Unit 2: Risk in Banking Business

2.1 Meaning and nature of financial and non-financial risk of bank

Financial risk is any of various types of risk associated with financing, including financial
transactions that include company loans in risk of default. Often it is understood to include the
potential for financial loss and uncertainty about its extent.

Financial risk is a type of danger that can result in the loss of capital to interested parties. Bank
face the possibility of default on debt they undertake but may also experience failure in an
undertaking the causes a financial burden on the business.

Financial markets face financial risk due to various macroeconomic forces, changes to the market
interest rate, and the possibility of default by sectors or large corporations. Financial risks are
everywhere and come in many shapes and sizes, affecting nearly everyone. Bank should be aware
of the presence of financial risks

Banks in the process of financial intermediation are confronted with various kinds of financial
and non-financial risks viz., credit, interest rate, foreign exchange rate, liquidity, equity price,
commodity price, legal, regulatory, reputational, operational, etc. These risks are highly
interdependent and events that affect one area of risk can have ramifications for a range of other
risk categories.

Banking industry is the backbone of an economy and the health of any economy is directly related
to the financial health of its banks. Banks provide a vast variety of services to both the retail
sector as well as the corporate sector. Due to the vast variety of services provided by the banking
industry, there are a myriad of risks involved in the banking industry.

It is crucial to minimize these risks in order to maintain the health of the banks and essentially,
the health of the economy. It is important to be aware of these risks in order to minimize
them. Financial risk faced by the banking industry can be categorized in to the three major types
of financial risk as credit risk, market risk, and liquidity risk and two non-financial risk as
operational risk and business risk. Those are further explained as:
A. Credit Risk

Credit risk refers to the possibility of a loss resulting from a borrower’s failure to repay a loan
and meet contractual obligations, this includes the delays in the payment of the loan as well.
Credit risk involves inability or unwillingness of a customer or counterparty to meet
commitments in relation to lending, trading, hedging, settlement and other financial
transactions. The credit risk of a bank’s portfolio depends on both external and internal factors.
The external factors are the state of the economy, wide swings in commodity/equity prices,
foreign exchange rates and interest rates, trade restrictions, economic sanctions, Government
policies, etc. The internal factors are deficiencies in loan policies/administration, absence of
prudential credit concentration limits, inadequately defined lending limits for Loan
Officers/Credit Committees, deficiencies in appraisal of borrowers’ financial position, excessive
dependence on collaterals and inadequate risk pricing, absence of loan review mechanism and
post sanction surveillance, etc.

Types of Credit Risk:

Default Risk: Default risk, a sub-category of credit risk, is the risk that a borrower will default on
or fail to repay its debts. The risk of loss arising from a debtor being unlikely to pay its loan
obligations in full or the debtor is more than 90 days past due on any material credit obligation;
default risk may impact all credit-sensitive transactions, including loans, securities
and derivatives.

Concentration Risk: The concentration of credit risk is the risk as a distribution of exposures to a
few customers and trading partners where potential default by a relatively small group of
counterparties or large individual counterparties is driven by a common underlying cause. This
includes concentration of borrowers, concentration by economic sector, concentration of
counterparties in trading activities, etc.

Country Risk: Country risk refers to potential losses that may be generated by an economic,
political, etc. event that occurs in a specific country, where the event can be controlled by that
country, i.e. by its Government, but not by the credit grantor/investor.
B. Market Risk

Market risk is the risk of losses due to changes in financial markets affecting an institution’s
overall performance. For banks, market risk represents the risk of losses in on- or off-balance
sheet positions that arise from movement in market prices. For institutions that are active in
capital markets, market risk expands to include the risk of losses in the bank's trading book due
to variations in equity prices, foreign-exchange rates, commodity prices, and other factors whose
values are set in the market.

Market risk refers to the possibility that a bank’s investments in securities might fail to deliver
the returns expected, or the securities might fall in value.

Market risk is faced by all the market participants and proper hedging mechanisms have to be
set up by banks to protect themselves from the market risk prevalent throughout the year.

Types of Market Risk

Equity Risk: Equity risk refers to the risk associated with the values of the stock prices, stock
indices and the associated volatility.

