FRM

Part I Exam

By AnalystPrep

Study Notes - Foundations of Risk Management

Last Updated: 16-10-2020

1
© 2014-2020 AnalystPrep.
 Table of Contents

1 - The Building Blocks of Risk Management 3

2 - How Do Firms Manage Financial Risk? 19
3 - The Governance of Risk Management 29
4 - Credit Risk Transfer Mechanisms 45
Modern Portfolio Theory (MPT) and the Capital Asset Pricing
5 - 58
Model (CAPM)
The Arbitrage Pricing Theory and Multifactor Models of Risk
6 - 75
and Return
7 - Risk Data Aggregation and Reporting Principles 86
8 - Enterprise Risk Management and Future Trends 95
9 - Learning From Financial Disasters 110
10 - Anatomy of the Great Financial Crisis of 2007-2009 141
11 - GARP Code of Conduct 155

2
© 2014-2020 AnalystPrep.
 Reading 1: The Building Blocks of Risk Management

After completing this reading you should be able to:

Explain the concept of risk and compare risk management with risk-taking.

Describe elements, or building blocks, of the risk management process and identify

problems and challenges that can arise in the risk management process.

Evaluate and apply tools and procedures used to measure and manage risk, including

quantitative measures, qualitative assessment, and enterprise risk management.

Distinguish between expected loss and unexpected loss and provide examples of each.

Interpret the relationship between risk and reward and explain how conflicts of interest

can impact risk management.

Describe and differentiate between the critical classes of risks, explain how each type

of risk can arise, and assess the potential impact of each type of risk on an

organization.

Explain how risk factors can interact with each other and describe challenges in

aggregating risk exposures.

Risk and its Management

Risk refers to the potential variability of returns around an expected return from a portfolio or an

expected outcome. The financial risk that arises from uncertainty can be managed and mitigated.

Modern risk management refers to the ability, in many instances, to price risks and to provide

adequate compensation for the risk taken in business activities.

The building blocks of risk management include:

1. The classic risk management process

2. Identifying knowns and the unknowns

3. Expected loss, unexpected loss, and the tail loss

3
© 2014-2020 AnalystPrep.
 4. Risk factor breakdown

5. Structural change from tail risk to a systemic crisis

6. Human agency and conflicts of interest

7. Typology of risks and risk interactions

8. Risk aggregation

9. Balancing Risk and Reward

10. Enterprise risk management

1. Types of Risk and Their Interactions

Risk can be grouped depending on different types of business environments. Grouping of the

risks is essential for the business institutions to factor into specific risks while managing them.

This is true because each type of risk needs different skills to manage it.

A typical typology of risks should always be flexible to accommodate new forms of risks that are

ever-emerging (such as cyber risks). The following diagram gives the typical modern typology

of corporate risks:

4
© 2014-2020 AnalystPrep.
Market Risk

This is the risk associated with the potential reduction in the value of a portfolio or security due

to changes in financial market prices and rates. Price risk can be decomposed into a general

market risk component (the risk that the market as a whole will fall in value) and a specific

market risk component (idiosyncratic component), unique to the particular financial transaction

under consideration. In trading activities, a risk arises both from open (unhedged) positions and

from imperfect correlations between market positions that are intended to offset one another.

5
© 2014-2020 AnalystPrep.
 Market risk can be further classified into the following categories:

Interest rate risk- It arises from fluctuations in the market interest rates, which may cause a

decline in the value of interest rate sensitive portfolios. For example, the bond market is affected

by interest rates in the market. Curve risk can arise in portfolios in which long and short

positions of different maturities are effectively hedged against a parallel shift in yields, but not

against a change in the shape of the yield curve. If the rates of the positions are imperfectly

correlated, basis risk may arise in offsetting positions having the same maturity.

Equity price risk – This is the risk that is associated with the volatility in the stock prices. The

market risk component is the sensitivity of the equity or a portfolio to a change in the level of a

market index. This risk cannot be done away with by diversification. The idiosyncratic or specific

threat is the component of volatility determined by firm-specific characteristics like its

management, production line, etc. This can be done away with by diversification.

Foreign Exchange Risk- Due to operations that involve foreign currencies, imperfectly hedged

positions in certain currencies may arise, which may cause exposure to exchange rates. Major

factors influencing foreign exchange risk are imperfect correlations in currency prices and

fluctuating international interest rates.

6
© 2014-2020 AnalystPrep.
Credit Risk

The risk associated with a counterparty not fulfilling its contractual obligations is the credit risk.

For example, the default on a credit card loan is the scenario in which credit risk materializes for

a credit card company.

Credit risk can be further classified into:

Bankruptcy risk- The risk associated with a borrower's inability to clear his debt

leading to a takeover of his collateralized assets.

Downgrade risk- The risk that there might be a decline in credit ratings of a borrower

because of a drop in his creditworthiness.

Credit risk is a matter of concern only when the position is an asset and not a liability. If the

position is an asset, then a default by the counterparty may cause a loss of total or a partial value

of the position. The value that is likely to be recovered is called recovery value, while the amount

that is expected to be lost is called loss given default.

At the portfolio level, the issues to be addressed are the following:

The creditworthiness of the obligor: Based on this, appropriate interest rate or spread

should be charged to compensate for the risk undertaken

Concentration risk: The extent of diversification of the obligor should be a concern.

The state of the economy: When the economy is booming, the frequency of defaults is

comparatively lower than when there is a recession.

Liquidity Risk

It comprises of funding liquidity risk and market liquidity risk.

Funding liquidity risk is associated with the risk that a firm will not be able to settle its

obligations immediately when they are due. It relates to raising funds to roll over debt and to

meet margin calls and collateral requirements. Funding liquidity risk can be managed by holding

7
© 2014-2020 AnalystPrep.
highly liquid assets like cash.

Trading liquidity risk (also called market liquidity risk) is the risk associated with the inability of

a firm to execute transactions at the prevailing market price. It may reduce the institution's

ability to hedge market risk, and also it is the capacity to liquidate assets when necessary.

Operational Risk

It refers to the risk that arises due to operational weaknesses like management failure, faulty

controls, inadequate systems, among others. Human factor risk is one of the essential

operational risks, and it results from human errors like entering wrong parameter values, using

wrong controls, among others. Technology risk arises from a computer system's failure.

Business Risk

It arises from the uncertainties in demands, the cost of production, and the cost of delivery of

products. Business risk is managed by framing appropriate marketing policy, inventory policies,

choices of products, channels, and suppliers, etc. Business risk is affected by the quality of a

firm's strategy and its reputation too.

Strategic Risk

It is the risk associated with the risk of significant investments for which the uncertainty of

success and profitability is high. It is related to the strategic change in the policies of a company

to make it more competitive in the marketplace.

Reputation Risk

It comprises of the beliefs that an enterprise can settle its obligations to counterparties and

creditors and secondly, that it follows ethical practices. Trust and fair dealing are two essential

things that drive businesses. For example, reputation is of crucial importance in the financial

industry.

Interactions of Risk Types

8
© 2014-2020 AnalystPrep.
Risks can flow from one type to another. For instance, during hard business times, the risk can

flow from the credit risk to Liquidity risk and then to market risk. This kind of flow was seen in

the 2007-2009 financial crisis.

Another example is where operational risk (as a form of lousy trading activity by the traders)

flows to market risks by creating unfavorable market positions. Moreover, this can move to

become a reputation risk to the concerned company.

2. The Risk Management Process

Given below is the flow chart of the risk management process:

Risk management includes the identifying of the type and level of risk that is appropriate for the

firm to assume, analyze, and measure the risk, assess the possible outcomes of each risk. The

final stage is the management of the risks.

9
© 2014-2020 AnalystPrep.
Methods of Risk Management

1. Avoiding the risk: some risks can be managed by avoiding it. For instance, closing

down the business unit or changing the business strategy.

2. Retaining or keeping the risk: the company can accommodate the risk by holding risk

capital.

3. Mitigation of the risk: this method involves an attempt to decrease the exposure,

frequency, and severity of the risk. A good example is the improvement of a firm's

infrastructure and putting collateral on credit exposure.

4. Transfer risk: this method applies to risks that can be transferred to a third party. An

example is in derivative products where a company pays a premium to a party to accept

a certain level of risk.

3. Known and Unknown Risks

According to Frank Knight (1921), risk managers should not concentrate on known risk only but

also the unknown risks. He also classified the risks, as seen in the diagram below.

10
© 2014-2020 AnalystPrep.
 Unknown risks can be very significant and essential, even though their measurement can be

impossible. Unknown risks can be managed using the usual forms of risk management.

Rumsfeld classification implies that risk managers should focus not only on measurable risks but

also on an unknown risk. They should strive to unravel the "unknown unknowns," which includes

threats that do hideaway.

4. Expected, Unexpected and Tail Loss

11
© 2014-2020 AnalystPrep.
The Expected Loss

The expected loss can be defined as the mean loss an investor (position taker) might expect to

experience from a portfolio. The expected risks are those that may be large in size, are

predictable, and could be avoided with the risk management process.

Theoretically, portfolios usually bear the loss that is near to the average loss, which can be

statistically measured with some degrees of freedom.

Expected loss can be calculated from the underlying risk factors. Such factors include:

The probability of occurrence of risk event

The size (severity) of the loss

The exposure to risk

Let us take an example of credit risk to the bank. Denote the probability of default by PD, bank's

exposure at default by EAD, and severity of loss given default by LGD. So, the EL is given by:

EL = EAD × LGD × PD

So, how does the bank's manager make sure that they make a profit? The bank management

should come up with the price that covers the expected loss. It is important to note that the

computation of expected loss is based on assumptions.

The Unexpected Loss

The unexpected loss is the level at which the losses in a portfolio defer from the average loss.

Unexpected risks due to unanticipated variability in the losses.

For instance, in a credit portfolio, an unexpected loss can be caused by a difference in the

number and severity of the loans. That is, a large number of small loans are diversified, and

hence we can estimate the expected loss. However, if the EL continuously changes due to

macroeconomic factors, it leads to unexpected loss.

12
© 2014-2020 AnalystPrep.
In some cases, some portfolios (such as credit) can show extreme loss variance over some

interval of time. In this case, the expected loss (EL) is calculated by averaging the loss from the

long run good years and a short run of bad years. However, in bad years, the losses can rise to an

unexpected level and even to extreme levels. Consequently, the banks are forced to increase the

risk capital and including an expected loss in pricing their products to guard itself against huge

unexpected losses, which can cause insolvency and defaults.

Value-at-Risk (VaR)

VaR is a statistical measure that defines a particular level of loss in terms of its chances of

occurrence, i.e., the confidence level of the analysis. In other words, VaR utilizes loss distribution

relative to a portfolio or a position to approximate losses at a given level of confidence.

For example, if a position in an option has a one-day VaR of $1 million at the 99% confidence

level, then the risk analysis will show that there is only a 1 percent probability of a loss that is

greater than $1 million on any given trading day.

The VaR measure works under normal conditions of the market and only over a short period,

13
© 2014-2020 AnalystPrep.
such as one trading day. Potentially, it is a poor and misleading measure of risk in abnormal

markets, over more extended periods, or for illiquid portfolios. VaR also depends upon the

control environment. Trading controls can be circumvented, and this usually happens when back-

office staff, business line managers, even risk managers do not have a proper understanding of

the critical significance of routine tasks, such as an independent check on volatility estimates, for

the integrity of key risk measures.

5. Breakdown and Interactions of Risk Factors

The risk managers must subdivide the risk into discrete risk factors so that each factor and the

interactions between these factors can be studied. An excellent example in the credit risk, which

we have studied earlier-where credit risk was divided into the probability of default (PD), bank's

exposure at default (EAD), and severity of loss given default (LGD).

However, there is an obvious challenge of how granular should a risk be, given the loss data.

Dividing the data to very small sub-factors is impractical since it is time-consuming and tiresome.

Secondly, analytical resources might be limited. Moreover, the data might be limited in terms of

quantity, quality, or descriptive ability.

The solution to this challenge is the emergence of machine learning. In machine learning and

substantial cloud-based calculation, power can help is isolating risk granules to smaller details.

6. Structural Change from Tail Risk to Systemic Crisis

Tail risks are those that rarely occur. They can be explained as the extreme version of

unexpected loss that is hard to find in the given data. They are usually revealed in time series

data of long periods. The tail risk can be detected using statistical methods such as the Extreme

Value Theory (EVT).

When the structure of a financial system changes, the risks increases. That is, events associated

with larges losses may increase as well as risk factor levels. Unless the structural problem is

fixed or proper risk management is adopted, new losses relative to a risk type might occur, which

14
© 2014-2020 AnalystPrep.
changes the amount of tail risk, expected and unexpected losses.

7. Human Agency and Conflicts of Interest

Financial systems are run by intelligent human beings who can adapt to change in a personal

and cunning manner. That is, those who are more experienced in risk management can play up

their game by hiding their risk analysis from other participants for their gain.

Having said this, many financial firms have employed three ways to control human agency and

conflicts of interest:

i. Firms create business models that can identify and manage risk.

ii. Employing risk managers that are qualified in risk management and day-to-day

oversight.

iii. Periodic independent oversight and assurance (e.g., internal audit)

These defense mechanisms do not always work due to industry innovations, which sometimes

leave loopholes in the risk management sector. Moreover, sometimes traders and the industry

leadership willingly alter the credibility of the risk management systems. That is why grasping

the role of human agency, self-interest, and conflicts interest are one of the cornerstones of risk

management.

8. Risk Aggregation

The risk manager should be able to identify riskiest businesses and determine the aggregate

risks of a firm. For instance, market risks are easily quantified and controlled by comparing the

notional amount in each asset held. This, most of the time, is impractical since different stocks

and industries have different volatilities.

Since the mushrooming of derivative markets in the 1970s, measurement of market risk became

relatively achievable. This is because the value and the risk of the derivatives depend on the

price of the underlying portfolio.

15
© 2014-2020 AnalystPrep.
Derivative traders developed risk measures termed as the Greeks. They include delta and theta.

Greeks are still used up to date, but they cannot be added up, rendering them limited at the

enterprise level.

Another measure of risk is VaR. VaR was a useful aggregation method up to the year before the

crisis, but it involves too many assumptions. However, VaR is marred with shortcomings but

remains to be essential to ask managers.

The disadvantages of these aggregate risk measurements have motivated the managers to come

up with total risk measures to replace the traditional measures but, most of the time, fail to

include critical dimensions of the risk and must be supplemented with other methods.

Conclusively, understanding how risks are aggregated and the drawbacks and advantages that

come with it is an essential risk management building block.

9. Risk and Reward Equilibrium

Normally, the assumption of higher systematic risk is associated with higher returns from

portfolios. However, the demanded returns from risky assets may not be apparent unless the

market of the asset is efficient and transparent. For example, the bond prices, solely, may not

imply the return demanded, taking additional risks. This can be the case because of liquidity and

tax effects. A key objective of risk management is to make transparent potential risks for the firm

and identify activities that may be detrimental for the firm in the long term.

For instance, a bank can include the cost of both the expected and unexpected cost by using the

following formula for risk-adjusted return on capital (RAROC):

Reward
RAROC =
Risk

Note the Reward can be After-Tax Risk-Adjusted Expected return, and the risk is described as

the economic capital so that:

After-Tax Risk-Adjusted Expected return

RAROC =
Economic capital

16
© 2014-2020 AnalystPrep.
If the RAROC is higher than the cost of equity capital, then the portfolio is valuable to the

investor. The cost of equity capital is the minimum return on equity capital required by the

shareholders to compensate for the risk.

Apart from the banking industry, RAROC is applied across different industries and institutions,

with the formula varying accordingly (but its purpose remains constant).

Uses of RAROC

1. Investment Analysis: RAROC formula is used to anticipate the likely returns from

future investments.

2. Comparing businesses: RAROC can be used to compare different units of a company

that needs varying amounts of economic capital.

3. Pricing strategies: A company can re-determine the pricing strategy of its products so

the risk-adjusted returns.

4. Risk management cost (benefit analysis): RAROC can be used by a firm to compare

the cost of risk management to the benefit of the firm.

10. Enterprise Risk Management (ERM)

Enterprise management risk (ERM) is the process of planning, organizing, leading, and

controlling the activities of an organization in order to minimize the effects of risk on an

organization's capital and earnings as a whole. ERM overcomes the challenge to "siloed" risk

management, where each unit of an institution manages its own risk independently.

Since the financial crisis of 2007-2009, risk cannot be represented by a single number but

rather:

i. Risk is multi-dimensional. That is, it should be approached from all angles and using

diverse methods.

ii. Risk demands specialized judgment that is seconded by statistical science application.

iii. Risk develops across all risk types, and thus one may miss the point by analyzing one risk

at a time.

17
© 2014-2020 AnalystPrep.
More clearly, firms need to adopt a 360-degree view on risk by using different tools and

appropriate levels of curiosity. ERM is not only about aggregating the risk across the risk types

and business lines but also taking a comprehensive risk management process while taking into

consideration the strategic decisions of a business. A simplified ERM is shown below:

18
© 2014-2020 AnalystPrep.
Question

Which of the following form is NOT included in the expected loss formula?

A. Probability of default

B. Loss given default

C. Unexpected loss

D. Exposure at default

Solution

The correct answer is C.

EL = EAD × LGD × PD

Unexpected loss is the level at which the losses in a portfolio defer from the average

loss as calculated by the expected loss.

19
© 2014-2020 AnalystPrep.
 Reading 2: How Do Firms Manage Financial Risk?

After completing this reading, you should be able to:

Compare different strategies a firm can use to manage its risk exposures and explain

situations in which a firm would want to use each strategy.

Explain the relationship between risk appetite and a firm’s risk management decisions.

Evaluate some advantages and disadvantages of hedging risk exposures and explain

challenges that can arise when implementing a hedging strategy.

Apply appropriate methods to hedge operational and financial risks, including pricing,

foreign currency, and interest rate risk.

Assess the impact of risk management tools and instruments, including risk limits and

derivatives.

Financial institutions are required to manage financial risks. However, it is an uphill task given

that risk management should go hand with the firm’s owners’ objectives, the reason for risk

management strategy and the type of risks, risks to be retained, and types of instruments

available.

The modern risk management follows an iterative road map which involves five key areas:

Identification of the Risk Appetite

This involves taking note of the corporate objectives and risks, and deciding whether to manage

risk and in case risks are managed, what type of risks.

Risk Appetite

Risk appetite refers to the types of risk the firm is willing to accommodate. It, however, should be

differentiated with the risk capacity, which is the highest level of risk that a firm can handle.

20
© 2014-2020 AnalystPrep.
Another term is the risk profile, which the current level of risk to which the firm is exposed.

The practical risk appetite is stated in two ways:

1. A statement that gives the preparedness of a firm to accommodate risks in wanting to

achieve its goals. This is usually an internal document which the board must approve.

2. The tools in which the risk appetite is related to daily risk management operations of the

firm. These include the risk policy of the firm, business lines’ risk statements, and risk

limits.

Many financial institutions have developed risk appetite as an essential factor. From the above

diagram, the risk appetite of a firm should be below the risk capacity and above the risk profile

of the firm. The dotted lined represents the upper and lower levels at which the risk must be

reported.

Risk Mapping

21
© 2014-2020 AnalystPrep.
The assessment of magnitudes of risks is required after a general policy structure pertaining to

risk management has been set up by the board of directors. Concerned officials from the firm

should identify the risks affecting their divisions, should record all the assets and liabilities

which have exposure to the risks, and should list orders falling in the horizon set for hedging

activities. Once the business risk, market risk, credit risk, and risks associated with operations

are identified, the management should look into appropriate instruments to hedge the risks. For

example, a firm with foreign exchange rate exposure may list all the assets and liabilities, having

exposure to the exchange rate on the horizon of hedging policy. It should also list sales and

expenses that are exposed to the exchange rate. After this, it can find the appropriate financial

instrument to hedge these risks.

Risk Management Strategies

After understanding the firm’s risk appetite and mapping risks, a risk manager can decide the

best way to address the risk while prioritizing the most severe and urgent risks. Moreover, risk

must put into consideration the cost and the benefits of each risk management strategy. Risk

management strategies include:

Avoiding the risk: some risks can be managed by avoiding them. For instance, closing

down the business unit or changing the business strategy.

Retaining the risk: some risks can be accommodated by the company, through

insurance.

Mitigating the risk: this method involves an attempt to decrease the exposure,

frequency, and severity of the risk. A good example is the improvement of a firm’s

infrastructure and putting collateral on credit exposure.

Transferring the risk: involves transferring some portion of the risk to a third party.

Such methods include insurance and the application of the derivatives.

The type of strategy is decided by the senior management, the board, and the risk manager of

the firm. The strategy should enable the firm to operate efficiently within the risk appetite.

22
© 2014-2020 AnalystPrep.
Now let us turn our attention a little bit on the transfer of risks. The tools of risk transfer

(Hedging) include forwards, futures, options, and swaps.

Forwards: A forward is structured such that an agreement is reached where a given

amount of asset is exchanged at a predetermined price in the future.

Futures: A future is a financial agreement that obligates the parties involved to

transact an asset at a predetermined future date and price. The buyer must buy, or the

seller must sell the underlying asset at the predetermined price, irrespective of the

current market price at the expiration date.

Options: These are financial instruments that are derivatives that give an investor the

right, but not the obligation, to buy or sell a predetermined asset on a specified future

date. Examples of the options include call option, put option, exotic option, and

swaption.

Swap: This is an over-the-counter (OTC) agreement to swap the cash value or the cash

flows associated with a business transaction at (until) the maturity of the deal. For

example, an interest rate swap involves payment of fixed interest rate on an agreed

notional cash amount for a specified period while the other party agrees to pay a

variable interest rate.

The type of transfer tool used depends on the desired goals of the firm. For instance, options

might be more flexible than the forward contracts—moreover, the trading mechanism of the risk

transfer instrument. For example, firms may decide to use either exchange-traded or over-the-

counter (OTC) instruments to hedge their risks. Exchange-traded instruments are standardized

products with maturities and strikes set in advance while over the counter derivatives are traded

by investment banks, among others, and can be tailored to the firm’s needs. The size of the

contract, strike, and maturity can all be customized. However, the credit risk is higher for OTC

contracts as compared to exchange-traded instruments. A firm should take into account the

liquidity and transaction costs related to the instrument that it wants to use for hedging.

Advantages of Hedging Risk Exposure

23
© 2014-2020 AnalystPrep.
Hedging can reduce the cost of capital, reduce cash flow volatility, check liquidity crunch, and

improve the debt capacity of a firm. Firms with tight financial constraints might always want to

minimize cash flow volatilities to capitalize on growth opportunities. If there are synergistic

effects of hedging on the firm’s operation, then it should actively hedge to reduce volatilities that

may adversely affect its business. For example, if a firm’s core business is to manufacture using

some crop as an input, then it may use futures on the crop to hedge the price of that crop. In so

doing, the firm may go about managing its core business rather than worrying about the price

fluctuations in the crop.

Disadvantages of Hedging Risk Exposure

Hedging can only lead to stable earnings for a limited period. Moreover, hedging is costly (for

example, an option requires premiums). Hedging might not be appropriate in a diversified

portfolio because risk might be diversified away.

Challenges of Implementing Hedging Strategy

A firm risk management team may miscomprehend the type of risk to which it is exposed,

incorrectly measuring or mapping the risk, fail to detect variation in market structure or maybe

among the rogue traders, is their own.

Moreover, hedging might involve complex derivatives or strategies which can be compromised by

certain events such as interest rate movements.

Poor communication concerning the risk management strategy can lead to dire consequences. A

hedging program should be well communicated.

Operationalization of Risk Appetite

As mentioned earlier, risk management road-map is iterative. To operationalize the risk

appetite, the risk manager evaluates the risk policies, sets the risk limit, and rightsizes the risk

24
© 2014-2020 AnalystPrep.
management team.

A firm can choose to hedge against volatilities related to its operations. For example, a firm may

hedge the cost of an input material required for a firm’s operations. Since this type of hedging

can help reduce the risks associated with the firm’s inputs, a firm can concentrate on its core

business. It has an impact on the prices of final products and also the scale of products being

sold. Hedging currency exposures to reduce risks of losses in exports constitutes an example of

hedging risks related to operations. A tomato ketchup company may choose to hedge its

exposure to tomato prices so that it may concentrate on the quality and marketing of its ketchup

rather than worrying about the losses it may incur if prices of tomatoes were to increase.

Hedging risks related to financial positions can be performed by hedging interest rate risks,

interest rate swaps, among others. If the marketplace is assumed to be perfect, then there is no

need for such hedging at all because this will not alter the financial health of a firm. However, if

hedging is attempted, it would be even for both parties in the hedge, as both will have equal

information about the markets. If the market is assumed inefficient, then there can be benefits

from hedging to one party in the transaction. The benefits may be from an increase of debt

capacity and tax advantage, economies of scale, or by having comparatively better information

than individual investors. Firms should essentially hedge their operations, and if they hedge their

financial positions, they should be transparent about their policies. So, accepting some form of

risk, hedging other risks, and management of costs of hedging to benefit the firm constitute the

activities underlying risk management.

