Overview Of Risk And Risk Management Finance Essay - Free Essay Example

Sample details Pages: 11 Words: 3290 Downloads: 6 Date added: 2017/06/26 Category Finance Essay Type Narrative essay Did you like this example? Many empirical studies have attempted to find support for different theories of corporate financial risk management. However, most of them have failed to determine which theories are supported by empirical observation of corporate hedging and which are not. After a spate of new research in this field in the late 1990s there have been few studies that have added to our understanding of corporate hedging behaviour. Don’t waste time! Our writers will create an original "Overview Of Risk And Risk Management Finance Essay" essay for you Create order Incidentally, most valuable papers in recent years concentrated on methodological issues such as the endogeneity problem (Jin and Jorion, 2006), the inclusion of non-derivative hedging (Davies et al., 2006; Judge, 2006), and assumptions about the purpose of derivative use (Faulkender, 2005). This focus on methodological issues indicates that researchers in the field of hedging still need strong empirical evidence. (Berkman, 1996) Corporate hedging models nested in four different theories of the firm: (1) Financial theory; (2) Agency theory; (3) Stakeholder theory; and (4) New institutional economics. Planning and designing There are a number of factors that should be considered when designing and planning an ERM initiative. Details of the risk architecture, strategy and protocols should be recorded in a risk management policy for the organisation. Provides information on the contents of a typical risk management policy. (Klimczak, 2008) Board mandate and commitment Many organisations issue an updated version of their risk management policy each year. This ensures that the overall risk management approach is in line with current best practice. It also gives the organisation the opportunity to focus on the intended benefits for the coming year, identify the risk priorities and ensure that appropriate attention is paid to emerging risks. The policy should also describe the risk architecture of the organisation. Figure 4 illustrates typical risk architecture of a large listed company. Mandate and commitment from the Board is critically important and it needs to be continuous and high-profile. Unless this mandate and commitment are forthcoming, the risk management initiative will be unsuccessful. Keeping the risk management policy up to date demonstrates that risk management is a dynamic activity fully supported by the Board. (Klimczak, 2008) A risk management policy should include the following sections: Risk management and internal control objectives (governance) Statement of the attitude of the organisation to risk (risk strategy) Description of the risk aware culture or control environment Level and nature of risk that is acceptable (risk appetite) Risk management organisation and arrangements (risk architecture) Details of procedures for risk recognition and ranking (risk assessment) List of documentation for analysing and reporting risk (risk protocols) Risk mitigation requirements and control mechanisms (risk response) Allocation of risk management roles and responsibilities Risk management training topics and priorities Criteria for monitoring and benchmarking of risks Allocation of appropriate resources to risk management Risk activities and risk priorities for the coming year Risk management framework Depending on the nature of the organisation, the risk management function may range from a part-time risk manager, to a single risk champion, to a full-scale risk management department. The role of the internal audit function will also differ from one organisation to another. In determining the most appropriate role for internal audit, the organisation needs to ensure that the independence and objectivity of internal audit are not compromised. (Miller, 2005) The range of risk management responsibilities that need to be allocated in the policy will be broad and extensive. Table 3 sets out examples of the risk management responsibilities that may be allocated in a typical large organisation. The Board has responsibility for determining the strategic direction of the organisation and creating the context for risk management. There need to be arrangements in place to achieve continuous improvement in performance and this responsibility is likely to be allocated to the risk manager. Risk management is not, and should not be, a stand-alone exercise or a separate administrative structure. Risk management might become a simple compliance exercise rather than an effective management tool if it is not integrated with the major processes of the organization. Integration would provide purpose in applying the risk management processes and relate risk back to the organizations objectives and core activities; it would also ensure that the task of managing risk is not regarded as an additional responsibility or burden, but part and parcel of all processes. Integration should also include the harmonization of individual risk management practices under an overarching ERM framework in order to ensure consistency in approach and support more efficient use of resources. As a natural extension of integration, risk management should be mandatory and embedded into the performance management process. This would enhance accountability; help to create a risk aware culture and spe ed up implementation. (Chen, 2002) ERM practice requires risk management in all areas, including ongoing operations and processes, as well as one-off initiatives, such as information technology projects, capital master plans, corporate strategies and