The Professional Handbook Of Financial Risk Management

The Professional’s Handbook of

Financial Risk Management

The Professional’s Handbook of

Financial Risk Management

Edited by Marc Lore and Lev Borodovsky

Endorsed by the Global Association of Risk Professionals

OXFORD AUCKLAND BOSTON JOHANNESBURG MELBOURNE NEW DELHI

Butterworth-Heinemann

Linacre House, Jordan Hill, Oxford OX2 8DP

225 Wildwood Avenue, Woburn, MA 01801–2041

A division of Reed Educational and Professional Publishing Ltd

A member of the Reed Elsevier plc group

First published 2000

© Reed Educational and Professional Publishing Ltd 2000

All rights reserved. No part of this publication may be reproduced in

any material form (including photocopying or storing in any medium by

electronic means and whether or not transiently or incidentally to some

other use of this publication) without the written permission of the

copyright holder except in accordance with the provisions of the Copyright,

Designs and Patents Act 1988 or under the terms of a licence issued by the

Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London,

England W1P 9HE. Applications for the copyright holder’s written

permission to reproduce any part of this publication should be

addressed to the publishers

British Library Cataloguing in Publication Data

The professional’s handbook of financial risk management

1 Risk management 2 Investments – Management

I Lore, Marc II Borodovsky, Lev

332.6

Library of Congress Cataloguing in Publication Data

The professional’s handbook of financial risk management/edited by Marc Lore and

Lev Borodovsky.

p.cm.

Includes bibliographical references and index.