Rightsizing Risk Management

When the firm has a clear picture of its objectives in risky areas, it needs to see that the risk

management team can come up and execute the approach. That is, risk management should fit

its purpose.

Rightsizing of the risk management team ensures that if a firm uses complex risk management

instruments, the firm is independent of risk management providers such as investment banks.

Rightsizing also involves making sure that the risk management function has an elaborate

25
© 2014-2020 AnalystPrep.
accounting treatment, which can be cost or a profit center. Moreover, the firm should also decide

whether to proportionally redistribute the cost of risk management to areas where risk

management is concerned, depending on the risk culture and appetite of the firm.

Risk Limits

Rightsizing risk management may also involve setting up a risk-limiting system. A good example

is the stress, sensitivity, and scenario analysis limits. Scenario analysis limits are linked to

determining how bad the situation in a hypothesized worst-case scenario. Stress test

concentrates on unique stresses while the sensitivity looks at the sensitivity of the portfolio to

variables changes. However, stress, sensitivity, and scenario analysis limits are sophisticated,

requires excellent expertise, and in case of scenario analysis is challenging to be sure if all bases

are covered.

Value-at-Risk (VaR) limits give an aggregate statistical digit as a limit, but the management can

easily misinterpret it. Moreover, it does not indicate the extent of an unfavorable condition in a

stressed market.

The Greek limits provide the risk positions of options using Greeks such as delta, gamma, and

theta. However, their calculations may be compromised, given the lack of management and

independence.

Risk concentration limits can also be used. Recall that the risk concentrations include product

and geographical risk concentrations. To set these limits, a risk manager ought to have an

expertise in dealing with correlations because capturing correlation risk in a stressed market is a

bit challenging.

Risk specific limits involve setting limits concerning specific risk types such as Liquidity ratios

for Liquidity risks. On the contrary, these limits are difficult to aggregate and require expert

knowledge.

Maturity (gap) limits state the limits of the transactions at maturity at each period. These limits

are aimed to decrease the risk associated with large size transactions in a given time frame.

26
© 2014-2020 AnalystPrep.
However, they are not evident in delivering price risk. Other limits include stop-loss limits and

notional limits.

Risk Management Implementation

Risk management involves choosing the right instruments, coming up with the day to day

decisions, and establishing oversight authority. Consider risk hedging, for instance.

Access to all relevant information, data, and statistical tools are required to frame a strategy for

hedging. The risk management team should know the background of the statistical tools being

employed to create hedges. The nature of strategy, i.e., static or dynamic, is an important

decision. Static strategies are more of a hedge and forget kind of strategies, where a hedge is

placed almost exactly to match the underlying exposure. This hedge remains in place till the

exposure ends. Dynamic strategies require more managerial effort and involve a sequence of

trades that are used to offset the exposure as nearly as possible. Moreover, dynamic strategies

may result in higher transaction costs and require monitoring of positions closely. Proper

implementation and communication are the key requirements for the success of any hedging

strategy.

The horizon for the hedging position and accounting considerations related to the hedge often

has important implications for the way the strategy is planned. Accounting rules require that

marked-to-market profit or loss be duly recorded if the position in a derivative and underlying

asset are not perfectly matched with regards to dates and quantities. Tax laws vary among

countries, and there are differences in tax laws for different derivatives.

Regular Re-evaluation

Risk management should be regularly re-evaluated to make sure changes in the performance.

These include risk appetite, business activities, new instruments, and cost-benefit analysis.

The evaluation of the risk management system is necessary, and an assessment of overall

objective realization should be made. Consider and hedging strategy. Hedging refers to the

27
© 2014-2020 AnalystPrep.
reduction of risk, and it does not imply a profit or a loss. A party that has successfully

implemented a hedge may as well run into a loss. For example, if a long forward position on the

price of a crop is taken, the realized rate of yield may be higher, thus will implying a loss.

Although the hedge was placed to get rid of the volatility in the price, it would not guarantee a

profit. A risk manager should be able to manage transaction costs, inclusive of taxes. Thus, the

whole risk management process should be limited within the budget constraints set out prior to

the hedge being placed. Based on the evaluation, the board of directors may address and change

the policies in place and oblige to the regulatory requirements.

28
© 2014-2020 AnalystPrep.
Question

Which of the following best describes the risk capacity?

A. The amount of risk the firm is willing to accommodate

B. The total amount of risk that a firm can accommodate without becoming insolvent

C. The current level of risk to which the firm is exposed

D. None of the above

Solution

The correct answer is B.

Recall that, risk capacity is the highest level of risk that a firm can handle. This

implies that it is the highest amount of risk a firm can handle without running

insolvent.

Option A is incorrect because it describes the risk appetite.

Option C is incorrect because it describes the risk profile of a firm.

29
© 2014-2020 AnalystPrep.
 Reading 3: The Governance of Risk Management

After completing this reading, you should be able to:

Explain changes in corporate risk governance that occurred as a result of 2007-2009

financial crisis.

Compare and contrast best practices in corporate governance with those of risk

management.

Assess the role and responsibilities of the board of directors in risk governance.

Evaluate the relationship between a firm's risk appetite and its business strategy,

including the role of incentives.

Illustrate the interdependence of functional units within a firm as it relates to risk

management.

Assess the role and responsibilities of a firm's audit committee.

Corporate governance can be defined as the way the firms are run. That is, corporate

governance postulates the roles and the responsibilities of a company's shareholders, a board of

directors, and senior management. The relationship between corporate governance and the risk

has become fundamental since the 2007-2009 financial crisis. The critical questions to be

answered in the following text are about the relationship between corporate governance

practices and risk management practices, the organization of risk management authority

through committees, and the transmission of risk limits to lower levels so that they can be

observed in daily business decisions.

Lack of transparency, lack of correct and sufficient information about economic risks, and a

breakdown in the transmission of relevant information to the board of directors are some of the

leading causes of corporate failures in nonfinancial as well as financial sectors in 2001-03 and

2007-09. The subprime crisis was caused by the relegation of risk management activities in the

boom years. The risk associated with structured financial products was almost ignored, and this

resulted in failed institutions and a global financial crisis.

30
© 2014-2020 AnalystPrep.
The post-discussion of corporate governance includes some key issues, especially in the banking

industry. These include the composition of the board, the risk appetite, compensation, and the

stakeholder priority.

Risk appetite

The regulators have forced banks to come up with formal and board-approved risk appetite that

reflects the firm's willingness to accommodate risk without the risk of running insolvent. This

can be amplified to enterprise risk limits while engaging the board.

The boards have been tasked with the responsibility to cap overcompensation settings. The

payment structure should capture the risk-taking adjustment to capture the long-term terms'

risks. A good example is where some banks have limited the bonus compensation schemes and

also introduce delayed bonus structures.

Board composition

The financial crisis led to a discussion on the independence, engagement, and financial industry

skills of the firm's board. However, statistical analysis on the failed banks does not show any

correlation between the prowess of a bank and the predominance of either the insiders or

outsiders.

Stakeholder Priority

The analysis of the 2007-2009 financial crisis led to the realization that there was little attention

to controlling the tail risks and worst-case scenarios. This has led to discussions on the

stakeholders of a bank and their impact on corporate governance.

Board Risk Oversight

After the crisis, the significance of the boards being proactive in risk oversight became a

significant issue. Consequently, the boards have been educated on the risks and the direct

31
© 2014-2020 AnalystPrep.
relationship of the risk management structure, such as delegating CRO's power to report to the

board directly.

The Infrastructure of Risk Governance

A clear understanding of business strategies and associated risks and returns is necessary for

risk governance. The risks associated with business activities should be made transparent to the

stakeholders. Appropriate risk appetite should be set for the firm, and the board should oversee

the managerial operations and strategy formulation process. There should be an involvement of

risk management in business planning, and risks associated with every target should be

adequately assessed to see if they fit into the firm's risk appetite. The choices in risk

management are as follows:

Scrapping activities to avoid the risk

Reducing risk exposure by hedging/buying insurance

Risk mitigation, for example, reduction of operational risks by control measures

Accepting risks to generate values for the shareholders.

32
© 2014-2020 AnalystPrep.
Risk management strategies should be directed to impact economic performance rather than

accounting performance. Policies, directives, and infrastructure related to risk management

should be appropriately placed in a firm. The seriousness of a firm about its risk management

process can be gauged by assessing the career path in the risk management division of the firm,

the incentives awarded to the risk managers, the existence of ethics within the firm, and the

authority to whom the risk managers report.

The Board and the Corporate Governance

The primary responsibility of the board of directors is:

To steer the firm according to the interests of the shareholders. Other stakeholders like

the debt holders are, also, to be kept in mind while making strategies at the corporate

level. The assumption of particular risks to attain projected returns should be weighed

against the sustainability of the profits from such activities. Agency risks, i.e., the

33
© 2014-2020 AnalystPrep.
 conflict of interests between the management and the stakeholders, should be avoided

at all costs. For example, managers may turn to short term profit making while

assuming long-term risks, so that they may make some bonus. Corporate governance

roles should be independent of the roles of the executive, i.e., the board and the CEO

should act independently of each other. Chief risk officers have been put to task in

many corporations to integrate corporate governance and risk management activities.

The board should make sure that staff gets rewarded according to their risk-adjusted-

performance—this checks fraud related to financial manipulation and stock price boost.

The board should check the quality and reliability of information about risks, and it

should be able to assess and interpret the data. This ensures that all the risk

management related operations are aligned to value creation for shareholders.

The board should be educated on risk management and should be able to determine

the appropriate risk appetite for the firm. There should also be an assessment of risk

metrics over a specified time horizon that the board may set. Some technical

sophistication is required to build clear strategies and directives in relation to crucial

risk disciplines. A risk committee of the board should be qualified enough to handle

these technicalities. It should also be separated from the audit committee on the

grounds of differences in skills and responsibilities.

The Transition of Corporate Governance to Best-Practice Risk

Management

As stated earlier, the 2007-2009 financial crisis reflected the weakness in the risk management

and oversight of the financial institutions. Consequently, the post-crisis regulatory has

emphasized on risk governance with an aim to check both the financial risks.

Risk governance is all about coming with an organizational structure to address a precise road

map of defining, implementing, and authoritative risk management. Moreover, it touches on the

transparency and establishment of channels of communication withing which an organization,

stakeholders, and regulators engage.

34
© 2014-2020 AnalystPrep.
For instance, the board directors have a responsibility for shaping and authority in risk

management. Being one of the risk governances, the board director has a duty to analyze the

major risk and rewards in a chosen firm's business strategy.

In other words, the risk governance must ensure that it has put a sound risk management system

in place to enable it to expand its strategic objectives within the limits of the risk appetite.

The Risk Appetite Statement (RAS)

A statement of risk appetite is one of the critical components of corporate governance. RAS

contains a precise aggregated amount and types of risks a firm is willing to accommodate or

avoid to achieve its business objectives.

Clear articulation of the risk appetite for a firm helps in maintaining the equilibrium between the

risks and return, cultivating a positive attitude towards the tail and even risks, and attaining the

desired credit rating.

The RAS should contain the risk appetite, and the risk tolerance measures the maximum amount

of risks taken at the business level as well as enterprise risk. Moreover, it should be the

relationship between the risk appetite, the risk capacity, the risk profile, and the risk tolerance.

35
© 2014-2020 AnalystPrep.
Risk tolerance is the number of acceptable results relative to business objectives (dotted line on

the diagram above). Risk tolerance is a tactical measure of risk, while the risk appetite is the

aggregate measure of risk. Note that the risk appetite is below the risk capacity of a firm. A firm

operating within the risk tolerance can attain the risk-adjusted return objectives relative to the

amount of risk.

Implementation of the Board-Level Risk Governance

In the banking industry, the board of directors charges the committees like risk management

committees, among others with ratifying policies and directives for activities related to risk

management. The committees frame policies related to division level risk metrics in relation to

36
© 2014-2020 AnalystPrep.
the overall risk appetite set by the board. They also look after the effective implementation of

these policies.

Role of Audit Committee of the Board

Audit committee's responsibility is:

To look into the accuracy of financial and regulatory reporting of the firm and the

quality of processes that underlie such activities.

It also ensures that a bank complies with standards in regulatory, risk management,

legal, and compliance activities.

The audit committee verifies the activities of the firm to see if the reports outline the

same.

The members should ideally be nonexecutives to keep the audit committee clear from executive

influence. The audit committee should interact with the management productively and should

keep all channels of communication open.

The Role of the Risk Advisory Director

There may be a few nonexecutives in the board of directors, who may not have the necessary

expertise to understand the technicalities behind risk management activities of a sophisticated

firm. In this case, executives may dominate the nonexecutives, and this may lead to corporate

scandals. Training programs and support systems may be put in place to the aid of such

nonexecutives. Another method is to have a specialist in risk management as a risk advisory

director on the board. Its functions are:

The risk advisory director would oversee risk management policies, reports, risks

related to the overall business.

Mitigation of risks like credit risk, market risk, etc. The risk advisory director should be

37
© 2014-2020 AnalystPrep.
 familiar with financial statements and accounting principles.

The risk advisory director should oversee financial reporting and the dealings between

the firm and its associates, including issues like intercompany pricing, transactions,

etc.

The risk advisory director should look into the requirements from regulatory agencies

and should lay appropriate directives for the firm to comply with the requirements.

Participation in audit committee meetings, outlining risk profiles of strategic business

segments, sharing insights into corporate governance and risk management policies,

and overseeing the conduct of business.

The Role of the Risk Management Committee

The risk management committee in a bank independently reviews different forms of risks like

liquidity risk, market risk, etc. and the policies related to them. The responsibility of approving

individual credits also usually rests with the risk management committee. It monitors securities

portfolios and significant trends in the market as well as breakdowns in the industry, liquidity

crunch, etc. It reports to the board about matters related to risk levels, credits, and it also

provides opportunities for direct interaction with the external auditor, management committees,

etc.

The Role of the Compensation Committee

Its responsibility is to determine the compensation of top executives. Since the CEO could

convince the board to pay the executives at the expense of shareholders, compensation

committees were put in place to check such occurrences. In the previous decade, compensation

based on short-term profits, without much concern about long-term risks, have sealed the fate of

many institutions. Since then, compensation based on risk-adjusted performance has gained

recognition. Such compensation helps in aligning business activities with long-term economic

profitability.

38
© 2014-2020 AnalystPrep.
Various caps have also been put in place on the bonuses of executives across the world, to

prevent reckless risk-bearing attitude while eying for the upside but bearing no responsibility for

the downside of the risky activity. Stock-based compensation may encourage risk-taking as the

upsides are not capped while the downsides are. For making employees concerned about the

financial health of the firm, they may be made the creditors of the firm by providing

compensations in forms of bonds. For example, UBS has adopted such a strategy.

The Risk Appetite and the Business Strategy

Many firms wish to examine how the regular activities of a firm run within the confines of the set

risk appetite and limits defined by the board and executive committees. The process of

examining the firm's risk appetite include:

Risk approval by the board risk committee: The board risk committee approves the risk

appetite statement on an annual basis.

The firm's senior management (such as CEO and CRO) are tasked by the board to

implement the risk appetite framework.

With the approval from the board, the senior management comes up with the limiting

financial risk parameters (for example, credit risk) and nonfinancial risk (for instance,

operational risk) excited by the firm. At this point, the subcommittees can be set up to

deal with each risk-type independently.

After setting the risk limit, the senior risk committee then reports the outcome to the

board risk committee accompanied by the recommendations on the total risk

acceptable, which again subject to the board risk committee's consideration and

approval.

The Role of the Chief Risk Officer (CRO)

The CRO is a member of the risk committee whose responsibilities are:

39
© 2014-2020 AnalystPrep.
 Designing the risk management program of the firm;

Risk policies, analysis dimensions, and methodologies;

Risk management infrastructure and governance in the firm;

Monitoring the firm's risk limits set by the senior risk management; and

In many financial institutions such as banks, the CRO is an intermediary between the

board and the management. The CRO keeps the board informed on the firm's risk

tolerance and condition of the risk management infrastructure and informs the

management on the state of the risk management.

The Role of Incentive

As realized in the global crisis, the executive compensation schemes at many financial

institutions motivated short-run risk-taking, leading to management ignoring the long-term risks.

That is, the bankers were rewarded based on short-run profits. Consequently, it led to the

formation of the compensation committee to cap executive compensation. This prevents a

scenario where the CEO can convince the board member to compensate themselves at the

expense of other shareholders.

The compensation is part of the risk culture of a firm. Thus, it should be made in accordance

with the long-term interest of the shareholders and other stakeholders and the risk-adjusted

return on the capital.

For instance, the central bank governors and the finance ministers of the G-20 countries met in

September 2009 to discuss the framework for financial stability, one of which is reforms on

compensation. The reforms included:

Scrapping of the multi-annual guaranteed bonuses;

Controlling the amount of variable compensation given to the employees with respect

to total net revenues;

40
© 2014-2020 AnalystPrep.
 Promoting transparency through disclosure;

Recognizing the interdependence of the compensation committee to ensure that they

work either respect to performance and risk; and

The inclusion of the executive downside exposure by deferring an appropriate

compensation, the implementation of the share-based incentives, and the introduction

of the claw back mechanism where the bonuses are reimbursed if the longer-term

losses are incurred after the bonuses are made.

The Interdependence of Organizational Units in Risk

Governance

Primary responsibility is put on the firm's staff to implement the risk management at all scopes

of the firm. The executives and the business lines managers should work collaboratively to

manage, monitor, and report the various types of risk being undertaken. The figure below

illustrates the risk management lows and divided by various management functions.

41
© 2014-2020 AnalystPrep.
Limits and Limit Standard Policies

A firm should set appropriate limits for each type of risk associated with each portfolio in the

business, as well as for the entire business. This enables the firm to steer business strategies

appropriately so that it conforms to the risk appetite set by the board. Market risk limits are set

to control risks arising from fluctuation in asset prices. Credit risk limits control the number of

defaults and deterioration in the quality of loans etc. Appropriate risk limits may be set for

liquidity risks and asset management risks as well.

The process by which the limits are established should be documented since each limit depends

on the scale and sophistication of the firm's activities. Risk metrics like VaR are implemented to

express risks of portfolios in normal market conditions, although they don't serve the purpose in

42
© 2014-2020 AnalystPrep.
extreme market conditions. Worst case scenario analysis and stress testing should be done to

figure out strategies for countering extreme conditions.

Mostly, two types of limits are employed by firms:

Tier 1 limits: These include the overall limit for each asset class, overall stress test

limit, and total loss if the peak limit is realized; and

Tier 2 limits: These cover authorized business and concentration limits; for example,

risks by industry, credit class, etc.

In the normal course of events, risk limits should not be fully utilized. In typical markets,

exposures of about 85% of risk limits should be acceptable.

Standards for Monitoring Risk

Let's take the example of market risk. While monitoring market risk, all the positions, with

exposure to market risk, should be valued daily. There should be a preparation of P&L

statements by units independent of traders, and the reports should be provided to the senior

management. Further, there should be verification of all the assumptions underlying the models

used to price transactions and to value positions. Compliance with risk policy should be duly

measured and monitored so that any breach of limits may be escalated in time. Impacts of

significant market or credit risk changes should be determined by stress testing, and there

should be an evaluation of how closely the values of portfolios, as predicted by risk models,

follow the actual costs. Although data from the front office can be used in analyses, where

timeliness is required, the data used in limit monitoring should be independent of the front

office, should be reconciled with the books of the bank to ensure their integrity, should allow for

proper risk measurements, and should be taken from consolidated feeds.

There should be an explicit instruction that reports related to the potential breach of risk limits

should be handed over to the management well in advance of the breach. The risk committees

should then decide whether to increase the limits temporarily based on the merits of the project.

A breach in tier 1 risk limits should be dealt with immediately while a tier 2 risk limit breach can

43
© 2014-2020 AnalystPrep.
be dealt with slightly less quickly. All such limit excesses should be reported in the excess daily

report. Relaxation of limits should be done after careful consideration of opportunity costs of

limits.

The Role of the Audit Function

The audit function is responsible for an independent assessment of the framework and

implementation of risk management. It reports to the board about the strategies of business

managers and executives, and whether these strategies are in line with the board's expectations.

Regulatory guidelines require audit groups to monitor the adequacy and reliability of

documentation, the effectiveness of the risk management process, etc. For example, if market

risk is under consideration, auditors are required to assess the process by which derivative

pricing models are examined, changes in measures for quantifying risks, and scope of risks

captured by the models in use. The integrity and independence of position data should also be

examined.

There should be an evaluation of the design and conceptual soundness of risk metrics and

measures, and that of stress testing methodologies. The risk management information system,

including the process of coding and implementing models, should also be checked and evaluated.

The same would include the examination of controls over market position data capture and that

over the process of parameter estimation. The audit function reviews the design of the financial

rates database, which is used to generate parameters for VaR models, and things like risk

management system upgrade, adequacy of application controls in risk management information

system, etc. Documentation related to compliance should be examined, and the audit function

should independently assess VaR reliability. The guidelines for the audit function are provided in

the International Professional Practices Framework (IPPF). The audit should, essentially, be

independent of operational risk management. This ensures that the assessment done by the audit

function is reliable.

Conclusion

44
© 2014-2020 AnalystPrep.
It is not possible to control the financial health of a firm without an excellent risk management

function and appropriate risk metric. Historically, many corporate failures have been associated

with the relegation of risks, which would turn fatal later. An important example of this is the

subprime crisis in the United States. Therefore, a clear risk management policy should guide the

strategies of the firm, and appropriate risk appetite should limit the exposures of the firm. Such

directives make it easy for the executives down the business line to understand their role in the

risk management activity.

The risk committees should participate in framing risk management methodologies, and they

should have appropriate knowledge of all the risks as well as their metrics so that they can

clearly understand the risk reports. A careful delegation of authorities and responsibilities to

each risk management mechanism should ensure that all the gaps are filled, and all the activities

are complementary to each other. After taking risk into account, risk measures like VaR,

economic capital, etc. can be used to set risk limits, and also be used to determine the

profitability of various business lines.

Risk infrastructure can be used as a tool in the analysis and pricing of various deals. It can also

be used to formulate incentive compensation schemes so that business decisions and strategies

are aligned with risk management decisions.

45
© 2014-2020 AnalystPrep.
Question

Which of the following statements best describes the role of the board in risk

management?

A. Issuing guidelines on how to manage risks

B. Developing the risk appetite statement and objectives the managers should strive

to meet within the risk management framework.

C. Regularly reviewing decisions made by managers regarding risk exposures

D. Choosing the risk exposures to hedge, the risks to mitigate, and those to avoid

altogether

Solution

The correct answer is: B

The board sits above the managers in the hierarchy of management in most for-profit

organizations. It is the board that assembles and develops a comprehensive risk

appetite statement, specifying the risks the company should assume and those to

avoid, including the preferred methods of risk mitigation. The managers consult the

risk appetite statement when choosing the projects to undertake.

46
© 2014-2020 AnalystPrep.
 Reading 4: Credit Risk Transfer Mechanisms

After completing this reading, you should be able to:

Compare different types of credit derivatives, explain how each one transfers credit

risk and describe their advantages and disadvantages.

Explain different traditional approaches or mechanisms that firms can use to help

mitigate credit risk.

Evaluate the role of credit derivatives in the 2007-2009 financial crisis and explain

changes in the credit derivative market that occurred as a result of the crisis.

Explain the process of securitization, describe a special purpose vehicle (SPV), and

assess the risk of different business models that banks can use for securitized products.

Overview of Credit Risk Management

Lending is undoubtedly one of the most profitable investment avenues for banks. Traditionally,

banks take short-term deposits and pool them together to provide long-term loans. However,

these loans introduce credit risk – the possibility that the funds disbursed may not be recovered

following an event of default by the borrower. There are several ways used by banks to deal with

credit risk exposure. Banks can

Accept the risk, where the bank simply provides loans and takes no further action

Avoid the risk, which means the bank turns down credit applications

Reduce the risk by taking measures that eliminate at least part of the exposure, for

example by adopting a rigorous screening process at the application stage

Transfer the risk to some other entity or person (collectively referred to as the

counterparty)

In this chapter, we will extensively look at various methods used by banks to transfer credit

47
© 2014-2020 AnalystPrep.
risk exposure.

The Role of Credit Derivatives in the 2007-2009 Financial

Crisis

Risk transfer among banks began in earnest towards the end of the 20th century. Indeed, onetime

Federal Reserve Chairman Allan Greenspan is on record admitting that credit derivatives and

securitizations represent the main reason why the United States banking system emerged from

the 2001-2002 economic slowdown largely unscathed. Some of the instruments that had been in

use at the time included credit default swaps, collateralized debt obligations, and collateralized

loan obligations.

