Professional Documents
Culture Documents
Chapter 11 12
Chapter 11 12
RISK MANAGEMENT
INTRODUCTION
e •11ta1ne 54 w i thout the organization
Effective corporate governance cannot I b nt is recognize« d as one
:. sk manageme
mastering the art of risk management. Ad nc Is!
,erd of directors of modern
of the most important competencies ceded by ""_,,, ~mess firms.
organization, large as well as small and medium sZ° d because of the fast-
The levels of risk faced by business firms have increa,~ technology and
growing sophistication of organization, globalization, mo"",,~~ee with legal
iaet of corporate scandals. » anon ierefore "o.""""",""[itdge or risk
requirements, top management should consider adequa!
management.
It is through risk management that risks to any specific program are assessed and
systematically managed to reduce risk to an acceptable level. Risk.
. . . • " is s can com e
firom uncertainty in fifinancial I market,
k project failures, legal liabilitic -:q
;+ risl.s,
. . · ' res, creit
accidents,
• natural causes
. and disasters
. as well as deliberate attack
c ferom
4 a 'versary
or events of uncertain or unpredictable root-cause.
Risk Management 165
I. create value -resources spent to mitigate risk should be less than the
consequence of inaction, i.e., the benefits should exceed the costs
2. address uncertainty and assumptions
3. be an integral part of the organizational processes and decision-making
4. be dynamic, iterative, transparent, tailorable, and responsive to change
5. create capability of continual improvement and enhancement considering
the best available information and human factors
6. be systematic, structured and continually or periodically reassessed
3. Risk assessment. Once risks have been identified, their potential severity
of impact and the probability of occurrence must be assessed. The
assessment process is critical to make the best educated decisions in
prioritizing the implementation of the risk management plan.
In practice, the process of assessing overall risks can be difficult, and balancing
resources to mitigate between risks with a high probability of occurrence but
lower loss versus a risk with high loss but lower probability of occurrence can
often be mishandled. Ideal risk management should minimize spending of
manpower or other resources and at the same time minimizing the negative effect
of risks.
For the most part, the performance of assessment methods should consist of the
following elements:
I. identification, characterization, and assessment of threats
2. assessment of the vulnerability of critical assets to specific threats
3, determination of the risk (i.e. the expected likelihood and consequences
of specific types of attacks on specific assets) ·
4. identification of ways to reduce those risks
5. prioritization of risk reduction measures based on a strategy
Risk Management 167
Business risk refers to the uncertainty about the rate'of return caused by
the nature of the business. The most frequently discussed causes of
business risk are uncertainty about the firm's sales and operating
expenses. Clearly, the firm's sales are not guaranteed and will fluctuate
as the economy fluctuates or the nature of the industry changes. A firm's
income is also related to its operating expenses. If all operating expenses
are variable, then sales volatility will be passed directly to operating
income. Most firms, however, have some fixed operating expenses (for
example, depreciation, rent, salaries). These fixed expenses cause the
operating income to be more volatile than sales. Business risk is related
to sales volatility as well as to the operating leverage of the firm caused
by fixed operating expenses.
DEFAULT RISK
Default risk is related to the probability that some or all of the initial
investment will not be returned. The degree of default risk is closely
related to the financial condition of the company issuing the security and
the security's rank in claims on assets in the event of default or
if a bankruptcy occurs, creditors, including
k Uptcy. For example,
b anru . th J° f rdi .
bondholders have a claim on assets prior to the claim of ordinary equity
shareholders.
168 Chapter 1H
FINANCIAL RISK
financing determine financial
Of
The firm's capital structure or sources variability in operating
risk. If the firm is all equity financed, then " j percentage basis. IF
income is· passed directly to net mcome on a� _eq� ed interest payments
the firm is partially financed by debt that re9""""";'wend payment
or by preferred share that requires fixed preferret I ..
Tl mis s,
. fi ial leverage. 1 Ieverage
then these fixed charges introduce manct . ,
:.