Interest Rate Risk: Interest-rate risk refers to the possibility that market interest rates might
increase, obliging a bank to pay higher interest to their depositors, while the interest received
from borrowers remains unchanged for loans with interest rates that the bank cannot alter
immediately.

Currency Risk: Currency/Exchange-rate risk refers to the risk of losses involved due to
movements in the foreign exchange rates and is faced by banks holding assets and liabilities in
different currencies.

Commodity Risk: Commodity risk refers to the risk associated with the values of the commodity
prices and the associated volatility.

C. Liquidity Risk

Liquidity risk refers to the possibility that a bank might not hold sufficient assets in liquid form,
either cash or deposits that can be converted to cash at very short notice, to be able to meet the
demands of its depositors for immediate withdrawal of their funds. This may result in run on
banks in certain situations and result in sudden bankruptcy, run on banks can be both short lived
and long lived and the factor of panic in an economy plays a huge role towards run on banks.

Types of Liquidity Risk

Funding Risk: Funding liquidity risk is defined as the inability to obtain funds to meet cash flow
obligations. For banks, funding liquidity risk is crucial and it arises from the need to replenish net
outflows due to unanticipated withdrawal/ non-renewal of deposits (wholesale and retail).

Time Risk: Time risk arises from the need to compensate for non-receipt of expected inflows of
funds i.e., performing assets turning into non-performing assets.

Call Risk: Call risk arises due to crystallization of contingent liabilities. It may also arise when a
bank is not able to undertake profitable business opportunities when it arises.

D. Operational Risk

Operation risk refers to the risk of losses associated with the operations of a bank’s resources.
This includes the risk involved due to terrorist activities, natural disasters, negligence and human
error, fraudulent behaviour on the part of the employees of the bank, etc.

Types of Operational Risk

Internal Fraud: Internal fraud includes misappropriation of assets, tax evasion, intentional
mismarking of positions, bribery etc.

External Fraud: External fraud includes theft of information, hacking damage, third-party theft
and forgery etc.

Employment Practices and Workplace Safety: Employment practices and workplace safety
includes discrimination, workers compensation, employee health and safety etc.

Clients, Products, and Business Practice: Clients, products, and business practice includes market
manipulation, antitrust, improper trade, product defects, fiduciary breaches, account churning
etc.
Damage to Physical Assets: Damage to physical assets includes natural disasters, terrorism,
vandalism etc.

Business Disruption and Systems Failures: Business disruption and systems failures include
utility disruptions, software failures, hardware failures etc.

Execution, Delivery, and Process Management: Execution, delivery, and process management
include data entry errors, accounting errors, failed mandatory reporting, negligent loss of client
assets etc.

E. Business Risk

Business risk is the risk arising from a bank’s long-term business strategy. It deals with a bank not
being able to keep up with changing competition dynamics, losing market share over time, and
being closed or acquired. Business risk can also arise from a bank choosing the wrong strategy,
which might lead to its failure.

F. Reputational risk

Reputation risk is the possible loss of the organization’s reputational capital or goodwill.
Moreover, reputational risk as the potential loss in reputational capital based on either real or
perceived losses in reputational capital. A bank faces reputational risk which may be triggered by
bank’s activities, rumors about the bank, willing or unconscious non-compliance with regulations,
data manipulation, bad customer service, bad customer experience inside bank branches and
decisions taken by banks during critical situations. Every step taken by a bank is judged by its
customers, investors, opinion leaders and other stakeholders who rise a bank’s brand image.

2.2 Credit risk

Credit risk is most simply defined as the potential that a bank borrower or counterparty
will fail to meet its obligations in accordance with agreed terms. Credit risk is the most
obvious risk in banking, and possibly the most important in terms of potential losses.
The default of a small number of key customers could generate very large losses and in
an extreme case could lead to a bank becoming insolvent. This risk relates to the
possibility that loans will not be paid or that investments will deteriorate in quality or go
into default with consequent loss to the bank. Credit risk is not confined to the risk that
borrowers are unable to pay; it also includes the risk of payments being delayed, which
can also cause problems for the bank.

Capital markets react to a deterioration in a company’s credit standing through higher

interest rates on its debt issues, a decline in its share price, and/or a downgrading of
the assessment of its debt quality. As a result of these risks, bankers must exercise
discretion in maintaining a sensible distribution of liquidity in assets, and also conduct a
proper evaluation of the default risks associated with borrowers. In general, protection
against credit risks involves maintaining high credit standards, appropriate diversification,
good knowledge of the borrower’s affairs and accurate monitoring and collection
procedures.