In the aftermath of the 2007/2009 financial crisis, however, credit derivatives took a significant

share of the blame. It has since emerged that the problem was not the instruments themselves

but how they were used. While some of these instruments virtually disappeared from the market

in the years following the crisis, others continued to thrive. In particular, the CDS and CLO

markets remained robust and are still being used widely by banks to manage and transfer credit

risk. The very complex instruments, such as collateralized debt obligations squared (CDOs-

squared) and single-tranche CDOs, are unlikely to be revived. In recent years, new credit risk

transfer mechanisms have also emerged.

Types of Credit Risk Derivatives

Credit derivatives are financial instruments that transfer the credit risk of an underlying

portfolio of securities from one party to another party without transferring the underlying

portfolio. They are usually privately held, negotiable contracts between two parties. A credit

derivative allows the creditor to transfer the risk of the debtor’s default to a third party.

Credit derivatives are over-the-counter instruments, meaning that they are non-standardized,

and the Securities and Exchange Commission regulations do not bound their trading.

The main types of credit derivatives include:

48
© 2014-2020 AnalystPrep.
 Credit default swaps

Collateralized debt obligations

Collateralized loan obligations

Total return swaps

Credit spread swap options

Credit Default Swaps (CDS)

In a CDS, one party makes payments to the other and receives in return the promise of

compensation if a third party defaults.

Example:

Suppose Bank A buys a bond issued by ABC Company. In order to hedge the default of ABC

Company, Bank A could buy a credit default swap (CDS) from insurance company X. The bank

keeps paying fixed periodic payments (premiums) to the insurance company, in exchange for the

default protection.

Debt securities often have longer terms to maturity, sometimes as much as 30 years. It is very

difficult for the creditor to come up with reliable credit risk estimates over such a long

investment period. For this reason, credit default swaps have, over the years, become a popular

risk management tool. As of June 2018, for example, a report by the office of the U.S.

Comptroller of the Currency placed the size of the entire credit derivatives market at $4.2

trillion, of which credit default swaps accounted for $3.68 trillion (approx. 88%).

Like other derivatives, the payoff of a CDS is contingent upon the performance of an underlying

instrument. The most common underlying instruments include corporate bonds, emerging

market bonds, municipal bonds, and mortgage-backed securities.

The value of a CDS rises and falls as opinions change about the likelihood of default. An actual

event of default might never occur. A default event can be difficult to define when dealing with

CDSs. Although bankruptcy is widely seen as the “de facto” default, there are companies that

49
© 2014-2020 AnalystPrep.
declare bankruptcy and yet proceed to pay all of their debts. Furthermore, events that fall short

of default can also cause damage to the creditor. These events include late payments or

payments made in a form different from what was promised. Trying to determine the exact

extent of damage to the creditor when some of these events happen can be difficult to determine.

CDSs are designed to protect creditors against such credit events.

Advantages of CDSs

CDSs can serve as shock absorbers during a corporate crisis. As happened during the

2001/2002 economic slowdown in the U.S., many creditors from firms such as

Worldcom and Enron had transferred the risk, and as a result, these corporate scandals

did not spread into the banking sector.

CDS contracts ultimately result in more liquidity (access to capital) since banks have

an incentive to lend more at favorable terms.

The pricing of credit default swaps serves as evidence of the prevailing financial health

of the debtor. When used alongside credit ratings, CDSs offer an opportunity further to

improve market information about the creditworthiness of the debtor.

Disadvantages of CDSs

Speculators may increase trading on a CDS resulting in an increase in the CDS

premium concerning a given entity. Such an entity could face increased borrowing

rates if it tries to access the financial markets for a loan. For sovereign name CDS

contracts (where the borrower is a sovereign country), high premiums may force

investors to stay away or switch investments to avoid losses.

The termination event (i.e., default event) may not be specified, and even if a clear

definition exists, the credit protection seller may find it difficult to price some events.

CDS contracts can be abused and manipulated, creating the illusion that the protection

buyer is protected when, in fact, they are not.

Example: Assume that we have five parties – A, B, C, D, and E. We assume

50
© 2014-2020 AnalystPrep.
 that party B buys protection from party C for the loan made to party A, but C

also transfers this risk to party D, and D does the same and buys protection

from monoline insurer E. In this scenario, there are three individual

agreements made, but economically, only the last buyer (the monoline

insurer) bears the ultimate risk. Most important, the gross notional amount is

inflated for three times more than the aggregate net exposure.

The participation of banks in the CDS market can introduce a moral hazard in the

sense that the CDS (which is an insurance policy against default) may result in laxity in

credit monitoring. Take the case of Enron. For example, several lenders had debt

exposure to Enron, and to protect their investments, the banks bought a massive

amount of insurance in the form of CDSs. It is estimated that about 800 swaps were

bought to insure $8 billion on Enron’s risk. By so doing, the banks neglected their

specialty for monitoring, despite having the necessary tools and access to Enron’s

financial system.

Collateralized Debt Obligations

Collateralized debt obligations (CDOs) are structured products created by banks to offload risk.

The first step entails forming diversified portfolios of mortgages, corporate bonds, and various

other assets. These portfolios are then sliced into different tranches that are sold to investor

groups having different risk appetites.

51
© 2014-2020 AnalystPrep.
The safest tranche is also known as the senior tranche. It offers the lowest interest rate, but it

is the first to receive cash flows from the underlying asset portfolio. The middle tranche offers

a slightly higher interest rate and ranks just below the senior tranche. It takes the second spot

during cash flow distribution. The most junior tranche, also called the equity tranche, offers the

highest interest rate but ranks last during cash flow distribution. It is also the first tranche to

absorb any loss that may be incurred. The amount available for distribution to the equity (junior)

tranche is whatever is left from the two other tranches less management fees. These fees can

range from 0.5% to 1.5% annually.

Investors in these tranches can protect themselves from default by purchasing credit default

swaps. The CDS guarantees a pre-specified compensation if a given tranche defaults. In turn, the

investors must make regular payments to the credit protection seller (writer of the CDS).

Each tranche is assigned its credit rating, except the equity tranche. For instance, the senior

tranche is constructed to receive an AAA rating. Highly rated tranches are sold to investors, but

the junior ranking ones may end up being held by the issuing bank. That way, the bank has an

incentive to monitor the underlying loans.

Example: Calculating Cash Flows for CDO Tranches

Let us assume there is a $100 million collateral portfolio that is composed of debt at 6%. To pay

for this collateral, the CDO is divided into three tranches:

$85m of Class A securities, with a credit rating of AAA, senior debt paying 5.0%

$10m of Class B securities, with a credit rating of BBB, mezzanine debt paying 9.0%

$5m of Class C securities (equity tranche)

In this scenario, the $85m of Class A would pay out $4.25m (= $85m x 5.0%) in interest each

year, Class B pays out $0.9 ($10m x 9.0%). Of the remaining $0.85m ($6m - $4.25m - $0.9m),

$0.2m is used to pay for fees, leaving the equity holders with a return of 13% ($0.65m/$5m).

Advantages of CDOs

52
© 2014-2020 AnalystPrep.
 When used responsibly, CDOs can be excellent financial tools that can increase the

availability and flow of credit in the economy. By selling CDOs, banks can free up

more funds that can be lent to other customers.

CDOs take into account the different levels of risk tolerance among investors. An

investor without much of a risk tolerance could buy the senior tranche of a CDO, which

represents the highest-quality loans. On the other hand, an investor with higher risk

tolerance could buy the junior tranche that’s backed by somewhat riskier loans.

Collateralized debt obligations allow banks to transform relatively illiquid security (a

single bond or loan) into relatively liquid security.

Disadvantages of CDOs

CDOs can result in relaxed lending standards among banks, as happened in the run-

up to the 2007/2009 financial crisis. Most of the CDOs sold at the time were composed

of mortgage loans made to borrowers with questionable Banks were not so keen to

establish accurate and reliable borrower profiles because they would repackage and

sell the mortgages to third parties, essentially taking the risk of default off their books.

Market fears can result in a near standstill in trading, thereby creating a liquidity

problem and financial loss for the investor. In the run-up to the 2007/2009 financial

crisis, the CDOs market grew at an astonishing rate, particularly because there was an

overly positive forecast of the mortgage market. It was expected that home prices

would continue going up indefinitely. So, when prices stopped going up, defaults

skyrocketed, and panic set in. All of a sudden, banks stopped selling CDOs, and the

housing market plunged. As CDOs dropped in value, billions were lost by investors,

including pension funds and corporations.

Collateralized Loan Obligations

A collateralized loan obligation is similar to a collateralized debt obligation, except that the

underlying debt is of a different type and character—a company loan instead of a mortgage. The

53
© 2014-2020 AnalystPrep.
investor receives scheduled debt payments from the underlying loans, bearing most of the risk if

borrowers default.

As with CDOs, CLOs use a waterfall structure to distribute revenue from the underlying assets.

The structure dictates the priority of payments when the underlying loan payments are made. It

is also indicative of the risk associated with the investment since investors who are paid last

(equity holders) have a higher risk of default from the underlying loans.

CLOs have the same set of advantages and disadvantages as CDOs.

Total Return Swap

A total return swap is a credit derivative that enables two parties to exchange both the credit

and market risks. In a total return swap, one party, the payer, can confidently remove all the

economic exposure of the asset without having to sell it. The receiver of a total return swap, on

the other hand, can access the economic exposure of the asset without having to buy it.

For example, consider a bank that has significant (but risky) assets in the form of loans in its

books. Such a bank may want to reduce its economic exposure concerning some of its loans

while still retaining a direct relationship with its customer base. The bank can enter into a total

return swap with a counterparty that desires to gain economic exposure to the loan market.

What happens is that the bank (payer) pays the interest income and capital gains coming from its

customer base to these investors. In return, the counterparty (receiver) pays a variable interest

rate to the bank and also bears any losses incurred in the loan.

54
© 2014-2020 AnalystPrep.
Advantages of Total Return Swaps

The TRS allows one party (receiver) to derive the economic benefit of owning an asset

without putting that asset on its balance sheet and allows the other party (payer),

which does retain that asset on its balance sheet) to buy protection against loss in the

asset’s value. This makes TRSs one of the most preferred forms of financing for hedge

funds and special purpose vehicles.

Disadvantages of Total Return Swaps

TRSs carry counterparty risk. To see how this manifests, consider a TRS between a

bank (payer) and a hedge fund (receiver). Any decline in the value of the underlying

loans will result in reduced returns, but the fund will have to continue making regular

payments to the bank. If the decline in the value of assets continues over a significant

period, the hedge fund could suffer financial strain, and the bank will be at risk of the

fund’s default. That hedge funds almost always operate with much secrecy only serves

to heighten default risk.

TRSs are exposed to interest rate risk. The payments made by the total return

55
© 2014-2020 AnalystPrep.
 receiver are often equal to LIBOR plus a spread. An increase in LIBOR during the

agreement increases the payment due to the payer, while a decrease in LIBOR

decreases the payments to the payer.

Credit Default Swap Option

A credit default swap option (CDS option), also known as a credit default swaption, is an option

on a credit default swap. It gives its holder the right, but not the obligation, to buy or sell

protection on a specified reference entity for a specified future period for a certain spread.

CDS options can either be payer swaptions or receiver swaptions.

A payer swaption gives the holder the right to buy protection (pay premiums)

A receiver swaption gives the option holder the right to sell protection (receives

premiums)

Traditional Approaches that Firms can Use to Help Mitigate

Credit Risk.

Banks use several ways to reduce their exposure to credit risk—both on an individual name and

an aggregate basis. Such credit protection techniques include the following:

Insurance

Credit Risk insurance is a critical risk-mitigation technique when protecting against a bad debt

or slow payments that are not in line with the initial agreement. If the counterparty cannot pay,

as a result of a host of issues such as insolvency, political risk, and interest rate fluctuations, the

credit insurer will pay. By the principle of subrogation, the insurer can then pursue the

counterparty for payment. When insurance is sought on an individual obligor basis, this is

termed guarantee.

Netting

56
© 2014-2020 AnalystPrep.
Netting is the practice of offsetting the value of multiple positions or payments due to be

exchanged between two or more parties. Netting entails looking at the difference between the

asset and liability values for each counterparty involved, after which the party that is owed is

determined. For netting to work, there must be documentation that allows exposures to be offset

against each other.

Netting frequently occurs when companies file for bankruptcy. The entity doing business with

the defaulting company offsets any money they owe the defaulting company with money that’s

owed them. The parties then decide how to settle the amount that cannot be netted through

other legal mechanisms.

Marking-to-Market/Margining

This refers to the settlement of gains and losses on a contract daily. It avoids the accumulation

of large losses over time, something that can lead to a default by one of the parties. As with

netting, an agreement has to be in place allowing counterparties to periodically revalue a

position and transfer any net value change between them so that the net exposure is minimized

Termination

Termination describes a situation where parties come up with trigger clauses in a contract that

gives the counterparty the right to unwind the position using some predetermined methodology.

Trigger events may include:

A rating downgrade

Exceedance of a borrowing/leverage limit

Performance below a specified threshold

The Securitization Process

Historically, banks used to originate loans and then keep them on their balance until maturity.

That was the originate-to-hold model. With time, however, banks gradually and increasingly

57
© 2014-2020 AnalystPrep.
began to distribute the loans. By so doing, the banks were able to limit the growth of their

balance sheet by creating a somewhat autonomous investment vehicle to distribute the loans

they originated. This is known as the originate-to-distribute business model.

From the perspective of the originator, the OTD model has several benefits:

It introduces specialization in the lending process. Functions initially designated for a

single firm are now split among several firms.

It reduces banks’ reliance on the traditional sources of capital, such as deposits and

rights issues.

It introduces flexibility into banks’ financial statements and helps them diversify some

risks.

To borrowers, the OTD model leads to an expanded range of credit products and reduced as well

as from the borrowing costs.

The OTD model, however, has its disadvantages:

Allowing banks to hive off part of their liabilities can result in the relaxation of lending

standards and contribute to riskier lending. This implies that borrowers who previously

would be turned away - possibly because of poor credit history - are now able to access

credit.

By splitting functions among multiple firms, the model can make it difficult for

borrowers to renegotiate terms.

A direct result of the shift to the originate-to-distribute model is securitization, which involves

the repackaging of loans and other assets into new securities that can then be sold in the

securities markets. This eliminates a substantial amount of risk

(i.e., liquidity, interest rate, and credit risk) from the originating bank’s balance sheet when

compared to the traditional originate-to-hold strategy. Apart from loans, various other assets,

such as residential mortgages and credit card debt obligations, are often securitized.

58
© 2014-2020 AnalystPrep.
To reduce the risk of holding a potentially undiversified portfolio of mortgage loans, several

originators (financial institutions) work together to pool residential mortgage loans. The loans

pooled together have similar characteristics. The pool is then sold to a separate entity, called a

special purpose vehicle (SPV), in exchange for cash. An issuer will purchase those mortgage

assets in the SPV and then use the SPV to issue mortgage-backed securities to investors. MBSs

are backed by mortgage loans as collateral.

The simplest MBS structure, a mortgage pass-through, involves cash (interest, principal, and

prepayments) flowing from borrowers to investors with some short processing delay. Usually, the

issuer of MBSs may enlist the services of a mortgage servicer whose main mandate is to

manage the flow of cash from borrowers to investors in exchange for a fee. MBSs may also

feature mortgage guarantors who charge a fee and, in return, guarantee investors the

payment of interest and principal against borrower default.

59
© 2014-2020 AnalystPrep.
Reading 5: Modern Portfolio Theory (MPT) and the Capital Asset Pricing
Model (CAPM)

After completing this reading, you should be able to:

Explain modern portfolio theory and interpret the Markowitz efficient frontier.

Understand the derivation and components of the CAPM.

Describe the assumptions underlying the CAPM.

Interpret the capital market line.

Apply the CAPM in calculating the expected return on an asset.

Interpret beta and calculate the beta of a single asset or portfolio.

Calculate, compare, and interpret the following performance measures: the Sharpe

performance index, the Treynor performance index, the Jensen performance index, the

tracking error, information ratio, and Sortino ratio.

Exam tip: Be sure to understand the calculations behind the CAPM because there is a

strong likelihood you will be getting mathematical questions on this in your FRM part 1

exam.

Modern Portfolio Theory

Modern portfolio theory is attributed to Harry Markowitz, who postulated that a rational investor

should evaluate the potential portfolio allocations based on means and variances of the expected

return distributions.

Assumptions of the Modern Portfolio Theory

I. The capital markets are perfect. Perfect market implies that:

60
© 2014-2020 AnalystPrep.
 There are no transaction costs and taxes.

All market participants can access to available information without any cost.

There is perfect competition in the market.

II. The returns from the portfolios are normally distributed. This allows the characteristics of the

returns to be stated in terms of the mean and the variance.

Markowitz suggested that the size of investment made by an institution should be based on the

contribution of the assets to the entire portfolio's return (in terms of mean and return). The

assets' performance is not evaluated independently but rather with the performance of other

assets.

Portfolio diversification is one method of decreasing the risk exposure to each asset. Thus,

investors must be compensated for accepting the risk in each asset. Diversification enables the

maximization of the level of returns at any provided level of risk.

Markowitz Efficient Frontier

The Markowitz Efficient Frontier (or only efficient frontier) is a curved solid curve which a plot of

the optimal returns for each level of risk. Each point on the curve represents the maximum level

of portfolio return for a given level of risk.

61
© 2014-2020 AnalystPrep.
Now, consider the following efficient frontier.

62
© 2014-2020 AnalystPrep.
Portfolio P gives the best return for the same level of risk. Portfolio K is termed as suboptimal

since there are other portfolios (located on the vertical distance between the portfolio K and the

efficient frontiers) than can offer better returns for the same level of risk.

From the efficient frontier, it is easy to see that the expected return is increased by increasing

the amount of risk level of the portfolio and vice versa. The dotted line represents the most

inefficient portfolios; in this case, portfolio L. Inefficient portfolios implies that the investor

achieves the lowest level of return given any level of risk.

Portfolio M is termed as the market portfolio. The market portfolio assumes that the market

63
© 2014-2020 AnalystPrep.
attains the equilibrium and appropriately includes all the risky assets in the economy weighted

by their respective market values.

The Capital Asset Pricing Model (CAPM)

The Capital Asset Pricing Model, derived by Sharpe, Lintner, and Mossin, stipulates assumptions

regarding the market and how investors behave to enable the creation of an equilibrium model of

prices in the whole market. CAPM explains that the market equilibrium is attained when all

investors hold portfolios whose constituents are a combination of riskless asset and the market

portfolio.

Assumptions Underlying the CAPM

Assumptions of the CAPM model include:

There are no transaction costs

There are no taxes

Assets are infinitely divisible

Unlimited short-selling is permissible

All assets are marketable/liquid

Investors are price takers whose individual buy and sell transactions do not affect the

price

Investors' utility functions are based solely on expected portfolio return and risk

The only concern among investors are risk and return over a single period, and the

single period is the same for all investors.

Under these assumptions, the expected rate of return over a given holding time is given by:

64
© 2014-2020 AnalystPrep.
 E (R i ) = R f + βi (R m − Rf )

Where

E(R i ): the expected return of asset i over the holding period

R f : rate of return on the risk-free asset

R m: Expected market return over the holding period

βi: the Beta factor of the asset i

Note that (R m − Rf ) is the expected return per unit risk (beta) and βi (R m − Rf ) is the expected

return above the risk-free rate of return.

Interpreting Beta

Beta is a measure of the systematic risk associated with a particular stock, asset, or portfolio.

Systematic risk is the portion of risk that cannot be eliminated by any amount of diversification.

65
© 2014-2020 AnalystPrep.
A value of beta above 1 indicates a stock/asset/portfolio that has, historically, amplified the

return of the whole market (positive or negative). A beta close to zero would indicate a

stock/asset/portfolio that provides a more stable return than the market as a whole. A negative

beta would signify a stock/asset/portfolio whose performance is counter-cyclical, i.e., offsets the

overall market experience.

For company i:

Cov(i,m) σim
βi = =
σm
2 σm
2

Where σm is the variance of the market index and σi m the covariance between the individual

stock’s/asset’s return and that of the market.

Alternatively, by using the fact that:

Cov(i, m) σi m
Corr(i, m) = ρim = =
σi σm σi σm

66
© 2014-2020 AnalystPrep.
 ⇒ σim = ρim . σiσm

We can write:

σi
βi = ρim
σm

Where

ρim : correlation coefficient between returns of asset i and that of the market portfolio.

σi : standard deviation of asset i

σm : standard deviation of the market portfolio

Therefore, we can write:

R m − Rf
E(R i ) = R f + σi ρim ( )
σm

This is the equation of the security market line (SML). The equation implies that the expected

return on any asset is equivalent to a risk-free rate of return plus the premium. The SML implies

that the expected return on any asset can be expressed as the linear function of assets

covariance with the whole market.

Derivation of CAPM

The derivation of CAPM involves three major steps:

1. Recognize that investors are only compensated for bearing systematic risk, not specific

risks that can easily be diversified away. Beta is an appropriate measure of systematic

risk.

2. If we recognize that portfolio expected return is a weighted average of individual

expected returns and portfolio beta is a weighted average of the individual betas, then

we can show that portfolio return is a linear function of portfolio beta. And because

arbitrage prevents mispricing of assets relative to systematic risk, then an individual

asset's expected return is a linear function of its beta.

67
© 2014-2020 AnalystPrep.
 3. We can then use the risk-free asset and the market portfolio to solve for the intercept and

slope of the CAPM.

E (Ri ) = Rf + β (Rm − R f )

The Capital Market Line

The capital market line expresses the expected return of a portfolio as a linear function of the

risk-free rate, the portfolio's standard deviation, and the market portfolio's return and standard

deviation.

E (R m ) − R f
E (RC ) = R f + [ ] σC
σm

Where

E(R C ) is expected return of any portfolio on the efficient frontier

σC is the standard deviation of the return on portfolio C

E(R m ) is the expected return on the market portfolio

σm is the standard deviation of the return on the market portfolio

R f is the risk-free rate of return.

68
© 2014-2020 AnalystPrep.
The capital market return implies that the return on any portfolio is a linear function of its
E(Rm )−Rf
standard deviation. The variable [ ] is termed as the market price of risk or the risk
σm

premium.

Single-Index Performance Measurement Indicators

The Sharpe Performance Index (SPI)

The Sharpe ratio is equal to the risk premium divided by the standard deviation:

E (Rp ) − R f
SP I =
σ (RP )

Where:

69
© 2014-2020 AnalystPrep.
E (R p ) Indicates the portfolio’s expected return

R f Indicates the risk-free rate

σ (R P ) Indicates standard deviation of returns of the portfolio

The Sharpe ratio, or reward-to-variability ratio, is the slope of the capital allocation line (CAL).

The greater the slope (higher number), the better the asset. Note that the risk being used is the

total risk of the portfolio, not its systematic risk, which is a limitation of the measure. The

portfolio with the highest Sharpe ratio has the best performance, but the Sharpe ratio by itself is

not informative. In order to rank portfolios, the Sharpe ratio for each portfolio must be

computed.

A further limitation occurs when the numerators are negative. In this instance, the Sharpe ratio

will be less negative for a riskier portfolio resulting in incorrect rankings.

The Treynor Performance Index (TPI)

The Treynor measure (1965) of a portfolio is explained by the expression below.

E (R p ) − R f
TPI =
βp

Where:

E (R p ) Indicates the portfolio’s expected return

R f Indicates the risk-free rate

βp Indicates the beta of the portfolio

Treynor measures the risk premium per unit risk (Beta). As with the Sharpe ratio, the Treynor

ratio requires positive numerators to give meaningful comparative results and, the Treynor ratio

does not work for negative beta assets. Also, while both the Sharpe and Treynor ratios can rank

portfolios, they do not provide information on whether the portfolios are better than the market

portfolio or information about the degree of superiority of a higher ratio portfolio over a lower

70
© 2014-2020 AnalystPrep.
ratio portfolio.

The Jensen Performance Index (JPI)

Jensen's alpha (Jensen, 1968) is described as an asset's excess return over and above the return

predicted by CAPM.

Jensen’s measure of a portfolio = α p = E (Rp ) − [Rf + βp (E (R m ) − R f )]

Jensen's alpha is based on systematic risk. The daily returns of the portfolio are regressed

against the daily market returns to compute a measure of this systematic risk in the same

manner as the CAPM. The difference between the actual return of the portfolio and the

calculated or modeled risk-adjusted return is a measure of performance relative to the market.

If αp is positive, the portfolio has outperformed the market, whereas a negative value indicates

underperformance. The values of alpha can be used to rank portfolios or the managers of those

portfolios, with the alpha being a representation of the maximum an investor should pay for the

active management of that portfolio.