causes net income to vary more than operating ti ng income. The introduction
:. leverage causes the fifirm's'e lent ders and its
of financial
le
•
stocl 3khold
ol lers to
Because money has time value, fluctuations in interest rates will cause
the value of an investment to fluctuate also. Although interest rate risk is
most commonly associated with bond price movements, rising interest
rates cause bond prices to decline and declining interest rates cause bond
prices to rise. Movements in interest rates affect almost all investment
alternatives. For example, as a change in interest rates will impact the
discount rate used to estimate the present value of future cash dividends
from ordinary shares. This change in the discount rate will materially
ilnpact the analyst's,estimate of the value of a share of ordinary share:
LIQUIDITY RISK
The liquidity risk for ordinary equity shares is more complex. Because
they are traded on organized and active markets, ordinary equity shares
can be sold quickly. Some ordinary equity shares, however, have greater
liquidity risk than others due to a thin market. A thin market occurs when
there are relatively few shares outstanding and investor trading interest is
limited. The thin market results in a large price spread (the difference
between the bid price buyers are willing to pay and the ask price sellers
are willing to accept). A large spread increases the cost of trading to the
investor and thus represents liquidity risk. Investors considering the
purchase of illiquid investments ones that have no ready market or
require price concessions -will demand a rate of return that
compensates for the liquidity risk.
MANAGEMENT RISK
. A. Market Risk
• Product Risk
o Complexity
o Obsolescence
o Research and Development
o Packaging
o Delivery of Warranties
• Competitor Risk
o Pricing Strategy
o Market Share
o Market Strategy
8. Operations Risk
• Process Stoppage
• Health and Safety
• After Sales Service Failure
• Environmental
• Technological Obsolescence.
• Integrity .
o Management Fraud
o Employee Fraud
o Illegal Acts
C. Financial Risk
• Interest Rates Volatility
• Foreign Currency
• Liquidity
• Derivative
• Viability
Risk Management 17f
D Business Risk
• Regulatory Change
• Reputation
• Political
• Regulatory and Legal
• Shareholder Relations
• Credit Rating
• Capital Availability
• Business Interruptions
III. Risks Associated with Financial Institutions
Financial Non-Financial
• Liquidity Risk • Operational Risk
• Market Risk 0 Systems
0 Currency • Information
Processinq
0 Equity • Technoloav
0 Commodity 0 Customer satisfaction
• Credit Risk 0 Human Resources
0 Counterparty 0 Fraud and illeaal acts
0 Tradinq 0 Bankruptcy
0 Commercial • Regulatory Risk
• Loans 0 Capital Adequacy
• Guarantees 0 Compliance
Market Liquidity Risk Taxation
• 0
Chanainq laws and policies
0 Currencv Rates 0
Risk Avoidance
. :.includes performing
This hat coui ld carry
.: .:. that
:. an activity a
risk. An example • would
••
be not buying a property or business in order not to take on the legal liability
that comes with it. Avoiding risks, however, also means losing out on the
potential gain that accepting (retaining) the risk may have allowed. Not
entering a business to avoid the risk of loss also avoids the possibility of
earning profits.
Risk Reduction
Risk Sharing
Risk sharing means sharing with another party the burden of loss or the
benefit of gain, from a risk, and the measures to reduce a risk.
Risk Retention
Risk retention involves accepting the loss or benefit of gain from a risk when
it occurs. Self insurance falls in this category. All risks that are not avoided
are transferred or. retained
.
by .default.
.
Also, any amounts. 1a loss
of po teen til
I t d
over the amount mnsurex is retained risk. This is acceptable if the chance of a
very large loss is small or if the cost to insure for greater coverage involves a
substantial amount that could hinder the goals of the organization.
Risk Management 173
The Basel II framework breaks risks into market risk (price risk), credit risk and
operational risk and also specifies methods for calculating capital requirements
for each of these components. · ·
follows:
Risk Management System Top Management's
Involvement
Oversight Activitre
· an6jives, rojss an
osine
goals
'- responsibilities, common language, and -I ssrmianager&nip6icy, 7j
!
establish uontext, set limits
[
musk Manageman?"_a...
oversight structure "
Step1;Assess Risks:
ldentit. source_measure
k
j
L....:and tolerance, etc.
]
_..it..
@i 5; Continuousiy improve risk
ioP ,management capabilities
••
tor improvement__..±
174 Chapter 1H -----------
; 1t4 Management of Publicly-
SEC Requirement Relative to Enterprise Risk
Listed Corporation
:. dcorresponding explanation
SEC Code of Governance Recommendations2. ] an ? •
Principle 12 which deals with strengthening the Internal Control System and
Enterprise Risk Management Framework states-that
"To ensure the integrity, transparency and proper governance in the conduct of
its affairs, the company should have a strong and· effective internal control
system and enterprise risk management framework." '
The Board should oversee that a sound enterprise risk management (ERM)
framework is in place to effectively identify, monitor, assess and manage key
business risks. The risk management framework should guide the Board in
identifying units/business lines and enterprise-level risk exposures, as well as the
effectiveness of risk management strategies.