policies and field projects. Risk assessment should be part of the decision-making process; one measure to promote this is to require risk assessments to be attached to all important policy, strategy and project proposals presented to the senior Management committee. (Anon, 2006) The Risk Management process Risks in Project Financing The term Project Financing refers to a wide range of financing structures where the provision of funds is not primarily dependent upon the credit support of the sponsors or the value of the projects physical assets but on projects capacity to serve the debt and provide an equity return to the sponsors through its cash flows. Project finance involves the setting up of an ad hoc project company (called Special Purpose Vehicle SPV) to carry out the venture. The SPV is capitalized through equity and debt funding which is used to cover project capital expenditures and pre-operational costs; once the project is completed, the SPV can start its commercial activities thus generating the necessary cash flows to repay the financing. (Miller, 2005) Risk management is key to any operation of satellite project financing as it ensures the completion of the system on time, to budgeted cost and the delivery of service in line with expected standards. As cash flow generation depends on all these variables, financiers are closely concerned with the feasibility of the project on its whole and with the way to manage the impact of potentially adverse factors. A successful financing structure for satellite projects entails a balanced allocation of project risks among the various interested parties. These risks must be fully understood by all involved parties and must be properly mitigated. (Smith, 2005) In satellite project financing the nature and level of risks vary during the life cycle of the project and fall into three broad areas: regulatory, completion and market. Regulatory and completion risks may arise during investment phase, while market risk is associated with the operational one. ÃÆ' ¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¢ Self insurance ÃÆ' ¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¢ Captive insurance ÃÆ' ¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¢ Alternative Risk Transfer/Financing (ART)/(ARF) ÃÆ' ¢Ãƒ ¢Ã¢â‚¬Å¡Ã‚ ¬Ãƒâ€šÃ‚ ¢ Derivatives Enterprise wide risk management and the evolving role of the Risk Manager Risk assessment involves the identification of risks followed by their evaluation or ranking. It is Important to have a template for recording appropriate information about each risk. It has been shown the range of information that may need to be recorded. The objective of a template is to enable the information to be recorded in a table, risk register, spreadsheet or a computer-based system. Although a simple description of a risk is sometimes sufficient, there are circumstances where a detailed risk description may be required in order to facilitate a comprehensive risk assessment process. The consequences of a risk materializing may be negative (hazard risks), positive (opportunity risks) or may result in greater uncertainty. Organisations need to establish appropriate definitions for the different levels of likelihood and consequences associated with these different risks. Risk ranking can be quantitative, semi-quantitative or qualitative in terms of the likelihood of occurrenc e and the possible consequences or impact. Organisations will need to define their own measures of likelihood of occurrence and consequences. (Smith, 2005) Risk classification systems An important part of analysing a risk is to determine the nature, source or type of impact of the risk. Evaluation of risks in this way may be enhanced by the use of a risk classification system. Risk classification systems are important because they enable an organisation to identify accumulations of similar risks. A risk classification system will also enable an organisation to identify which strategies, tactics and operations are most vulnerable. Risk classification systems are usually based on the division of risks into those related to financial control, operational efficiency, reputational exposure and commercial activities. However, there is no risk classification system that is universally applicable to all types of organizations. (Anon, 2006) Figure Detailed risk description Risk management process The risk management is listed as a process of coordinated activities. There are many descriptive processes involved in risk management but few of them are listed below to be illustrative. This present list represents the 7Rs and 4Ts of (hazard) risk management: Recognition or identification of risks Ranking or evaluation of risks Responding to significant risks Resourcing controls Reaction planning Reporting and monitoring risk performance Reviewing the risk management framework Tolerate Treat Transfer Terminate Figure Risk architecture, strategy and protocols According to ISO 31000, all the 4Ts of risk assessment are integrated and used in one phrase as risk treatment and included under the heading of risk response. Recognition and ranking of risks are combined together and included in risk assessment activity. For hazard risks, the range of risk response include the alternatives of tolerate, transfer, treat, or termination of risk or acti vity. Sometimes, these alternatives of risk response are used together to act against risks. For opportunity risks, the range of risk response also includes exploiting the risk. While reaction planning to retort the risk includes both business continuity planning and disaster recovery planning. (Chen, 2002) Risk assessment Identification of risk is the first and foremost function of risk