For most banks, loans are the largest and most obvious source of credit risk; however, other
sources of credit risk exist throughout the activities of a bank, including in the banking book
and in the trading book, and both on and off the balance sheet. Banks are increasingly
facing credit risk (or counterparty risk) in various financial instruments other than loans,
including acceptances, interbank transactions, trade financing, foreign exchange transactions,
financial futures, swaps, bonds, equities, options, and in the extension of commitments and
guarantees, and the settlement of transactions.

Types of Credit Risk

Default Risk: Default risk, a sub-category of credit risk, is the risk that a borrower will default on
or fail to repay its debts. The risk of loss arising from a debtor being unlikely to pay its loan
obligations in full or the debtor is more than 90 days past due on any material credit obligation;
default risk may impact all credit-sensitive transactions, including loans, securities
and derivatives.

Concentration Risk: The concentration of credit risk is the risk as a distribution of exposures to a
few customers and trading partners where potential default by a relatively small group of
counterparties or large individual counterparties is driven by a common underlying cause. This
includes concentration of borrowers, concentration by economic sector, concentration of
counterparties in trading activities, etc.

Country Risk: Country risk refers to potential losses that may be generated by an economic,
political, etc. event that occurs in a specific country, where the event can be controlled by that
country, i.e. by its Government, but not by the credit grantor/investor.

Credit risk management

In general, credit risk management for loans involves three main principles:

Selection: First of all, selection means banks have to choose carefully those to whom they will
lend money. The processing of credit applications is conducted by credit officers or credit
committees, and a bank’s delegation rules specify responsibility for credit decisions.

Limitation: Limitation refers to the way that banks set credit limits at various levels. Limit
systems clearly establish maximum amounts that can be lent to specific individuals or groups.
Loans are also classified by size and limitations are put on the proportion of large loans to total
lending. Banks also have to observe maximum risk assets to total assets, and should hold a
minimum proportion of assets, such as cash and government securities, whose credit risk is
negligible.

Diversification: Credit management has to be diversified. Banks must spread their business
over different types of borrower, different economic sectors and geographical regions, in order
to avoid excessive concentration of credit risk problems.

2.3 Operational risk

Operational risk arises from shortcomings or deficiencies at either a technical level (i.e. in a
bank’s information systems or risk measures) or at an organizational level (i.e. in a bank’s
internal reporting, monitoring and control systems). Technical operational risks arise in a
multitude of forms (such as errors in recording transactions, deficiencies in information systems
or the absence of adequate tools for measuring risks).
Managing operational risk is becoming an important feature of sound risk management
practices in modern financial markets in the wake of phenomenal increase in the volume of
transactions, high degree of structural changes and complex support systems. The most
important type of operational risk involves breakdowns in internal controls and corporate
governance. Such breakdowns can lead to financial loss through error, fraud, or failure to
perform in a timely manner or cause the interest of the bank to be compromised.

Generally, operational risk is defined as any risk, which is not categoried as market or credit
risk, or the risk of loss arising from various types of human or technical error. It is also
synonymous with settlement or payments risk and business interruption, administrative and
legal risks. Operational risk has some form of link between credit and market risks. An
operational problem with a business transaction could trigger a credit or market risk.

Types of Operational Risk

Internal Fraud: Several internal factors and activities may lead to internal fraud within the
organization. These acts are done with an intention of fraud, misappropriate property, etc., and
it involves an internal party. There may be activities happening within the organization with an
intention to hide a transaction to siphon off funds. Also, there may be thefts and frauds within
the organization like misappropriation of assets, smuggling, tax evasion, bribes, insider trading,
etc.

External Fraud: External fraud includes theft of information, hacking damage, third-party theft
and forgery etc.

Employment Practices and Workplace Safety: Employment practices and workplace safety
includes discrimination, workers compensation, employee health and safety etc.

Clients, Products, and Business Practice: Clients, products, and business practice includes market
manipulation, antitrust, improper trade, product defects, fiduciary breaches, account churning
etc.