Subject to its size, risk profile and complexity of operations, the company should
have a separate risk management function to identify, assess and monitor key risk
exposures.
,
176 Chapter 1]
.
by responsible managers, i.e., : finance
I officers, ' production
managers marketing managers and human resource managers.
• This process culminates in the presentation of the risk profile or
risk map to the board of directors.
8. See to it that best practices as well as mistakes are shared by all. • This
involves regular communication of results and feedbacks to all
concerned.
178 Chapter 1H
REVIEW QUESTIONS
Questions
7. What are the key elements that the company-wide risk management
system should possess?
1. The risk that refers to uncertainty about the rate of return caused by the
nature of the business is
a. Default risk c. Liquidity risk
b. Business risk d. Financial risk
2. The risk associated with the uncertainty created by the inability to turn
investment quickly for cash
a. Interest rate risk
b. Business risk
c. Liquidity risk
d. Default risk
3. The risk that the real rate of return wi II be lesser than the nominal or
stated rate of return due to inflation is referred to as
a. Purchasing power risk
b. Liquidity risk
c. Default risk
d. Business risk
Risk Management 179
7. ISO 3 I 000 suggests that once risks have been identified and assessed,
techniques to manage the risks should be applied. These techniques
include the following except
a. Retention
b. Sharing
c. Reduction
d. Complete disregard
I
4
CHAPTER 12
PRACTICAL GUIDELINES IN REDUCING AND
MANAGING BUSINESS RISKS
Practical
. Guidelines
·. . in M lanaging
.: an d Reducing
. Enterprise-wide
:. sk ·h
jd Riasl mnneren t'mn
business activity is best achieved by applying the principles and techniques
appropriate to the situation.
The willingness and readiness to take personal and financial risks is a defining
characteristic of the entrepreneurial decision-maker. In late 90's, a study
commissioned by an internationally-known accounting firm found that while in
continental Europe strategies focus on avoiding and hedging risk, Anglo-
American companies view risk as an opportunity and accept risk management as
necessary to achieving their goals. In 2017, this relative attitude to risk among
European and US companies remains broadly the same, the result of long-
standing cultural experiences and history as well as recent events.
Successful businessmen and decision-makers make sure that the risks resulting
from their decisions are measured, understood and as far as possible eliminated.
They also go beyond the direct financial perspective and actively manage risk as
it affects the whole organization.
Accepting that risks exist is a starting point for the other actions needed, but the
most important is to create the right climate for risk management. People need to
understand why control systems are needed; this requires communication and
leadership skills so that standards and expectation are set and clearly understood.
Consider the human factor into account. People behave· differently and
inconsistently when making decisions involving risk. They may be exuberant or
diffident, overconfident or overly concerned. They may simply overlook the
issue of risk.
Risk surrounds and continues to be with us. A former British prime minister once
said: "To be alive at all involves some risk." When identifying risks it helps to
define the categories into which they fall. This allows for a more structured
analysis and reduces the chances of a risk being overlooked. Some of the most
common areas of risk affecting business are shown in Table 12.1.
Inadequate - - -
insurance -
Practical Guidelines in Reducing and Managing Business Risks 183
As earlier mentioned, the usual first step is to determine the nature and extent of
the risks the business will accept. This involves assessing the likelihood of risks
becoming reality and the effect they would have if they did. Only when this is
understood can measures be taken to minimize the incidence and impact of such
risks.
There is also an opportunity cost associated with risk: avoiding a risk may mean
avoiding a potentially big opportunity. People can be too cautious and risk averse
even though they are often at their best when facing the pressure of risk deciding
to take a more audacious approach. Sometimes the greatest risk is to do nothing.
Once risks are identified they can be ranked according to their potential impact
and the likelihood of them occurring. This helps to highlight not only where
things might go wrong and what their impact would be, but also how, why and
where these catalysts might be triggered. The five most significant types of risk
catalyst are as follows:
• Processes. New products, markets and acquisitions all cause change and
can trigger risks. The disastrous launch of "New Coke" by Coca-Cola
was an even bigger risk than anyone at the company had realized; it
outraged Americans who felt angry that an iconic US product was being
changed. That Coca-Cola eventually turned the situation to its advantage
shows that risk can be managed and controlled, but such success is rare.
184 Chapter 12
Risk should be actively managed, and given a high priority across the
whole organization. Risk management procedures and techniques should
be well documented, clearly communicated, regularly reviewed and
monitored. To successfully manage risks, you have to know what they
are, what factors affect them and their potential impact.
