Introduction

Understanding the nature of risk is essential to comprehend the role and significance of risk management practices. We will not only define risk and risk management but also draw a clear comparison between risk management and risk taking, shedding light on their distinct purposes and outcomes.

In summary, risk and risk management are inseparable elements of the financial landscape. While risk taking involves embracing uncertainty for potential rewards, risk management focuses on minimizing potential losses and safeguarding assets. By understanding the interplay between risk and risk management, individuals and organizations can make informed decisions that align with their objectives and risk tolerance.

Understanding Risk

The concept of risk and its management dates back to approximately 1750 BC in the form of Code of Hammurabi which documents the guidelines for maritime loan insurance.

In the context of financial risk management, risk refers to the potential for financial loss or the variability in financial returns that arises from uncertain future events. This includes any scenario where the actual outcome may differ from the expected outcome, impacting the value of assets, liabilities, or overall financial health of an organization

Note: Investors typically prioritize avoiding negative outcomes over seeking positive surprises. Also, there esists a trade-off between risk and return: higher risk investments have the potential for greater returns while lower risk investments tend to offer more lower returns.

Risk Management

Risk management begins with a series of actions designed to minimize or eliminate a firm’s potential for expected losses. Additionally, it addresses the need to manage the unexpected losses. However, risk management extends beyond simply assessing risks; it also involves deciding how much risk a firm is willing to accept to achieve uncertain future returns. This aspect, known as risk-taking, includes the acceptance of additional risk in pursuit of greater gains.

The building blocks of risk management are:
1) The risk management process
2) Identifying risk: knowns and unknowns
3) Expected loss, unexpected loss, and tail loss
4) Risk factor breakdown
5) Structural change: from tail risk to systemic crisis
6) Human agency and conflicts of interest
7) Typology of risks and risk interactions
8) Risk aggregation
9) Balancing risk and reward
10) Enterprise risk management (ERM)

Risk Management Process

The risk management process involves a series of steps to determine whether the expected reward justifies the underlying risk. The below figure shows the risk management process:

The Risk Management Process

The risk management process includes four steps:
1) Identify the risk
2) Analyze the risk
3) Assess the impact of risk
4) Manage the risk

Risk Identification

Several techniques are used by risk managers to identify pertinent risks. An example of a data-driven approach is the analysis of historical loss data to understand the frequency and severity of losses. Another popular example in the industry is scenario analysis where the effect of different scenarios are assessed on model outcomes. Risks can also be identified by performing brainstorming sessions where senior management and business leaders provides their insights based on their experience related to regulatory standards, industry-wide practice, etc.

Risk identification also involves categorizing the risk based on its level of familiarity. The following figure illustrates that risks can range from expected (known) to completely unknown.

Risk Classification

• Knightian Uncertainty and Tail Risks: The unknown category is further divided into known unknowns (Knightian uncertainty) and unknown unknowns. Known unknowns are risks that may impact a firm but are not fully understood, whereas unknown unknowns are completely unforeseen events, often referred to as tail risks. Ideally, risk managers should strive to move risks into the known category whenever possible, although this is not feasible for risks that cannot be quantified.

Risk Management

The last step of the risk management process involves decinding on how to deal with risks. For the identified risks, one of the below four approaches can be taken:

• Avoid Risk: Some risks can be avoided by changing or discontinuing certain business activities. For instance, avoiding specific markets or offshoring production can help minimize political or foreign exchange risks.

• Retain Risk: Certain risks can be retained within the firm’s risk tolerance. This can be managed through mechanisms like risk capital allocation or insurance.

• Mitigate Risk: Risks can be mitigated by decreasing their exposure, frequency, or severity. For example, hedging can mitigate market risks like unwanted foreign currency exposure. Another example includes reducing the impact of potential credit defaults by obtaining collateral.

• Transfer Risk: Risks can be transferred to a third party using derivative products, structured products, or by paying a premium to an insurer or derivatives provider.

Challenges Associated with Risk Management

There are several challenges associated with risk management. Some of the important challenges are listed below:

1) Risk Concentration Among Few Participants: Risk ConcentrationIn order for the risk management to be beneficial for the economy, the risk should be sufficiently dispersed among the market participants. A prominent example where this did not hold true was Global Financial Crisis of 2007-2009 where the risk was concentrated among a limited number of particpants.

2) Corporate Governane Failure: There have been several incidents of coporate governance failures in the past where risk management failed to prevent financial accounting frauds. For instance, derivative instruments enable the assumption of high levels of risk, and the tendency of risk managers to mimic each other’s actions, such as selling risky assets during a market crisis, can increase market volatility and cause disruptions.

3) Complex Derivatives Trading: The use of derivatives in complex trading strategies has contributed to overstating the financial positions (i.e., net assets on the balance sheet) of many firms, complicating the risk levels they assume. Even with robust risk management policies, the use of such inaccurate information prevents these policies from being effective.

4) Zero-Sum Game: Risk management may not be effective from an overall economic perspective because it primarily involves transferring risk from one party to another, rather than eliminating it. In essence, risk management can be viewed as a zero-sum game, where some parties gain at the expense of others. If too many parties incur significant losses due to excessive risk assumption, it could trigger a widespread economic crisis.

Comparing Risk Management and Risk Taking

While both risk management and risk taking are integral parts of the financial landscape, they serve different purposes and outcomes:

Risk Taking

Risk taking involves making decisions that involve uncertainty and potential losses. It is a fundamental aspect of finance, as individuals and organizations undertake risks to achieve financial gains. For instance, investors may invest in stocks with the hope of earning higher returns, despite the associated risk of losing money.

For example, suppose an entrepreneur starts a new business venture in a competitive market. The entrepreneur is aware that the business carries a risk of failure due to market uncertainties. However, the potential rewards, such as high profits and market dominance, justify the risk-taking decision.

Risk Management

Risk management, in contrast, is a strategic process that aims to minimize potential losses and adverse impacts. It involves identifying risks, assessing their potential consequences, and implementing measures to mitigate or control those risks. The goal of risk management is to optimize the risk-reward trade-off by reducing the impact of negative outcomes.

For example, suppose a financial institution offers loans to borrowers. To manage credit risk, the institution implements a thorough credit assessment process, sets credit limits, and establishes collateral requirements. By doing so, the institution mitigates the risk of default and potential financial losses.

Test Your Understanding