• View

  • Download

Embed Size (px)


Presentation on the concept of risk appetite/ Prsentation sur le concept de l'apptance au risque



    Michel Rochette, MBA, FSACaribbean Actuarial Association Annual MeetingTrinidad & TobagoDecember 4th 2008

    Enterprise Risk Advisory

  • TOPICS Context from 2006 to 2008 Risk appetite and ERM Definition and its evolution Value of articulating risk appetite Stakeholders influence on risk appetite statement Components of risk appetite and responsibilities Ex. of a risk appetite statement: ING Summary of methods to determine risk appetite Success factors

  • Risk Appetite: 2006 UK FSA Most firms have documented their approach for risk

    management through risk policies/procedures/risk appetite.

    However, risk appetite is not well understood throughout many firms to a level of clarity that provides a reference point for all material decision making.

    A big step exists between defining and applying risk appetite.

    UK FSA Insurance Sector Briefing, Risk Management in Insurance, 2006

  • Risk Appetite: 2008 UK FSA For insurers demonstrating a strong integration of

    risk and capital management: Clearly articulated and quantified risk appetite,

    tolerances, and trigger points for each risk. Processes are set to assess on a continuous basis the

    level of risk appetite. Coherent and well articulated processes to actively

    manage risk exposures that exceed risk appetite: risk monitoring.

    UK FSA Insurance Sector Briefing, 2008

    Michel Rochette

  • Risk Appetite and ERM

  • Strategy Objectives: markets, products and services,

    distribution channels, stakeholders Financial goals:

    Capital goals in relation to solvency issues. ROA and ROE without considering risk taking. RAROC if integrating risk taking into the strategic

    framework. Value creation goals if objective is to maximize

    shareholders: Embedded Value. Non Financial goals: customer satisfication, corporate

    social responsibility objectives.

  • ERM Framework Enterprise risk Policy:

    All existing key risks: financial/operational/business/strategic

    Emerging risks: known and unknown risks Champion of Risk: CRO who can initiate a discussion of

    risk appetite at the Board/top management level, supported by a centralized risk unit.

    Risk technology: control of risk taking through risk limits, risk reporting through a dashboard.

    Businesses: risk management at the unit level. Audit/Compliance: independent oversight of the risk


  • Risk Appetite: Evolution Turnbull Report: Risk appetite reflected indirectly by

    those risks which are acceptable UK 1999. COSO I: Focused on internal controls only. 1992 COSO II ERM: Give management reasonable assurance

    that strategic objectives will be met within risk appetite. 2004

    CAS ERM Definition: Process to manage risks to create value. Risk appetite not explicit but indirect.

    Solvency II: Risk tolerance limits and business strategy must be defined.

    UK FSA Prudential Regulations: Risk appetite defined. ISO 31000: Risk appetite is defined indirectly in relation to

    value creation and risk acceptability.

  • Risk Appetite: Definitions COSO II ERM: Amount of risk that an entity is willing

    to accept in pursuit of value. Would add: in line with the firms strategic

    objectives taking into the capability of its ERM framework.

    Similar to a mission statement but focused on risk: Impact that risk can have on the capacity of the firm to

    attain its strategic objectives. Defines boundaries of what is too much or too

    little and what is acceptable or non accpetable in relation to the firms strategic objectives.

  • Risk Appetite: Another View

  • Value of Articulating Risk Appetite Allow a FI to:

    Clarify desired risks: retained and non retained . Set the tone from the Top. Preferable to a bottom-up

    approach which tends to overemphasize exisiting risks. Estimate/Assess their impact, both financial and non

    financial ex. social responsibility Evaluation of risks, not a valuation of risks! Establish clearly the risk preferences of the company:

    Are we risk averse, risk takers in light of potential returns?

  • Value of Articulating Risk Appetite Set a consistent communication - transparency -

    from management to : Business units/product lines External parties:

    Shareholders: can diversify away if they dont like it! Regulators: Part of Pillar II and III of SolvencyII/Basel II. Other stakeholders: Employees may not want to be part of

    your organization. Ex. Army! Customers as well. Recent example: AIG only mentions the word risk

    appetite without ever elaborating about it in their official published documents.