Relationships Between Treynor and Jensen Performance Indices

Denote the JPI by α p which is the y-intercept of the regression equation:

E (R p ) − Rf = α p + βp (E (R m ) − Rf )

Divide the equation above by βp to get:

E (Rp ) − Rf αp
= + (E (Rm ) − Rf )
βp βp

The left-hand side of the equation above is just TPI. So,

αp
Treynor Performance Index = T P I = + (E (Rm ) − R f )
βp

71
© 2014-2020 AnalystPrep.
 αp
For a greater performance, TP I > E (Rm ) − R f and thus > 0 . Also, βp > 0 for almost all assets
βp

and thus it must be true that α p > 0. From these results is evident to say that if a superior

performance is demonstrated by TPI, then is also the case for JPI and vice versa.

The Tracking-Error (TE)

Tracking error measures the difference between a portfolio's return and that of a benchmark

level, which was meant to be surpassed by the tracking error. We need to calculate the quantity:

T E = (RP − R B)

Where

R P : the return of the portfolio is considered

R B: Return on the benchmark portfolio

Another way of calculating the TE is to calculate the standard deviation of the difference in the

portfolio and the benchmark return:

∑ (RP − RB )2
TE = √
N −1

Where N is the number of periods under consideration.

The Information Ratio (IR)

The information ratio is similar to SPI only that it is the active return relative to the benchmark

portfolio divided by the standard deviation of the active return (RP − R B) :

E(R P − R B)
IR =
√V ar(R P − RB )

Where:

72
© 2014-2020 AnalystPrep.
R P =portfolio return and

R B=benchmark return

IR can be used in place of TE

The Sortino Ratio (SR)

The Sortino ratio is much like the Sharpe ratio, but there are two glaring differences:

The risk-free rate is replaced with a minimum acceptable return, denoted as R min

The standard deviation is replaced by a semi-standard deviation, which measures the

variability of only those returns that fall below the minimum acceptable performance.

The measure of risk is the square root of the mean squared deviation from T of those

observations in period t where R P t < T , else zero.

(E(RP ) − T
SR =
1 N
√ N ∑t=1 min(0 , R P t − T)2

Where T is the target or required rate of return (which can be risk-free rate or any other rate) for

an investment decision. It s also termed as the minimum acceptable rate of return (MAR).

73
© 2014-2020 AnalystPrep.
Question 1

Calculate the expected return for a security, given:

Rf = 5%

Std. dev. of security = 40%

Security correlation with market = 0.80

Std. dev. of market = 20%

Rm = 10%

A. 12%

B. 13%

C. 21%

D. 24%

The correct answer is B.

First, find Beta;

Beta = (0.80 x 0.40)/0.20 = 1.6

Next, use the CAPM model to find the expected return;

E(Ri) = 5% + 1.6(10% - 5%) = 13%

Question 2

Calculate the expected return from a portfolio which has 130% weight invested in the

risky asset, given:

74
© 2014-2020 AnalystPrep.
 Risk-free asset: Rf = 3%

Market portfolio: E(Rp) = 10%

Standard deviation: σ = 26%

A. 14.8%

B. 8.4%

C. 12.1%

D. 13%

The correct answer is C.

Here, we’re borrowing 30% in the risk-free asset and investing the proceeds plus the

whole portfolio in the market portfolio.

Return with -30% in the risk-free asset and 130% in the risky asset:

E(Ri) = -0.3 × 3% + 1.3 × 10% = 12.1%

Question 3

A portfolio has an expected return of 18% and a volatility of 10%. If the risk-free rate

of interest is 4%, then what is the Sharpe ratio of the portfolio?

A. 0.14

B. 0.18

C. 1.8

D. 1.4

The correct answer is D.

E (R ) − R
75
© 2014-2020 AnalystPrep.
 E (R p ) − Rf
SP =
σ (RP )

Sharpe Ratio of the portfolio = (0.18-0.04)/0.10 = 1.4

Question 4

Your portfolio had a value of EUR 1,000,000 at the start and EUR 1,150,000 at the

end of the year. Over the same period, the benchmark index has had a return of

4%. If the tracking error is 11%, then what is the information ratio?

A. 1

B. 0.11

C. 0.733

D. 1.36

The correct answer is A.

The return of the portfolio is (1,150,000 - 1,000,000) / 1,000,000 = 0.15 or 15%

E (RP ) − E (R B)
IR =
Tracking error

= (15% - 4%) / 11% = 1

76
© 2014-2020 AnalystPrep.
Reading 6: The Arbitrage Pricing Theory and Multifactor Models of Risk
and Return

After completing this reading, you should be able to:

Explain the arbitrage pricing theory (APT), describe its assumptions, and compare the

APT to the CAPM.

Describe the inputs (including factor betas) to a multifactor model.

Calculate the expected return of an asset using a single-factor and a multifactor model.

Explain models that account for correlations between asset returns in a multi-asset

portfolio.

Explain how to construct a portfolio to hedge exposure to multiple factors.

Describe and apply the Fama-French three-factor model in estimating asset returns.

In the previous reading, we discussed the Capital Asset Pricing Model (CAPM). CAPM is a single-

factor model the gives the expected return of a portfolio as a linear function of the markets’ risk

premium above the risk-free rate, where beta is the gradient of the line.

On the other hand, the Arbitrage Pricing Model (APT) uses the same analogy as CAPM, but it

includes multiple economic factors.

The Arbitrage Pricing Theory

According to APT, multiple factors (such as indices on stocks and bonds) can be used to explain

the expected rate of return on a risky asset. APT has three common assumptions.

Assumptions of the APT model:

1. The returns from the assets can be explained using systemic factors.

2. No arbitrage opportunities exist in a well-diversified portfolio. (Arbitrage refers to the

77
© 2014-2020 AnalystPrep.
 action of buying an asset in the cheaper market and simultaneously selling that asset in

the more expensive market to make a risk-free profit.)

3. By using diversification, the specific risks can be eliminated from the portfolios by the

investors.

According to APT, return on given security i is given by:

Ri = E(Ri) + βi1 [I1 − E(I1 )] + ⋯ + βi K [IK − E(IK )] + ei

Where

R i: rate of return on security i (i = 1, 2, …, N)

E(R i ): the expected return of security I

IK − E(IK ): Surprise factor (the difference between the observed and expected values in factor k)

βiK : measure the effect of changes in a factor I_k on the rate of return of security i

ei : noise factor also called idiosyncratic factor

The APT was put to trial by Roll and Ross (1980) and Chen, Roll, and Ross (1986) while

determining the factors that explained the average returns on traded stocks on New York

Securities Exchange (NYSE).

According to Roll, a well-diversified portfolio are volatile and that the volatility of a long portfolio

is equivalent to half of the average volatility of its constituent assets. Therefore, he concluded

that systematic risk drivers limit the impact of diversification within the asset groups.

According to Ross (1976), assuming that there is no arbitrage opportunity, the expected return

on a well-diversified is given by:

E(R P ) = E(RZ ) + βP 1 [E(I1 ) − E(RZ )] + ⋯ + βP K [E(IK ) − (R Z)]

where

E(R P ): Expected return on a well-diversified portfolio

78
© 2014-2020 AnalystPrep.
βPK : Factor loading for portfolio relative of factor K

E(R Z ): Expected rate of return on a portfolio with zero betas (such as risk-free rate of return)

E(IK ) − E(RZ ): Risk premium relative to factor k

Moreover, Roll realized that a portfolio that has been adequately diversified possesses a high

correlation when it is drawn from a similar asset class and less correlation when diversification

occurs across multiple asset groups.

Example: Calculating Expected Return under APT

The following data exists for asset A:

Risk-free rate = 3%,

GDP factor beta = 0.40,

Consumer sentiment factor beta = 0.20,

GDP risk premium = 2%,

Consumer sentiment risk premium = 1%

Calculate the expected return for Asset A using a 2-factor APT model.

E (RA ) = 0.03 + 0.4 (0.02) + 0.2 (0.01) = 0.04 = 4%

Note: Both CAPM and APT describe equilibrium expected returns for assets. CAPM can be

considered a special case of the APT in which there is only one risk factor – the market factor.

Many investors prefer APT to CAPM since APT is an improved version of CAPM. This is because

CAPM is a one-factor model (only the market index is used to calculate the expected return of

any security). At the same time, the APT is a multifactor model where numerous indices are used

to explain the variation of the expected rate of return of any security.

Multifactor Models

79
© 2014-2020 AnalystPrep.
A multifactor model is a financial model that employs multiple factors in its calculations to

explain asset prices. These models introduce uncertainty stemming from multiple sources.

CAPM, on the other hand, limits risk to one source – covariance with the market portfolio.

Multifactor models can be used to calculate the required rate of return for portfolios as well as

individual stocks.

CAPM uses just one factor to determine the required return – the market factor. However,

the market factor can be split up even further into different macroeconomic factors. These may

include inflation, interest rates, business cycle uncertainty, etc.

A factor can be defined as a variable that explains the expected return of an asset.

A factor-beta is a measure of the sensitivity of a given asset to a specific factor. The bigger the

factor, the more sensitive the asset is to that factor.

A multifactor appears as follows:

Ri = E (R i) + βi1 F1 + βi 2 F2 + ⋯ + βik Fk + ei

Where:

R i=rate of return on stock i

E (R i) =expected return on stock i

βik =sensitivity of the stock's return to a one-unit change in factor k

Fk =Macroeconomic factor k

ei =the firm-specific return/portion of the stock's return unexplained by macro factors

The expected value of the firm-specific return is always zero.

The Expected Return of An Asset Using the Single-factor

Model

The single-factor model assumes there’s just one macroeconomic factor, and appears as follows:

80
© 2014-2020 AnalystPrep.
 Ri = E (R i) + βi F + ei

E (R i) is the expected return on stock i . In case the macroeconomic factor has a value of zero in

any particular period, then the return on the security will equal its initially expected return E (R i)

plus the effects of firm-specific events.

Example of a Single-factor Model

Assume the common stock of Blue Ray Limited (BRL) is examined with a single-factor model,

using unexpected percent changes in GDP as the single factor. Assume the following data is

provided:

Expected return for BRL = 10%

GDP factor-beta = 1.50

Expected GDP growth = 4%

Compute the required rate of return on BRL stock, assuming there is no new information

regarding firm-specific events.

Solution

We know that:

Ri = E (R i) + βi F + ei

= 10% + 1.5 × 4%

= 16%

The Expected Return of an Asset Using the Multi-factor Model

Example of a Multi-factor Model

Assume the common stock of BRL is examined using a multifactor model, based on two factors:

81
© 2014-2020 AnalystPrep.
unexpected percent change in GDP and unexpected percent change in interest rates. Assume the

following data is provided:

Expected return for BRL = 10%

GDP factor beta = 1.50

Interest rate factor beta = 2.0

Expected growth in GDP = 2%

Expected growth in interest rates = 1%

Compute the required rate of return on BRL stock, assuming there is no new information

regarding firm-specific events.

Ri = E (Ri ) + βi1 F1 + βi2 F2

= 10% + 1.5 × 2% + 2.0 × 1%

= 15%

Hedging Exposures to Multiple Factors

The specific risks (idiosyncratic risks) can be removed by diversification, but the factor betas

(systematic risk) can only be removed by hedging strategy. Each factor can be regarded as

fundamental security and can, therefore, be utilized to hedge the same factor relative to given

security.

Consider an investor who manages a portfolio with the following factor betas:

GDP beta = 0.4

Consumer sentiment beta = 0.20

82
© 2014-2020 AnalystPrep.
Case 1:

Assume the investor wishes to hedge away GDP factor risk, yet maintain the 0.20 exposure to

consumer sentiment. How would they achieve this?

The investor should combine the original portfolio with a 40% short position in the GDP factor

portfolio. The GDP factor-beta on the 40% short position in the GDP factor portfolio equals -0.40,

which perfectly offsets the 0.40 GDP factor-beta on the original portfolio.

Case 2:

Assume the investor might want to hedge away consumer sentiment (CS) factor risk, yet

maintain the 0.40 exposure to GDP. How would they achieve this?

The investor should combine the original portfolio with a 20% short position in the consumer

sentiment factor portfolio. The CS factor-beta on the 20% short position in the GDP factor

portfolio equals -0.20, which perfectly offsets the 0.20 GDP factor-beta on the original portfolio.

Case 3:

Assume the investor wants to hedge away both factor risks. How would they achieve this?

The investor would have to form a portfolio that’s 40% invested in the GDP factor portfolio, 20%

in the CS factor portfolio, and 40% in the risk-free asset (note that total = 100%). Let us refer to

this portfolio as portfolio H.

Portfolio H can be used to hedge away all the risk factors of the original portfolio. That would

involve combining the original portfolio with a short position in portfolio H. The original portfolio

betas (0.4 and 0.2) would be perfectly offset by the short position in portfolio H, the hedge

portfolio.

The Fama-French Three-Factor Model

One widely used multifactor model that has been developed in recent times is the Fama and

83
© 2014-2020 AnalystPrep.
French three-factor model. A major weakness of the APT model is that it is silent on the issue of

the relevant risk factors for use. The FF three-factor model puts three factors forward:

Size of firms

Book-to-market values

Excess return on the market

The firm size factor, also known as SMB (small minus big) is equal to the difference in returns

between portfolios of small and big firms (R s − Rb ).

The book-to-market value factor, also known as HML (high minus low) is equal to the difference

in returns between portfolios of high and low book-to-market firms (R H − RL ) .

Note: book-to-market value is book value per share divided by the stock price.

Fama and French put forth the argument that returns are higher on small versus big firms as

well as on high versus low book-to-market firms. This argument has indeed been validated

through historical analysis. Fama and French contend that small firms are inherently riskier than

big firms, and high book-to-market firms are inherently riskier than low book-to-market firms.

The equation for the Fama-French three-factor model is:

E(RP ) − r = βP M [E(R M ) − r] + βP , SMB E(S MB) + βP ,H ML E(HML)

Where,

E(R P ): is the expected return on portfolio P

r: risk-free interest rate;

E(R M − r), E(SMB) and E(HML): expected premiums;

βPM , βP ,SM B, b P ,H ML : the coefficients for the time-series regression:

R P − r = aP + βPM (R M − r) + βP ,SMB SMB + βP ,HM L H ML + ϵ P

84
© 2014-2020 AnalystPrep.
The intercept term, α p , equals the abnormal performance of the asset after controlling for its

exposure to the market, firm size, and book-to-market factors. As long as the market is in

equilibrium, the intercept should be equal to zero, assuming the three factors adequately capture

all systematic risks. ϵ i represents random error.

Exam tip: SMB is a hedging strategy – long small firms, short big firms. HML is also a hedging

strategy – long high book-to-market firms, short, low book-to-market firms.

Fama and French expanded their model in 2015 by proposing two factors:

Robust Minus Weak (RMW). RMW is the difference between the return of firms with

high (robust) and weak (low) operating profitability.

Conservative Minus Aggressive (CMA): the difference between the returns of the firms

that conservatively invest and those with aggressive kind of investment.

Example: Calculating the Expected Return of a Portfolio Based on the

Fama-French Three-Factor Model

A Firm’s financial analyst believes the Fama-French dependencies are given in the table below.

Value
Beta 0.3
SMB 1.5
HML -0.7

Solution The firm earns an extra 4% yearly due to competitive advantage. Moreover, the firm

earns a 15% return on equities, an SMB of 2.5%, and HML of 0% and a risk-free rate of 2%.

What is the expected return of the firm?

According to the Fama-French Three-Factor Model the expected return is given by:

R P − r = aP + βPM (R M − r) + βP ,SM BSMB + βP ,H ML H ML

RP − 2% = 4% + 0.30(15% − 2%) + 2.5% × 1.25 − 0.70 × 0% = 13.03%

85
© 2014-2020 AnalystPrep.
Question

Suzy Ye is a junior equity research analyst at a research firm based in South Korea.

For the first time, she is using the multifactor model to compute the return of Wong

Kong Corp (WK). She has compiled the following data for the computation of the

return:

Wong Kong's expected return: 7%

Expected GDP growth: 4.5%

Expected Inflation: 2.5%

GDP factor-beta: 1.5

Inflation factor-beta: 2

Risk-free rate: 2%

Suppose the actual GDP growth and actual inflation of South Korea are 3% and 2.9%,

respectively, then which of the following is an accurate estimate of the return?

A. 7.55%

B. 10.05%

C. 5.55%

D. 18.75%

The correct answer is C.

A multifactor model (2-factor model in the given question) only includes the expected

return of the stock, macroeconomic factor and the factor-beta, and firm-specific risk,

which in this case is zero.

RWK = E(RWK) + βGDPFGDP + βIFI

86
© 2014-2020 AnalystPrep.
= 0.07 + 1.5(0.03 - 0.045) + 2(0.029 - 0.025)

= 0.07 - 0.0225 + 0.008 = 5.55%

87
© 2014-2020 AnalystPrep.
 Reading 7: Risk Data Aggregation and Reporting Principles

After completing this reading, you should be able to:

Explain the potential benefits of having effective risk data aggregation and reporting.

Describe key governance principles related to risk data aggregation and risk reporting

practices.

Identify the data architecture and IT infrastructure features that can contribute to

effective risk data aggregation and risk reporting practices.

Describe characteristics of a strong risk data aggregation capability and demonstrate

how these characteristics interact with one another.

Describe the characteristics of effective risk reporting practices.

Risk Data Aggregation and Reporting

One lesson learned from the 2007-2009 Global Financial Crisis was that banks' information

technology (IT) and data architectures were inadequate to support the broad management of

financial risks. Some financial institutions could not aggregate risk exposures and identify

concentrations across business lines. Some others were unable to manage their risks properly

because of weak risk data aggregation capabilities and risk reporting practices.

This weakened the financial system's stability. In response, the Basel Committee issued

supplemental Pillar 2 (supervisory review process) guidance to enhance banks' ability to identify

and manage bank-wide risks.

Benefits of Effective Risk Data Aggregation and Reporting

The Basel Committee defines risk data aggregation as "defining, gathering, and processing

risk data according to the bank's risk reporting requirements to enable the bank to measure its

88
© 2014-2020 AnalystPrep.
performance against its risk tolerance/appetite."

Some of the activities carried out during risk data aggregation include sorting, merging, and

breaking down sets of data.

However, how exactly do effective risk data aggregation and reporting benefit a bank? The

benefits include:

An increased ability to anticipate problems. Aggregated data gives managers a

holistic view of risk exposures and enables them to foresee problems before they occur.

An increased ability to find routes back to financial health in times of financial

stress. For example, a bank may be able to negotiate better credit deals or identify a

suitable merger partner.

Improved resolvability. For global systemically important banks (G-SIBs) in

particular, resolution authorities must have access to aggregate risk data that is

compliant with FSB's Key Attributes of Effective Resolution Regimes for Financial

Institutions.

Improved capability of the risk function to make judgments that can bring about

increased efficiency and profitability.

Key Governance Principles Related to Risk Data Aggregation

and Risk Reporting

One of the issues widely blamed for the quick escalation of the 2007/09 financial crisis was the

inability of banks to identify concentrations of risk across business lines as well as at the bank

group level. Furthermore, the main reason why the banks were unable to identify such

concentrations has much to do with the absence of aggregate risk data and bank-wide risk

analysis.

In response, the Basel committee has since pushed for higher corporate governance and issued

supplementary Pillar 2 guidance regarding bank capital models and risk management models

89
© 2014-2020 AnalystPrep.
(e.g., VaR). The following principles have specifically been set out:

Principle 1-Governance

Quoting the Basel committee,

"A bank's risk data aggregation capabilities and risk reporting practices should be subject to

strong governance arrangements consistent with other principles and guidance established by

the Basel Committee."

This principle suggests that risk data aggregation should be a central part of risk management,

and senior management should make sure the risk management framework incorporates data

aggregation before approving it for implementation.

A bank's risk data aggregation capabilities and risk reporting practices should be:

Fully documented.

Validated and independently reviewed by individuals well versed in IT and data and risk

reporting functions.

Unaffected by the bank's group structure.

Senior management should go to great lengths to ensure risk data aggregation is part

and parcel of the risk management function.

Considered as part of any new initiatives, including acquisitions and divestitures, IT

change initiatives, and new product development.

Data Architecture and IT Infrastructure Features That Can

Contribute to Effective Risk Data Aggregation and Risk
Reporting Practices

The importance of having a robust IT system cannot be underestimated, but building one for

purposes of risk aggregation and reporting can be quite expensive. The benefits of such a system

are realized in the long-term. The Basel Committee believes that in the long-term, IT benefits

90
© 2014-2020 AnalystPrep.
outweigh the costs.

Principal 2-Data Architecture and Infrastructure

Quoting the committee,

"A bank should design, build and maintain data architecture and IT infrastructure which fully

supports its risk data aggregation capabilities and risk reporting practices not only in normal

times but also during times of stress or crisis, while still meeting the other Principles."

Principle 2 goes ahead to implore banks to:

Make risk data aggregation and reporting practices a crucial part of the bank's

planning processes.

Establish integrated data classifications and architecture across the banking group.

Appoint individuals tasked with various data management responsibilities. For

example, risk managers, business managers, and IT specialists should be tasked with

ensuring the data is relevant, entered correctly, and aligned with data taxonomies.

Characteristics of a Strong Risk Data Aggregation Capability

Principle 3-Accuracy and Integrity

Quoting the committee,

"A bank should be able to generate accurate and reliable risk data to meet normal and

stress/crisis reporting accuracy requirements. Data should be aggregated on a largely automated

basis to minimize the probability of errors."

According to Principle 3:

Data aggregation and reporting should be reliable.

Controls surrounding risk data should be as robust as those applicable to accounting

91
© 2014-2020 AnalystPrep.
 data.

A bank should aim to have a single authoritative source of risk data per each type of

risk.

A bank's risk management personnel should be granted access to risk data to ensure

they can aggregate, validate, and properly reconcile data.

A bank must strike a balance between automated and manual systems. Where

professional judgment is paramount, human intervention can be quite imperative.

Banks should have policies designed to keep the accuracy of risk data in check and

correct poor data quality.

All manual, as well as automated risk data aggregation systems, should be well

documented and explain manual workarounds and propose actions that could minimize

the impact of manual workarounds.

When the bank is reliant upon manual processes and desktop applications such as

spreadsheets, there should be effective controls that safeguard the quality of data.

Data should be defined consistently across the bank.

Data should always be reconciled with other bank data, including accounting data, to

ensure its accuracy.

Principle 4-Completeness

"A bank should be able to capture and aggregate all material risk data across the banking group.

Data should be available by business line, legal entity, asset type, industry, region, and other

groupings, as relevant for the risk in question, that permit identifying and reporting risk

exposures, concentrations, and emerging risks."

Principle 4 requires that:

Both on- and off-balance sheet risks should be aggregated.

92
© 2014-2020 AnalystPrep.
 Banks should ensure that risk data is always complete. In case the data is not complete,

the banks should be able to explain the reasons for bank supervisors.

It is not necessary to express all forms of risk in a common metric or basis, but risk

data aggregation capabilities should be the same regardless of the choice of risk

aggregation systems implemented.

Principal 5-Timeliness

"A bank should be able to generate aggregate and up-to-date risk data promptly while also

meeting the principles relating to accuracy and integrity, completeness, and adaptability. The

precise timing depends on the nature and the volatility of the risk being measured as well as its

criticality to the overall risk profile of the bank. The precise timing will also depend on the bank-

specific frequency requirements for risk management reporting, under both normal and

stress/crises, set based on the characteristics and overall risk profile of the bank."

Banks need to build their risk systems to be capable of producing aggregated risk data rapidly

during times of stress/crisis for all critical risks. Critical risks include:

Counterparty credit risk exposures (derivatives);

Trading exposures;

Operational risk indicators;

Aggregated credit exposure to a large corporate borrower, among others.

Principal 6-Adaptability

"A bank should be able to generate aggregate risk data to meet a broad range of on-demand, ad

hoc risk management reporting requests, including requests during stress/crisis situations,

requests due to changing internal needs and requests to meet supervisory queries."

A bank's risk data aggregation capabilities should be flexible:

To assess emerging risks;

93
© 2014-2020 AnalystPrep.
 To incorporate changes in the regulatory framework;

To produce quick summary reports, etc.

Characteristics of Effective Risk Reporting Practices

Principle 7-Accuracy

"Risk management reports should accurately and precisely convey aggregated risk data and

accurately reflect risk. Reports should be reconciled and validated."

Risk management reports should be accurate and precise to ensure a bank's board and senior

management can rely with confidence on the aggregated information to make critical decisions

about risk.

Approximations are an integral part of risk reporting and risk management (scenario analyses,

and stress testing, among others.) Banks should follow the reporting principles in this document

and establish expectations for the reliability of approximations (accuracy, timeliness, etc.)