ISBN 0 7506 4111 8

1 Risk management 2 Finance I Lore, Marc II Borodovsky, Lev.

HD61 1.P76

658.15@5—dc21 99–088517

ISBN 0 7506 4111 8

Typeset by AccComputing, Castle Cary, Somerset

Printed and bound in Great Britain

Contents

FOREWORD xi

PREFACE xiii

ABOUT GARP xiv

LIST OF CONTRIBUTORS xv

ACKNOWLEDGEMENTS xviii

INTRODUCTION xix

PART 1 FOUNDATION OF RISK MANAGEMENT

1. DERIVATIVES BASICS Allan M. Malz 3

Introduction 3

Behavior of asset prices 4

Forwards, futures and swaps 7

Forward interest rates and swaps 14

Option basics 16

Option markets 21

Option valuation 24

Option risk management 29

The volatility smile 34

Over-the-counter option market conventions 37

2. MEASURING VOLATILITY Kostas Giannopoulos 42

Introduction 42

Overview of historical volatility methods 42

Assumptions 43

Conditional volatility models 45

ARCH models: a review 46

Using GARCH to measure correlation 50

Asymmetric ARCH models 52

Identification and diagnostic tests for ARCH 53

An application of ARCH models to risk management 55

Conclusions 67

3. THE YIELD CURVE P. K. Satish 75

Introduction 75

Bootstrapping swap curve 77

Government Bond Curve 100

Model review 106

Summary 108

vi The Professional’s Handbook of Financial Risk Management

4. CHOOSING APPROPRIATE VaR MODEL PARAMETERS AND RISK

MEASUREMENT METHODS Ian Hawkins 111

Choosing appropriate VaR model parameters 112

Applicability of VaR 114

Uses of VaR 115

Risk measurement methods 115

Sources of market risk 117

Portfolio response to market changes 124

Market parameter estimation 128

Choice of distribution 128

Volatility and correlation estimation 130

Beta estimation 133

Yield curve estimation 134

Risk-aggregation methods 134

Covariance approach 138

Historical simulation VaR 144

Monte Carlo simulation VaR 145

Current practice 146

Specific risk 147

Concentration risk 148

Conclusion 148

PART 2 MARKET RISK, CREDIT RISK AND OPERATIONAL RISK

5. YIELD CURVE RISK FACTORS: DOMESTIC AND GLOBAL

CONTEXTS Wesley Phoa 155

Introduction: handling multiple risk factors 155

Principal component analysis 158

International bonds 168

Practical implications 174

6. IMPLEMENTATION OF A VALUE-AT-RISK SYSTEM Alvin Kuruc 185

Introduction 185

Overview of VaR methodologies 185

Variance/covariance methodology for VaR 187

Asset-flow mapping 191

Mapping derivatives 194

Gathering portfolio information from source systems 196

Translation tables 199

Design strategy summary 200

Covariance data 200

Heterogeneous unwinding periods and liquidity risk 201

Change of base currency 201

Information access 202

Portfolio selection and reporting 203

Contents vii

7. ADDITIONAL RISKS IN FIXED-INCOME MARKETS Teri L. Geske 215

Introduction 215

Spread duration 216

Prepayment uncertainty 223

Summary 231

8. STRESS TESTING Philip Best 233

Does VaR measure risk? 233

Extreme value theory – an introduction 237

Scenario analysis 239

Stressing VaR – covariance and Monte Carlo simulation methods 242

The problem with scenario analysis 244

Systematic testing 244

Credit risk stress testing 247

Determining risk appetite and stress test limits 251

Conclusion 254

9. BACKTESTING Mark Deans 261

Introduction 261

Comparing risk measurements and P&L 263

Profit and loss calculation for backtesting 265

Regulatory requirements 269

Benefits of backtesting beyond regulatory compliance 271

Systems requirements 282

Review of backtesting results in annual reports 285

Conclusion 286

10. CREDIT RISK MANAGEMENT MODELS Richard K. Skora 290

Introduction 290

Motivation 290

Functionality of a good credit risk management model 291

Review of Markowitz’s portfolio selection theory 293

Adapting portfolio selection theory to credit risk management 294

A framework for credit risk management models 295

Value-at-Risk 296

Credit risk pricing model 299

Market risk pricing model 301

Exposure model 301

Risk calculation engine 302

Capital and regulation 302

Conclusion 304

11. RISK MANAGEMENT OF CREDIT DERIVATIVES Kurt S. Wilhelm 307

Introduction 307

Size of the credit derivatives market and impediments to growth 308

What are credit derivatives? 312

Risks of credit derivatives 318

Regulatory capital issues 330

viii The Professional’s Handbook of Financial Risk Management

A portfolio approach to credit risk management 333

Overreliance on statistical models 338

Future of credit risk management 339

12. OPERATIONAL RISK Michel Crouhy, Dan Galai and Bob Mark 342

Introduction 342

Typology of operational risks 344

Who manages operational risk? 346

The key to implementing bank-wide operational risk management 348

A four-step measurement process for operational risk 351

Capital attribution for operational risks 360

Self-assessment versus risk management assessment 363

Integrated operational risk 364

Conclusions 365

13. OPERATIONAL RISK Duncan Wilson 377

Introduction 377

Why invest in operational risk management? 377

Defining operational risk 378

Measuring operational risk 386

Technology risk 396

Best practice 399

Regulatory guidance 403

Operational risk systems/solutions 404

Conclusion 412

PART 3 ADDITIONAL RISK TYPES

14. COPING WITH MODEL RISK Franc¸ois-Serge Lhabitant 415

Introduction 415

Model risk: towards a definition 416

