny as other portfolios.
Besides, SCP traders did not have to prepare daily reports for senior management. What's more, risk
committee meetings were rare, and in the few instances the committee happened to meet, there
appeared to be no specific charter, and only CIO personnel would attend.
In the absence of oversight, CIO traders were able to engage in speculative and risky trades that
were not in line with the CIO's traditional investment strategy, which had hitherto prioritized long-
term investments, limiting the use of credit derivatives to hedging purposes only.
Fudged VaR Models
127
CIO traders, risk personnel, and quantitative analysts frequently attacked the accuracy of the risk
metrics used, including the VaR. T he riskiness of credit derivatives was downplayed, and new risk
measurement and models were proposed to lower risk results for the SCP.
T raders argued that the existing models were too conservative and therefore overstated risk,
resulting in limit breaches. Senior management approved the migration to a new VaR model that had
been researched and built by CIO traders themselves. Crucially, the bank did not obtain approval
from the Office of the Comptroller of Currency. T hat means there had been little room for checks
and balances in the process of developing the model.
T he updated VaR model resulted in risk numbers that were 50% lower than prior numbers, paving
the way for even more speculative trading and high-risk strategies. Months later, the bank's model
Risk and Development Office determined that the model had mathematical and operational flaws.
Some of the issues that came to light include:
EXCEL spreadsheets used required manual updates
T here were coding errors in the calculation of hazard rates and correlation estimates
Unrealistically low volatility was attached to illiquid securities, built upon the assumption
that prices for days on which trades did not occur would be the same as the price when
last traded.
Instead of using the Gaussian Copula model in the built-in analytics suite as required under
Basel 2.5, the model used a Uniform Rate option.
On 10th May, the bank backtracked, revoking the new VaR model due to the above inaccuracies, and
the prior model was immediately reinstated.
Rogue Trading and Misleading Reporting at Barings Bank
T he Barings case revolves around Nick Leeson, a British trader. Barings PLC of London was the
oldest merchant bank in England. After making a reputation for hard work and a unique understanding
of the market while serving in other posts outside Barings bank, Leeson was appointed the general
manager and head trader of Barings Futures Singapore. In his new post, Nick Leeson quickly became
128
a renowned operator of the derivative product's market on the SIMEX (Singapore International
Monetary Exchange).
As a reward from his bosses, Leeson was given some "discretion" in his trades: He could place
orders on his own (speculative or "proprietary" trading). He was also in charge of accounting and
settlements, and there was no direct oversight over his trading book. T his allowed him to create a
dummy account – 88888 – where he'd dump all losing trades. As far as the London office was
concerned, Leeson was reporting profits after profits on his trades. His seniors never questioned his
constant requests for Margin calls
Leeson took on huge positions as the market seemed to "go his way." He also sold options, taking-on
huge market risk, which stems from unexpected major events that, while not directly related to
markets, can adversely affect markets. He would also record trades that were never executed on
SIMEX.
On 16th January 1995, Leeson placed a short straddle on the Singapore Stock Exchange and Nikkei
Stock Exchange. T hat means he simultaneously sold put options (conferring a right to sell) and call
options (a right to buy) on Nikkei-225 futures. Such a strategy is aimed at making profits in the form
of premiums received and works only if the market proves less volatile than the option prices
predicted.
Mr. Leeson is said to have sold up to 40,000 such option contracts and earned the bank an estimated
$150m. His underlying conviction was that the Nikkei would stay in the 18,500-19,500 range, and
even in the worst-case scenario, it would not drop below 19 000 points. In an astonishing turn of
events soon afterward, a huge earthquake hit Japan, sending its financial markets tumbling. In the
space of a week, the Nikkei had lost more than 7%.
Nick Leeson took a futures position valued at $7 billion in Japanese equities and interest rates linked
to the variation of Nikkei. He was "long" on Nikkei. In the three days following the earthquake, he
bought more than 20 000 futures, each worth $180 000.
Unfortunately, the Nikkei never recovered. By the time his dealings came to light, Barings had lost
approx. $1.25 billion. T he bank could not withstand this loss and ultimately filed for bankruptcy. In
summary, Leeson's phony transactions went unchecked for long periods because of the following
129
reasons:
T here was little management oversight of the settlement process. Of note, Leeson
reported to multiple managers. T here wasn't a clear demarcation of roles and
responsibilities.
Apart from being Baring's Floor manager, Leeson was in charge of settlement operations.
T his allowed him to influence back-office employees to hide his trading losses from the
London office.
To a smaller extent, some blame can be apportioned to the Singapore Stock Exchange and the Nikkei
Stock Exchange. T he two exchanges failed to flag the unusually large positions racked up by Barings
bank. It has been reported that the exchanges did ask for information, but their concerns were
watered down, with the bank forwarding a few fictitious client names. T he exchanges could also
have sensed danger if there had been an information-sharing mechanism between them.
Lessons Learned
Reporting and monitoring of positions and risks (i.e., back-office operations) must be
separated from trading (i.e., front-office operations)
Outsized or strangely consistent profits should be independently investigated and rigorously
monitored to verify that they are real, generated following the firm's policies and
procedures, and not the result of nefarious or unacceptably risky activities.
It is the responsibility of risk managers to analyze reported business profits and determine
if they seem logical in light of the positions held.
It is, however, important to note that Barings' downfall could have been averted under regulations
that were implemented by the Basel Committee just a few years later. For starters, the committee
set capital adequacy requirements and set limits on concentration risk. Under the 1996 amendment,
banks must report risks that exceed 10% of their capital and cannot take positions that exceed 25%
of their capital. Had these rules been in effect in 1994, Barings would have been prohibited from
racking up such large positions.
130
Financial Engineering
Financial engineering is all about the creation of complex financial structures that meet the needs of
the investor. It involves the use of derivatives such as forwards, swaps, and options. Derivatives
allow investors and institutions to break apart (i.e., segment) risks. Conversely, derivatives can be
used to manage risks on a joint basis.
For illustration, consider a UK fund manager holding a bond denominated in US dollars. T he manager
is exposed to interest rate risk in the US fixed income market and the currency risk from changes in
the euro/dollar exchange rate. In these circumstances, there are two options for the manager:
Use a currency swap which effectively hedges both risks
Hedge the foreign exchange rate exposure separately through a currency forward or
option, and then hedge the interest rate risk through a quanto swap. Under the quanto
swap, they would receive the coupon in euros at a pre-arranged rate and pay the UK
LIBOR floating rate.
In practice, financial engineering is often exploited by investors in speculative ways in an attempt to
earn immediate portfolio returns. However, such speculative tendencies require the taking of more
risk in some form or the other. T his risk may come in the form of an unlikely but potentially very
severe future loss. Too often, the embedded risk is not fully understood by firms entering into
complex derivatives.
The Risk of Complex Derivatives at Bankers Trust (BT)
Procter & Gamble (P&G) and Gibson Greetings sought the assistance of Bankers T rust (BT ) in an
attempt to reduce funding costs. BT used derivatives trades which promised P&G and GG a high
probability, a small reduction in funding costs in exchange for a low probability, large loss. As it
turned out, derivative trades only churned out significant losses for both P&G and GG.
BT 's derivatives were designed to be intentionally complex to stop P&G and GG from understanding
their risks and overall implications. T he trades were quite differentiated in form and structure,
making them incomparable to derivative trades of other companies. BT duped P&G and GG into
131
thinking that the trades were tailored to meet their individual needs. In the end, P&G and GG came to
the painful realization that they had been misled after taking in huge losses. T he two sued BT.
During the suit, BT 's taped conversations between its marketers and customers played a key role.
T he tapes exposed just the tools BT staff used to fool customers, particularly through the use of
complex terminology and pricing structures. In some tapes, BT staff could be heard openly bragging
about their unethical behavior.
T he scandal dealt a huge blow to BT 's reputation and forced senior managers to resign, including the
CEO. Eventually, BT was acquired by Deutsche Bank and dismantled.
Excess Leverage and Complex Financial Instruments at Orange County
T he Orange County case illustrates how complex financial products characterized by large amounts
of leverage can create significant losses. In December 1994, the use of complex structured products
by Orange County treasurer, Robert Citron, resulted in a loss of $1.5 billion. T his was the largest
loss ever recorded by a local government investment pool. At the root cause of the downfall was
Robert Citron's decision to borrow heavily in the repo market.
Repos allow investors to finance a significant portion of their investments with borrowed money
(i.e., leverage). But the use of leverage has a multiplicative effect on the profit or loss on any
position; even a small change in market prices can have a significant impact on the investor.
Robert Citron had been entrusted with a $7.5 billion portfolio belonging to county schools, cities,
districts, and the county itself. To many investors, Citron was a financial management guru who had,
for a long time, managed to deliver consistently higher returns. Indeed, his returns were about 2%
higher than the comparable State pool.
T he fund had only USD 7.7 billion in equity, but Citron managed to borrow USD 12.9 billion through
the repo market, creating a USD 20.6 billion portfolio. Citron used the funds to purchase complex
inverse floating-rate notes. But here's the interesting bit; the coupon payments of inverse floating-
rate notes decline when interest rates rise as opposed to conventional floaters, whose payments
increase in such a situation. In effect, therefore, Mr. Citron was betting in favor of interest rates
falling or generally staying low.
132
For a while, interest rates went down, and his bet seemed to be paying off. It was in these
circumstances when Citron was able to record higher than average returns. However, throughout
1994, the Federal Reserve announced a hike in interest rates by 250-basis points. As expected in this
scenario, the increase in interest rates reduced the value of Citron's portfolio substantially,
generating a loss of USD 1.5 billion by December 1994. At the same time, Citron struggled to roll
over maturing repo agreements, with most lenders tabling stringent demands, including the provision
of more collateral before giving a single coin. Ultimately, Orange County was forced to file for
bankruptcy. Citron later admitted he understood neither the position he took nor the risk exposure
of the fund.
In summary, therefore, this debacle was caused by two key things:
Excessive use of leverage
A highly risky interest rate bet that did not take into account the Federal Reserve's
possible changes in monetary policy.
Lessons Learned
Every firm needs to have more than a basic understanding of the risks that are inherent in
their business models. Senior management then needs to take these risks into account
when coming up with a risk management framework.
Senior management needs to stick to the portfolio strategy communicated to stakeholders
at the onset. Robust policies and risk measures should be adopted as specified in the risk
appetite statement and the risk management framework.
Management, and boards, should endeavor to establish areas of the business where risks
may hide and also seek to establish the circumstances which can result in a loss.
The Case of Investing in AAA Tranches of Subprime CDOs: Sachsen
Subprime securities were some of the most popular assets in the run-up to the 2007–2009 financial
crisis. But while subprime securities offered an attractive risk premium, they also required
133
understanding and pricing expertise. European banks were some of the biggest buyers of US
subprime securities. Among these institutions were publicly-owned banks in Germany called the
Landesbanken.
T he Landesbanken traditionally specialized in lending to regional small- and medium-sized companies.
However, in the run-up to the crisis, a thriving industry pushed some of the banks to open overseas
branches and develop investment banking businesses. One of the most notorious examples was the
Landesbank Girozentrale Sachsen –a Leipzig-based bank.
Sachsen opened a network of units (called conduits), which is used to raise money through the sale
of short-term debt. T he money would subsequently be invested in the subprime securities market.
Sachsen opened a branch in Dublin tasked with setting up the units to hold large volumes of highly
rated US mortgage-backed securities. While these units were technically off the parent bank's
balance sheet, they benefited from the guarantee of Sachsen itself. T hat means Sachsen would
promise to lend the units extra money if they ever needed it.
In the run-up to the crisis, the size of Sachsen's off-the-balance-sheet operation was simply too large
compared to Sachsen's balance sheet.
When the subprime crisis struck in 2007, Sachsen's attempts to rescue the units it had set up ended
up wiping out the bank's capital. Eventually, the bank had to be sold to Landesbank Baden-
Württemberg (LBBW).
Reputation Risk
T wo key things determine a firm's reputation:
T he ability and willingness to fulfill its promises to counterparties and creditors
T he ability to deal fairly and follow ethical practices
In recent years, however, firms have become increasingly concerned about their reputation due to