Principle 8-Comprehensiveness

"Risk management reports should cover all material risk areas within the organization. The

depth and scope of these reports should be consistent with the size and complexity of the bank's

operations and risk profile, as well as the requirements of the recipients."

Risk management reports should include exposure and position information for:

Significant risk areas (e.g., credit risk, market risk, liquidity risk, operational risk)

Significant components of those risk areas (e.g., single name, country, and industry

sector for credit risk).

Risk-related measures (e.g., regulatory and economic capital).

Emerging risk concentrations through forward-looking forecasts and stress tests.

94
© 2014-2020 AnalystPrep.
Principle 9-Clarity and Usefulness

"Risk management reports should communicate information clearly and concisely. Reports

should be easy to understand yet comprehensive enough to facilitate informed decision-making.

Reports should include meaningful information tailored to the needs of the recipients."

Risk reports should ensure that information is meaningful and tailored to the needs of the

recipients, in particular, the board and senior management. The board is responsible for

determining its risk reporting requirements and complying with its obligations to shareholders

and other relevant stakeholders.

Moreover, the right balance of qualitative and quantitative information is important. The board

should alert senior management when risk reports do not meet its requirements.

Principle 10-Frequency

"The board and senior management (or other recipients as appropriate) should set the frequency

of risk management report production and distribution. Frequency requirements should reflect

the needs of the recipients, the nature of the risk reported, and the speed at which the risk can

change, as well as the importance of reports in contributing to sound risk management and

effective and efficient decision-making across the bank. The frequency of reports should be

increased during times of stress/crisis."

A bank should routinely test its ability to produce accurate reports within established

timeframes, particularly in stress/crises. Some exposure information may be needed intraday to

allow for timely reactions.

Principle 11-Distribution

"Risk management reports should be distributed to the relevant parties while ensuring

confidentiality is maintained."

Banks should strike a balance between the need to ensure confidentiality and the timely

dissemination of reports to all appropriate recipients.

95
© 2014-2020 AnalystPrep.
Supervisory Review, Tools, and Cooperation

Principle 12-Review

"Supervisors should periodically review and evaluate a bank's compliance with the eleven

Principles above."

Principle 13-Remedial actions and supervisory measures

"Supervisors should have and use the appropriate tools and resources to require effective and

timely remedial action by a bank to address deficiencies in its risk data aggregation capabilities

and risk reporting practices."

"Supervisors should have the ability to use a range of tools, including Pillar 2."

Principle 14-Home/host cooperation

"Supervisors should cooperate with relevant supervisors in other jurisdictions regarding the

supervision and review of the principles and the implementation of any remedial action if

necessary."

96
© 2014-2020 AnalystPrep.
 Reading 8: Enterprise Risk Management and Future Trends

After completing this reading, you should be able to:

Describe Enterprise Risk Management (ERM) and compare an ERM program with a

traditional silo-based risk management program.

Compare the benefits and costs of ERM and describe the motivations for a firm to

adopt an ERM initiative.

Explain best practices for the governance and implementation of an ERM program.

Describe important dimensions of an ERM program and relate ERM to strategic

planning.

Describe risk culture, explain characteristics of strong corporate risk culture, and

describe challenges to the establishment of a strong risk culture at a firm.

Explain the role of scenario analysis in the implementation of an ERM program and

describe its advantages and disadvantages.

Explain the use of scenario analysis in stress testing programs and in capital planning.

A company must analyze risks with each risk type to define and measure the risk, aggregate the

risk withing the diverse business lines, and developing hedging strategies.

However, companies should address each of their significant risks and the interdependence of

risks. Since risks are highly dynamic and correlated with each other, an integrated approach is

required to manage them. Suboptimal performance may result from a fragmented approach

towards risk management in which risk is managed in organizational silos. If the

interdependence of risks like credit risk, market risk, operational risk, etc. is not captured in the

risk management activities, the attempts to address risks are bound to remain inefficient and

faulty.

Enterprise Risk Management (ERM)

97
© 2014-2020 AnalystPrep.
Enterprise risk management (ERM) is responsible for organizing and coordinating an integrated

risk management framework for the firm. It establishes policies and directives for managing

risks across business units and provides the senior management with overall control and

monitoring of the organization’s exposure to significant risks and incorporate them into the

strategic decisions. ERM, therefore, goes beyond the silo-based risk management by providing a

broader and consistent enterprise view of risk. Thus, it pinpoints the significant threats facing

the firm’s life and its core operations.

Benefits of Enterprise Risk Management

1. ERM focuses the attention on the oversight of the most threatening risks.

2. It enables the firms to adhere and define enterprise risk that they can accommodate.

3. ERM helps in the management of risk concentrations across an enterprise.

4. ERM helps in the detection of the enterprise-scale risk created at the business line level.

5. ERM help in understanding how the risk correlates and cross-over risk types.

6. ERM manages emerging enterprise risks such as cyber and reputation risks

7. ERM makes sure that risk is incorporated while making strategic decisions and selection

of a business model.

8. ERM optimizes the risk transfer expenses relative to the level of the risk and total cost

involved.

9. ERM facilitates compliance with the regulations and reassurance of the stakeholders.

Comparison of ERM Program with Traditional Silo-Based Risk

Management Program.

98
© 2014-2020 AnalystPrep.
 Enterprise Risk Management Traditional Silo-Based Risk Management
Risk management work as an integrated unit
Risk managers work in isolated parts of the
using global risk management and chief risk
firm.
officer (CRO).
Risks are viewed across business lines by
Risks are viewed at business lines, type of risk,
looking at the diversification and the
and functional silos.
concentration of the risk.
Rational risk management is based on the
Various risk metrics are used, which cannot be
cross-universal metrics such as VaR and
compared.
Scenario Analysis to aggregate risk.
It is easy to measure and track enterprise risk
Seeing the bigger picture of risks is not
since the risk is aggregate across multiple risk-
possible, if at all, the risks are aggregated.
types.
It is possible to reduce the costs of risk transfer The risks are managed differently using
and integrating instruments. diverse instruments, making it costly.
Each risk management approach is viewed as
one component of a total cost of risk,
Each risk management approach often treated
measured in a single currency with the
separately without optimizing the strategy.
inclusion of risk/reward and cost/benefit
optimization using the same currency.
It is possible to integrate risk management It is impossible to integrate the management
with balance sheet management, capital and transfer of risk with balance sheet
management, and financing strategies. management and financing strategies.

The Dimensions of ERM

The dimensions of ERM refers to the practical organization of ERM, which usually depends on

the type and size of the firm. Simply stated, the aspects of the ERM are the Targets, Structure,

Culture, Strategies, and Identification, and Metrics.

1. ERM Targets

The ERM targets are the risk appetites for the investment goals of a company. The main aim of

the ERM is to develop the right targets while making sure there is no conflict between these

targets and the firm’s goals.

2. ERM Structure

99
© 2014-2020 AnalystPrep.
The skeleton of the ERM includes the firm’s board, the CRO, the global risk committee, and the

corporate finance framework. The objective of an ERM is to make each structure-aware of the

level of enterprise risks, which can be indicated by the indirect loss.

3. ERM Strategies

ERM strategies include the methods of managing the integrated enterprise risk at the business

line or enterprise levels. The strategies involve avoiding, mitigating, or transferring risks.

4. ERM Identification and Metrics

ERM Identification and Metrics includes the methods to measure the severity, impact, and

frequency of enterprise-scale risks. Such methods are scenario analysis, stress testing, VaR,

total-cost-of-risk mapping, and flagging methodologies. An objective ERM should ensure that

they include useful metrics for measuring enterprise risks.

5. ERM Culture

As will be seen later, the risk culture of a firm can be defined norms and traditions of how an

individual or a group of individuals within a firm in identifying, understanding, and discussing

the risks that confront the firm and risk appetite of the firm. The goal of ERM is to create an

influential risk culture in a firm.

The success of an ERM majorly depends on the interactions of the above five dimensions. For

instance, if a firm improves its stress testing and other risk measurements, it does not guarantee

the growth of effective risk management if the risk culture has not been cultivated in the firm.

Reasons for Demand of ERM by Enterprise Risk.

It is valid to argue that ERM is essential in that it allows risk managers to see a bigger picture of

enterprise risk by prioritizing and optimizing risk management. Nevertheless, why does

100
© 2014-2020 AnalystPrep.
enterprise risk require enterprise risk management? This question has four responses:

1. ERM aims to recognize the potential threat to the whole enterprise that com up

from the risky investment decisions and pick the early indications that

something wrong is about to happen to reduce the leveraging effect of time. In

other words, ERM brings risk decisions across time and space relative to the risk

appetite of the enterprise. For instance, ERM can be useful in a car manufacturing

industry where the concerned department secures faulty parts of the vehicle. This risk

can be amplified to many cars threatening the whole enterprise.

2. ERM inculcates the recognition and management of the risk concentration

relative to the firm’s risk appetite. Risk managers who tend to put their attention on

specific risks in a given business line will ultimately be unable to spot risk concentration

across the whole enterprise. This is where ERM comes to use.

Some of the examples of risk concentrations include:

Product concentrations: For instance, a product is might be over or underpriced in

some jurisdictions in case of a sales company.

Supplier concentrations: This kind of concentration can occur where a firm depends

on one connection of supply or one technological provider.

Geographical and industry concentrations: A good example is where the financial

institution is exposed to default risk in a particular geographical location.

It is worth noting that risk concentrations also marred the 2007-2009 financial crisis. For

instance, many firms realized that they had concentrations of mortgage risk in multiple

geographical locations.

3. Thinking beyond silo-based risk management. Risk type diversification decreases

the aggregate risk capital a firm requires to hold and normalizing the risk from multiple

portfolios.

101
© 2014-2020 AnalystPrep.
The ERM can assist the firms in comprehending how risk can cross over between risk types

during the stress period.

4. Risk Retention. Firms can retain a certain level of risk through self-insurance and

captive insurance. Risk-retention through insurance is more effective when done at the

enterprise level because the aggregate level of risks can be understood. Examples of

such risks include cyber risk, where most firms find is appropriate to ensure themselves

against since technological advancement cuts all sections of a firm.

The Risk Culture

Risk culture is defined norms and traditions of how an individual or a group of individuals within

102
© 2014-2020 AnalystPrep.
a firm in identifying, understanding, and discussing the risks that confront the firm and risk

appetite of the firm. Strong risk culture in the firm makes the ERM most effective.

Post-financial crisis reports of 2007-2009 maintained the emphasis that the lack of risk culture

led to risk management failure in large financial institutions. Other signs of lack of risk culture

include money laundering and embargo breaches. Lack of risk culture leads to dire

consequences, emphasizing the need by the firms to establish and maintain a risk culture.

Creating a risk culture can be challenging because it involves different stakeholders: individuals,

the whole enterprise, and individual groups.

The risk perspective of each layer can overlap, creating a gap between the stated goals of an

enterprise and the employees. Moreover, risk culture is not easily reared in the way of

investigating enterprise progress is not clear.

Forming a view of risk culture in an institution assists them to take note of their risk appetite.

103
© 2014-2020 AnalystPrep.
One of the approaches in viewing risk culture is by using the critical risk culture indicators.

The Risk Culture Indicators

The Financial Stability Board (FSB) has indicated four key risk culture indicators which include:

1. Incentives

This can be seen in terms of risk-related compensations, which should be supportive of the firm’s

risk appetite and desired risk culture.

2. The tone from the top

The leadership tone of a firm should be able to go in line with the firm’s core value and

communicate and assess business strategies relative to risk appetite.

3. Accountability

There should be a clear expectation of monitoring and accountability of risks for significant risks

in a firm.

4. Effective communication and challenge

There should be clear communication between the individuals while valuing opposing views

should be, and risk management should be given an open discussion among individuals of the

firm.

The indicators set by FSB are just broad internal culture indicators.

The firm also should consider the environmental (external) indicators, which include:

104
© 2014-2020 AnalystPrep.
 1. Regulatory standards

2. Professional Standards

3. Risk or Corruption indices in a country

4. Economic cycles such as credit cycle

Modern firms have started addressing the issue of risk using the stated internal indicators or by

conducting surveys to know the level of risk culture in their respective firms.

Challenges Facing the Establishment of a Strong Risk Culture in a Firm.

Some challenges stand in the way of developing sound risk management. These are:

1. Conflict Between Risk Indicator and Risk Lever

The industry wishes to identify indicators, which shows the level of their risk culture. However,

sometimes these indicators can be used as levers of behavior change comprising the purpose of

the indicators and hence the risk culture.

2. Lack of Enough Education

To develop a robust risk culture, the firm should vote up with the simple language of defining

risk management terms, key concepts, and the role of ERM stakeholders.

3. Time and Space

The risk culture might not have developed in all parts of a firm and that they do not evolve.

Moreover, an enterprise can fail to detect early signs of risk due to a lack of proper identification

mechanism when the multiple signals occur.

4. Cursive data.

105
© 2014-2020 AnalystPrep.
The development of risk culture is undermined by a lack of adequate data to analyze the level of

risk culture in an enterprise. However, in the coming years, technological process such as

machine learning has enabled the gathering of enormous data for analyzing signs of risk.

Scenario Analysis

Scenario analysis involves visualizing a framework, developing a coherent explanation of why

variables do change, and assessing the impact of this on the firm’s risk portfolios.

A scenario analysis should be distinguished from sensitivity testing, which involves varying one

parameter or variable in a risk model to determine how sensitive the model is to the variation.

Scenario analysis and Sensitivity testing are the primary identification tools of the ERM, which

come as the probabilistic risk metrics such as VaR proved to be weak.

Scenario analysis might be qualitative, but many firms have come up with excellent ways of

building quantitative models to assess the effect of each scenario on their portfolio and

businesses.

Scenario analysis assists firms to determine the impact of the unfavorable events and events that

do not have historical data.

Advantages of Scenario Analysis

1. There is no need to consider risk frequency beyond its soundness

2. Scenarios can take the form of transparent and intuitive explanations.

3. It poses a challenge to a firm to imagine the worst and control the effects.

4. It enables the firms to identify warning signals and build contingency plans for the risk.

5. Scenario analysis does not depend on historical data. It can be based around either past

events or forward-looking hypothetical events.

6. Firms have the freedom to make scenario analysis as complicated or straightforward as

they want, without the regulator’s interference.

Disadvantages of Scenario Analysis

106
© 2014-2020 AnalystPrep.
 1. In scenario analysis, it is difficult to determine the probability of events because it does

not lead to the quantification of risk.

2. The future scenarios can become complicated with many choices in place.

3. The extent of firms’ imagination is limited. For example, scenarios might underestimate

the effect of an extreme loss occurrence or remove significant risk exposures.

4. The number of appropriate situations that can be developed is limited.

5. The last central crisis often motivates the scenarios chosen; imaginative future scenarios

may be dismissed as inappropriate.

6. Scenario analyses are different in terms of quality and sophistication, and so their

credibility and assumptions can be challenging to analyze.

7. Applicability of scenario analysis depends on its accuracy, comprehensiveness, and the

predictive qualities of the firm’s stress test program.

Scenario analysis has been one of the risk management tools even before the global financial

crisis. For instance, banks used the short-run selection of historical and hypothetical occurrences

from the listed events and compared them with their portfolios to determine which variable

applies to the current portfolios and try to develop an explanation.

After the global financial, banks realized that they have been ignoring the integrated risks along

the business lines, the interaction of risks, and behavioral change of market participants in times

of stress. Moreover, evidence showed that scenario analysis of that time was not that is serious.

Therefore, after the financial crisis, regulators have reiterated the need for financial institutions

to demonstrate their capability of withstanding adverse scenarios. For instance, US regulators

insist that big banks should use macroeconomic stress scenarios such as reduction of GDP and

employment across their enterprise exposures.

Scenario analysis is applied to stress testing. For instance, for a bank can prove that it can

maintain minimum levels of capital ratios and raise capital in the time of stress, then it must

revise the business plans of its various departments while lowering its level of risk appetite.

The US stress tests mushroomed when the Supervisory Capital Assessment (SCAP) was

conducted in 2009 (after the crisis), whose outcomes assured the banks of their stability. From

2011 going forward, the Dodd-Frank Act catalyzed the US Federal Reserve to conduct two

107
© 2014-2020 AnalystPrep.
annual stress tests using Scenario analysis. These tests include:

1. Dodd-Frank Act stress test (DFAST) which is executed in mid-year for the banks with

assets above USD 10 billion

2. Comprehensive Capital Analysis and Reviews (CCAR) which is conducted at the end of

each year for the banks with assets above USD 50 billion

Both of the above methods require the banks to come up with their scenarios in addition to

supervisory situations. However, DFAST is less demanding and applies fewer capital assumptions

as compared to CCAR.

The federal reserve comes up with three critical supervisory macroeconomic scenarios which

are:

1. Baseline scenario, which represents the consensus arrived by the bank economist.

2. The adverse scenario, which is a moderately falling economy and

3. The severely adverse scenario which is considered severe with a broad global recession

and a decline in demand.

CCAR requires the banks to anticipate how these scenarios will impact their income statements

and balance sheets over nine quarters. In addition to this, they must also:

1. Give a detailed assessment of capital sourcing and utilization over the planning period.

2. Submit the descriptions of the firm’s procedures and ways of controlling capital

adequacy of the firm

3. Submit a detailed copy of the capital policy

4. Descriptions of the expected changes in business loans that might affect capital

adequacy of the firm.

In each of the stated scenario, each bank must prove to maintain minimum levels of capital ratios

and raise capital in the time of stress. They also need to predict the behavior of all risk factors

impacting their portfolios.

In the European part, stress testing using scenario analysis has developed. A good example is the

European Banking Authority (EAB), but not so much improved like in the US. EAB is more static,

108
© 2014-2020 AnalystPrep.
less complicated, and more flexible in altering risk and business strategies as compared to CCAR

because it includes a large number of banks.

ERM and Strategic Formulations

The enterprise risk managers must take part in strategy formulations. One of the latest

industries to encourage the application of ERM is corporate planning and strategy. ERM builds a

secure link between the risk and reward.

Stochastic stress testing is the latest method of the stress testing techniques, where it provides

the practicality of the strategy applied implied by ERM. Moreover, technology development has

made positive scenario simulation easy. This has facilitated macroeconomic stress testing a part

of panning activities such as growth plans and strategic risk management.

Future Trends of Risk Management

Risk management is a growing profession. This is evidenced in the 2007-2009 financial crisis,

where the role of risk managers of multidimensional nature of risk, the interaction of risk types,

and application of statistical knowledge in business decision making. So, what is the condition or

risk management in the future? We consider three indications.

1. Multidimensional Risk and Holistic Thinking

Risk managers have now realized the need to apply different methods of risk metrics to identify

risks. Such practices include new forms of scenario analysis, which, in the future, will be more

effective through the development of better simulation technologies and effective scenario

selection methods. On the part of stress testing, it will be more dynamic and include more

extended periods and will be incorporated into the planning process. These methods are also

reinforced with statistical knowledge, such as VaR.

Holistic thinking involves a sophisticated view of risks. Such include the classification of risks

and their impacts. Moreover, holistic thinking leads to the development of risk culture is financial

institutions, which is driving force enterprise behavior.

109
© 2014-2020 AnalystPrep.
2. Risks Movement Across Risk Types in Business Models and Markets

With the development of digital business characterized by machine learning and new data

models, stress testing will help financial institutions understand risks develops over an extended

period while moving from one risk type to another.

3. Numbers and Judgement

The development of computing technology and data science such as cloud-based on-demand

analytical resources and machine learning in technologies, risk managers will be able to

manipulate new streams of integrated data to identify the patterns and correlations is such of

risk. Moreover, the collection of data will be accessible during the day to day business

operations, improve oversight, and predictive analytics. However, the main challenge will be

decision transparency because machine learning might over amplify the risk models.

110
© 2014-2020 AnalystPrep.
 Question

Which one of the following is one of the external risk culture indicators?

A. Regulatory standards

B. Country’s corruption indices

C. Regulatory standards

D. All of the above

Solution

The correct answer is D

The environmental (external) indicators which include: Regulatory standards,

Professional Standards, Risk or Corruption indices in a country and Economic cycles

such as credit cycle.

111
© 2014-2020 AnalystPrep.
 Reading 9: Learning From Financial Disasters

After completing this reading, you should be able to:

Analyze the key factors that led to and derive the lessons learned from case studies involving the

following risk factors:

Interest rate risk, including the 1980s savings and loan crisis in the US

Funding liquidity risk, including Lehman Brothers, Continental Illinois, and Northern

Rock

Implementing hedging strategies, including the Metallgesellschaft case

Model risk, including the Niederhoffer case, Long Term Capital Management, and the

London Whale case

Rogue trading and misleading reporting, including the Barings case

Financial engineering and complex derivatives, including Bankers Trust, the Orange

County case, and Sachsen Landesbank

Reputational risk, including the Volkswagen case

Corporate governance, including the Enron case

Cyber risk, including the SWIFT case

In this chapter, we look at famous financial disasters that have been witnessed over the years.

Although each case study has its distinctive elements, they all have something in common:

Certain risk factors were ignored, resulting in major financial loss. We are going to look at how

each of these disasters came up, identify the warning signs that were ignored, and attempt to

draw relevant lessons that can help avert similar disasters in the future.

Interest Rate Risk

112
© 2014-2020 AnalystPrep.
Interest rate risk is the danger that a change in interest rates will cause the value of assets will

decline and that of liabilities to increase. Over the last century, thousands of firms have failed as

a result of interest rate risk. Between 1986 and 1995, for example, nearly a third of the 3,234

savings and loan associations in the United States failed.

The Savings and Loan Crisis

In the 1980s, the savings and loans industry in the United States suffered through a period of

distress.

Savings and Loans (S&Ls) associations were founded in the 18th century with the sole purpose of

funding homeownership. At the time, banks did not lend money for residential mortgages. S&L

members would pool their savings and lend the money to a few members to finance their home

purchases. After repaying the funds, other members would also get a chance to borrow.

Notably, S&Ls were governed by the so-called "Regulation Q," which set their minimum capital

requirements and capital adequacy standards. Under regulation Q, S&Ls were required to pay

depositors a rate of interest that was significantly lower than that offered elsewhere.

Furthermore, S&Ls were not allowed to offer commercial loans to avoid risky lending. The

overriding goal among policymakers and the government was to make thrifts focus solely on

promoting housing and homeownership.

For a long period, these regulations worked well for S&Ls as it meant they could pay low rates

on short-term deposits, pool the funds, and then provide mortgage loans at a higher interest

rate. To their advantage, the demand for homes continued to rise, especially in the first half of

the 19thcentury.

In the 1970s, however, there was a dramatic increase in both interest rates and inflation. This

had two main implications:

Depositors trooped into S&Ls to withdraw their money, eying higher rates elsewhere.

This meant that the amount available for lending reduced significantly.

Funding costs for S&Ls increased significantly, wiping out the interest rate spread they

113
© 2014-2020 AnalystPrep.
 depended on to make a profit. In other words, short-term deposits became costlier, and

therefore the margin between the cost of funds and profit from long-term fixed-rate

mortgages decreased.

A high rate of inflation also meant that the number of mortgage applications reduced, further

reducing revenue for S&Ls. The low demand for mortgages combined with higher interest rates

elsewhere resulted in an unprecedented loss in the value of outstanding mortgages. As a result,

the net worth of most S&Ls was essentially wiped out. And because the existing regulations

severely restricted alternative profit-making investments, S&Ls had to stick with a dwindling

portfolio of low-interest mortgages as their only income source. While all this was happening,

alternative investments were increasingly gaining popularity, especially money market funds,

which offered higher returns.

In an attempt to stem the tide and restore some financial stability among S&Ls, the US

government relaxed the regulations that had been in place for decades.

Several changes were introduced to allow S&Ls to "grow" out of their problems. For the first

time, the government was explicitly seeking to influence S&L profits as opposed to promoting

housing and homeownership. For instance, interest rate caps were removed, and S&Ls were

allowed to offer commercial loans. What's more, S&Ls could choose to be under either a state or

a Federal charter. Federally-chartered thrifts took full advantage of the deregulation and rushed

to become federally chartered, because of the advantages associated with a federal charter.

Deposit insurance was also increased from $40,000 to $100,000 in an attempt to restore some

confidence among depositors.

These regulatory changes did not quite generate the intended effect. For instance, the

availability of deposit insurance led to a moral hazard. S&Ls engaged in even riskier lending

activities. Ultimately, it is estimated that S&Ls suffered a combined loss of more than $160

billion. To bail them out, taxpayers paid $132 billion. The Federal Savings and Loan Insurance

Corporation paid $20 billion to depositors of failed S&Ls before it went bankrupt. The S&Ls paid

the remaining amount.

Lessons Learned

114
© 2014-2020 AnalystPrep.
1. Regulation is good, but overregulation can be dangerous!