management process. Identification of risks should be done at appropriate time (at the beginning stages) and appropriate place (analyzing which part of the organization is under the threat). Proper analysis of risks will lead to clear understanding of risks and uncertainties in an organization. There are certain requirements for risk identification. This includes all the basic knowledge about the organization, geographical units, marketing strategies, long-term goals, operational objectives along with legal, social, political, economic and cultural environment that correlate with an organization. This also includes knowledge of factors essential for achieving operational objectives such as critical to success along with associated threats and opportunities. For identifying and analyzing risks, a systematic method should be followed to ensure that all the related value adding activities in an organization should be ev aluated with all the risks flowing from these activities and these should be well defined. This well defined analysis of risk is used to prepare a risk profile that ranks and rates the risk accordingly, providing an instrument to measure and prioritize the identified risk and also helps in preparing an action plan. Ranking of risks will categorize the risks involved in a particular business area or part of the organization. This analysis explains the primary control mechanisms along with measures to control the investments. For an organization to be efficient and effective in its operations, the risk analysis activity should be active. It helps in classifying and identifying the risks along with creating ability to prioritize the risks and making action plans that benefit the organization with risk response treatments. The scope of risk response treatment is extensive and include tolerate, treat, transfer and terminate. An organization can also decide about the need for improvement in its control environment. (Anon, 2006) Risk treatment ISO 31000 described risk treatment measure as an activity of selecting and implementing appropriate methods to control and modify the risk. The major element of risk treatment is risk control (mitigation) but sometimes further focuses on elements like risk avoidance, risk transfer and risk financing. All the measures of risks treatment imparts in efficient and effective internal control of management. Effectiveness of an internal control is depended on the risk that needs to be eliminated or reduced by the proposed control measures. The internal control also works on the cost effectiveness with implementing cost control measures to achieve the risk reduction benefits. An organization need to maintain compliance with laws and regulations. It must work under the law and jurisdiction and must implement measures to control and achieve compliance. Risk protocol is a part of the risk treatment measure and a method of obtaining financial security against the impact of risk is through risk financing like insurance. Moreover, it should be noted that some losses or elements are uninsurable, such as damage to employee morale and the reputation of the organization. (Miller, 2005) Feedback mechanisms There are two mechanisms of feedback that are recognized by ISO 31000, first is performance review and monitoring and the other is communication and consultation. Performance review and monitoring mechanism will observe the risk performance in an organization and learn from past experience. In ISO 31000, communication and consultation are regarded as part of risk management process but this is also considered to be part of supporting framework. The monitoring and performance review feedback activities mentioned in ISO 31000 does not clearly state the tasks of monitoring risk performance and reviewing the risk management framework. Reporting and disclosure are concisely explained in ISO 31000 and they are not included in the process shown. (Faulkender, 2005) Figure Risk management process (based on ISO 31000) The risk management system follows the process of communication, monitoring, reporting as well as risk management protocols. These are all organized and controlled by the ir respective managers in their field of expertise. Risk management is one of the key responsibilities of an organization. It is made effective only when a proper practice is followed by risk management with coordination of duties and actions into performance reviews. It should be considered as an element of management performance at each stage. It is the duty of the management to evaluate the overall performance, efficiency, compliance and manage authority accordingly in categories like risk champion, risk manager and risk/senior management committees. The overall proficiency and efficacy of the risk management process is governed by the internal audit department and it will make an objective assessment on the risk management practice. Apart from these measures, there are other governing factors involved in proper functioning of risk management method that includes external audit, inspection, investigation, evaluation and policy review. Also, the objective assessment in risk analyz ing also coincides with duty and expertise of the professionals. The essential part of overall implementation of risk mechanism is managed by ERM and senior management committee internally as well as finance committee, audit committee and governing body externally. The finance committee will analyze risk management in the area of its reign. Whereas senior management duty is to ensure effective risk management process in the organization and the audit committee supervises and assists the governing body. A separate corresponding reporting mechanism is needed to be established to view