How do we create model risk? 417

Consequences of model risk 426

Model risk management 431

Conclusions 436

15. LIQUIDITY RISK Robert E. Fiedler 441

Notation 441

First approach 442

Re-approaching the problem 449

Probabilistic measurement of liquidity – Concepts 451

Probabilistic measurement of liquidity – Methods 455

Dynamic modeling of liquidity 464

Liquidity portfolios 468

Term structure of liquidity 469

Transfer pricing of liquidity 471

Contents ix

16. ACCOUNTING RISK Richard Sage 473

Definition 473

Accounting for market-makers 474

Accounting for end-users 486

Conclusion 490

17. EXTERNAL REPORTING: COMPLIANCE AND DOCUMENTATION RISK

Thomas Donahoe 491

Introduction 491

Defining compliance risk 492

Structuring a compliance unit 493

Creating enforceable policies 499

Implementing compliance policies 508

Reporting and documentation controls 513

Summary 520

18. ENERGY RISK MANAGEMENT Grant Thain 524

Introduction 524

Background 524

Development of alternative approaches to risk in the energy markets 525

The energy forward curve 526

Estimating market risk 536

Volatility models and model risk 542

Correlations 543

Energy options – financial and ‘real’ options 543

Model risk 545

Value-at-Risk for energy 546

Stress testing 547

Pricing issues 548

Credit risk – why 3000% plus volatility matters 548

Operational risk 551

Summary 555

19. IMPLEMENTATION OF PRICE TESTING Andrew Fishman 557

Overview 557

Objectives and defining the control framework 559

Implementing the strategy 563

Managing the price testing process 573

Reporting 574

Conclusion 578

PART 4 CAPITAL MANAGEMENT, TECHNOLOGY AND REGULATION

20. IMPLEMENTING A FIRM-WIDE RISK MANAGEMENT FRAMEWORK

Shyam Venkat 581

Introduction 581

Understanding the risk management landscape 583

Establishing the scope for firm-wide risk management 585

Defining a firm-wide risk management framework 587

Conclusion 612

x The Professional’s Handbook of Financial Risk Management

21. SELECTING AND IMPLEMENTING ENTERPRISE RISK MANAGEMENT

TECHNOLOGIES Deborah L. Williams 614

Introduction: enterprise risk management, a system implementation

like no other 614

The challenges 615

The solution components 618

Enterprise risk technology market segments 623

Different sources for different pieces: whom to ask for what? 627

The selection process 629

Key issues in launching a successful implementation 631

Conclusions 633

22. ESTABLISHING A CAPITAL-BASED LIMIT STRUCTURE

Michael Hanrahan 635

Introduction 635

Purpose of limits 635

Economic capital 637

Types of limit 644

Monitoring of capital-based limits 654

Summary 655

23. A FRAMEWORK FOR ATTRIBUTING ECONOMIC CAPITAL AND

ENHANCING SHAREHOLDER VALUE Michael Haubenstock and

Frank Morisano 657

Introduction 657

Capital-at-risk or economic capital 658

A methodology for computing economic capital 659

Applications of an economic capital framework 675

Applying economic capital methodologies to improve shareholder

value 680

Conclusion 687

24. INTERNATIONAL REGULATORY REQUIREMENTS FOR RISK

MANAGEMENT (1988–1998) Mattia L. Rattaggi 690

Introduction 690

Quantitative capital adequacy rules for banks 691

Risk management organization of financial intermediaries and

disclosure recommendations 716

Cross-border and conglomerates supervision 723

Conclusion 726

25. RISK TRANSPARENCY Alan Laubsch 740

Introduction 740

Risk reporting 740

External risk disclosures 764

INDEX 777

Foreword

The role and importance of the risk management process (and by definition the

professional risk manager) has evolved dramatically over the past several years. Until

recently risk management was actually either only risk reporting or primarily a

reactive function. The limited risk management tasks and technology support that

did exist were usually assigned to ex-traders or product controllers with little or no

support from the rest of business. The term professional risk manager was virtually

unheard of in all but the largest and most sophisticated organizations. Only after a

series of well-publicised losses and the accompanying failure of the firms involved did

the need for sophisticated, proactive and comprehensive financial risk management

processes become widely accepted.

The new world of the professional risk manager is one that begins in the boardroom

rather than the back office. The risk management process and professionals are now

recognized as not only protecting the organization against unexpected losses, but

also fundamental to the efficient allocation of capital to optimize the returns on risk.

The professional risk manager, when properly supported and utilized, truly provides

added value to the organization.

A number of risk books were published in the latter half of the 1990s. They

addressed the history of risk, how it evolved, the psychological factors that caused

individuals to be good or bad risk takers and a myriad of other topics. Unfortunately,

few books were written on the proper management of the growing population and

complexity of risks confronting institutions. Marc Lore, Lev Borodovsky and their

colleagues in the Global Association of Risk Professionals recognized this void and

this book is their first attempt to fill in some of the blank spaces.