One of the root causes of the S&L industry's woes was overregulation. Federal regulation had

some very strict and precise conditions under which all S&Ls operated. Initially, for example,

S&Ls were barred from offering commercial loans; they were only allowed to offer mortgages to

facilitate homeownership. That prevented them from experimenting with different ways to adapt

to changing market conditions. Regulators charged with defining "acceptable assets" in

insurance and banking should take heed.

2. Deposit insurance can result in increased market indiscipline

The introduction of federal insurance guarantees can inadvertently trigger greater risk-taking

among banks and insurance firms. It may create a situation where both lenders and depositors

feel they have nothing to lose.

To mitigate interest rate risk, there's a need for banks to have assets that are highly

correlated with liabilities. That can be achieved by having a diversified portfolio of

assets and making use of interest rates derivative products such as caps, floors, and

swaps.

Funding Liquidity Risk

Funding liquidity risk refers to the possibility that a bank could find itself unable to settle

obligations with immediacy. It has much to do with:

The risk thata bank will be unable to pay its debts when they fall due

The risk thatthe bank cannot meet the demand of customers wishing to withdraw their

deposits

The risk that a bank will be unable to roll over short-term credit, e.g., commercial

paper.

There are two main sources of funding liquidity risk:

115
© 2014-2020 AnalystPrep.
 1. External market conditions, such as changes in supply and demand.

2. Structural balance sheet risks (Balance sheet risk is uncertainty about future values of

balance sheet items not directly related to business or financing activities. Examples are

interest rate risk and liquidity risk).

Let's look at a few case studies where funding liquidity risk played a starring role:

Lehman Brothers

The collapse of Lehman Brothers presents the most spectacular and perhaps the most

documented event during the 2007/2009 financial crisis. Here's how the crisis unfolded.

One Henry Lehman founded Lehman Brothers in 1884 as a general and dry goods store. Soon

afterward, Mr. Henry was joined by his brothers Emanuel and Mayer, and that's how the name

"Lehman Brothers" came about. For many years, the company conducted business as a private

institution until the year 1994 when it opened its ownership to the public through an IPO that

generated well over $3.3 billion. At this point, the company ventured into commercial and

investment banking activities.

Lehman Brothers' entry into the commercial and investment banking market coincided with the

change from the originate-to-keep business model to the originate-to-distribute model. Most

banks were increasingly offering securitized assets built upon mortgages sold to residential

customers. Lehman Brothers became one of the pioneers of securitization, and its fortunes

greatly improved. Between 2003 and 2004, for example, the company acquired five mortgage

lenders in an attempt to consolidate its grip on the securitization market further. For a while,

Lehman Brothers recorded fast growth fueled by the house price bubble. In early 2007, the firm

surpassed Bear Sterns and became the largest underwriter for mortgage-backed securities.

It wasn't until the second half of 2007 when cracks started to appear in the originate-to-

distribute business model. It became evident that the US housing bubble had burst and that the

subprime mortgage market was in deep trouble. As a result, investor confidence began to erode,

and firms heavily invested in subprime securities all of a sudden found themselves unable to

borrow at similar terms as before. In July of that year, the conditions were so bad such that Bear

116
© 2014-2020 AnalystPrep.
Stearns (Lehman's Brothers' top competitor) had to support two of its hedge funds following

steep losses caused by their subprime mortgage exposure.

Banks are naturally leveraged institutions that prefer debt to equity, and Lehman Brothers

followed the script. In the run-up to the crisis, however, Lehman pursued leverage to levels not

seen before. To put things in perspective, the bank had an assets-to-equity ratio of approximately

31:1 by mid-2007. Critically, the bank turned to short-term debt to fund its day-to-day operations,

particularly the repo market.

As it turned out, the bank's overreliance on the repo market exposed it to serious funding

problems because it had to keep investors (counterparties) happy at a time when the industry

was witnessing dwindling fortunes. That meant the bank had to offer guarantees continually and

sometimes above-market returns to stay in business. The fact that the borrowed funds were used

to fund relatively illiquid long-term real estate assets made the situation even worse.

All hell broke loose in 2008. First to go down was Bear Sterns after its repo lenders and bank

counterparties lost confidence in the firm's ability to repay its debts. As a sign of just how low

Bear Sterns had sunk, J.P. Morgan bought the collapsed firm at just 10% of its prior market

value. After this, the focus shifted to Lehman Brothers, who had so far avoided large-scale eye-

catching losses through a combination of short-term borrowing and corporate restructuring

strategies aimed at cutting costs. Lehman's share price declined sharply by more than 48%

following the collapse of Bear Stearns.

For a while, Lehman was able to restore some consumer confidence by announcing better than

expected profits. Lehman also watered-down concerns that it was too leveraged by announcing

that $4 billion in preferred stock had been raised, and the whole amount could be converted to

common stock at a 32% premium to its current value.

The upturn turned out to be short-lived because soon after, news broke alleging that the firm had

overvalued its real estate-based assets. At this point, Lehman could no longer cling to market

confidence, so critical to the firm's funding strategy (and therefore its liquidity). As the crisis

mounted, many of Lehman's major counterparties began to demand even more collateral to fund

its operations. Others began reducing their exposure, and some institutions flatly refused to do

business with the firm. Attempts were made to merge the firm or to sell it to another large bank,

117
© 2014-2020 AnalystPrep.
but none of them materialized.

In the early hours of 15th September 2008, Lehman was forced to file for bankruptcy, triggering

a global financial crisis that saw a virtual meltdown of financial markets.

Lessons Learned

Firms (and investors), in general, should never resort to extreme leverage that far surpasses

the capacity to repay. Lehman Brothers took on huge amounts of short-term debt to fund long-

term assets, exposing itself to serious liquidity problems. Too much debt means that a firm

cannot absorb a major loss.

Lehman's failure has also highlighted the need to have tougher regulations in the securitization

market, particularly because mortgage-backed securities and related instruments such as credit

default swaps result in a highly interconnected financial market that is highly vulnerable to a

total collapse in case one or two "big names" fail.

Continental Illinois National Bank and Trust Company

The failure of Continental Illinois National Bank and Trust Company in 1984 presents the biggest

US liquidity debacle in the banking sector before the 2007/2009 financial crisis. Its subsequent

rescue gave rise to the term "too big to fail."

At its prime, the Chicago-based lender was the seventh-largest bank in the US, with an asset pool

of approximately $40 billion. Its roots go back in time to 1910 through a merger, but what

especially stood out was the management's aggressive growth strategy. At the time, banks were

not allowed to open branches across state lines. Any bank intending to lend outside its state of

origin could only purchase loans from other banks. In line with its fast growth strategy,

Continental Illinois took up the task head-on.

The bank developed a network of contacts across the country and positioned itself as a willing

buyer of some of the most complex and riskiest loans. Initially, the bank's strategy seemed to

bear fruit, and this served as further evidence for the management that the plan was working. In

the 5 years before 1981, the bank's commercial and industrial lending jumped from USD 5 billion

118
© 2014-2020 AnalystPrep.
to over USD 14 billion. During that time, the bank's total assets grew from USD 21.5 billion to

USD 45 billion. What the management didn't know was that things would soon head south.

Continental Illinois had developed an informal business partnership with Oklahoma-based Penn

Square Bank. This smaller bank had issued loans to oil and natural gas companies in Oklahoma

during the boom of the late 1970s. If a loan was too large for it to service, PennSquare Bank

would pass it over to Continental Illinois. Through this arrangement, Continental Illinois

purchased $1 billion in speculative energy-related loans. In July 1982, Penn Square Bank

collapsed after a large number of borrowers failed to honor their contracts following an

unprecedented decline in the price of oil. This put Continental Illinois firmly in the spotlight.

Over the next few months, defaults continued to mount. At the same time, Continental found

itself increasingly unable to fund its operations from the US markets. As a result, it began to

raise money at much higher rates in foreign wholesale money markets (e.g., Japan).

In the first quarter of 1984, the bank announced that its nonperforming loans had suddenly

increased by $400 million to a total of $2.3 billion. This heightened anxiety among investors and

the general public; most analysts and industry experts were of the view that it was just a matter

of time before Continental Illinois suffered the same fate as Penn Square Bank. By 10th May

1984, the rumors about the bank's insolvency had spread far and wide, sparking a crippling run.

Before the trouble, the bank held $28.3 billion in deposits. Out of fear, depositors trooped into

the bank to withdraw their funds, most of them wiping their accounts clean. Foreign investors

also turned their back on the bank. In the end, a total of $10.8 billion was withdrawn in the

space of a few days.

In the second half of May 1984, Continental Illinois attempted to project stability by maintaining

its operations. At the same time, the bank borrowed from the Federal Reserve Bank of Chicago

as well as several other big banks across the country in an attempt to cope with the ongoing run.

However, the run did not subside, and regulators realized they were now staring at a full-blown

liquidity crisis that would spill over to other banks. It is estimated that nearly 2,300 banks had

some exposure to Continental Illinois, with a majority holding at least $100,000.

Regulatory authorities eventually stepped in to prevent a domino effect on other banks.

119
© 2014-2020 AnalystPrep.
Lessons Learned

Classifying institutions as "too big to fail" may lead to greater risk-taking. Banks that

expect government support may take greater risks, safe in the knowledge that if the

going gets tough, neither the bank nor its depositors will absorb most of the loss. The

US congress later attempted to limit rescues of "too big to fail" institutions by passing

the Federal Deposit Insurance Corporation Improvement Act (1991).

Reliance on the so-called hot money (short-term loans from the money market) is

perilous. A large number of depositors at Continental Illinois were local and

international institutional investors. A run on these deposits led to Continental Illinois's

failure.

Rumors alone can bring down even the biggest of banks. Although there was

significant mismanagement and financial strain at Continental Illinois, the end was not

nigh, and post-crisis analysis suggests the bank would have carried on despite the

losses arising from its relationship with Penn Square Bank. Unfounded rumors that the

bank was on the verge of bankruptcy proved to be the stroke that broke the camel's

back.

Northern Rock

The 2007 failure of mortgage bank Northern Rock in the UK presents a more recent illustration

of liquidity risk arising from structural weaknesses in a bank's business model. The bank's failure

can be traced down to two key things: (I) excessive funding of long-term assets using short-term

finance and (II) a sudden loss of market confidence. It was the first run on a UK bank in 140

years.

Northern Rock was a fast-growing lender based in the North East of the United Kingdom. The

bank had forged a success story enviable by any other bank within and outside the UK For

example, assets had been growing at around 20% per year for several years thanks to

specialization in residential mortgages. The bank continued to expand aggressively in the

marketplace into the first quarter of 2007. Things were going so well such that the bank had

120
© 2014-2020 AnalystPrep.
reached a multimillion sponsorship deal with Newcastle United, one of the biggest and most

successful football clubs in the country.

The bank's growth was strongly anchored in the originate-to-distribute business model, where it

raised money through securitizing mortgages and selling covered bonds. Unlike many of its

peers, the bank did not rely on customer deposits for funding. Instead, it borrowed heavily in the

international money markets, particularly within the interbank market.

To mitigate possible weaknesses in its funding strategy, Northern Rock tapped markets across

the globe – Europe, the Americas, as well as in the United Kingdom. In early 2007, concerns

about mortgage-related assets began to surface among investors. Of significance was the rising

number of defaults in the US subprime mortgage market, which eventually spread globally.

When the interbank funding market froze in early August 2007, all of Northern Rock's global

funding channels dried up simultaneously. Interestingly, the bank had announced increased

interim dividends just a few weeks prior, after UK regulators approved a Basel II waiver that

allowed the bank to adopt so-called "advanced approaches" for calculating credit risk that looked

likely to reduce its minimum required regulatory capital.

After getting wind of Northern Rock's inability to fund itself through the interbank market, UK

authorities started exploring discussed a range of rescue alternatives. But these plans leaked,

immediately setting in motion a run on deposits between 14th September and 17th September.

Calm only (slowly) returned after UK authorities came out publicly to reassure everyone that

deposits would be repaid. Eventually, Northern Rock accepted emergency capital injection from

the government and then public ownership.

Funding Liquidity Risk: General Lessons

Following the 2007/2009 financial crisis, guidelines by the US Federal Reserve require large

banks to put in place liquidity testing programs. These programs aim to ensure that banks

have liquidity and funding strategies that will survive system-wide stress scenarios. To manage

funding liquidity risk, a bank should optimize its borrowing sources and their composition.

Trade-offs drive decisions regarding the composition of assets and liabilities as discussed below:

121
© 2014-2020 AnalystPrep.
1. The trade-off between funding liquidity and interest rate risk

When funding liabilities have a shorter duration than loan assets, the bank is exposed to less

interest rate risk and more funding liquidity risk. But when funding liabilities have a longer

duration than loan assets, the bank is exposed to more interest rate risk and less funding

liquidity risk.

2. The trade-off between cost and risk mitigation

To mitigate funding liquidity risk in a positively sloped yield curve environment, institutions can

increase the maturity of their funding liabilities to push them farther away into the future.

However, this will cost more than cheaper shorter-duration funding.

To a limited extent, banks can also mitigate funding liquidity risk by reducing the maturity of

their assets. However, this is usually not possible because asset maturity is driven by borrower

demand, and reducing the term to maturity may force the bank to settle for a smaller risk

premium.

It is also important to have a standby emergency liquidity cushion to ensure that the bank

can meet unforeseen commitments. The larger and better quality the cushion, the lower the risk.

However, such a cushion may require the bank to invest in short-term highly liquid assets that

will often earn lower returns compared to less longer-term, less liquid assets.

Constructing and Implementing Hedging Strategies

For both financial and non-financial institutions, the development and implementation of

effective hedging strategies come with benefits as well as challenges. Nonetheless, certain

constants must be present in any strategy that an institution comes up with:

The function or individual(s) responsible for developing hedging strategies should have

access to relevant information and tools, including market data, corporate information,

and advanced statistical tools. This will help them to choose the appropriate models to

use for both pricing and hedging.

122
© 2014-2020 AnalystPrep.
 The firm must decide whether to use static hedging or dynamic hedging

A static hedge is one that does not need constant re-balancing as the price and other

characteristics (such as volatility) of the securities it hedges change. A static hedge usually

involves the purchase of a hedging instrument that very closely matches the position to be

hedged. The hedging instrument is typically held for as long as the underlying position is kept.

A dynamic hedge, on the other hand, involves adjusting the hedge through a series of ongoing

trades to continuously (or frequently) calibrate the hedge position to the (changing) underlying

exposure. As expected, this strategy demands greater managerial input and may come with

higher transaction costs.

The firm must decide on the time horizon over which a hedging strategy will be

implemented. Horizons can be fixed (e.g., quarter-end or year-end) or rolling. No

matter the choice of the horizon, performance evaluations, and investment horizons

should be aligned.

Accounting issues and potential tax implications need to be considered when

devising a hedging strategy. For example, derivatives come with complex accounting

requirements that may be subject to change. A derivative and the corresponding

position it is intended to hedge must be perfectly matched (e.g., in terms of dates and

quantities) for them to be reported together in operational profit without the need to

report an accounting profit or loss.

Tax can have implications on the cash flows of a firm, and therefore getting competent

professional guidance on tax matters is critical when developing and implementing a hedging

strategy.

Finally, the success of any hedging strategy depends on how effective

the implementation process is. This is especially true because markets are in constant

movement, and prices keep on changing. As such, what appears to be an attractive hedging

opportunity unattractive can suddenly become unattractive.

Metallgesellschaft: A Case of Dynamic Hedging Gone Wrong

123
© 2014-2020 AnalystPrep.
Metallgesellschaft Refining and Marketing (MGRM) was an American subsidiary of

Metallgesellschaft (MG), an international conglomerate with interests in trading, engineering,

and chemicals. In 1991, MGRM designed a marketing strategy to insulate from the volatility

associated with the price of petroleum.

MGRM committed to selling, at prices fixed in 1992, certain amounts of petroleum every month

for up to 10 years. The contracts initially proved to be masterstrokes since it guaranteed a price

over the current spot. The profit margin was between $3 and $5. By Sept 1992, MGRM had sold

forward contracts amounting to the equivalent of around 160 million barrels. The contracts were

attractive, particularly because they gave customers the option to exit if the spot price rose

above the fixed price in the contract.

If a customer chose to exit a contract, MGRM would pay in cash one- half of the difference

between the futures price and the fixed price times the total volume remaining to be delivered on

the contract. A customer had the choice to exercise this option if they did not need the product

or in the face of financial difficulties.

In effect, the contracts gave MGRM a short position in long-term forward contracts. To hedge

these positions, MGRM turned to long positions in near-term futures using a stack-and-roll

hedging strategy. A stack-and-roll hedge involves purchasing futures contracts for a nearby

delivery date and, on that date, rolling the position forward by purchasing a fewer number of

contracts. The process continues for future delivery dates until the exposure at each maturity

date is hedged.

MGRM used short-term futures to hedge because of a lack of alternatives. Besides, the long-term

futures contracts available were highly illiquid. As it turned out, MGRM's open interest in

unleaded gasoline contracts was 55 million barrels in the fall of 1993, compared to an average

trading volume of 15-30 million barrels per day.

MGRM encountered problems in the timing of cash flows required to maintain the hedge. Over

the entire life of the hedge, these cash flows would have canceled out. MG's problem was a lack

of necessary funds needed to maintain their position. The fundamental problem manifested in the

form of inadequate funds to mark positions to market and meet margin requirements. In

December 1993, MGRM was forced to cash out its positions, incurring a loss of $1.5 billion in the

124
© 2014-2020 AnalystPrep.
process.

Model Risk

Model risk is the risk of loss resulting from the use of insufficiently accurate models to make

decisions when valuing financial securities. Model risk can stem from using an incorrect model,

incorrectly specifying a model, and using insufficient data and incorrect estimators.

A major pitfall when using a model to value security is the use of flawed assumptions. For

example, a stock pricing model might assume an upward sloping yield curve when it is, in fact,

downward sloping or even flat. This type of risk is both common and dangerous and can be

among the most difficult risks to detect.

We now look at well-known cases where model risk plays a prominent role:

Wrong Assumptions—The Niederhoffer Put Options

Victor Niederhoffer was a trading guru who had set up a very successful hedge fund in the

1990s. The fund had come up with a strategy it considered low risk: writing uncovered, deep out-

of-the-money put options on the S&P 500 index. In other words, the fund sold a very large

number of options on the S. & P. index, taking millions of dollars from other traders (in the form

of premiums). In exchange, the fund was promising to buy a basket of stocks from them at

current prices, if the market ever fell. And because these options were deep OTM, the premium

received was relatively smaller than that of at-the-money options sold at the time.

In essence, therefore, Mr. Niederhoffer was betting in favor of a large probability of making a

small amount of money, and betting against the small probability of losing a large amount of

money. The overriding assumption underlying this strategy was that a one-day market decline of

more than 5% would be extremely rare. If market returns were normally distributed; a fall of this

magnitude was next to impossible. As it turned out, this assumption was wrong.

On 27th October 1997, the market plummeted 7%. The sharp drop in US equity prices was a

spillover effect following a large overnight plummeting of the Hang Seng Index in Asia.

125
© 2014-2020 AnalystPrep.
Immediately after this, the holders of the many put options Mr. Nierderhoffer had written came

calling all at once, intent on exercising their right to sell their stocks to the fund at the pre-crash

prices. The fund struggled to meet the demands of all option holders, forcing Mr. Nierderhoffer

to wipe out all his cash reserves, including his savings.

Besides the put options, the fund had several outstanding derivatives. Ultimately, the fund was

unable to meet over USD 50 million in margin calls. The fund's brokers had no choice but to

liquidate Neiderhoffer's positions for pennies on the dollar, a move that effectively wiped out the

fund's equity.

What lesson do we learn from Mr. Nierderhoffer's failed strategy?

The lesson here is that there is nothing like a sure bet in today's competitive financial markets. A

strategy designed to make small profits while betting against a large market move can unravel

literally in the blink of an eye, however small the probability of loss is.

Long Term Capital Management and Model Risk: When "Normal"

Relationships Breakdown

Long Term Capital Management (LTCM) was a multi-billion hedge fund founded by John

Meriwether, a Salomon Brothers trader. The principal shareholders were Nobel-prize winning

economists Myron Scholes and Robert Merton. All the three were experts in derivatives and had

carved out a reputation for unrivaled market analysis.

To join the fund, investors were required to part with a whopping $10 million each. Despite this

huge outlay, LTCM gave away very little in terms of the nature of its investments. What's more,

investors were not allowed to liquidate their positions during the first three years of their

investment. This allowed the fund to lock in the funds in long-term investments. The founders

and major shareholders went as far as investing a large portion of their net worth in the fund,

which demonstrates just how convinced they were that the fund would succeed.

At first, the fund recorded a stellar performance unheard of before. LTCM boasted annual

returns of 42.8 percent in 1995 and 40.8 percent in 1996. This was even after the management

set aside about 27% of the proceeds for their compensation and other fees. In 1997, LTCM

126
© 2014-2020 AnalystPrep.
successfully hedged most of the risk from the Asian currency crisis. That year, the fund earned a

return of 17.1% for investors. By 1998, however, the fund was on the brink of bankruptcy as a

result of its trading strategies.

Like many hedge funds at the time, LTCM adopted a hedging strategy hinged upon a predictable

range of volatility in foreign currencies and bonds. The management believed that the probability

of market moves larger than the fund's hedges were very small. To estimate future volatility,

LTCM's models relied heavily on historical data. However, all historical models are only reliable

in the absence of large economic shocks, especially the ones that haven't been experienced in

history. External shocks make correlations that are historically low to increase sharply. And so, it

proved to be.

In mid-1998, Russia declared its intention to devalue its currency and followed that up by

defaulting on its bonds. That event was beyond the normal range of volatility predicted by

LTCM's models, which means the existing hedges proved insufficient. The US stock market

dropped 20 percent, while European markets fell 35 percent. Most investors turned to Treasury

bonds for refuge, triggering a significant drop in long-term interest rates.

LTCM's highly leveraged positions took a strong hit and started to crumble. A multitude of

banks and pension funds had heavily invested in LTCM. So, when trouble rocked LTCM, the

solvency of all these institutions was at stake. In September, Bear Stearns landed the knock-out

punch. The bank managed all of LTCM's bond and derivatives settlements. Bear Stearns called in

half a billion dollars payment, out of fear of losing all its considerable investments.

To save the US banking system, the Federal Reserve Bank of New York convinced 15 banks to

save LTCM by pumping in some $3.5 billion.

In summary, LTCM's crisis could be attributed to the following:

Overreliance on historical models that did not simulate the occurrence of large

economic shocks.

LTCM's models further assumed that low-frequency/high-severity events were

uncorrelated over time. As it turned out, one economic shock triggered another, so that

extremely low probability events were occurring several times per week.

127
© 2014-2020 AnalystPrep.
 All of LTCM's trading strategies were hinged on the assumption that risk premiums and

market volatility would ultimately decline. As a result, the firm had failed to diversify

its investments wide enough.

Several suggestions have been put forth to avoid a recurrence of a similar crisis:

There's a need for large-scale stress testing using not just historical data but also

simulated stress scenarios, even if such scenarios haven't yet played out on the market.

The initial margin in derivative contracts should always be enforced. In many cases,

LTCM had to mark its positions to market, but the initial margin was waived.

There's a need to incorporate potential liquidation costs into prices to recognize the

possibility of adverse market movements.

The VaR of Hedge Funds

LTCM made heavy use of a Value-at-Risk (VaR) model as part of its risk control. VaR is a measure

of the worst-case loss for investment or set of investments, given normal market conditions, over

a specific time horizon, and at a given confidence level. It is the maximum expected loss given

certain assumptions (to do with volatility) and a level of confidence.

The management at LTCM felt that it had structured the fund's portfolio such that there was an

extremely small chance of the fund's risk exceeding that of the S&P 500. But the problems

encountered, later on, show that hedge funds are not necessarily subject to the same set of

assumptions as other firms when calculating regulatory VaR. In particular,

A 10-day horizon is too short to determine a hedge fund's VaR. The time horizon for

economic capital should be the time it takes to raise new capital, liquidate positions

without duress, or the period over which a crisis scenario will unfold.

Traditional VaR models fail to captureliquidity risk. These models incorrectly assume

that liquidity will remain fairly constant throughout all market conditions.

It is nearly impossible to capture correlation and volatility risks (i.e., the risk that the

128
© 2014-2020 AnalystPrep.
 realized correlations and volatilities significantly deviate from expectations) without

stress testing.

Model Risk and Governance—The London Whale

In 2012, J.P. Morgan Chase lost more than 6.2 billion dollars from exposure to a massive credit

derivatives portfolio in its London office. The main culprit in the whole saga was one Bruno Iksil,

a synthetic credit portfolio trader. Bruno Iksil was given the title of the "London Whale" by

media outlets in the aftermath of the scandal.