If you plot the ability to control a risk against its potential impact, as·
shown in Figure 12.1, you can decide on actions either to exercise greater
control over the risk or to mitigate its potential impact. Risks falling into
the top-right quadrant require urgent action, but those in the bottom-right
quadrant (total/significant control, major/critical impact) should not be
ignored because complacency, mistakes and a lack of control can turn the
risk into a reality.
4 No control
u
E
l
0
cc Weak control
h
z
0
u
Significant control
9
r
-
a
<
Total control
POTENTIAL IMPACT
and systems. Reducing a risk may also mean that the cost of insuring
against it goes down.
Where are the greatest areas of risk relating to the most significant
strategic decisions?
0 What level of risk is acceptable for the company to bear?
0 What are the potentially disclosing events that could inflict the
greatest damage on your organization?
0 What are the risks inherent in the organization's strategic
decisions, and what is the organization's ability to reduce their
incidence and impact on the business?
0 What is the overall level of exposure to risk? Has this been
assessed and is it being actively monitored?
Many managers find it difficult to get to grips with financial issues and. as the
2008 global financial crisis revealed, many lost touch with basic financial ground
rules.
Profitability, cash flow, long-term shareholder value and risk all need to' be
considered when setting and reviewing strategy. This section provides practical
guidance about financial decisions and explains how to:
• improve profitability;
• avoid pitfalls in making financial decisions;
• reduce financial risk.
• Improving Profitability
A. Variance Analysis
C. Break-even Analysis
The break-even point is when sales cover costs, where neither a profit
nor a Joss is made. It is calculated by dividing the costs of the project by
the gross profit at specific dates, making sure to allow for overhead costs.
Break-even analysis (cost-volume-profit or CVP analysis) is used to
decide whether to continue developing a product, alter the price, provide
or adjust a discount, or change suppliers to reduce costs. It is also helps
in managing the sales mix, cost structure and production capacity, as
well as in forecasting and budgeting.
190 Chapter 12
D. Controlling Costs
To control costs:
:. · costs into
o Focus on the big items of expenaudinre. Categories
ure. . . ,
major or peripheral items. Often, undue emphasis is given to the
80% of activities accounting for 20% of costs.
o Be cost aware. Casualness is the enemy of cost control. While
focusing on major items of expenditure it may also be possible to
cut the cost of peripheral items. Costs ean be reduced over the
medium to long term by managers' attitudes to cost control and
the effects of expenses on cash flow.
o Maintain a balance between costs and quality. Getting the best
value means achieving a balance between the price paid and the
quality received.
o g for dynamic financial management. Budget early so
Use budets
financial requirements are known as soon as possible. Consider
the best time-period for the budget -normally a year but it
depends on the type of business. Some larger firms have moved
to rolling budgets, getting managers to forecast the next 18
months every quarter. Budgets provide a starting point for cash
flow forecasts and revenues. and they also play an essential role
in monitoring costs and revenues.
o Develop a positive attitude to budgeting. People need to
understand, accept and use the budget, feeling a sense of
ownership and responsibility for developing, monitoring and
control I ing it.
o Eliminate waste. For decades, leading Japanese companies have
directed much of their cost-management efforts towards waste
elimination. They achieve this by using techniques such as
process analysis, mapping and re-engineering.
Practical Guidelines in Reducing and Managing Business Risks 191
• Set the buying policy. For example, should there be a small number of
preferred suppliers or a bidding system among a wider number of
potential suppliers? Also, consider techniques for controlling delivery
charges, monitoring exchange rates, improving quality control, reducing
inventory and improving production lead times.
• Avoiding Pitfalls
Many managers have financial responsibilities and their decisions will often be
influenced by or have an impact on other parts of the business. The following
principles will help avoid flawed financial decision-making.
Do not ignore or underestimate the wider impact of finance issues upon other
departments and decisions.
Budgets are an active tool to help make financial decisions, not merely a way to
measure performance. · y y
• Are the most effective and relevant performance measures is a!co '
monitor and assess the effectiveness of financial
REVIEW QUESTIONS
Questions
2. What is the advantage of defining the categories into which risks fall?
3. Explain how the following types of risk catalyst might trigger risk
a. Technology
b. Organizational charge
c. Processes
d. People
e. External factors
., .
4. The typical areas of financial .risk includes the following except
a. Poor brand management
b. Treasury risks
c. Accounting decisions and practices
d. Fraud
7. What are some of the financial tools that can be applied 111 making
strategic financial decision affecting profitability?