Damage to Physical Assets: Damage to physical assets includes natural disasters, terrorism,
vandalism etc.
Business Disruption and Systems Failures: Business disruption and systems failures include
utility disruptions, software failures, hardware failures etc.

Execution, Delivery, and Process Management: Execution, delivery, and process management
include data entry errors, accounting errors, failed mandatory reporting, negligent loss of client
assets etc.

Operational risk management

Banks have too much incentive to comprehend Operational Risk. Compared with financial risk,
operational risk is more complex and more challenging to monitor, control and manage. Even
though operational risk can have a broad economic impact on a bank, banks have struggled to
integrate operational risk management (ORM) in their overall framework of enterprise risk
management (ERM).

Many banks have a tough time understanding, measuring and managing the interconnected
factors that contribute to operational risk, including human behavior, organizational processes
and IT systems. They find it challenging to create cultural, governance and management
structures that can systematically control these risks. Instead of taking a deeply integrated,
proactive and long-term approach to ORM, they end up managing operational risk with reactive,
short-term measures.

Managing operational risk: Four areas to watch

Banks that take a comprehensive approach to ORM recognize four broad areas that need
attention.

The first is people. Even in a digital age, employees (and the customers with whom they interact)
can cause substantial damage when they do things wrong, either by accident or on purpose.
Problems can arise from a combination of factors, including intentional and illegal breaches of
policies and rules, sloppy execution, lack of knowledge and training, and unclear and sometimes
contradictory procedures. Unauthorized trading, for example, can cause billions in direct losses
and multimillions more in regulatory, legal and restructuring costs.
The second area is IT. Systems can be hacked and breached; data can be corrupted or stolen. The
risks banks face extend to the third-party IT providers that so many banks now rely on for cloud-
based storage and other services. Systems can slow down or crash, leaving customers unable to
access ATMs or mobile apps. With the cyber landscape evolving so rapidly, banks can have
trouble keeping up with new threats.

The third area is organizational structure. By setting aggressive sales targets and rewarding
employees for how well they meet them, bank management can encourage, and, in some cases,
explicitly condone inappropriate risk taking. Such activity, when exposed, can lead to
management changes, shareholder losses and regulatory fines.

The fourth area that vexes ORM planners is regulation. Since the global financial crisis, regulators
have increased the number and complexity of rules that banks must follow. Banks that operate
in multiple jurisdictions can face overlapping, inconsistent and conflicting regulatory regimes.

Even as banks are trying to contain costs, they must invest in the people, systems and processes
that foster compliance.

What should be the top priorities?

People: Increase employees’ OR awareness (e.g., trainings customized for relevant use cases),
and align incentives accordingly (e.g., incorporation of OR into management performance
reviews).

Process: Create a single enterprise-wide risk management framework to oversee all risk types,
including operational risk, for all departments

Technology: Leverage big data and predictive analytics to enhance threat identification and
automate the risk governance process where possible.

2.4 Market risk

This relates to the risk of loss associated with adverse deviations in the value of the trading
portfolio, which arises through fluctuations in, for example, interest rates, equity prices, foreign
exchange rates or commodity prices. It arises where banks hold financial instruments on the
trading book, or where banks hold equity as some form of collateral. Many large banks have
dramatically increased the size and activity of their trading portfolios, resulting in greater
exposure to market risk.

Market risk more narrowly as the risk of loss during the time required to effect a transaction
(liquidation period). This risk has two components, relating to volatility and liquidity. First, even
though the liquidation period is relatively short, deviations can be large in a volatile market.
Secondly, for instruments traded in markets with a low volume of transactions, it may be difficult
to sell without suffering large discounts.

Types of Market Risk

Equity Risk: Equity risk refers to the risk associated with the values of the stock prices, stock
indices and the associated volatility.

Interest Rate Risk: Interest-rate risk refers to the possibility that market interest rates might
increase, obliging a bank to pay higher interest to their depositors, while the interest received
from borrowers remains unchanged for loans with interest rates that the bank cannot alter
immediately.

Currency Risk: Currency/Exchange-rate risk refers to the risk of losses involved due to
movements in the foreign exchange rates and is faced by banks holding assets and liabilities in
different currencies.

Commodity Risk: Commodity risk refers to the risk associated with the values of the commodity
prices and the associated volatility.