Here's a summary of the London whale debacle:

JPM set up the Chief Investment Office (CIO) with the sole purpose of investing the excess cash

(deposits) of the bank. Initially, most of the money was channeled into high-quality securities

such as loans, mortgage-backed securities, corporate and sovereign securities. At the height of

the 2007/2009 financial crisis, the bank constructed a synthetic credit portfolio (SCP) motivated

by the need to protect the bank against adverse credit scenarios such as widening credit

spreads. The bank cited the need to make financial bets that would offset risks the bank took

elsewhere, such as by loaning money to homeowners or trade engagements with other banks

that could fail. This begs the question: what exactly was a synthetic credit portfolio?

The bank's synthetic credit portfolio (SCP) was essentially a basket of credit default swaps

featured in standardized credit default swap indices. The bank took both buyer and seller

positions in these swaps. As a protection buyer (short risk position holder), the bank would pay

premiums and, in turn, receive the promise of compensation in the event of default. As a

protection seller (long risk position holder), the bank would receive premiums and, in turn,

promise to compensate the buyer in the event of default.

In the first few years, the SCP performed well. In 2009, for example, the SCP netted the CIO

about $1 billion. At that point, the notional size of the SCP was $4 billion. By 2011, the notional

size of the SCP had risen to about $51 billion – a more than tenfold increase. For a while, the

SCP continued to perform well, with 2011 trading (bets) producing a gain of $400 million.

In December 2011, the management at JPM directed the CIO to reduce the exposure of the SCP

129
© 2014-2020 AnalystPrep.
and its risk-weighted assets following a more positive outlook of the economy. By so doing, the

bank wanted to reduce its regulatory requirements. To achieve this, the CIO would have had to

unwind SCP positions by selling them off. In the CIO's estimates, such a move would have led to

an estimated loss of $500 million – in the form of loss of premiums and trade execution costs.

The CIO decided not to take that route and instead came up with a different strategy – one that

would prove "fatal" in financial terms.

The CIO launched a trading strategy that focused on purchasing additional long credit

derivatives to offset its short derivatives positions and lower the CIO's RWA. That strategy ended

up increasing the portfolio's size, risk, and RWA. Besides, the strategy took the portfolio into a

net long position, thereby eliminating the hedging protections the SCP was originally supposed

to provide. Notably, the strategy's assumptions about the market environment and correlation

between positions did not play out as expected. What followed were trading losses that

continued accumulating with each passing trading day.

As losses mounted, CIO traders tried to defend their existing positions by further growing their

portfolios with huge trades to support market prices. But the markets proved rather illiquid, and

CIO traders became significant market movers in these securities. That reduced their ability to

exit the markets without suffering losses in the process.

Operational Risk

In the first three months of 2012, the number of days reporting losses exceeded the number of

days reporting profits. In an attempt to conceal these losses, the CIO came up with a new

valuation system. The CIO had hitherto valued credit derivatives by marking them at or near the

midpoint price in the daily range of prices (bid-ask spread) offered in the market. By using

midpoint values, the resulting prices were considered to be the "most representative of fair

value."

The new valuation system set marks that were at significant variance to the midpoints of dealer

quotes in the market. The end goal was to paint a rosier picture of the outstanding derivative

positions and, therefore, a better than the actual marking-to-market picture on the books. In

particular, the new system resulted in smaller losses being reported in the daily profit/loss

130
© 2014-2020 AnalystPrep.
reports.

Despite the new valuation system, the CIO continued to make losses. As of 16th March 2012, the

SCP had reported year-to-date losses of $161 million. If the old system making use of midpoint

prices had been used, those losses would have been $593 million – a whopping $432 million

more.

Absence of Regulatory and Corporate Oversight

The London whale case exposed a culture of poor regulatory oversight in which risk limits were

repeatedly breached, risk metrics disregarded, and risk models manipulated without any

concrete steps being taken by the management to correct these anomalies. Since the CIO wasn't

a client-facing unit of the bank, it was not subject to the same regulatory scrutiny as other

portfolios.

Besides, SCP traders did not have to prepare daily reports for senior management. What's more,

risk committee meetings were rare, and in the few instances the committee happened to meet,

there appeared to be no specific charter, and only CIO personnel would attend.

In the absence of oversight, CIO traders were able to engage in speculative and risky trades that

were not in line with the CIO's traditional investment strategy, which had hitherto prioritized

long-term investments, limiting the use of credit derivatives to hedging purposes only.

Fudged VaR Models

CIO traders, risk personnel, and quantitative analysts frequently attacked the accuracy of the

risk metrics used, including the VaR. The riskiness of credit derivatives was downplayed, and

new risk measurement and models were proposed to lower risk results for the SCP.

Traders argued that the existing models were too conservative and therefore overstated risk,

resulting in limit breaches. Senior management approved the migration to a new VaR model that

had been researched and built by CIO traders themselves. Crucially, the bank did not obtain

approval from the Office of the Comptroller of Currency. That means there had been little room

for checks and balances in the process of developing the model.

131
© 2014-2020 AnalystPrep.
The updated VaR model resulted in risk numbers that were 50% lower than prior numbers,

paving the way for even more speculative trading and high-risk strategies. Months later, the

bank's model Risk and Development Office determined that the model had mathematical and

operational flaws. Some of the issues that came to light include:

EXCEL spreadsheets used required manual updates

There were coding errors in the calculation of hazard rates and correlation estimates

Unrealistically low volatility was attached to illiquid securities, built upon the

assumption that prices for days on which trades did not occur would be the same as the

price when last traded.

Instead of using the Gaussian Copula model in the built-in analytics suite as required

under Basel 2.5, the model used a Uniform Rate option.

On 10th May, the bank backtracked, revoking the new VaR model due to the above inaccuracies,

and the prior model was immediately reinstated.

Rogue Trading and Misleading Reporting at Barings Bank

The Barings case revolves around Nick Leeson, a British trader. Barings PLC of London was the

oldest merchant bank in England. After making a reputation for hard work and a unique

understanding of the market while serving in other posts outside Barings bank, Leeson was

appointed the general manager and head trader of Barings Futures Singapore. In his new post,

Nick Leeson quickly became a renowned operator of the derivative product's market on the

SIMEX (Singapore International Monetary Exchange).

As a reward from his bosses, Leeson was given some "discretion" in his trades: He could place

orders on his own (speculative or "proprietary" trading). He was also in charge of accounting and

settlements, and there was no direct oversight over his trading book. This allowed him to create

a dummy account – 88888 – where he'd dump all losing trades. As far as the London office was

concerned, Leeson was reporting profits after profits on his trades. His seniors never questioned

his constant requests for Margin calls

132
© 2014-2020 AnalystPrep.
Leeson took on huge positions as the market seemed to "go his way." He also sold options,

taking-on huge market risk, which stems from unexpected major events that, while not directly

related to markets, can adversely affect markets. He would also record trades that were never

executed on SIMEX.

On 16th January 1995, Leeson placed a short straddle on the Singapore Stock Exchange and

Nikkei Stock Exchange. That means he simultaneously sold put options (conferring a right to

sell) and call options (a right to buy) on Nikkei-225 futures. Such a strategy is aimed at making

profits in the form of premiums received and works only if the market proves less volatile than

the option prices predicted.

Mr. Leeson is said to have sold up to 40,000 such option contracts and earned the bank an

estimated $150m. His underlying conviction was that the Nikkei would stay in the 18,500-19,500

range, and even in the worst-case scenario, it would not drop below 19 000 points. In an

astonishing turn of events soon afterward, a huge earthquake hit Japan, sending its financial

markets tumbling. In the space of a week, the Nikkei had lost more than 7%.

Nick Leeson took a futures position valued at $7 billion in Japanese equities and interest rates

linked to the variation of Nikkei. He was "long" on Nikkei. In the three days following the

earthquake, he bought more than 20 000 futures, each worth $180 000.

Unfortunately, the Nikkei never recovered. By the time his dealings came to light, Barings had

lost approx. $1.25 billion. The bank could not withstand this loss and ultimately filed for

bankruptcy. In summary, Leeson's phony transactions went unchecked for long periods because

of the following reasons:

There was little management oversight of the settlement process. Of note, Leeson

reported to multiple managers. There wasn't a clear demarcation of roles and

responsibilities.

Apart from being Baring's Floor manager, Leeson was in charge of settlement

operations. This allowed him to influence back-office employees to hide his trading

losses from the London office.

133
© 2014-2020 AnalystPrep.
To a smaller extent, some blame can be apportioned to the Singapore Stock Exchange and the

Nikkei Stock Exchange. The two exchanges failed to flag the unusually large positions racked up

by Barings bank. It has been reported that the exchanges did ask for information, but their

concerns were watered down, with the bank forwarding a few fictitious client names. The

exchanges could also have sensed danger if there had been an information-sharing mechanism

between them.

Lessons Learned

Reporting and monitoring of positions and risks (i.e., back-office operations) must be

separated from trading (i.e., front-office operations)

Outsized or strangely consistent profits should be independently investigated and

rigorously monitored to verify that they are real, generated following the firm's policies

and procedures, and not the result of nefarious or unacceptably risky activities.

It is the responsibility of risk managers to analyze reported business profits and

determine if they seem logical in light of the positions held.

It is, however, important to note that Barings' downfall could have been averted under

regulations that were implemented by the Basel Committee just a few years later. For starters,

the committee set capital adequacy requirements and set limits on concentration risk. Under the

1996 amendment, banks must report risks that exceed 10% of their capital and cannot take

positions that exceed 25% of their capital. Had these rules been in effect in 1994, Barings would

have been prohibited from racking up such large positions.

Financial Engineering

Financial engineering is all about the creation of complex financial structures that meet the

needs of the investor. It involves the use of derivatives such as forwards, swaps, and options.

Derivatives allow investors and institutions to break apart (i.e., segment) risks. Conversely,

derivatives can be used to manage risks on a joint basis.

134
© 2014-2020 AnalystPrep.
For illustration, consider a UK fund manager holding a bond denominated in US dollars. The

manager is exposed to interest rate risk in the US fixed income market and the currency risk

from changes in the euro/dollar exchange rate. In these circumstances, there are two options for

the manager:

Use a currency swap which effectively hedges both risks

Hedge the foreign exchange rate exposure separately through a currency forward or

option, and then hedge the interest rate risk through a quanto swap. Under the quanto

swap, they would receive the coupon in euros at a pre-arranged rate and pay the UK

LIBOR floating rate.

In practice, financial engineering is often exploited by investors in speculative ways in an

attempt to earn immediate portfolio returns. However, such speculative tendencies require the

taking of more risk in some form or the other. This risk may come in the form of an unlikely but

potentially very severe future loss. Too often, the embedded risk is not fully understood by firms

entering into complex derivatives.

The Risk of Complex Derivatives at Bankers Trust (BT)

Procter & Gamble (P&G) and Gibson Greetings sought the assistance of Bankers Trust (BT) in an

attempt to reduce funding costs. BT used derivatives trades which promised P&G and GG a high-

probability, small reduction in funding costs in exchange for a low-probability, large loss. As it

turned out, derivative trades only churned out significant losses for both P&G and GG.

BT's derivatives were designed to be intentionally complex to stop P&G and GG from

understanding their risks and overall implications. The trades were quite differentiated in form

and structure, making them incomparable to derivative trades of other companies. BT duped

P&G and GG into thinking that the trades were tailored to meet their individual needs. In the

end, P&G and GG came to the painful realization that they had been misled after taking in huge

losses. The two sued BT.

During the suit, BT's tape conversations between its marketers and customers played a key role.

The tapes exposed just the tools BT staff used to fool customers, particularly through the use of

135
© 2014-2020 AnalystPrep.
complex terminology and pricing structures. In some tapes, BT staff could be heard openly

bragging about their unethical behavior.

The scandal dealt a huge blow to BT's reputation and forced senior managers to resign, including

the CEO. Eventually, BT was acquired by Deutsche Bank and dismantled.

Excess Leverage and Complex Financial Instruments at Orange County

The Orange County case illustrates how complex financial products characterized by large

amounts of leverage can create significant losses. In December 1994, the use of complex

structured products by Orange County treasurer, Robert Citron, resulted in a loss of $1.5 billion.

This was the largest loss ever recorded by a local government investment pool. At the root cause

of the downfall was Robert Citron's decision to borrow heavily in the repo market.

Repos allow investors to finance a significant portion of their investments with borrowed money

(i.e., leverage). But the use of leverage has a multiplicative effect on the profit or loss on any

position; even a small change in market prices can have a significant impact on the investor.

Robert Citron had been entrusted with a $7.5 billion portfolio belonging to county schools, cities,

districts, and the county itself. To many investors, Citron was a financial management guru who

had, for a long time, managed to deliver consistently higher returns. Indeed, his returns were

about 2% higher than the comparable State pool.

The fund had only USD 7.7 billion in equity, but Citron managed to borrow USD 12.9 billion

through the repo market, creating a USD 20.6 billion portfolio. Citron used the funds to purchase

complex inverse floating-rate notes. But here's the interesting bit; the coupons payments of

inverse floating-rate notes decline when interest rates rise as opposed to conventional floaters,

whose payments increase in such a situation. In effect, therefore, Mr. Citron was betting in favor

of interest rates falling or generally staying low.

For a while, interest rates went down, and his bet seemed to be paying off. It was in these

circumstances when Citron was able to record higher than average returns. However,

throughout 1994, the Federal Reserve announced a hike in interest rates by 250-basis points. As

expected in this scenario, the increase in interest rates reduced the value of Citron's portfolio

136
© 2014-2020 AnalystPrep.
substantially, generating a loss of USD 1.5 billion by December 1994. At the same time, Citron

struggled to roll over maturing repo agreements, with most lenders tabling stringent demands,

including the provision of more collateral before giving a single coin. Ultimately, Orange County

was forced to file for bankruptcy. Citron later admitted he understood neither the position he

took nor the risk exposure of the fund.

In summary, therefore, this debacle was caused by two key things:

Excessive use of leverage

A highly risky interest rate bet that did not take into account the Federal Reserve's

possible changes in monetary policy.

Lessons Learned

Every firm needs to have more than a basic understanding of the risks that are

inherent in their business models. Senior management then needs to take these risks

into account when coming up with a risk management framework.

Senior management needs to stick to the portfolio strategy communicated to

stakeholders at the onset. Robust policies and risk measures should be adopted as

specified in the risk appetite statement and the risk management framework.

Management, and boards, should endeavor to establish areas of the business where

risks may hide and also seek to establish the circumstances which can result in a loss.

The Case of Investing in AAA Tranches of Subprime CDOs: Sachsen

Subprime securities were some of the most popular assets in the run-up to the 2007–2009

financial crisis. But while subprime securities offered an attractive risk premium, they also

required understanding and pricing expertise. European banks were some of the biggest buyers

of US subprime securities. Among these institutions were publicly-owned banks in Germany

called the Landesbanken.

The Landesbanken traditionally specialized in lending to regional small- and medium-sized

137
© 2014-2020 AnalystPrep.
companies. In the run-up to the crisis, however, a thriving industry pushed some of the banks to

open overseas branches and develop investment banking businesses. One of the most notorious

examples was the Landesbank Girozentrale Sachsen –a Leipzig based bank.

Sachsen opened a network of units (called conduits), which is used to raise money through the

sale of short-term debt. The money would subsequently be invested in the subprime securities

market. Sachsen opened a branch in Dublin tasked with setting up the units to hold large

volumes of highly rated US mortgage-backed securities. While these units were technically off

the parent bank's balance sheet, they benefited from the guarantee of Sachsen itself. That means

Sachsen would promise to lend the units extra money if they ever needed it.

In the run-up to the crisis, the size of Sachsen's off-the-balance-sheet operation was simply too

large compared to Sachsen's balance sheet.

When the subprime crisis struck in 2007, Sachsen's attempts to rescue the nits it had set up

ended up wiping out the bank's capital. Eventually, the bank had to be sold to Landesbank

Baden-Württemberg (LBBW).

Reputation Risk

Two key things determine a firm's reputation:

The ability and willingness to fulfill its promises to counterparties and creditors

The ability to deal fairly and follow ethical practices

In recent years, however, firms have become increasingly concerned about their reputation due

to the rapid growth of public and social networks. A rumor can spread like bushfire and cause

untold reputational damage in just a few hours. As a result, companies are under growing

pressure to demonstrate their commitment to environmental, social, and governance-related best

practices. The reputational damage caused by unethical conduct, whether rumored or real, can

be very severe.

Volkswagen Emission Cheating Scandal

138
© 2014-2020 AnalystPrep.
The Volkswagen emissions scandal, also known as Dieselgate or Emissionsgate, burst onto the

public scene in September 2015, but its origin can be traced back to 2009.

In model years 2009 through 2015, the carmaker had been installing in its diesel engines

software that had been intentionally programmed to reduce emissions during testing. This meant

that the cars would pass emission tests with "flying colors" only to emit up to 40 times more

Nitrogen Oxide during real-world driving. This software had been installed in over ten million

cars, most of which had already been shipped to various dealers and direct consumers around

the world.

In 2014, engineers in the United States carried out live road tests, and that's when the whole

scheme was unearthed. Reached out for comment, Volkswagen executives in Germany and the

United States formally acknowledged the deception on a conference call with officials from the

United States Environmental Protection Agency (EPA). As soon as irrefutable evidence had been

gathered, the EPA made the information public.

What followed was untold damage to the Volkswagen brand. The share price of the company fell

by over a third, and the firm faced billions of dollars in potential fines and penalties. Multiple

parties filed lawsuits, most of them emphasizing the health hazards faced by consumers.

Volkswagen's reputation took a severe hit around the world, with most of the damage happening

in the US. The impact was so great that the German government expressed fears that the

scandal would diminish the value of the imprimatur "Made in Germany."

Corporate Governance: Enron

Enron was formed in 1985 following a merger of InterNorth and Houston Natural Gas. The firm

was originally involved in the regulated transportation of natural gas. But following the

deregulation of energy markets, the firm lost the exclusive rights to its pipelines. The

management was forced back to the drawing board to devise new ways to remain in business.

The management came up with an innovative business strategy that involved buying gas from

various suppliers and selling it to a network of consumers at guaranteed amounts and prices. In

return for assuming the associated risks, Enron charged fees for these transactions. As part of

this process, Enron created a market for energy derivatives where one had not previously

139
© 2014-2020 AnalystPrep.
existed.

The new strategy turned out to be a huge success; so much so that up until late 2001, nearly all

observers — including Wall Street professionals – spoke highly of this new strategy and

considered it a business masterstroke. And true to their assessment, Enron's financial position

changed dramatically. The firm's reported annual revenues grew from under $10 billion in the

early 1990s to $139 billion in 2001, a transformation that firmly placed the firm among the top

five Fortune 500 companies. Enron's shares peaked at USD 90.56 in August 2000. That year, the

firm had more than 20,000 employees in its payroll and revenues of nearly USD 101 billion.

Interestingly, Enron became a major proponent of the deregulation of the energy market. In the

firm's assessment, deregulation would come with greater flexibility to pursue its business model.

Top managers at the firm took actions that prioritized profit over consumer welfare. For

example, the firm was a prominent player in the 2000-2001 California electricity crisis. Enron

created artificial power shortages enabling it to raise power prices by up to 2,000%. The crisis

ultimately forced the state's Democratic governor, Gray Davis, out of the office with Arnold

Schwarzenegger eventually coming in as his replacement. Meanwhile, the shortages helped

Enron to make USD 1.6 billion.

Despite these shady deals, Enron still went down in December 2001, but why?

Thanks to its large-scale involvement in energy markets, Enron traded large amounts of oil

futures contracts. However, the contracts didn't involve any stake in oil price movements. Enron

was collecting cash by selling oil for future delivery, promising to buy back the delivered oil at a

fixed price.

As a result, no oil was delivered. This was a strategy a loan where Enron paid cash at a later date

to receive cash at the beginning of the contract. This way, the company did not have to reveal

these transactions as loans in financial statements. The result was ill financial health disguised in

impressive financial statements that didn't portray the real financial situation.

JPMorgan Chase and Citigroup were the main counterparties in Enron's trades. When the

scandal blew open, the two had to pay $126 million in fines for assisting and abetting fraud

against Enron shareholders.

140
© 2014-2020 AnalystPrep.
Key Points

Many in Enron's senior management went against the key tenets underlying the

principal-agent relationship. Most managers acted in their self-interest at the expense

of shareholders. After the scandal came to light, for example, Enron chairman and CEO

Ken Lay was charged with "falsifying Enron's publicly reported financial results and

making false and misleading public representations about Enron's business

performance and financial condition."

Enron's board failed to fulfill its fiduciary duties to shareholders. For example, the

board allowed the chief financial officer to be the sole manager of a private equity fund

that did business with Enron. The private equity lacked economic substance

Enron outsourced its audit function to Arthur Andersen, formerly one of the Big Five

accounting firms. Andersen either failed to catch or explicitly approved many of

fraudulent accounting practices that led to Enron's collapse. After the scandal came to

light, the Securities and Exchange Commission (SEC) was forced Andersen to

surrender its accounting licenses. This was effectively a death sentence for the firm.

Cyber Risk

The rapid rise of the internet as the preferred method to transact and share information has

exposed individuals and institutions to cyber risk. There are cases where bank systems have

been hacked, and ATMs breached, leading to not just loss of cash but also exposure and theft of

client information. Such information can be used to inflict serious damage to clients and

institutions.

As a result, financial institutions have had to spend billions of dollars every year to boost the

security of their systems. The goal is to rebuff both external attacks as well as internal attacks

perpetrated by individuals within the institution. Threats to the banking system from cyber-

attacks are also a major concern to international regulatory bodies, such as the Bank for

International Settlements (BIS) and the International Monetary Fund (IMF), as well as to local

regulators.

141
© 2014-2020 AnalystPrep.
The SWIFT Case

The Society for Worldwide Interbank Financial Telecommunication, also known as SWIFT, is a

secure electronic platform used to transfer funds among more than 11,000 financial institutions

worldwide. Thanks to SWIFT, transactions that would take days are completed in a matter of

seconds. For the longest time, SWIFT was considered a super-secure system nearly impossible to

hack. But that notion changed in April 2016.

An article published in the New York Times revealed that hackers had used the

SWIFT network to steal USD 81 million from Bangladesh Bank (the central bank

of Bangladesh). The money was transferred through the SWIFT network to accounts in the

Philippines controlled by the hackers.

The hackers unleashed a malware that sent unauthorized messages instructing the transfer of

funds to the account. The attack had been planned so meticulously such that details of the

transfers were immediately erased from the system. Confirmatory messages sent to designated

individuals were not sent.

Though the SWIFT network was itself not compromised, the management moved with speed to

reassure clients that weaknesses in the system would no longer be tolerated. A Customer

Security Program (CSP) was also set up, consisting of mandatory security controls, information-

sharing mechanisms, and sophisticated security features. As of December 2018, 94% of clients

complied with CSP requirements.

142
© 2014-2020 AnalystPrep.
 Reading 10: Anatomy of the Great Financial Crisis of 2007-2009

After completing this reading, you should be able to:

Describe the historical background and provide an overview of the 2007–2009 financial

crisis.

Describe the build-up to the financial crisis and the factors that played an important

role.

Explain the role of subprime mortgages and collateralized debt obligations (CDOs) in

the crisis.

Compare the roles of different types of institutions in the financial crisis, including

banks, financial intermediaries, mortgage brokers and lenders, and rating agencies.

Describe trends in the short-term wholesale funding markets that contributed to the

financial crisis, including their impact on systemic risk.

Describe responses taken by central banks in response to the crisis.

Overview and Timeline of the Crisis

The start of the 2007-2009 financial crisis was marked by runs in several short-term markets

previously considered safe. Challenges in the U.S. subprime market became increasingly evident

during the first half of 2007.

Subprime mortgages are home loans granted to borrowers whose credit is poor. In U.S. credit

score is measured by the FICO score, which is based on credit history, outstanding loans, and

past unlawful transactions of borrowers. More evidently, subprime mortgages have high credit

risk as compared to prime mortgages, and thus it is expected to pay high-interest rates.

In the years before the financial crisis, there was an increased credit growth, amplified by the

need for housing and excessive leverage in the financial institutions, which had grown

substantially after the 2001-2002 credit crisis. To add on boom years, there was securitization,

143
© 2014-2020 AnalystPrep.
which was one of the critical financial things at that time. Securitization enabled financial

institutions to create credit assets to the point where they were unable to manage the associated

risks.

For instance, in the years before the crisis, the supreme mortgages became very attractive in the

U.S. According to Bernanke's testimony before the Financial Crisis Inquiry Commission, the

subprime lending increased from 4.5% to 20% from 1994 to 2006, respectively, so that by the

beginning of 2007, the subprime mortgage debt was approximately USD 1.3 trillion!

The crisis was triggered by losses on subprime mortgages, which was amplified to other credit

markets. The banks began to experiencing huge losses and liquidity problems coupled with

uncertainty in the computation of credit assets. Consequently, banks stopped lending to each

other. The governments around the world tried to recapitalize their insolvent banks to revive

lending. Eventually, numerous banks collapsed or were taken over.