the rapid growth of public and social networks. A rumor can spread like a bushfire and cause untold
reputational damage in just a few hours. As a result, companies are under growing pressure to
134
demonstrate their commitment to environmental, social, and governance-related best practices. T he
reputational damage caused by unethical conduct, whether rumored or real, can be very severe.
Volkswagen Emission Cheating Scandal
T he Volkswagen emissions scandal, also known as Dieselgate or Emissionsgate, burst onto the public
scene in September 2015, but its origin can be traced back to 2009.
In model years 2009 through 2015, the carmaker had been installing in its diesel engines software
that had been intentionally programmed to reduce emissions during testing. T his meant that the cars
would pass emission tests with "flying colors" only to emit up to 40 times more Nitrogen Oxide
during real-world driving. T his software had been installed in over ten million cars, most of which had
already been shipped to various dealers and direct consumers around the world.
In 2014, engineers in the United States carried out live road tests, and that's when the whole scheme
was unearthed. Reached out for comment, Volkswagen executives in Germany and the United States
formally acknowledged the deception on a conference call with officials from the United States
Environmental Protection Agency (EPA). As soon as irrefutable evidence had been gathered, the EPA
made the information public.
What followed was untold damage to the Volkswagen brand. T he company's share price fell by over a
third, and the firm faced billions of dollars in potential fines and penalties. Multiple parties filed
lawsuits, most of them emphasizing the health hazards faced by consumers. Volkswagen's reputation
took a severe hit around the world, with most of the damage happening in the US. T he impact was so
great that the German government expressed fears that the scandal would diminish the value of the
imprimatur "Made in Germany."
Corporate Governance: Enron
Enron was formed in 1985 following a merger of InterNorth and Houston Natural Gas. T he firm was
originally involved in the regulated transportation of natural gas. But following the deregulation of
energy markets, the firm lost the exclusive rights to its pipelines. As a result, the management was
forced back to the drawing board to devise new ways to remain in business. T he management came
up with an innovative business strategy that involved buying gas from various suppliers and selling it
135
to a network of consumers at guaranteed amounts and prices. In return for assuming the associated
risks, Enron charged fees for these transactions. As part of this process, Enron created a market for
energy derivatives where one had not previously existed.
T he new strategy turned out to be a huge success; so much so that up until late 2001, nearly all
observers — including Wall Street professionals – spoke highly of this new strategy and considered it
a business masterstroke. And true to their assessment, Enron's financial position changed
dramatically. T he firm's reported annual revenues grew from under $10 billion in the early 1990s to
$139 billion in 2001, a transformation that firmly placed the firm among the top five Fortune 500
companies. Enron's shares peaked at USD 90.56 in August 2000. T hat year, the firm had more than
20,000 employees on its payroll and revenues of nearly USD 101 billion.
Interestingly, Enron became a major proponent of the deregulation of the energy market. In the
firm's assessment, deregulation would come with greater flexibility to pursue its business model.
Top managers at the firm took actions that prioritized profit over consumer welfare. For example,
the firm was a prominent player in the 2000-2001 California electricity crisis. Enron created
artificial power shortages enabling it to raise power prices by up to 2,000%. T he crisis ultimately
forced the state's Democratic governor, Gray Davis, out of office with Arnold Schwarzenegger
eventually coming in as his replacement. Meanwhile, the shortages helped Enron to make USD 1.6
billion.
Despite these shady deals, Enron still went down in December 2001, but why?
T hanks to its large-scale involvement in energy markets, Enron traded large amounts of oil futures
contracts. However, the contracts didn't involve any stake in oil price movements.Instead, Enron
was collecting cash by selling oil for future delivery, promising to buy back the delivered oil at a fixed
price.
As a result, no oil was delivered. T his was a strategy of a loan where Enron paid cash at a later date
to receive cash at the beginning of the contract. T his way, the company did not have to reveal these
transactions as loans in financial statements. T he result was ill financial health disguised in
impressive financial statements that didn't portray the real financial situation.
JPMorgan Chase and Citigroup were the main counterparties in Enron's trades. When the scandal
136
blew open, the two had to pay $126 million in fines for assisting and abetting fraud against Enron
shareholders.
Key Points
Many in Enron's senior management went against the key tenets underlying the principal-
agent relationship. Most managers acted in their self-interest at the expense of
shareholders. After the scandal came to light, for example, Enron chairman and CEO Ken
Lay was charged with "falsifying Enron's publicly reported financial results and making
false and misleading public representations about Enron's business performance and
financial condition."
Enron's board failed to fulfill its fiduciary duties to shareholders. For example, the board
allowed the chief financial officer to be the sole manager of a private equity fund that did
business with Enron. Private equity lacked economic substance
Enron outsourced its audit function to Arthur Andersen, formerly one of the Big Five
accounting firms. Andersen either failed to catch or explicitly approved many of the
fraudulent accounting practices that led to Enron's collapse. After the scandal came to
light, the Securities and Exchange Commission (SEC) was forced Andersen to surrender its
accounting licenses. T his was effectively a death sentence for the firm.
Cyber Risk
T he rapid rise of the internet as the preferred method to transact and share information has exposed
individuals and institutions to cyber risk. T here are cases where bank systems have been hacked, and
AT Ms breached, leading to not just loss of cash but also exposure and theft of client information.
Such information can be used to inflict serious damage to clients and institutions.
As a result, financial institutions have had to spend billions of dollars every year to boost the security
of their systems. T he goal is to rebuff both external attacks as well as internal attacks perpetrated
by individuals within the institution. T hreats to the banking system from cyber-attacks are also a
major concern to international regulatory bodies, such as the Bank for International Settlements
137
(BIS) and the International Monetary Fund (IMF), as well as to local regulators.
The SWIFT Case
T he Society for Worldwide Interbank Financial Telecommunication, also known as SWIFT, is a
secure electronic platform used to transfer funds among more than 11,000 financial institutions
worldwide. T hanks to SWIFT, transactions that would take days are completed in a matter of
seconds. For the longest time, SWIFT was considered a super-secure system nearly impossible to
hack. But that notion changed in April 2016.
An article published in the New York T imes revealed that hackers had used the
SWIFT network to steal USD 81 million from Bangladesh Bank (the central bank
of Bangladesh). T he money was transferred through the SWIFT network to accounts in the
Philippines controlled by hackers.
T he hackers unleashed malware that sent unauthorized messages instructing the transfer of funds to
the account. T he attack had been planned so meticulously that details of the transfers were
immediately erased from the system. Confirmatory messages sent to designated individuals were not
sent.
T hough the SWIFT network was itself not compromised, the management moved with speed to
reassure clients that weaknesses in the system would no longer be tolerated. A Customer Security
Program (CSP) was also set up, consisting of mandatory security controls, information-sharing
mechanisms, and sophisticated security features. As of December 2018, 94% of clients complied
with CSP requirements.
138
Reading 10: Anatomy of the Great Financial Crisis of 2007-2009
Describe the historical background and provide an overview of the 2007-2009 financial
crisis.
Describe the build-up to the financial crisis and the factors that played an important role.
Explain the role of subprime mortgages and collateralized debt obligations (CDOs) in the
crisis.
Compare the roles of different types of institutions in the financial crisis, including banks,
financial intermediaries, mortgage brokers and lenders, and rating agencies.
Describe trends in the short-term wholesale funding markets that contributed to the
financial crisis, including their impact on systemic risk.
Describe responses made by central banks in response to the crisis.
Historical Background of the Great Financial Crisis
A financial crisis is a di srupti on of the capi tal mark ets typically associated with falling asset
prices and insolvency of debtors and intermediaries, which disrupts the ability of the market to
allocate capital. Financial crises are often characterized by panic and bank runs during which
investors sell assets or withdraw funds from savings accounts due to fears that the value of their
assets will decrease if they continue to be held in financial institutions. An economic crisis may also
be caused by the burst of a specul ati ve bubbl e, the crash of stock mark ets, soverei gn
defaul t, or a currency cri si s - a situation where there's a steep decline in the value of a nation's
currency. A financial crisis can be confined to a single economy, but it can also spread to an entire
economy or even multiple economies around the world. T here have been many crises in the last
century, including the Great Depression in 1932, the Suez Crisis in 1956, the International Debt
Crisis in 1982, the Russian Economic Crisis (1992-97), and the Latin American Debt Crisis in 1994-
2002. However, none of these crises left as big a scar on the world's economic footing as the great
139
financial crisis of 2007-2009, also referred to as the 2007/2009 financial crisis.
T he 2007/2009 financial crisis was a period of general economic breakdown that affected not just the
United States, where it began, but just about every country around the world. According to the
International Monetary Fund (IMF), it was the worst crisis since the Great Depression in the 1930s.
It is widely attributed to the collapse of the United States real estate market, particularly after the
emergence of the subprime mortgage market.
Overview of the Great Financial Crisis
T he Great Financial Crisis of 2007-2009 (GFC) began in December 2007 and lasted for 19 months
until June 2009. Let's look at some notable events that preceded the crisis.
U.S. Housing Policy
Although conventional wisdom holds that the 2008 financial crisis was brought about by insufficient
government monitoring of risk management in the private sector, there appears to be compelling
evidence the true cause was the U.S. government's housing policy. T he government had passed
legislation aimed at increasing home ownership by providing favorable mortgage terms to middle and
lower-income earners. T he government actively encouraged banks to extend mortgages to a broader
borrower base in an attempt to bridge the gap between the poor and the middle class.
T his ambitious policy was implemented primarily through the government-sponsored enterprises
(GSEs) Fannie Mae and Freddie Mac and the U.S. Department of Housing and Urban Development
(HUD). Ultimately, the legislation forcefully relaxed traditional mortgage underwriting standards to
make mortgage credit more readily available to lower-income borrowers. However, loosened
standards spread across the wider market and contributed to an enormous house price bubble
between 1997 and 2007. By 2008, most mortgages in the U.S. were subprime or weak and were
failing at an unprecedented rate. T he high default rate systematically weakened the financial markets,
culminating in the failure of Lehman Brothers - one of the biggest investors in mortgage-backed
securities.
U.S. Housing Bubble
140
A housing bubble is a temporary period of months or years during which housing prices are inflated
beyond fundamental s due to high demand and low supply.
In the years leading up to the GFC, the U.S. economy was driven by a housing bubble. Home prices
had consistently been increasing in the preceding years (2000 to 2007), although there were a few
(insignificant) declines in between. T he key reason behind this was the relative lax lending standards
that rendered most Americans eligible for mortgages even when their creditworthiness wasn't
particularly impressive. When the bubble burst, financial institutions were left with trillions of
dollars in subprime mortgage investments that were nearly worthless. In addition, housing
construction fell by more than 4%, the national GDP tumbled, and consumption slowed.
The Shadow Banking System
T he shadow banking system refers to the collection of non-bank fi nanci al i ntermedi ari es
(NBFIs) providing services si mi l ar to those of traditional commercial banks but outsi de the
normal regul atory framework for banks. In the years leading up to the GFC, the shadow banking
system has recorded steady growth. Important NBFIs included securitization vehicles (SPVs),
investment banks, money market funds, and mortgage companies. Due to inadequate regulation, the
shadow banking system was marked by irrational exuberance and poor risk management. NBFIs
were known to take higher liquidity and credit risk levels than traditional banks. T he vast majority of
NBFIs originated subprime mortgages, packaged them in mortgage-backed securities, and distributed
them throughout the financial system. When it became clear the securitization market was headed
for ruin, creditors ran from the shadow banking system, triggering a run that disrupted the flow of
credit to consumers.
Because of the shadow banking system's sheer size, interconnectedness with mainstream financial
institutions, the complexity of operations and assets, and dependence on short-term funds, its failure
had an enormous effect on the global financial system.
Debt Accumulation
In the decades leading up to the GFC, households had been accumulating debt. When housing prices
started falling, individuals and corporates concentrated on paying off debt while reducing
141
consumption and investment. T his gradually slowed down the economy.
Build-Up To the Financial Crisis and the Factors That Played

