Define risk taxonomy
A risk taxonomy is a full list, description and categorization of all risks that an organization might face.
Outline the risks that may be included in a basic risk taxonomy
A common, basic risk taxonomy is made up of five risk types:
- Market risk - risks arising from changes in market values.
- Liquidity risk - risk associated with funding or cashflow requirements.
- Credit (or default or counterparty) risk - the risk of failure of a third party to meet contractual obligations in a timely way.
- Operational risk - the risk of loss resulting from inadequate or failed internal processes, people or systems or due to external events.
- Underwriting/Insurance risk - the risk of accepting risks which turn out to be inappropriate or pricing accepted risks inappropriately.
Market, liquidity and credit risks are commonly described grouped under the umbrella category of financial risks.
Define market risk
The risk arising from changes in investment market values or other features correlated with investment markets, such as interest and inflation rates. This would include the consequence of investment market value changes on liabilities, and may also include the consequence of mismatching assets and liability cashflows.
The term ‘market risk’ may also be used to refer to the risk of lower sales or profit margins resulting from changes in market conditions, where ‘market’ is interpreted as the market into which products or services of that entity are sold.
Describe types of market risk associated with changes in values of assets and/or liabilities
Risk types and their causes:
- Trading risk:
- Changes in prices (equity, commodity) or rates (interest, exchange).
- Basis risk - Asset/liability mismatch:
- Unmatched interest rate sensitivity of assets and liabilities.
- Foreign exchange risk.
- Basis risk. - Liquidity risk:
- Inability to fund obligations without sizeable losses.
- Insufficient market capacity leading to adverse impact on market price when deal required.
Characterization - Mismatch risk takes longer to close out than for interest rate trading risk and can be hedged more frequently than the other two types of risk.
Describe economic risk
The risk arising from the impact of macroeconomic factors on an organization and/or its customers.
Examples are inflation rates and changes in demand.
Define interest rate risk
Interest rate risk refers to risks arising from changes in interest rates, which could include impact on customers behavior as well as the financial impact.
It could be considered a subset of market risk, and can also be a component of economic risk.
Describe foreign exchange risk
Foreign exchange risk is risk arising due to exposure to movement in foreign exchange rates.
Foreign exchange (FX) risk can also be considered a subset of market risk, and a component of economic risk.
Under market risk, foreign exchange rate movements can affect:
- Foreign revenues and expenses as expressed in the home currency (TRANSACTION exposure).
- Prices of exported goods thereby affecting foreign sales (ECONOMIC exposure)
- Consolidation accounts (TRANSLATION exposure)
Describe basis risk
The risk arising from differences in the movements of two comparable indices so that offsetting investments in a hedging strategy will not experience exactly offsetting movements.
For example, hedging a well-diversified portfolio using a FTSE futures contract exposes the investor to basis risk as the value of the portfolio will not move exactly in line with the index future contract.
Describe credit / counterparty risk
The risk of loss due to contractual obligations not being met (in terms of quantity, quality or timing) either in part or in full, whether due to inability of, or decision by, the counterparty.
Credit risk has two components:
- The probability of default
- The loss (or recovery) on default.
Many people (including Sweeting) consider the risk of changes in value of an asset due to changes in the credit spread (reflecting a change in actual or perceived creditworthiness) as a market risk.
Define liquidity risk
Liquidity risk can refer to:
- The risk of money markets not being able to supply funding to businesses when required (FUNDING liquidity risk)
- Or more broadly to the management of short term cashflow requirements
- Or an insufficient capacity in the market to handle asset transactions at the time when the deal is required and without a material impact on price (MARKET liquidity risk).
Define insurance risk and underwriting risk
Typically, insurance risk relates to deviations in the timing, frequency and severity of insured events from those expected at underwriting.
Underwriting risk, on the other hand, relates to the possible errors in the selection, approval or pricing of insurance risks. This is sometimes referred to (eg by Lam) as actuarial risk.
Insurance risk might be broken into various components such as:
- demographic risks, eg mortality, morbidity, % married
- non-life insurance risks, eg property, casualty
- other risks, eg persistency and expense
Similarly, demographic and non-life insurance risks can be sub-divided into:
- level (or underwriting) risks – underlying intensity) is not as expected
- reserving risk, eg volatility, catastrophe, trend or cycle.