A notable example is when in February 2008, the U.K. mortgage provider Northern Rock was

nationalized. Moreover, the U.S.'s investment bank Bear Stearns was taken over by Morgan

Chase in a deal witnessed by the U.S. Treasury Department and the Fed (Federal reserve).

Moreover, due to short-term crisis debt, especially repurchase agreements and asset-back

commercial paper (ABCP), stopped leading to freezing or failing of the hedge funds, the growth

in these markets was enormous. The repo was a substantial market equivalent to 20%-30% of the

US GDP at the time. Disruptions in the short-term debt market triggered a shortage of U.S.

dollars in global markets. In turn, this affected the foreign exchange swap market since the

dollar was the main swap currency for cross-currency funding. The special investment vehicles

(SIVs) were also reduced.

The optimal point for the subprime crisis started in September 2008, which resulted in the

following events:

Lehman Brothers filed for bankruptcy resulting in a sharp decrease in the interbank

borrowing market. That is, the banks with the excess cash refused to lend to those with

liquidity problems.

The biggest investment banks in the US, Goldman Sachs, and Morgan Stanley, were

144
© 2014-2020 AnalystPrep.
 transformed into bank holding companies, implying that they were regulated by the

Fed (Federal Reserve). This indicated that they were liable to receive liquidity services

from the Federal Reserve.

Many European countries had to help their banks. For instance, Fortis (Dutch financial

conglomerate) was split and sold. Moreover, Ireland's banking system collapsed.

Fannie Mae and Freddie Mac were nationalized. Moreover, the U.S. government

injected USD 150 billion to AIG to save from collapsing.

Various European government budgets were reduced due to huge capital help to the

banks, which led to the European sovereign debt crisis of 2010. The debt crisis was as

a result of countries such as Portugal and Greece taking huge loan packages from the

International Monetary Fund (IMF) and the European Central Bank.

The effects of the financial crisis were amplified to the broader global economy. As a

result, there was a massive loss of wealth, and the employment rate rose all over the

world.

The Onset of the Great Financial Crisis

The low-interest rates in early 2000 led to increased demand for housing and the related

mortgages. As a result, housing prices rose significantly. The Fed funds' interest rate in 2003 was

1% and increased massively such that in June 2004, it was 5.25% but later decreased to 4.25%

by September 18, 2007. During the low-interest-rate period, the investors (for example,

institutional investors) sought investments that promised yield improvement. One of the

investment avenues were the subprime mortgages, which had high premiums up to 300 basis

points above the interest rate charged by the prime borrowers.

An increase in the subprime loans led to the emergence of securitization (transformation of the

illiquid assets such as debts into security). Securitization led to:

Creation of pools below-investment-grade assets.

145
© 2014-2020 AnalystPrep.
 Division of cashflows through modeled certainly

Transformation of cashflows considered to be "safe" into investment-grade security.

As the securitization emerged, banks were motivated to develop the originate-to-distribute (OTD)

business model. OTD model is where banks lend to numerous parties without violating the

lending limit regulation.

The subprime mortgage became the most significant proportion of the mortgage market, rising

from 7% in 2001 to 20% in 2006. This is because many subprime mortgages were structured

with teaser rates (low flexible introductory interest rates given for a loan to attract potential

customers), which were then increased after the stipulated teaser period ended. To spice it up,

many of these mortgages were interest-only over the teaser period implying there were no

principal payments.

So attractive as it were, some borrowers utilized these subprime mortgages to buy residential

houses, and others were just speculators due to the rise in home housing prices. At the end of

the teaser period, a borrower could service the mortgages just like a loan as long as the housing

prices rose. For the speculators, they could default if the refinancing was not possible.

Under the OTD business model, losses on the subprime losses were felt by the investors who

owned the loans. This reduced the motivation for the banks to conduct proper credit assessment

on the borrowers and the collateral valuation on the homeowners before extending the credit.

At this time, many subprime mortgages were transformed into collateralized debt obligations

(CDOs). This led to a massive collapse of the subsequent subprime mortgage. For instance,

delinquencies (failure pay on due date) on the adjustable-rate subprime mortgages rose

significantly so that by August 2007, it was at 16%, and by May 2008, it had climbed to 25%. As

a result, the credit rating downgrades for the subprime mortgage securitized products increased

massively.

Numerous factors can explain the reason for delinquencies after mid-2005.

Reasons for Delinquencies in Adjustable-rate Subprime

Mortgages

146
© 2014-2020 AnalystPrep.
 1. Subprime mortgage transactions involved borrowers with weak credit quality. The

subprime mortgages are, most of the time, under-collateralized.

2. The first-time home mortgages traditionally required a 20% down payment, but in 2005,

about 43% of the borrowers did not provide the down payment and hence reducing

collateral "shock absorber" in case of decline of housing prices.

3. The involvement of the teaser rates was not a problem if a borrower could refinance the

mortgage before the reset date. Otherwise, if the interest rates rise and the borrower

fails to refinance the mortgage, the costs of the mortgage could increase sharply. As was

witnessed in the crisis period, the Treasury Bill rate rose from 1% in April 2004 to over

4.0% in November 2005

4. The subprime mortgages borrowers assumed that they could refinance the mortgage

before the reset date. However, this confidence decreased sharply when housing prices

started to fall significantly in 2006. Additionally, the subprime mortgage balances

became more significant than the market value of the homes that were collateralized by

loans, motivating the borrowers to default.

5. The high demand for subprime mortgages encouraged some lenders to engage in

unfavorable practices. For instance, some borrowers were diverted from the mortgages

they were qualified for and led to those they do not. Consequently, some borrowers found

themselves entangled in mortgages they could not afford. For instance, no income, no

job, and no assets (NINJA) loans and liar loans came to existence. These loans were

involved in faulty documentation from its borrowers, making then receive funding in

fraudulent ways.

The Role of the Financial Intermediaries

The banks securitized their assets off their balance sheets to structured investment vehicles

(SIVs), also termed as conduits. SIVs are the companies utilized by the banks to purchase assets

and funds by short-term commercial paper and medium-term notes and capital.

Securitization is a process where the cash flows from a portfolio are repackaged into claims on

tranches (a pooled group of securities such as debt instruments classified in terms of risk or

147
© 2014-2020 AnalystPrep.
other features to attract different investors), and the returns from the tranches are used to buy

the collateral assets.

To attract different investors, tranches are modeled to have the desired rating depending on the

credit risk associated with a tranch. The rating on tranches is structured in terms of how safe it

is. The rating starts with senior AAA debt and then Junior AAA, A.A., A, BBB, B.B., B, and so on.

Theoretically, the OTD model with appropriate securitization would diffuse the risk throughout

the financial system. Consequently, the banks' sensitivity to credit crises will lessen, systemic

risk will reduce, and banks will have a greater lending ability. However, this theory failed

miserably. From 2003-2007, banks used securitization to keep their credit exposure to AAA-rated

tranches to create high extra returns without raising their regulatory capital minimums,

according to Basel II.

As a result of the AAA-rating, investors did not mind conducting due diligence on the pool and

thought that they could earn risk-free returns by buying CDOs instead of lower-yielding similar

assets such as bonds. They were utterly wrong because most of the ratings were based on the

historical data, which, at that time, did not reflect the variation of asset features that were taking

place. Such features include the emergence of NINJA loans, liar loans, and subprime mortgages.

The Role of the Rating Agencies

The CDO trust partners (also called equity holders) would pay the credit rating agencies to rate

various liabilities associated with the CDO so that it acquires high proportions of AAA-rated

bonds. Moreover, their rating was based on historical data, which did not reflect the variation of

asset features that were taking place (such as NINJA loans, liar loans, and subprime mortgages).

Moreover, the rating agencies used the data from the organizers and the issuers of the

mortgages who performed due diligence analysis. However, although the rating companies knew

about the decline of the leading standards and rising fraud, the rating agencies did not do

further due diligence or pay close attention to the available data.

The subprime mortgages were the new products in the market. Therefore, there was no enough

148
© 2014-2020 AnalystPrep.
data for the analyst to perform a prior risk analysis. Due to this, the initial ratings given to the

securitizations in question were AAA ratings, which were likely to be faulty from the beginning.

Trends in the Short-Term Wholesale Funding Markets

The short-term whole scale market consists of repurchase agreements and commercial paper

(C.P.). Both of these markets shut down early in the crisis since the participants lacked trust in

the collateral quality.

Repos also called repurchase agreements, are utilized by many financial institutions such as

banks and money market funds. A typical repo consists of the sale of an asset and a contract to

purchase the asset back at a slightly higher price at a later time.

At the outset of the repo, the seller receives the cash, and thus, the seller is like the borrower in

a collateralized (with security such as government bonds and tranches of securitizations) loan

transaction. On the other hand, the purchaser of the security (who gives the cash at the outset of

the repo) receives a higher sum at the end of the period of the repo is considered a lender in the

context that money received consists of the principal and the interest.

With higher (lower) quality collateral, then it implies a higher (lower) haircut. Haircut, in this

case, refers to the percentage decrease from the initial cash that the lender is willing to give to

the borrower. For instance, a 20% haircut implies that the borrower takes USD 80 for the

payment of USD 100 at the outset. Haircut protects the lender from receiving less than full value

in case the borrower defaults and the lender is forced to sell the collateral in case of default.

The insecure commercial paper (C.P.) involves the issuance of short-term debt but not

collateralized by any assets, and thus, it has high credit quality. Therefore, if the issuers' credit

quality falls (for example, poor rating), then an orderly exit by margin calls (demand by a broker

that an investor deposits further cash or securities to cover possible losses).In Asset-backed

commercial paper (ABCP), the issuer provides the finance to buy assets by issuing a C.P. with the

asset acting as collateral.

In the years preceding the financial crisis, there was a high demand for the collateral due to the

149
© 2014-2020 AnalystPrep.
growth of the OTC derivatives markets and increased dependence on short-term

collateralizations by the financial institutions. However, these demands were quenched by the

issuance of the AAA-rated securitization tranches. The Fed statistics showed that the repos

increased from USD 1.6 trillion in 2000 to USD 4.5 trillion in 2008.

The SIVs were funded using short-term debt and depended on its flexibility to roll over short

term debt to finance their longer-dated assets. When collateralized mortgages began to lose

value, the credit quality of numerous SIVs and increased doubt on the collateral value prevented

an increasing number of SIVs from rolling over their ABCP and accompanied a decrease in

liquidity in the subprime-related asset markets.

In fact, before mid-2007, counterparty credit was not priced by the market since there was a

significant difference between the unsecured overnight index swap (OIS) rate all periods swap

rates. From June 2007, the market participants started to worry about the collateralized

securities and the level of exposure of the financial institutions to subprime market leading to a

sharp increase in the OIS-swap spread which remained high during the crisis and increased

again when the Lehman Brother failed and did not return to the pre-crisis period.

Additionally, the credit spread on credit assets led to a significant decrease in credit assets.

Consequently, the haircuts increased systematically from zero in the pre-crisis period to 45% at

the time Lehman collapsed in September 2008.

150
© 2014-2020 AnalystPrep.
By the summer of 2007, the short-term wholesale funding market began to freeze (which

included both the ABCP and repo markets). At this point, the investors halted the rolling over of

maturing ABCP forcing the banks to recall the SIV assets onto their balance sheets. With the

increasing repo haircuts, the financial institutions that relied on the repo financing were unable

to roll over their short-term funding, and thus, they were faced with three choices: merger,

bailout or bankruptcy.

This scenario led to the failure of the Bear Stearns, British Mortgage bank Northern rock

IndyMac of California, and the Lehman Brothers even though they operated per the Basel II

minimum regulatory capital requirement before the fall.

151
© 2014-2020 AnalystPrep.
The Role of Valuation Uncertainty and Transparency Issues

The amplified uncertainty over the valuation of the asset-backed structured products worsened

the financial crisis by the short-term debt markets. This was because the valuation of the asset-

backed structured products was difficult. The liability model and cashflow waterfalls were

complicated and contained numerous types of collateral and interest rate triggers because,

despite that, they have the same securitization structure.

There was also the need for the pools of the collateral to be valued. For instance, for ABS trust,

it was necessary to calculate thousands of subprime mortgages with different borrower features

and loan terms.

The cashflows to some trusts depended on the future values and credit ratings of the collateral,

which made modeling of the cashflows a complicated undertaking. Moreover, this was worsened

by insufficient data on different asset pools presents a challenge even to sophisticated investors.

On the transparency issue, some of the seemingly complicated investors lacked the in-house

skills to comprehend complex products they were purchasing. Moreover, they did have enough

knowledge of the underlying risks that might arise from the assumptions they implied in

calculating and credit rating models. Thus, many investors relied on credit rating agencies for

their risk measurement.

Computation of illiquid assets was blurry due to the lack of readily available reference prices,

which made the investors be highly doubtful on the displayed prices when analyzing the credit

risk of a counterparty.

The potent mixture of uncertainty and lack of transparency catalyzed the subprime crisis in the

summer of 2007 because the market was skeptical that the past issued structured products

might be mispriced, and also, there some anxiety on the exposure of financial institutions to the

subprime market.

For instance, Bear Sterns tried to save two hedge funds that were e prone to subprime

mortgages losses. One of the primer brokers, Merrill Lynch, called back USD 850 million

underlying collateral but had a challenge in selling due to the illiquidity of the markets to some

152
© 2014-2020 AnalystPrep.
assets at that time. Moreover, in August 2007, BNP Paribas froze three funds valued at USD 2.2

billion in assets due to the inability to value subprime assets in the funds. As a result of these

events, the wholesale short-term funding collapsed effectively.

Responses Taken by Central Banks in Response to the Crisis.

The Federal Reserve (Fed) and other central banks globally devised with liquidity injection

services. The time gap between 2007 and at the end of 2008, the Fed blocked some asset groups

that were affected by financial crisis stress. These actions by the Fed included:

Creation of long-term lending services in case of a high-quality collateral

Provisions of liquidity to money market funds

Buying assets from Fannie Mae and Freddie Mac, which was the government-

sponsored enterprises that affected the mortgage market in the U.S.

Opening of a discount window to investment banks and securities firms. A discount

window is a federal reserve lending facility that aids financial institutions in the

management of short-term liquidity requirements.

Financing the purchase of unsecured C.P. and ABCP

Provision of lending funds against high-quality asset-backed securities.

Some of the notable government intervention in the U.S. during the great financial crisis were as

follows:

The Troubled Asset Relief Program (TARP) of October 2008. This program saw State

Street, Bank of America, Citigroup, BNY Mellon, Morgan Stanley, Gold-man Sachs, J.P.

Morgan Chase, State Street, and Wells Fargo received a total of USD 115 billion on

October 28, 2008.

The Fanie Mae and Freddie Mac were taken over by the government in September

2008

153
© 2014-2020 AnalystPrep.
 This was the enactment of the Economic Stimulus Act of February 13, 2008, which

provided several stimuli (which included tax rebates for low- and middle-income U.S.

taxpayers and tax incentives) to boost the U.S. economy.

The Primary Dealer Facility (PDF) allowed the Federal Reserve to lend funds through

reps to primary dealers.

In December 2007, the Term Auction Facility (TAF) was implemented was structured to

give funds to depository institutions by auctioning funds against a diverse range of

collateral.

The Role of Systemic Risk

Systemic risk can be defined as a risk that occurs in one firm or market and can be amplified to

the other firms or broader markets. As a result, the entire markets or economies can be exposed

to the risk. Systematic risk played a significant role in worsening the financial crisis.

The collateral quality in ABCP and repo markets reduces the default risk by the borrowers.

Therefore, the lenders in the market should possess confidence in the type of collateral assets.

However, during the financial crisis, the ABCP and the repo fell, lowering the confidence of the

lenders on the collateral. They were concerned that collateral contained subprime mortgages

and the reliability of its valuation. Due to a lack of transparency, even the borrower with no

prime exposure did not roll over their debt.

Valuation of illiquid asset prices is challenging even in normal market conditions. For instance, in

the summer of 2007, when BNP Paribas failed to value its illiquid assets, numerous money

market managers of the repo markets abandoned it and moved to Treasury bills.

When the ABCP and repos collapsed, many hedge funds failed to roll over the respective debt

and were forced to sell assets, and because the funds hold broadly typed of assets, the impact

was felt in many markets. For instance, the CDO market was subjected to selling pressure,

evidenced by the liquidation of some assets at low prices. Moreover, to close out some current

positions, some funds sold high credit-rated assets and bought lower credit-rated assets that

154
© 2014-2020 AnalystPrep.
were sold at that time. Consequently, the prices for quality assets fell, and that of lower quality

rose affecting the hedge funds traded on pricing patterns.

Moreover, banks started to hoard some cash due to the uncertainty of seeming reductions on the

decreasing credit lines of SIVs. The refusal to lend became popular among the banks due to the

stricter standard. This negatively affected the hedge funds and other financial institutions, which

tightened the availability of mortgages and restriction of business lending, and this way, the

financial crisis gave birth to economic crisis!

155
© 2014-2020 AnalystPrep.
Question

Where did the Great Financial Crisis of 2007-2009 start?

A. The collapse of Fannie and Mae

B. The failure of the Lehman Brothers

C. The central bank intervention

D. The Subprime Mortgage Market.

Solution

The correct answer is D

The events that led to the Great Financial Crisis started with a downturn in the US

subprime mortgage market in 2007.

156
© 2014-2020 AnalystPrep.
 Reading 11: GARP Code of Conduct

After completing this reading, you should be able to:

Describe the responsibility of each GARP Member concerning professional integrity,

ethical conduct, conflicts of interest, the confidentiality of information, and adherence

to generally accepted practices in risk management.

Describe the potential consequences of violating the GARP Code of Conduct.

The excerpt is the GARP Code of Conduct by GARP.

Introduction

The GARP Code of Conduct ("Code") sets forth principles of professional conduct for Global

Association of Risk Professionals ("GARP"), Financial Risk Management (FRM®FRM®) and

Energy Risk Professional (ERP®ERP®) certifications and other GARP certification and diploma

holders and candidates, GARP's Board of Trustees, its Regional Directors, GARP Committee

Members and GARP's staff (hereinafter collectively referred to as "GARP Members") in support

of the advancement of the financial risk management profession. These principles promote the

highest levels of ethical conduct and disclosure and provide direction and support for both the

individual practitioner and the risk management profession.

The pursuit of high ethical standards goes beyond following the letter of applicable rules and

regulations and behaving in accordance with the intentions of those laws and regulations, it is

about pursuing a universal ethical culture.

All individuals, firms, and associations have an ethical character. Some of the biggest risks faced

by firms today do not involve legal or compliance violations but rest on decisions involving

ethical considerations and the application of appropriate standards of conduct to business

decision making.

There is no single prescriptive ethical standard that can be globally applied. We can only expect

that GARP Members will continuously consider ethical issues and adjust their conduct

157
© 2014-2020 AnalystPrep.
accordingly as they engage in their daily activities. This document makes references to

professional standards and generally accepted risk management practices. Risk practitioners

should understand these as concepts that reflect an evolving shared body of professional

standards and practices. In considering the issues this raises, ethical behavior must weigh the

circumstances and the culture of the applicable global community in which the practitioner

resides.

The Code is comprised of the following Principles, Professional Standards, and Rules of Conduct,

which GARP Members agree to uphold and implement.

1. PRINCIPLES1.1 Professional Integrity and Ethical Conduct.

GARP Members shall act with honesty, integrity, and competence to fulfill the risk

professional's responsibilities and to uphold the reputation of the risk management

profession. GARP Members must avoid disguised contrivances in assessments,

measurements, and processes that are intended to provide business advantage at the

expense of honesty and truthfulness.

1.2 Conflicts of Interest.

GARP Members have a responsibility to promote the interests of all relevant

constituencies and will not knowingly perform risk management services directly or

indirectly involving an actual or potential conflict of interest unless full disclosure has

been provided to all affected parties of any actual or apparent conflict of interest. Where

conflicts are unavoidable, GARP Members commit to their full disclosure and

management.

1.3 Confidentiality.

GARP Members will take all reasonable precautionary measures to prevent intentional

and unintentional disclosure of confidential information.

2. PROFESSIONAL STANDARDS2.1 Fundamental Responsibilities.

GARP Members must endeavor, and encourage others, to operate at the highest

level of professional skill.

158
© 2014-2020 AnalystPrep.
 GARP Members should always continue to perfect their expertise.

GARP Members have personal ethical responsibility and cannot out-source or

delegate that responsibility to others.

2.2 Best Practices.

GARP Members will promote and adhere to applicable “best practice

standards,” and will ensure that risk management activities performed under

his/her direct supervision or management satisfies these applicable standards.

GARP Members recognize that risk management does not exist in a vacuum.

GARP Members commit to considering the wider impact of their assessments

and actions on their colleagues and the wider community and environment in

which they work.

2.3 Communication and Disclosure.

GARP Members issuing any communications on behalf of their firm will ensure that the

communications are clear, appropriate to the circumstances and their intended audience,

and satisfy applicable standards of conduct.

3. RULES OF CONDUCT

1. Professional Integrity and Ethical ConductGARP Members:

1.1 Shall act professionally, ethically, and with integrity in all dealings with

employers, existing or potential clients, the public, and other practitioners in the

financial services industry.

1.2 Shall exercise reasonable judgment in the provision of risk services while

maintaining independence of thought and direction. GARP Members must not

offer, solicit, or accept any gift, benefit, compensation, or consideration that

could be reasonably expected to compromise their own or another's

independence and objectivity.

1.3 Must take reasonable precautions to ensure that the Member's services are

159
© 2014-2020 AnalystPrep.
 not used for improper, fraudulent, or illegal purposes.

1.4 Shall not knowingly misrepresent details relating to analysis,

recommendations, actions, or other professional activities.

1.5 Shall not engage in any professional conduct involving dishonesty or

deception or engage in any act that reflects negatively on their integrity,

character, trustworthiness, or professional ability or on the risk management

profession.

1.6 Shall not engage in any conduct or commit any act that compromises the

integrity of GARP, the (Financial Risk Manager) FRM designation or the integrity

or validity of the examinations leading to the award of the right to use the FRM

designation or any other credentials that may be offered by GARP.

1.7 Shall endeavor to be mindful of cultural differences regarding ethical

behavior and customs, and to avoid any actions that are, or may have the

appearance of being unethical according to local customs. If there appears to be

a conflict or overlap of standards, the GARP member should always seek to apply

the higher standard.

2. Conflict of InterestGARP Members:

2.1 Shall act fairly in all situations and must fully disclose any actual or potential

conflict to all affected parties.

2.2 Shall make full and fair disclosure of all matters that could reasonably be

expected to impair their independence and objectivity or interfere with their

respective duties to their employer, clients, and prospective clients.

3. ConfidentialityGARP Members:

3.1 Shall not make use of confidential information for inappropriate purposes,

and unless having received prior consent shall maintain the confidentiality of

their work, their employer or client.

160
© 2014-2020 AnalystPrep.
 3.2 Must not use confidential information to benefit personally.

4. Fundamental ResponsibilitiesGARP Members:

4.1 Shall comply with all applicable laws, rules, and regulations (including this

Code) governing the GARP Members' professional activities and shall not

knowingly participate or assist in any violation of such laws, rules, or regulations.

4.2 Shall have ethical responsibilities and cannot out-source or delegate those

responsibilities to others.

4.3 Shall understand the needs and complexity of their employer or client, and

should provide appropriate and suitable risk management services and advice.

4.4 Shall be diligent about not overstating the accuracy or certainty of results or

conclusions.

4.5 Shall clearly disclose the relevant limits of their specific knowledge and

expertise concerning risk assessment, industry practices and applicable laws and

regulations.

5. General Accepted PracticesGARP Members:

5.1 Shall execute all services with diligence and perform all work in a manner

that is independent from interested parties. GARP Members should collect,

analyze and distribute risk information with the highest level of professional

objectivity.

5.2 Shall be familiar with current generally accepted risk management practices

and shall clearly indicate any departure from their use.

5.3 Shall ensure that communications include factual data and do not contain

false information.

5.4 Shall make a distinction between fact and opinion in the presentation of

analysis and recommendations.

161
© 2014-2020 AnalystPrep.
6. APPLICABILITY AND ENFORCEMENT

Every GARP Member should know and abide by this Code. Local laws and

regulations may also impose obligations on GARP Members. Where local

requirements conflict with the Code, such requirements will have precedence.

Violation(s) of this Code by may result in, among other things, the temporary

suspension or permanent removal of the GARP Member from GARP’s

Membership roles, and may also include temporarily or permanently removing

from the violator the right to use or refer to having earned the FRM designation

or any other GARP granted designation, following a formal determination that

such a violation has occurred.

162
© 2014-2020 AnalystPrep.