an Important Role
T he first prominent signs of problems arrived in early 2007 when Freddie Mac announced its
decision to stop purchasing high-risk mortgages. Around the same time, New Century Financial, a
leading mortgage lender to below-average-risk borrowers, filed for bankruptcy. Credit rating agencies
also began to downgrade structured financial instruments.
Another sign that all was not well came when the ABX index – used as a benchmark for measuring
the overall performance of the subprime mortgage market – began to reflect higher expectations of
default. After these initial warnings, runs occurred in the short-term market (shadow banking
system) – a market previously considered safe. Large-scale withdrawals from short-term funds were
made. Issuers of asset-backed commercial papers started having difficulties rolling over their
outstanding debt. What followed was a series of bankruptcy declarations and takeovers.
Notable Events
Failure of Countrywide Financial Corp.
Countrywide Financial Corp. was a major U.S. mortgage lending company. T he corporation was
founded in the 1960s by Angelo R. Mozilo, a butcher's son from the Bronx, and David Loeb, a founder
of a mortgage banking firm in New York. Subprime lending provided Countrywide with a lot of
benefits during the early 2000s. In 2001, mortgages accounted for 28 percent of Countrywide's net
income, with subprime loans raking in $280 million. By comparison, subprime loans had earned the
corporation just $86.9 million in the previous year. In 2002, a significant and rapid increase occurred
in Countrywide's loan portfolios to minorities and low- to moderate-income households.
In 2007, Countrywide's annual report took a somber tone after years of fast growth and optimistic
projections. Countrywide had already begun to feel the effects of the financial crisis. T he report
focused a great deal on the accounting details of its mortgage portfolio and default rates. T he report
revealed that in just a year, Countrywide had depreciated over $20 billion and absorbed over $1
142
billion in losses. By 2008 there was approximately $8 billion worth of subprime loans in
Countrywide's books, and to make matters worse, the delinquency rate stood at 7% against an
industry average of 4.67%. In the same year, foreclosures doubled, and the firm tried to cope with
the situation by laying off around 20 percent of its employees (20,000 people). In 2008, the company
was acquired by Bank of America after nearly failing due to a lack of funding. A substantial discount
was applied to the price tag compared to what the company was actually worth. Shares had been
valued at $20/share earlier in the year, but Bank of America paid just $8/share.
Failure of Bear Sterns
Bear Stearns was a global investment bank and financial company founded in 1923 in New York. It
collapsed during the 2008 financial crisis.
Ahead of the collapse, Bear Stearns was heavily involved in securitization and issued large amounts of
asset-backed securities. Even as investor losses mounted in those markets in 2006 and 2007, the
company's management felt it was a good time to increase exposure. To avert a sudden collapse, the
Federal Reserve Bank of New York provided an emergency loan in March 2008. Sadly, that wasn't
enough to save Bear Sterns. Unable to roll over its short-term funding, the bank was bought by
JPMorgan Chase at a big discount. To put that into perspective, Bear Stern's pre-crisis stock price
stood at more than $130 a share, but JPMorgan was able to negotiate a price of just $10 a share.
The Collapse of Lehman Brothers
In the mid-2000s, Lehman Brothers had massive exposure to mortgage-backed securities (MBS). T he
housing boom had led to the creation of an unprecedented amount of MBSs and collateral debt
obligations (CDOs). By 2007, Lehman Brothers was the largest holder of MBSs. But on September
15, 2008, Lehman Brothers filed for bankruptcy, marking the peak of the subprime mortgage crisis.
But what exactly happened?
In the first two quarters of 2008, the bank reported losses running into billions of shillings due to the
high default rate in the subprime mortgage business. Upon learning that Lehman had been
downgraded due to these losses and heavy exposure to the mortgage industry, the Federal Reserve
called Lehman to negotiate financing for its reorganization. After these discussions failed, Lehman
143
filed a Chapter 11 petition. It remains the largest bankruptcy in American history. One day after the
bankruptcy filing, the Dow Jones Industrial Average dropped 4.5%, its biggest decline since
September 11, 2001. T his signaled the government's limits in managing the crisis and caused a
general panic.
Lehman's bankruptcy filing was a seismic event that shook the global financial system to the core. In
the month following its collapse, equity markets lost more than $10 tri l l i on in market
capitalization.
The Collapse of the Reserve Primary Fund
T he Reserve Primary Fund (RPF) was the first money market fund ever created in the U.S. During
its peak, it held assets worth more than $60 billion. Amid the financial crisis of 2007-2008, RPF lost
dollar value or "broke the buck." "Break i ng the buck " refers to a situation where a money
market fund's investment income does not cover its operating expenses or investment losses.
Eventually, RPF was liquidated. But the failure of Lehman Brothers had a very strong hand in the
collapse of RPF.
RPF began to invest in commercial paper in 2006, an asset class the fund's founder Bruce Bent had
dismissed in 2001. By early 2008, 56% of the fund's portfolio was comprised of asset-backed and
financial-sector commercial paper. Lehman Brothers' bankruptcy on September 15, 2008, raised
concerns about RPF's holdings of Lehman-issued paper, which then accounted for 1.2% of its
portfolio. Among money market funds, RPF was especially vulnerable because it did not have a
parent company that could guarantee its share price. Withdrawals from the fund topped 25% by the
afternoon of September 15 and more than half the following day, as clients sought to exit the fund
before the price of its Lehman assets could impact RPF's share price. Without a buyer, the fund
declared the assets worthless and announced a $0.97 share price. T he fund was liquidated at the end
of September.
The Role of Subprime Mortgages and Collateralized Debt