KPMG is pleased to the be the primary sponsor of GARP’s The Professional’s

Handbook of Financial Risk Management. We believe that this volume offers the

reader practical, real world insights into leading edge practices for the management

of financial risk regardless of the size and sophistication of their own organization.

For those contemplating a career in risk management, the authors of this text are

practising financial risk managers who provide knowledgeable insights concerning

their rapidly maturing profession.

No one volume can ever hope to be the ultimate last word on a topic that is evolving

as rapidly as the field of financial risk management. However, we expect that this

collection of articles, written by leading industry professionals who understand the

risk management process, will become the industry standard reference text. We hope

that after reviewing their work you will agree.

Martin E. Titus, Jr

Chairman, KPMG GlobeRisk

Preface

Risk management encompasses a broad array of concepts and techniques, some of

which may be quantified, while others must be treated in a more subjective manner.

The financial fiascos of recent years have made it clear that a successful risk manager

must respect both the intuitive and technical aspects (the ‘art’ and the ‘science’) of

the discipline. But no matter what types of methods are used, the key to risk

management is delivering the risk information in a timely and succinct fashion, while

ensuring that key decision makers have the time, the tools, and the incentive to act

upon it. Too often the key decision makers receive information that is either too

complex to understand or too large to process. In fact, Gerald Corrigan, former

President of the New York Federal Reserve, described risk management as ‘getting

the right information to the right people at the right time’.

History has taught us time and time again that senior decision makers become so

overwhelmed with VaR reports, complex models, and unnecessary formalism that

they fail to account for the most fundamental of risks. An integral part of the risk

manager’s job therefore is to present risk information to the decision maker in a

format which not only highlights the main points but also directs the decision maker

to the most appropriate course of action. A number of financial debacles in 1998,

such as LTCM, are quite representative of this problem. Risk managers must work

proactively to discover new ways of looking at risk and embrace a ‘common sense’

approach to delivering this information.

As a profession, risk management needs to evolve beyond its traditional role of

calculating and assessing risk to actually making effective use of the results. This

entails the risk manager examining and presenting results from the perspective of

the decision maker, bearing in mind the knowledge base of the decision maker. It

will be essential over the next few years for the risk manager’s focus to shift from

calculation to presentation and delivery.

However, presenting the right information to the right people is not enough. The

information must also be timely. The deadliest type of risk is that which we don’t

recognize in time. Correlations that appear stable break down, and a VaR model that

explains earnings volatility for years can suddenly go awry. It is an overwhelming

and counterproductive task for risk managers to attempt to foresee all the potential

risks that an organization will be exposed to before they arise. The key is to be able

to separate those risks that may hurt an institution from those that may destroy it,

and deliver that information before it is too late.

In summary, in order for risk management to truly add value to an organization,

the risk information must be utilized in such a way as to influence or alter the

business decision-making process. This can only be accomplished if the appropriate

information is presented in a concise and well-defined manner to the key decision

makers of the firm on a timely basis.

Editors: Marc Lore and Lev Borodovsky

Co-ordinating Editor: Nawal K. Roy

Assistant Editors: Lakshman Chandra and Michael Hanrahan

About GARP

The Global Association of Risk Professionals (GARP) is a not-for-profit, independent

organization of over 10 000 financial risk management practitioners and researchers

from over 90 countries. GARP was founded by Marc Lore and Lev Borodovsky in

1996. They felt that the financial risk management profession should extend beyond

the risk control departments of financial institutions. GARP is now a diverse interna￾tional association of professionals from a variety of backgrounds and organizations

who share a common interest in the field.

GARP’s mission is to serve its members by facilitating the exchange of information,

developing educational programs, and promoting standards in the area of financial

risk management. GARP members discuss risk management techniques and stan￾dards, critique current practices and regulation, and help bring forth potential risks

in the financial markets to the attention of other members and the public. GARP

seeks to provide open forums for discussion and access to information such as

events, publications, consulting and software services, jobs, Internet sites, etc. To

join GARP visit the web site at www.garp.com