Foreign Exchange Rate (Forex) Risk: Also known as currency risk, FX risk and exchange-rate risk,
it describes the possibility that an investment’s value may decrease due to changes in the relative
value of the involved currencies.

Market risk management

Management of market risk should be the major concern of top management of banks. The
Boards should clearly articulate market risk management policies, procedures, prudential risk
limits, review mechanisms and reporting and auditing systems. The policies should address the
bank’s exposure on a consolidated basis and clearly articulate the risk measurement systems that
capture all material sources of market risk and assess the effects on the bank. The operating
prudential limits and the accountability of the line management should also be clearly defined.

The Asset-Liability Management Committee (ALCO) should function as the top operational unit
for managing the balance sheet within the performance/risk parameters laid down by the Board.
The banks should also set up an independent Middle Office to track the magnitude of market risk
on a real time basis. The Middle Office should comprise of experts in market risk management,
economists, statisticians and general bankers and may be functionally placed directly under the
ALCO. The Middle Office should also be separated from Treasury Department and should not be
involved in the day to day management of Treasury. The Middle Office should apprise the top
management / ALCO / Treasury about adherence to prudential / risk parameters and also
aggregate the total market risk exposures assumed by the bank at any point of time.

2.5 Liquidity risk

Liquidity (according to THE BASEL COMMITTEE ON BANKING SUPERVISION) is the ability of your
bank to meet all regular financial obligations when they come due without suffering
undesirable losses. Because banks convert short-term deposits (such as checking and savings
accounts and other assets) into long-term loans, they are more vulnerable to liquidity risk than
other financial institutions. As a result, they’re susceptible to not having enough liquid assets on
hand when deposits need to be withdrawn or other commitments come due.
Nearly every transaction has implications on the bank’s liquidity, so it need a liquidity risk
management strategy that ensures the cash flow is sufficient and the bank is prepared for
external market shifts or changes in depositor behavior

Types of Liquidity Risk

Funding Risk: Funding liquidity risk is defined as the inability to obtain funds to meet cash flow
obligations. For banks, funding liquidity risk is crucial and it arises from the need to replenish net
outflows due to unanticipated withdrawal/ non-renewal of deposits (wholesale and retail).
Time Risk: Time risk arises from the need to compensate for non-receipt of expected inflows of
funds i.e., performing assets turning into non-performing assets.

Call Risk: Call risk arises due to crystallization of contingent liabilities. It may also arise when a
bank is not able to undertake profitable business opportunities when it arises.

Liquidity risk management

Here are the four most essential principles of robust liquidity risk management that should be
considered and implement at your middle-market bank:

1. Identify Liquidity Risks Early

A liquidity deficit at even a single branch or institution has system-wide repercussions, so it’s
paramount that your bank be prepared before a shortfall occurs. This means the bank needs to
have a rigorous process for IDENTIFYING AND MEASURING LIQUIDITY RISK.

The liquidity management process should include a forward-looking framework to project future
cash flows from assets, liabilities and items not on your balance sheet. This framework should
include:

 The ability to conduct risk analysis on extreme, hypothetical situations

 The maintenance of liquid assets to serve as a cushion in case of a possible shortfall

2. Monitor & Control Liquidity Regularly

Once bank identified and forecasted the it’s liquidity risk, it needs to actively MONITOR AND
CONTROL ANY RISK EXPOSURES OR FUNDING NEEDS. Depending on the size and scope of the
bank, this monitoring needs to account for multiple legal entities, business lines and international
currencies. The bank must also remember to account for any banking compliance regulations
that might limit the transferability of the liquid assets.

The bank insure that the liquidity risk MONITORING AND CONTROL TOOLS include the following
indicators and metrics (via ACCENTURE):

 Global liquidity indicators

  Business-specific liquidity indicators
 Advanced cash flow forecasting
 All relevant regulatory ratios such as: Loans to Total Assets, Credit to Deposit, CRR, SLR,
NPL, etc.

3. Conduct Scheduled Stress Tests

The bank needs to conduct regular financial stress tests to anticipate different potential liquidity
shortfalls. The stress tests should include both short-term and long-term scenarios that identify
sources of liquidity strain and that ensure all exposures align with your established liquidity risk
tolerance.