Define operational risk
Operational risk is the risk of losses resulting from inadequate or failed internal processes, people and systems, or from external events.
The Basel definition, adds: ‘This definition includes legal risk, but excludes strategic and reputational risk.’
Possible components of operational risk
- process risk, people risk, systems / technology / cyber risks
- event risk
- strategic risk
- crime risk
- regulatory (or compliance) risk
- project risk
Describe legal risk
Legal risk is risk arising from the understanding of and adherence to legislation, including changes in accepted interpretation.
Adherence also encompasses the need to be able to demonstrate compliance.
Three specific legal risks are:
- impact of new legislation or changes in legislation
- problems arising from important contracts’ provisions
- risks of adverse court judgements
Outline political risk
Political risk encompasses a wide range of risks, including those related to political decisions (both social and fiscal) or indecision, changes in government, or events related to political instability including terrorism and wars.
Political risks might arise at various levels:
- micro level – affecting specific firms, sectors, regions etc.
- macro (national) level – eg nationalization of an industry
- macro (international) level – eg conflicting actions of different governments on an organization operating across many countries, perhaps involving a complex system of tariffs and quotas.
Define agency risk
Agency risk is the risk resulting from the misalignment of interests between different stakeholders.
The term is sometimes used to refer to the specific risk that the management of an organization will not act in the best interests of other stakeholders.
Define reputational risk
Reputational risk is the risk that events or circumstances could have an adverse impact on an organization’s reputation or brand value.
Define strategic risk
Strategic risk relates to the achievement of an organization’s overall strategic business plans and objectives.
Strategic risk covers all those operational risks that might prevent an organization meeting its objectives.
Describe moral hazard risk
Moral hazard refers to the action of a party who behaves differently to that if they were fully exposed to the consequences of that action. The party behaves inappropriately or less carefully than they would otherwise, leaving the organisation to bear some of the consequences of the action.
For example, a bank may perform fewer credit checks if it is securitising the loan portfolio.
Moral hazard is related to information asymmetry, with the party causing the action generally having more information than the organisation that bears the consequences.
Moral hazard may be categorised as a people (operational) risk.
Describe conduct risk
The phrase conduct risk is sometimes used to encompass those risks that relate directly to the relationship between a company and its customers.
It can therefore encompass elements such as:
- operational failures (eg poor control of distribution and/or servicing)
- information asymmetries
- keeping pace with regulatory requirements and customer needs
- market conditions
- product development activities
- strategic objectives.
Describe environmental risk
Environmental risk covers risks relating to the natural environment and human interactions with it. Drivers range from natural disasters and climate change to pollution and the impact of declining natural resources.
Environmental risk relates to:
- resources, eg regulation on use, depletion and associated increased costs
- pollution, eg consequences of non-control, emissions quotas.
The consequences associated with non-control of pollution include fines, reputational damage, business interruption, and the effects of global warming.
A particular concern is the longer-term impact on economic growth.
Describe social risk
Social risk arises due to uncertainty over the future characteristics of a population, such as:
- age profile
- educational and health standards
- economic wealth
- attitudes and lifestyles.
Describe the various types of risk that might be described as market risks
Market risk: just relating to stock market prices, or broader, eg to include interest rate risk?
Interest rate risk may be both a market risk and an economic risk.
Market risk may also refer to the risk of lower sales due to conditions changing in the market into which products or services are sold.
Value changes of corporate bonds due to changes in the credit spread, normally deemed to be market risk, may be categorized as a credit risk.
Describe other examples of inconsistent classifications
Business risk may be used to encompass all risks to which businesses are exposed, or may be used to refer to that subset of risks which are specific to the type of business undertaken, such as insurance risks for insurance companies.
Demographic risk may be regarded as a component of insurance risk, an operational risk (employees) or a market risk (target market).
Government may act (political risk) to devalue the currency (economic risk).
Agency risk may be classified as an operational (people) risk.
Reputational and strategic risks may (Sweeting) or may not (Basel II) be regarded as operational risks.
Insurance and underwriting risks may be used synonymously.
Crime risks might alternatively be categorised according to the nature of the crime.
