| |
|
|
What is risk management? |
| |
Risk management is the set of processes for managing risk exposures to limit losses.
|
| |
 |
| |
Does ALM fall into risk management? |
| |
We can answer by citing the definition of ALM as defined in the SOA ALM Specialty Guide "ALM can be defined as the ongoing process of formulating, implementing, monitoring and revising strategies related to assets and liabilities to achieve an organization's financial objectives, given the organization's risk tolerances and other constraints. ALM is relevant to, and critical for, the sound management of the finances of an organization that invests to meet its future cash flow needs and capital requirements." and hence should be an integrated part of Risk Management. |
| |
|
| |
Is Enterprise Risk Management (ERM) part of risk management? |
| |
In its “Overview of Enterprise Risk Management,” the Casualty Actuarial Society describes Enterprise Risk Management as: “…the discipline by which an organization in any industry assesses, controls, exploits, finances and monitors risk from all sources for the purposes of increasing the organization’s short- and long-term value to its stakeholders.”
The SOA ERM Specialty Guide says: “ERM is differentiated from traditional risk management (RM). It is the holistic aspect of the enterprise that makes the difference - the contribution to the overall portfolio risk, rather than the risk associated with each individual investment. Generally, the appropriate risk context is that of the entire enterprise. The enterprise view is consistent with the economic decisions facing the organization. If an insurance company is able to reduce risk, it will be able to reduce capital and hence, costs. A second reason supporting the enterprise context is that it aligns with stakeholders’ perspectives. An investor in an insurance company, like an investor in a particular mutual fund, is only concerned with the risk and return of the company in total.”
Enterprise Risk Management (ERM) is risk management. The term ERM amplifies the meaning of risk management as a function. In particular, ERM is a view of risk across an entire enterprise, and not just functional risk management of a particular risk. ERM is a comprehensive and consistent view of risk across an organization (or enterprise): comprehensive in the sense that it includes all risks, whether "financial", "operational" or strategic in nature; consistent in that ERM involves looking at these risks on as consistent a basis as possible. ERM also involves proactively managing risks, emphasizing enterprise risk management as an approach that assists organizations in taking appropriate levels of risk to generate strong risk-adjusted returns.
|
| |
|
| |
Can risk management be split into operational risk management and financial risk management? |
| |
The Basel Committee on Banking Supervision divides bank risk management into three parts: Market, Credit and Operational Risk Management. The FSA, UK regulator, suggests that insurance company risks can be subdivided into Credit, Market, Liquidity, Operational and Group Risks.
There are some risks that are much more "operational" in nature than others, and similarly some risks that are more "financial" in nature than others. However, ERM must recognize two things. First, that it is important that risks be managed consistently across an organization. Splitting into categories may involve the risk that one category gets more attention because of the background and experience of management or their comfort level in dealing with different types of risk. This could result in ignoring or downplaying important risks. This is not to say that there will not be specialists in evaluating certain types of risks - there will and should be. However, ERM adds value partly through the integration of risks. Second, it is important to recognize that, even though a risk may be "financial" in nature (for example, equity market risk), an organization's ability to manage that risk is only as good as the systems, people and processes that support the management of that risk. In fact, most failures stem from operational issues, even though the ultimate manifestation of an issue is financial. As a simple example, the best model for evaluating equity market risk will add no value in managing that risk if the data being used in the model has no integrity or if management decision-making processes do not properly incorporate the results of the model.
|
| |
|
| |
Are actuaries equipped to managing operational risks? |
| |
Operational Risks is defined in several sources as losses from inadequate or failed internal processes, people and systems or from external events; and includes Compliance, Legal, Operations, Selling, IT, Business Continuity and other areas not included in any other category. Actuaries are not uniquely qualified to manage operational risks. In fact many enterprise risk management teams include actuaries and people with several other specialties. However, since ORM is such a broad area, there are no other professions who are themselves uniquely qualified.
|
| |
|
| |
How can I know more about risk management? |
| |
There are various resources where you can find out more about risk management. There are many conferences with risk management focus (an example is the Enterprise Risk Management Symposium, SOA/CAS meetings also have special sessions that are risk management related). There are professional credential programs where you can qualify for a risk management certificate; see for example the SOA Chatered Enterprise Risk Analyst credential ( CERA), Global Association of Risk Professionals ( GARP) and Professional Risk Managers' International Association ( PRMIA). Their examination syllabus provides a comprehensive guide to risk management. For formal and rigorous training in risk management, many universities around the world also offer graduate-level financial engineering programs. Another good source of information is the newsletter published by the SOA/CAS/CIA Risk Management Section. |
| |
|
| |
Does risk management involve extensive quatifying/modelling works? |
| |
Risk management involves identifying, monitoring, limiting and managing risks. The monitoring of risks often involves models because the exact nature of a risk is often not obvious from a straightforward description of the risk. For example, in many cases, the bearer of a risk may not be concerned by losses below a certain threshold. Or they may want to know the largest loss that might be expected with a certain degree of statistical confidence. In both cases, risk holders will usually use models to answer the question. Most often the models will be statistical based and may be closed form, deterministic scenario or stochastic Monte Carlo models.
|
| |
|
| |
Would an actuary, who is fully equipped with risk management skills, be useful in a non-insurance environment? |
| |
Many non-insurance companies have financial risks stemming from any pools of securities that they hold, have longevity and ALM risks from pension plans, have price fluctuation risks from raw materials, transportation, power or other factors of production or distribution of products that would all be managed with actuarial risk models. Developments are being made in all areas of operational risk to develop complex models to assess that risk as well. In addition, an actuary who is fully equipped with risk management skills will also have the management skills to assist or lead the management of risks for any organization. |
| |
|
| |
Are there any Chief Risk Officers working in non-insurance fields? |
| |
Banks, insurers and energy companies are where most of the current CRO’s are employed. However a number of other firms of all types are appointing CRO’s. |
| |
|
| |
What are the duties of Chief Risk Officers, does it tilt toward financial and/or non financial aspects? |
| |
James Lam is credited with being the first CRO. In his book “Enterprise Risk Management: from Incentives to Controls he says that CRO’s have a range of responsibilities including leadership, vision and direction for ERM and implementing a set of risk metrics. This suggests both quantitative and management skills. |
| |
|
| |
What else would you like to know? |
| |
Please send your enquiry to info@actuaries.org.hk. Questions and corresponding answers will be posted anonymously. |
| |
|
| |
See the presentation given in May 2006 to ASHK members regarding "Risk Management and the Actuarial Profession". |
| |
|
| |
See the presentations given in January 2008 to ASHK 1st Regional Conference on "Risk Management in Financial Services". |
| |
|
| |
See the presentation given in December 2009 to ASHK members regarding "Risk Management Practices of the Hong Kong Insurance Industry: Survey". |
| |
|
| |
See the presentations given in February 2010 to ASHK 2nd Regional Conference on "Post Financial Crisis: A New World". |
| |
|
| |
See the presentation given in March 2010 to ASHK members regarding "Risk Optimization of Insurance Portfolios". |
| |
|