4. Create a Contingency Plan

Using the results of your stress tests, adjust your liquidity risk management strategies
accordingly. Then, use these new policies and positions to develop a formal contingency funding
plan (CFP) that clearly articulates your bank’s plan for overcoming liquidity shortfalls in various
emergency situations.

2.6 For-ex risk

Foreign exchange risk arises when a company engages in financial transactions denominated in
a currency other than the currency where that company is based. Any appreciation/depreciation
of the base currency or the depreciation/appreciation of the denominated currency will affect
the cash flows emanating from that transaction. Foreign exchange risk can also affect investors,
who trade in international markets, and businesses engaged in the import/export of products or
services to multiple countries.

The risk inherent in running open foreign exchange positions have been heightened in recent
years by the pronounced volatility in forex rates, thereby adding a new dimension to the risk
profile of banks’ balance sheets.

Forex risk is the risk that a bank may suffer losses as a result of adverse exchange rate movements
during a period in which it has an open position, either spot or forward, or a combination of the
two, in an individual foreign currency. The banks are also exposed to interest rate risk, which
arises from the maturity mismatching of foreign currency positions.

In the forex business, banks also face the risk of default of the counterparties or settlement risk.
The forex transactions with counterparties from another country also trigger sovereign or
Country risk.

Types

There are three types of foreign exchange risk:

Transaction risk: This is the risk that a bank faces when it's buying a financial products (such as
issuing bonds in foreign markets, purchasing the stocks from foreign market, etc.) from a
company located in another country. The price of the product will be denominated in the selling
company's currency. If the selling company's currency were to appreciate versus the buying
company's currency then the company doing the buying will have to make a larger payment in
its base currency to meet the contracted price.

Translation risk: A parent Bank owning a subsidiary bank in another country could face losses
when the subsidiary's financial statements, which will be denominated in that country's currency,
have to be translated back to the parent company's currency.

Economic risk: Also called forecast risk, refers to when a bank’s market value is continuously
impacted by an unavoidable exposure to currency fluctuations.

Foreign exchange risk can be caused by appreciation/depreciation of the base currency,

appreciation/depreciation of the foreign currency, or a combination of the two. It is a major risk
to consider for exporters/importers and businesses that trade in international markets.

Foreign Exchange Risk Management

Managing Forex risk is intrinsically trickier than identifying or measuring potential exposures,
because every bank has its own unique financial position and appetite for risk. Yet regardless of
a bank’s business activities or willingness to entertain higher degrees of Forex risk, there are
several key tools and products financial leaders can implement to appropriately manage foreign
exchange risk.

The first management tool worth exploring is a forward exchange contract. A forward exchange
contract helps insulate banks from large currency movements by locking in an agreed rate up to
a predetermined date. Because rates are fixed from the outset of any agreement, forward
exchange contracts are ideal for exporters wanting certainty around the amount they’ll be
receiving as part of a given transaction.

Entering the futures market and implementing a hedging program is a popular option, too – and
one of the most creative programs a corporate could possibly pursue is a so-called perfect hedge.

A perfect hedge is when a corporate builds up a position in which it can 100 percent match all
outgoing foreign currency payments against its foreign currency inflows. In theory, a perfect
hedge is an ideal risk management tool because it should totally eliminate the risk of an existing
position. That being said, this method isn’t the most popular because of the uncertainty around
cash flow timings – and unless an inflow and outflow are occurring at the exact same time, it
doesn’t really count as a ‘perfect’ hedge.

2.7 Country risk

Country risk refers to the economic, social, and political conditions and events in a foreign
country that may adversely affect a financial institution's operations. Banks must institute
adequate systems and controls to manage the inherent risks in their international activities.

Country risk is a risk that denotes the probability of a foreign government (country) defaulting on
its financial obligations as a result of economic slowdown or political unrest. Even a small rumor
or revelation can make a state less attractive to investors who want to park their hard-earned
income in a place that is reliable and significantly less likely to default.

Types of Country Risk

Analysts have categorized country risk into following groups:

Economic risk — This type of risk is the important change in the economic structure
that produces a change in the expected return of an investment. Risk arises from the negative
changes in fundamental economic policy goals (fiscal, monetary, international, or wealth
distribution or creation).