Obligations (CDOs) in the Crisis
144
Subprime mortgages are mortgages given to individuals whose credit histories are poor,
i ncompl ete, or nonexi stent. Subprime borrowers often have poor credit ratings, large loan-to-
values (low up-front deposits), and high loan-to-income ratios. A typical subprime mortgage comes
with a low "teaser" rate in the first couple of years which then reverts to a higher rate for the
remaining term to maturity. In the years leading up to the GFC, subprime mortgages had several
notable features:
NINJA l oans: Some subprime mortgage varieties were extended to borrowers with no
income, no job, and no Assets.
100% l oan-to-val ue rati o: A 100 percent loan-to-value loan allows you to borrow 100
percent of the value of your property (T here's no up-front payment required).
Interest-onl y mortgage: Initially requires only payment of interest, typically in the first
five or ten years.
Li ar Mortgage: A type of mortgage whose approval requires little or no documentation
to prove the income of the borrower.
Many subprime borrowers, some of whom were property speculators, were optimistic that at the
end of their teaser period, they would be able to refinance to a similar or even better product or sell
the home at a profit. But when house prices declined, many of these borrowers found themselves in
negative equity positions (the value of their mortgages exceeded the value of their homes). Many
chose to default on their obligations, resulting in more foreclosures and a supply glut, further pushing
house prices down.
T he other notable practice in the lead-up to the financial crisis was the selling of loans to third
parties under the OT D (originate-to-distribute) model. Under the model, lenders would issue
mortgages to borrowers and then package them into secondary assets that could be sold to third-
party investors. Prior to the sale, lenders would cease holding the mortgages as assets on their
balance sheets. Instead, these loans would be moved into bankruptcy-remote structured investment
vehicles (SIVs). Investors used to do business directly with the SIVs. In securitization, certain types
of assets are bundled so that they can be repackaged into interest-bearing securities. Upon
purchasing the securities, the purchasers receive interest and principal payments from the assets.
145
Col l ateral i zed debt obl i gati ons (CDOs) provide an example of such a structure, where the pool
of securities is divided into multiple tranches (e.g., senior, junior, and equity). Cash flows and losses
are shared according to a waterfall structure, where senior tranches receive cash flows first but
absorb losses last. Despite the fact that the underlying mortgages consisted of NINJA and liar loans,
the senior tranches were deemed very safe and had an AAA rating. At the same time, many of the
junior tranches of multiple structures of CDOs were bundled together and resold as CDO-squared
(CDOs whose cash flows are backed by other CDO tranches rather than mortgages). In the end,
some of the products developed from these structures were too complex and opaque to be valued,
even during normal times and even for sophisticated investors.
T he fact that CDOs created from NINJA loans and other substandard facilities were given an AAA
rating demonstrates that rating agencies did very little to realistically and reliably assess the credit
quality of the CDOs. Notably, rating agencies relied on data provided by issuers while conducting
their credit analysis. In addition, rating agencies were usually paid by the issuer. In these
circumstances, there was a clear conflict of interest because the arrangement gave rating agencies
an incentive to issue favorable ratings. In other words, rating agencies were ready to turn a blind eye
to possible underlying risks in exchange for huge "assessment fees" from issuers.
The Roles of Different Types of Institutions in the Financial

