Senior Manager Risk Workshop

Intended Audience

Strategic decision takers - chief executives, chief financial officers, senior operations management, internal auditors, treasurers, main board directors, and risk professionals.

Course Introduction

Organisations of all types are being exposed to risk management. For example, banks have long been subject to regulatory exposure from the Basle Accord and a revision to this has recently been published that will have profound implications for senior banking management. Furthermore in the UK the Turnbull Report requires all listed plcs to assess their risk management capabilities. Shareholders and other stakeholders, such as employees and customers, are becoming increasingly critical. The way that companies deal with risk is emerging as a differentiating factor. Successful companies will be those that are not afraid to embrace risk because they understand it and can manage it. However, a major obstacle is that risk is very often seen as someone else's problem whereas in reality it is everybody's problem. In short, if you don't manage your risks, they will manage you.

It is being increasingly recognised that there are important interrelationships between different types of risk and that a more comprehensive, integrated and disciplined approach to its management and mitigation is required than has often been the case in the past. Risk needs to be viewed more broadly than by the traditional classifications adopted in terms of country, counterparty and market, although these categories are still important. There are different levels of risk, like strategic and tactical. Strategic risk, for example, acknowledges the business as being an integrated entity. A simple illustration is a bank, which packages and trades financial risks in order to deliver higher returns. Strategic risk decision-making is based on the fact that risk (and its resulting expected returns) is not a by-product of the business, but is the product of the business. It is decision-making based on the view that detailed risk intelligence provides a competitive advantage-an edge in delivering both better products to customers and better returns to shareholders. In contrast, tactical risk management is decision-making based on the view that the business is a collection of semi-autonomous agencies each of which manages its book or risk management task separately. In the case of a bank, it assumes that risk can be managed one security or one desk at a time. Analysing risks tactically can be important to anticipate and identify possible courses of action for the purposes of mitigation, but an integrated perspective is indispensable.

Last, but not least, risk measurement, management and mitigation is often associated with the banking world and is perceived as being of limited relevance to non-financial institutions. Nothing could be further from the truth! International guidelines from bodies such as the OECD, coupled with national initiatives like the UK Combined Code and Turnbull corporate governance guidelines, require companies to identify, assess, manage and report on all risks that could affect their stakeholders. As a result, risk in its broadest sense has become a boardroom issue. It encompasses not merely those uncertainties that can be transferred to the insurance and financial markets, but also strategic, environmental and ethical issues in both those and other markets. It is, therefore, vital that both the Board and senior management know the top 10 risks they face and also set the tone for developing a more risk mature organisation.

The key focus of the course is upon the risk management process. This is the process by which organizations proactively try to ensure that the risks to which they are exposed are the risks to which they think they are and want/need to be exposed to operate their primary businesses. However risk is classified, a central challenge is in deciding what risks the firm is in the business to bear, or in what risks the firm has a perceived comparative informational advantage.

Senior Manager Risk Workshop

Day 1

Risk in Context, Funding/ Value Risk, Strategic Risk and Reputation Risk

Introduction

• Definition of risk
• Why and how risk management has developed
• Impact of regulation, e.g. Basle Accords - Basle 2
• Proactive versus reactive risk management
• Importance of integrated risk management
• Risk identification and classification
• Review of the many faces of risk

Understanding the Importance of Capital

• Investment capital: funds investment expenditures
• Risk capital: provides a buffer against unexpected losses arising from market, credit, and operational risks
• Regulatory capital: some firms required to hold against market and credit and operational risks (e.g., BIS and banks, insurers, etc.)
• Funding capital: funds short-term operating cash flows, costs, and non-capital-intensive investment expenditures
• Liquidity capital: covers cash balance obligations on debt servicing, derivatives, contract performance, etc.
• Signalling capital: excess capital held to enhance reputation and attract new customer business

Funding and Value Risk

• Definition
• Funding risk measurement
• Cash flow risk - scenario analyses of cash balances
• Value risk

Strategic Risk

• Sources of pressure to manage strategic risks
• Definition and scope
• Relationship with shareholder value
• Strategic versus tactical risk
• Scanning the external environment for risks

Assessing and Measuring Strategic Risks

• Evaluating returns to shareholders, risk assessment and the cost of capital
• Analytical frameworks
• Modelling approaches
• Scenario analysis

Managing and Mitigating Strategic Risk and Reputation Risk

• Definition and scope
• Relationship between corporate reputation and investor confidence
• Influence of intermediate interest and pressure groups

Managing and Mitigating Reputation Risk

• Codes of business conduct
• Integrating the press and PR operation within the mainstream of the business
• Quality control procedures

Day 2

Country and Counterparty Risk

Country Risk

• Definition and scope
• Weighing up external sources for risk identification
• Identifying risks, strategic and operational
• Evaluating probability and impact
• Balancing risk and gain
• Rating importance of risk
• Tools for structuring analysis
• Risk management in relation to risk assessment
• Critical evaluation of risk management techniques

Case Study

Counterparty Risk

• Definition and relevance to both financial and non-financial institutions
• Delivery risk
• Supply chain risk
• Customer loss risk

Financial Tools for Assessment and Key Issues

• Position audit/business appraisal
• Interpretation and ratio analysis
• Creative accounting
• Z Scoring
• PAS - Scoring
• Cash flow analysis

Case study

Mitigating Counterparty Risk

• Requirements of financial statements
• The role of documentation
• Covenants and guarantees
• Consolidation exercise

Day 3

Operational and Agency Risk

Operational Risk in Context

• Definition and overview of operational risk
• Operational risk and agency theory
• Operational risk and internal control
• Operational risk framework
• Operational risk measurement
• Basic Indicator approach
• Standardised approach
• Internal measurement approach
• Integrated operational risk management - what it means and how to achieve it
• Categorising operational risk as a basis for developing the risk awareness of business managers
• In depth review of a selection of the operational risk categories

Cases and Exercises

Operational Risk Incidents

• The use of operational risk incident databases
• How to develop an operational risk database

Exercise

Day 4

Risk Mitigation and Regulation

• The 4 'ts' and when to use them
• Take the risk - the impact is low and the probability is low (i.e. Do nothing)
• Treat the risk - reduce the probability (e.g. Improve internal controls)
• Terminate the risk - reduce the probability to near zero (e.g. Don't follow the course of action)
• Transfer the risk - reduce the impact (e.g. use insurance)
• Barriers to mitigating risk

Exercise on Risk Mitigation - Applying the Risk Framework to Specific Cases

Pulling it all Together

• The integrated nature of risk management and mitigation
• Roles and responsibilities for risk, management and mitigation

Review