Transfer risk — Transfer risk arises from a decision by a foreign government to restrict capital
movements. It is analyzed as a function of a country’s ability to earn foreign currency. Therefore,
it implies that effort in earning foreign currency increases the possibility of capital controls.

Exchange risk — This risk occurs due to an unfavorable movement in the exchange rate. Exchange
risk can be defined as a form of risk that arises from the change in price of one currency against
another. Whenever investors or companies have assets or business operations across national
borders, they face currency risk if their positions are not hedged.

Location risk — This type of risk is also referred to as neighborhood risk. It includes effects caused
by problems in a region or in countries with similar characteristics. Location risk includes effects
caused by troubles in a region, in trading partner of a country, or in countries with similar
perceived characteristics.

Sovereign risk — This risk is based on a government’s inability to meet its loan
obligations. Sovereign risk is closely linked to transfer risk in which a government may run out of
foreign exchange due to adverse developments in its balance of payments. It also relates to
political risk in which a government may decide not to honor its commitments for political
reasons.

Political risk — This is the risk of loss that is caused due to change in the political structure or in
the politics of country where the investment is made. For example, tax laws, expropriation of
assets, tariffs, or restriction in repatriation of profits, war, corruption and bureaucracy also
contribute to the element of political risk.

Country Risk Management

 Investors and financial corporations should devise a proper framework that includes
segregates between different parts of country risk.
  Exposure of country risk is governed by a country’s resources and the primary occupation
the economy is based on. Setting up teams to closely monitor these areas will also be
beneficial in the assessment.
 Risk exposure should continually be monitored and updated to stay well-informed.
 Exposure of country risk can be access through global ratings to evaluate a country’s
standing in the global markets.
2.8 Risk Management Process
A. Risk identification

Risk identification is the process of identifying and assessing threats to an organization, its
operations, and its workforce. For example, risk identification may include assessing IT security
threats such as malware and ransom ware, accidents, natural disasters, and other potentially
harmful events that could disrupt business operations. Companies that develop robust risk
management plans are likely to find they’re able to minimize the impact of threats, when and if
they should occur.

Risk identification enables businesses to develop plans to minimize harmful events before they
arise. The objective of this step is to identify all possible risks that could harm company
operations, such as lawsuits, theft, technology breaches, business downturns, etc.

Safety management professionals must understand that risk identification is not a one-time
process. Instead, the process should be rigorous, thoughtful, and ongoing.

Ways to Identify Risks

There are many ways to identify an organization’s risks, however, some of the more common
examples include brainstorming, thinking pessimistically, and seeking employee feedback.

Brainstorming: Risk managers may find that brainstorming the probability of various
catastrophic events with other company stakeholders, such as managers and certain C-level
staff, can help identify new threats.

Thinking Pessimistically: Careers in safety management often entail planning for the worst
while expecting the best. Although pessimism isn’t often encouraged in the workplace, taking
time to ponder “what is the worst possible thing that could happen to the company” may be
helpful in identifying risks.

Seek Employee Feedback: Upper-level management’s perspective of an organization’s risks can

be starkly different from the perspective that employees hold. Employees may encounter new
risks in their day-to-day activities that may not have otherwise been encountered. For example,
insufficient training on a piece of operating equipment may be placing staff at risk of injury. As
such, employees are an invaluable source of first-hand information.

B. Risk measurement

A key component of risk management is measuring the size and scope of the firm’s risk
exposures. Risk management relies on quantitate measures of risks. There are various risk
measures. All aim at capturing the variation of a given target variable, such as earnings,
market value or losses due to default, generated by uncertainty. Quantitative indicators
of risks fall into three types:

Sensitivity, which captures the deviation of a target variable due to a unit movement of
single market parameter( for instance, an interest rate shift of %). Sensitivities are often
market-risk-related because they relate value changes to market parameters, which are value
drivers. The interest rate gap is the sensitivity of the interest margin of the banking
portfolio to forfeit move of the yield curve. Sensitivities are variations due to forfeit
moves underlying parameters driving the value of target variables;

Volatility, which captures the variations around the average of any random parameter or
target variable, both upside and downside. Unlike forfeit movements, volatility
characterizes the varying instability of any uncertain parameters, which forfeit changes
ignore. Volatility measures the dispersion around its mean of any random parameter or
of target variables, such as losses for credit risk

Downside measures of risk, whish focus on adverse deviations only. They characterize the
‘worst-case’ deviations of a target variable such as earnings, market values or credit
losses, with probabilities for all potential values. Downside risk measures require
modelling to have probability distributions of target variables. The ‘Value at Risk’ (VaR) is a
downside risk measure. It is adverse deviation of a target variable, such as the value of
transaction, not exceeded in more than a preset fraction of all possible future outcomes.
Downside risk is the most comprehensive measure of risk.