Crisis, Including Banks, Financial Intermediaries, Mortgage
Brokers and Lenders, and Rating Agencies
Banks (Lenders) and Financial Intermediaries
Banks were mainly originators of mortgage-backed securities. After successfully selling mortgages to
consumers, banks securitize these mortgages (assets on the balance sheet) by creating structured
investment vehicles (financial intermediaries) via which the pooled assets would be sold to investors.
SIVs are usually designed to be bankruptcy-remote, meaning they have their own legal status. As a
result, an SIV's obligations are secure even if the parent company goes bankrupt. In the same breath,
the operations of the S.P. are restricted to purchasing and financing specific assets or projects.
T hese characteristics enabled banks to remove securitized assets from the balance sheet, a move
that in part contributed to relaxed lending and know-your-customer (KYC) standards. As a result, the
146
number of subprime mortgages would steadily increase as more and more assets got securitized.
Mortgage Brokers
Mortgage brokers serve as an intermediary, bringing together mortgage borrowers and lenders, but
they do not use their own funds to originate the loans.
Due to lax lending standards and weak internal controls, some brokers and borrowers submitted false
documentation that allowed borrowers to obtain funding under fraudulent terms. T he problem was
exacerbated by the compensation structure for most mortgage brokers, which rewarded increasing
the volume of loans originated while paying "lip service" to long-term performance. Brokers
generally incurred few (if any) consequences if an originated loan eventually defaulted. As a result,
brokers had little incentive to perform proper due diligence.
Rating Agencies
During the Global Financial Crisis of 2008, credit agencies came under fire for giving high credit
ratings to debts that later turned out to be high-risk investments. Specifically, they failed to identify
(or overlooked) risks that might have warned investors against investing in certain instruments, such
as mortgage-backed securities.
A potential conflict of interest between rating agencies and securities issuers was also highlighted.
Rating agencies are paid by issuers of securities to provide rating services. As a result, they might be
reluctant to assign very low ratings to the issuer's securities.
A third point to be noted is that subprime mortgages were too new to provide reliable, proven data
that could be used to draw long-term risk predictions. T hus, many of the initial ratings assigned to
these securitizations (most often the senior tranches with AAA ratings) were likely flawed from the
start.
Trends In the Short-Term Wholesale Funding Markets That