the efficiency of monitoring and assessment. The risk reporting to audit committee and governing body externally can be done individually or in conjunction with RBM and planning and programming documents whereas formal and informal communication and reporting channels can be used internally. It should be noted that risk reporting to the ERM/senior management committee, audit committee and governing body n eed to be formalized. (Chen, 2002) There is a basic economic theory unfolding that corporate risk management in anyway cannot contribute to the creation of shareholder value (see Dufey and Srinivasulu, 1983, for an extensive discussion). Accordingly Modigliani and Miller (1958) suggested that corporate financing decisions cannot be used to increase firm value in perfect capital markets since shareholders can easily replicate them. Subsequently, since corporate risk management can be seen as a financing policy, it cannot contribute to firm value creation in an MM world (Bartram, 2002; Stulz, 2000; 1996; Smith, 1995; Culp et al., 1994; Mayers and Smith, 1982). As a result, corporate risk management in order to increase its firm value must restrict the violation limit of the MM framework to one or more assumptions. In other words, the benefits of corporate hedging (if they exist) should arise due to capital market imperfections, which should prevent shareholders from being able to p erfectly replicate risk management at the firm level (Stulz, 2001; Fite and Pfleiderer, 1995; Smith et al., 1990). The capital market imperfections sometimes bestows positive rationales to corporate risk management in terms of direct and indirect costs of financial distress, costly external financing, and taxes. In addition to these contributing factors, there are other firm-specific determinants of corporate risk management such as socioeconomic and legal environment of the country and sometimes geographic factors may also impact the decision to hedge. Theories of corporate risk management are typically examined empirically using binary variables that indicate whether a firm uses derivatives or not (e.g., Bartram, Brown and Fehle, 2009; Mian, 1996; Nance et al., 1993), and the use of derivatives is interpreted as an indication of corporate hedging in general. For some selected commodity-based industries (e.g., oil, gold), sometimes more detailed information about the use of derivat ives is available, enabling empirical studies to use variables such as (net) notional values of derivatives or the percentage of production hedged, which might more accurately measure the extent of corporate hedging (Lel, 2006; Dionne and Triki, 2005; Haushalter, 2001; 2000; Tufano, 1996). Studies report that these provide as an alternative to firms, countries, or industries and characterizes for corporate risk management. financial theory in order to test whether firms with particular properties that should benefit most from corporate hedging are indeed more likely to use derivatives and/or use them to a larger extent (Bartram, Brown and Fehle, 2009; Haushalter, 2000; Tufano, 1996). There has been more consideration in terms of work based risk management. It is majorly taken up by firms or other industries in countries, who consider empirical statistics as the main derivative for hedging (Bartram, Brown and Fehle, 2009; Haushalter, 2000; Tufano, 1996). (Anon, 2010) Risk Response Development The risk response development should identify and execute appropriate action plan or measures to maintain risks within the acceptable level. Risk reduction should be continuously monitored, effective and verified. The techniques for reducing or controlling risks are discussed in the following categories: Risk Avoidance: It should be noted that every risk cannot be wholly avoided and that any measure to avoid a risk sometimes simply transfer that risk to another area. Risk Reduction: It can be executed in the following ways: By decreasing the possibilities of the undesired event (Preventive measure) By decreasing the importance of the undesired event (Mitigation measure) Risk Transfer/Deflection: It can be in the form of a contract where the risk is deflected by transferring to another party entirely or partly (i.e. insurance, outsourcing, sub-contractors). For example, the insurance coverage for the satellite launch, contracting to other people or company and pena lty schemes to subcontractors in case of delay in delivery of the components (or other protecting clauses in the relevant contracts). (Chen, 2002) Conclusion Allayannis, G. a. (2001). The use of foreign currency derivatives and firm market value. Review of Financial Studies , Vol. 14, pp. 243-76. Anon. (2010). Communication from the commission to the European parliament ,the council economica and social . European commission . Anon. (2006). Operational Risk Management. Chapter . Berkman, H. a. (1996). Empirical evidence on the corporate use of derivatives. Financial Management , Vol. 25 No. 2, pp. 5-14. Chen, C. a. (2002). Exchange rate variability and the riskiness of US multinational firms: evidence from the Asian financial turmoil. Journal of Multinational Financial Management , Vol. 12, pp. 411-28. Faulkender, M. (2005). Hedging or market timing? Selecting the interest rate exposure of corporate debt. The Journal of Finance , Vol. 60 No. 2, pp. 931-63. Klimczak, K. M. (2008). Corporate hedging and risk management theory: evidence from Polish listed companies. Journal of Risk Finance . Miller, M. a. (2005). Corpo rate income taxes and the cost of capital a correction. American Economic Review , Vol. 53, pp. 433-43. Smith, C. a. (2005). The determinants of firms hedging policies. Journal of Finance and Quantitative Analysis , Vol. 20 No. 4, pp. 391-405.