  • Value of Articulating Risk Appetite Top down approch is preferable because:

    Stakeholders requirements are discussed explicitely among board members. Allows a more balanced view of risks instead of just focusing on one

    group: credit agencies, financial analysts, employees, shareholders, regulators, customers, society at large!

    More forward looking: Introduces forward thinking in terms of desired risk profile, not just

    existing risk profile! Can link risk appetite with strategic goals and required capital to

    support growth and risks. Board members/management are on the same page on risk

    appetite. Management can then react/take action if the risk profile

    exceeds/is below its desired/target risk appetite.

  • Stakeholders Influence: Board Risk preferences of individual board members/management:

    Risk averse vs risk takers. Risk Averse Type Board:

    Focuses on value preservation . Reduces earnings volatility. Low impact of extreme events! Keep us out of trouble We dont want surprises! Concerns about legal fines, external scrutinity if they take too

    much risk. Wants to keep their desired ratings. Usually found in mutuals. Wants to preserve capital. Less concerned about capital efficiency. Incurring losses is perceived to be negative. Dont consider the

    gains realized before losses occured.

  • Stakeholders Influence: Board Risk Taker Type Board:

    Focused on Value Enhancement . Considers risk vs opportunity relationship. Focuses on higher returns and risks. Anticipates newer risks, capitalizes on them, optimizes

    the risk/return relationship. Concept of efficient frontier! Optimizes use of capital. Capital management and risk

    management are done proactively. Usually found in public companies. When risks materialize, board shouldnt panic if within

    target risk appetite! Risk and losses are not viewed as negative!

  • Stakeholders Influence: Regulators Risk preferences of the local/global regulators:

    Asian: stricter, more rules based. European: more principle based. US: more rules basedStricter on Admitted assets, Single regulator - OSFI/UK FSA vs a diversified

    group of regulators US SEC, NAIC, OCC, OTS, FED, FDIC

    My prediction: US will tend towards a single regulator model common view, not one organization!

    Internationally: Moving towards college

  • Stakeholders Influence: Rating Ag. Risk preferences of rating agencies:

    Impact on agencies rating: Financial Strength or Claims Paying ability. If risk appetite is expressed solely as desired AA rating ,

    constraints immediately risk appetite to a certain overal probability of default/ruin.

    SPs ERM evaluation method: Risk Appetite is part of their Governance evaluation: Clearly articulated risk tolerance is a key factor.

  • Stakeholders Influence: Others Risk preferences of :

    Employees/customers/clients/policyholders: Risk of loosing key employees if taking too much risk! Will customers buy our products if the firm may not longer

    be there to service them in the future? Ex. GM/Ford In a pension plan, ratio of projected active/retired employees

    would certainly affect your desired risk appetite. Shareh0lders:

    If long-term/passive investors, may be willing to tolerate more risks.

    Political groups/media/advocacy groups.

  • Risk Appetite: Components Risk Capacity:

    Maximum amount of risk that an enterprise is able to accept in line with its mission/values/strategic goals.

    Risk appetite per se: Overall statement about the amount and type of risk that an

    enterprise is willing to accept in line with its strategic goals. Risk Target: Optimal level of risk desired. Risk Tolerance: Max/Min amount of risk for each

    class/subclass of risk. Risk Limits/Budgets: Thresholds not to exceed/min to

    accept. Not all firms have all these components!

  • Components: Risk Capacity Influenced by the quality of its risk management framework and processes:

    Overall ERM effectiveness: Sources could be an external view as assessed by a rating agency, external governance score.

    Management of past losses, especially unexpected and risk transfer options. Influenced by the amount and quality of its capital structure or Value of the business:

    Amount: measured by RBC, rating agencies required capital, economic view. Quality: Tier 1 versus Tiers 2 & 3 capital. Liquidity of capital: sources and availability particularly in times of stress. Access to central banks liquidity facilities: US recent history with AIG for ex. Systemic view by governments/markets:

    Too big too fail! Too big to rescue! Think of how Iceland was affected by the combined effect of risk appetite of its

    banks on the country itself. Value: Value of the business model to generate economic value.

  • Components: Risk Appe