Contributed to The Financial Crisis
147
Short-term wholesale debt comprises two instruments: repurchase agreements (R.A.s) and
commercial paper (C.P.).
Repurchase Agreements (Repos)
Generally, a repurchase agreement ("repo") is an agreement that involves the sale and subsequent
repurchase of the same security at a higher price at a later date. It is a transaction in which a
security is exchanged for cash. T he security serves as collateral to the buyer until the seller can pay
them back, and in addition, the buyer earns interest. Since the security seller receives cash at the
beginning of the repo, the seller has the status of a borrower in a collateralized loan transaction
(with the security as collateral). T he security buyer, who provides cash at the beginning of the repo
but receives a higher sum at the end of it, can be considered a l ender (as the higher sum is
equivalent to principal plus interest).
Repo transactions can use a variety of securities as collateral, from government bonds, highly rated
corporate bonds, to securitized tranches. T here is a direct relationship between the quality of
collateral and the size of the haircut (that is, the difference between the initial market value of an
asset and the purchase price paid for that asset at the start of a repo), with higher (lower) quality
collateral having smaller (larger) haircuts. A haircut of 10% means that for every USD 100 pledged as
collateral, a borrower can get USD 90. A haircut aims to protect the lender from having to sell
collateral at a loss following a default and recovering less than the full amount of the loan. T he
bankruptcy process does not apply to repos. Consequently, if one counterparty fails, the other may
unilaterally terminate the transaction and sell the collateral.
Commercial Paper
Unsecured CP financing involves issuing short-term debt that is not backed by any assets. Due to the
absence of specific collateral that a lender can seize in the event of bankruptcy, unsecured
commercial paper issuers typically have very high credit quality. Normally, if C.P. issuers' credit
quality deteriorates, for example, by way of a rating downgrade, an orderly exit will occur through
margin calls.
However, there are special commercial papers that are backed by specific collateral. T he collateral
148
could be credit card loans, mortgages, or other securitizations. Such a commercial paper is known as
an asset-backed commercial paper (ABCP).
How Exactly Did These Short-term Funding Instruments contribute to