C. Risk mitigation

General guidelines for applying risk mitigation handling options are based on the assessed
combination of the probability of occurrence and severity of the consequence for an identified
risk. Risk mitigation handling options include:

“ACCEPT” RISK strategy

With some risks, the expenses involved in mitigating the risk is more than the cost of tolerating
the risk. In this situation, the risks should be accepted and carefully monitored.

“AVOID” RISK strategy

In general, risks should be avoided that involve a high probability impact for both financial loss
and damage.

“TRANSFER” RISK strategy

Risks that may have a low probability of taking place but would have a large financial impact
should be mitigated by being shared or transferred, e.g. by purchasing insurance, forming a
partnership, or outsourcing.

“REDUCE” RISK strategy

The most common mitigation strategy is risk limitation, e.g. businesses take some type of action
to address a perceived risk and regulate their exposure. Risk limitation usually employs some
risk acceptance and some risk avoidance.

“HEDGING” RISK strategy

Hedging assumes the additional risk that works in the opposite direction as the mitigated risk.
While natural hedging organizes the business in a way that “internal” risks offset each other,
external hedging uses the instruments that create offsetting risks (e.g. by locking the price
secures us against the price fluctuations).

“Watch/Monitor” RISK strategy

Once a risk has been identified and a plan put in place to manage it, there can be a tendency to
adopt a "heads down" attitude, particularly if the execution of the mitigation appears to be
operating on "cruise control." Resist that inclination. Periodically revisit the basic assumptions
and premises of the risk. Scan the environment to see whether the situation has changed in a
way that affects the nature or impact of the risk.

D. Risk Management Process:

Step 1: Identify the Risk

The first step is to identify the risks that the business is exposed to in its operating
environment. There are many different types of risks – legal risks, environmental risks, market
risks, regulatory risks, and much more. It is important to identify as many of these risk factors as
possible. In a manual environment, these risks are noted down manually.

Step 2: Analyze the Risk

Once a risk has been identified it needs to be analyzed. The scope of the risk must be
determined. It is also important to understand the link between the risk and different factors
within the organization. To determine the severity and seriousness of the risk it is necessary to
see how many business functions the risk affects. There are risks that can bring the whole
business to a standstill if actualized, while there are risks that will only be minor inconveniences
in the analysis. In a manual risk management environment, this analysis must be done
manually. When a risk management solution is implemented one of the most important basic
steps is to map risks to different documents, policies, procedures, and business processes. This
means that the system will already have a mapped risk framework that will evaluate risks and
let you know the far-reaching effects of each risk.
Step 3: Evaluate or Rank the Risk

Risks need to be ranked and prioritized. Most risk management solutions have different
categories of risks, depending on the severity of the risk. A risk that may cause some
inconvenience is rated lowly, risks that can result in catastrophic loss are rated the highest. It is
important to rank risks because it allows the organization to gain a holistic view of the risk
exposure of the whole organization. The business may be vulnerable to several low-level risks,
but it may not require upper management intervention. On the other hand, just one of the
highest-rated risks is enough to require immediate intervention.

Step 4: Treat the Risk

Every risk needs to be eliminated or contained as much as possible. This is done by connecting
with the experts of the field to which the risk belongs. In a manual environment, this entails
contacting each and every stakeholder and then setting up meetings so everyone can talk and
discuss the issues.

Step 5: Monitor and Review the Risk

Not all risks can be eliminated – some risks are always present. Market risks and environmental
risks are just two examples of risks that always need to be monitored. Under manual systems
monitoring happens through diligent employees. These professionals must make sure that they
keep a close watch on all risk factors. Under a digital environment, the risk management system
monitors the entire risk framework of the organization. If any factor or risk changes, it is
immediately visible to everyone. Computers are also much better at continuously monitoring
risks than people. Monitoring risks also allows your business to ensure continuity.