the Crisis?
SIVs holding mortgages were predominantly funded through ABCPs and repurchase agreements, so
they had to roll over obligations at maturity to maintain liquidity. SIVs were thus exposed to
significant funding liquidity risk in the event of a crisis. As housing and mortgage-backed security
prices declined, lenders began questioning the quality of the assets contained within SIV structures
and began extending fewer short-term loans. By August 2007, ABCP and repo markets had been shut
down entirely. SIVs' sponsors were also hurt since they often extended backstop lines of credit to
these entities. T he negative effect spread even further. For example, ACBPs had been popular
investments for money market funds. When ABCP prices started tumbling, large investors triggered
financial hemorrhage among the leading money market funds by rushing to withdraw their stakes.
T his further exacerbated the liquidity crisis.
Systemic Risk
Systemic risk refers to the possibility that a company- or industrial-level event could cause severe
instability or even the collapse of the entire industry or economy.
During the GFC, what began as a subprime mortgage crisis quickly escalated into a ful l -bl own
fi nanci al mel tdown whose effects were felt across the financial markets. Once market
participants started to grow wary and weary of doing business with financial institutions with a direct
or indirect stake in the mortgage industry, various actions were taken that ended up throwing the
financial markets further into turmoil. For example, haircuts on short-term funding increased from
0% before the crisis to nearly 25% in November 2008, shortly after the collapse of Lehman
Brothers. T he LIBOR-overnight index swap (OIS) spread, one of the most trusted indicators of the
overall health of the financial system, shot up from nearly 0% pre-crisis to over 3.6% at the peak of
the crisis. T he sharp increase pointed to dwindling confidence among participants in the interbank
lending market. At the same time, some institutions that could not borrow in the short-term market
149
were left with no choice but to sell some of their assets in distress. T his further pushed market
prices down and left these institutions with "bare bone" equity levels that couldn't support long-
term/strategic objectives. Some filed for bankruptcy, while a few lucky ones were bailed out by the
government or absorbed by other relatively stable institutions.
Figure 1 - Historical Preview of the Overnight Index Swap
150
Responses Made by Central Banks in Response to the Crisis
To combat the crisis, the Federal Reserve and other central banks from around the world devised
innovative liquidity injection facilities. T he Federal Reserve created backstop facilities to support
most asset classes that experienced stress during the crisis. T hese actions included:
Establishing long-term lending facilities against high-quality collateral;
Granting investment banks and securities firms access to the discount window (a lending
facility that helps financial institutions manage short-term liquidity needs;
Offering credit against illiquid asset-backed securities of high quality;
Providing financing for the purchase of unsecured C.P.s and ABCPs;
151
Providing liquidity to money market funds; and
Buying assets from Fannie Mae and Freddie Mac.
T hese actions were aimed at improving liquidity. T his led to the central banks' balance sheets
becoming significantly larger.
U.S. government interventions during the crisis were as follows:
T he Term Auction Facility (TAF), a program implemented in December 2007 to provide
funds to depository institutions through the auctioning of funds against a broad range of
collateral;
T he Primary Dealer Credit Facility (PDCF), which allowed the Fed to lend funds, via repos,
to primary dealers;
T he Economic Stimulus Act of February 2008 which provided temporary tax incentives
for businesses; and
T he T roubled Asset Relief Program (TARP) to purchase toxic assets and equity from
financial institutions
Question
152
Where did the Great Financial Crisis of 2007-2009 start?
A. T he collapse of Fannie and Mae
B. T he failure of the Lehman Brothers
C. T he central bank intervention
D. T he Subprime Mortgage Market.
Sol uti on
T he correct answer is D
T he events that led to the Great Financial Crisis started with a downturn in the US
subprime mortgage market in 2007.
153
Reading 11: GARP Code of Conduct
Describe the responsibility of each GARP Member concerning professional integrity,
ethical conduct, conflicts of interest, the confidentiality of information, and adherence to
generally accepted practices in risk management.
Describe the potential consequences of violating the GARP Code of Conduct.
T he excerpt is the GARP Code of Conduct by GARP.
Introductory Statement
T he GARP Code of Conduct ("Code") sets forth principles of professional conduct for Global
Association of Risk Professionals ("GARP"), Financial Risk Management (FRM®FRM®) and Energy
Risk Professional (ERP®ERP®) certifications and other GARP certification and diploma holders and
candidates, GARP's Board of T rustees, its Regional Directors, GARP Committee Members and
GARP's staff (hereinafter collectively referred to as "GARP Members") in support of the
advancement of the financial risk management profession. T hese principles promote the highest
ethical conduct and disclosure levels and provide direction and support for both the individual
practitioner and the risk management profession.
T he pursuit of high ethical standards goes beyond following the letter of applicable rules and
regulations and behaving in accordance with the intentions of those laws and regulations, it is about
pursuing a universal ethical culture.
All individuals, firms, and associations have an ethical character. Some of the biggest risks faced by
firms today do not involve legal or compliance violations but rest on decisions involving ethical
considerations and the application of appropriate standards of conduct to business decision-making.
T here is no single prescriptive ethical standard that can be globally applied. We can only expect that
GARP Members will continuously consider ethical issues and adjust their conduct accordingly as
they engage in their daily activities. T his document makes references to professional standards and
154
generally accepted risk management practices. Risk practitioners should understand these as
concepts that reflect an evolving shared body of professional standards and practices. In considering
the issues this raises, ethical behavior must weigh the circumstances and the culture of the
applicable global community in which the practitioner resides.
Code of Conduct
T he Code is comprised of the following Principles, Professional Standards, and Rules of Conduct,
which GARP Members agree to uphold and implement.
1. Principles
1.1 Professional Integrity and Ethical Conduct
GARP Members shall act with honesty, integrity, and competence to fulfill the risk professional's
responsibilities and to uphold the reputation of the risk management profession. GARP Members
must avoid disguised contrivances in assessments, measurements, and processes that are intended to
provide a business advantage at the expense of honesty and truthfulness.
1.2 Conflicts of Interest
GARP Members have a responsibility to promote the interests of all relevant constituencies and will
not knowingly perform risk management services directly or indirectly involving an actual or
potential conflict of interest unless full disclosure has been provided to all affected parties of any
actual or apparent conflict of interest. Where conflicts are unavoidable, GARP Members commit to
their full disclosure and management.
1.3 Confidentiality
GARP Members will take all reasonable precautionary measures to prevent intentional and
unintentional disclosure of confidential information.
155
2. Professional Standards
2.1 Fundamental Responsibilities
GARP Members must endeavor, and encourage others, to operate at the highest level of
professional skill.
GARP Members should always continue to perfect their expertise.
GARP Members have a personal ethical responsibility and cannot out-source or delegate
that responsibility to others.
2.2 Best Practices
GARP Members will promote and adhere to applicable “best practice standards,” and will
ensure that risk management activities performed under his/her direct supervision or
management satisfies these applicable standards.
GARP Members recognize that risk management does not exist in a vacuum.
GARP Members commit to considering the wider impact of their assessments and actions
on their colleagues and the wider community and environment in which they work.
2.3 Communication and Disclosure
GARP Members issuing any communications on behalf of their firm will ensure that the
communications are clear, appropriate to the circumstances and their intended audience, and satisfy
applicable standards of conduct.
Rules of Conduct
1. Professional Integrity and Ethical Conduct
GARP Members:
156
1.1 Shall act professionally, ethically, and with integrity in all dealings with employers, existing or
potential clients, the public, and other practitioners in the financial services industry.
1.2 Shall exercise reasonable judgment in the provision of risk services while maintaining the
independence of thought and direction. GARP Members must not offer, solicit, or accept any gift,
benefit, compensation, or consideration that could be reasonably expected to compromise their own
or another's independence and objectivity.
1.3 Must take reasonable precautions to ensure that the Member's services are not used for
improper, fraudulent, or illegal purposes.
1.4 Shall not knowingly misrepresent details relating to analysis, recommendations, actions, or other
professional activities.
1.5 Shall not engage in any professional conduct involving dishonesty or deception or engage in any
act that reflects negatively on their integrity, character, trustworthiness, or professional ability or
on the risk management profession.
1.6 Shall not engage in any conduct or commit any act that compromises the integrity of GARP, the
(Financial Risk Manager) FRM designation or the integrity or validity of the examinations leading to
the award of the right to use the FRM designation or any other credentials that may be offered by
GARP.
1.7 Shall endeavor to be mindful of cultural differences regarding ethical behavior and customs, and
to avoid any actions that are, or may have the appearance of being unethical according to local
customs. If there appears to be a conflict or overlap of standards, the GARP member should always
seek to apply the higher standard.
2. Conflict of Interest
GARP Members:
2.1 Shall act fairly in all situations and must fully disclose any actual or potential conflict to all
affected parties.
2.2 Shall make full and fair disclosure of all matters that could reasonably be expected to impair their
157
independence and objectivity or interfere with their respective duties to their employer, clients, and
prospective clients.
3. Confidentiality
GARP Members:
3.1 Shall not make use of confidential information for inappropriate purposes, and unless having
received prior consent shall maintain the confidentiality of their work, their employer or client.
3.2 Must not use confidential information to benefit personally.
4. Fundamental Responsibilities
GARP Members:
4.1 Shall comply with all applicable laws, rules, and regulations (including this Code) governing the
GARP Members' professional activities and shall not knowingly participate or assist in any violation
of such laws, rules, or regulations.
4.2 Shall have ethical responsibilities and cannot out-source or delegate those responsibilities to
others.
4.3 Shall understand the needs and complexity of their employer or client and should provide
appropriate and suitable risk management services and advice.
4.4 Shall be diligent about not overstating the accuracy or certainty of results or conclusions.
4.5 Shall clearly disclose the relevant limits of their specific knowledge and expertise concerning
risk assessment, industry practices, and applicable laws and regulations.
5. General Accepted Practices
GARP Members:
5.1 Shall execute all services with diligence and perform all work in a manner that is independent of
158
interested parties. GARP Members should collect, analyze and distribute risk information with the
highest level of professional objectivity.
5.2 Shall be familiar with current generally accepted risk management practices and shall clearly
indicate any departure from their use.
5.3 Shall ensure that communications include factual data and do not contain false information.
5.4 Shall make a distinction between fact and opinion in the presentation of analysis and
recommendations.
Applicability and Enforcement
Every GARP Member should know and abide by this Code. Local laws and regulations may also
impose obligations on GARP Members. Where local requirements conflict with the Code, such
requirements will have precedence.
Violation(s) of this Code may result in, among other things, the temporary suspension or permanent
removal of the GARP Member from GARP’s Membership roles, and may also include temporarily or
permanently removing from the violator the right to use or refer to having earned the FRM
designation or any other GARP granted designation, following a formal determination that such a
violation has occurred.
159
Practice Question
Romney Muriuki, FRM, works as an analyst for an African Insurance firm that has 8
branches in Central Africa. In a recent report, Muriuki makes the following statements:
"Based on the fact that the firm has recorded steady growth in customer numbers over
the last decade, and that the insurance penetration currently stands at 3%, I expect the
trend to continue for the next 10 years. I also expect that the company will be able to
translate the continually increasing revenue into significant profits."
T he report goes on to describe in detail the risks facing the firm, particularly geopolitical
risks associated with African countries. Muriuki's report:
A. Violated the Code by failing to distinguish factual details from his opinion
B. Did not violate the Code
C. Violated the code by giving a shallow professional assessment of the insurance market
in Africa
D. Violated the Code by failing to properly identify all the risks related to operations in
African countries
Historical growth can be presented as a fact since it actually happened. Muriuki states
that the firm should expect further growth in revenue and profits, which is an opinion.
He does not claim that these are facts. T herefore, he does not violate the standard
regarding the separation of facts from opinions.
160

CH 1 Foundations of Risk Management L9H2JR04CB

Uploaded by

Copyright:

Available Formats

CH 1 Foundations of Risk Management L9H2JR04CB

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CH 1 Foundations of Risk Management L9H2JR04CB

Uploaded by

Copyright:

Available Formats

FRM Part I Exam

Study Notes - Foundations of Risk Management

Last Updated: Jun 16, 2023

prohibited. Infringers will be prosecuted in their local jurisdictions. ”

1 - The Building Blocks of Risk Management 3

including quantitative measures, qualitative risk assessment techniques, and enterprise

can impact risk management.

aggregating risk exposures.

Risk and Its Management

adequate compensation for the risk taken in business activities.

T he building blocks of risk management include:

1. T he classic risk management process

2. Identifying knowns and the unknowns

3. Expected loss, unexpected loss, and the tail loss

4. Risk factor breakdown

5. Structural change from tail risk to a systemic crisis

7. T ypology of risks and risk interactions

9. Balancing Risk and Reward

10. Enterprise risk management

1. Types of Risk and Their Interactions

because each type of risk needs different skills to manage it.

component (idiosyncratic component), unique to the particular financial transaction under

correlations between market positions intended to offset one another.

Market risk can be further classified into the following categories:

arise in offsetting positions having the same maturity.

fluctuating international interest rates.

Credit risk can be further classified into:

leading to a takeover of his collateralized assets.

Downgrade Ri sk – T he risk that there might be a decline in the borrower's credit

ratings because of a drop in his creditworthiness.

to be lost is called loss given default.

At the portfolio level, the issues to be addressed are the following:

T he creditworthiness of the obligor: Based on this, an appropriate interest rate or spread

should be charged to compensate for the risk undertaken.

Concentration risk: T he extent of diversification of the obligor should be a concern.

comparatively lower than when there is a recession.

It comprises funding liquidity risk and market liquidity risk.

others. Technology risk arises from a computer system's failure.

strategy and its reputation too.

competitive in the marketplace.

businesses. For example, reputation is of crucial importance in the financial industry.

Interactions of Risk Types

2009 financial crisis.

reputation risk to the concerned company.

2. The Risk Management Process

Given below is the flow chart of the risk management process:

Methods of Risk Management

down the business unit or changing the business strategy.

retained by methods such as insurance of the risk.

3. Mi ti gati on of the ri sk : this method involves an attempt to decrease the exposure,

infrastructure and putting collateral on credit exposure.

example is in derivative products where a company pays a premium to a party to accept a

certain level of risk.

3. Known and Unknown Risks

threats that do hide away.

The Expected Loss

and could be avoided with the risk management process.

measured with some degrees of freedom.

T he probability of occurrence of a risk event