Introduction to Financial

Risk Management
Presented by: Dung Tran
Intrinsic Value: Risk Management
Foreign exchange rates

Product prices Net operating Required investments

and demand profit after taxes
 − in operating capital

Input costs Free cash flow

(FCF)
 ¿
FCF1 FCF2 FCF
Value     
(1  WACC)1 (1  WACC) 2 (1  WACC)
Market risk aversion Firm’s business risk
Weighted average
cost of capital
Firm’s debt/equity mix (WACC) Market interest rates
Do stockholders care about volatile cash
flows?
• If volatility in cash flows is not caused by systematic risk, then
stockholders can eliminate the risk of volatile cash flows by
diversifying their portfolios.
• Stockholders might be able to reduce impact of volatile cash flows by
using risk management techniques in their own portfolios.
How can risk management increase the value of a
corporation?
Risk management allows firms to:
• Have greater debt capacity, which has a larger tax shield of interest
payments.
• Implement the optimal capital budget without having to raise external
equity in years that would have had low cash flow due to volatility.

• (More . .)
Risk management allows firms to: (1)
• Avoid costs of financial distress.
• Weakened relationships with suppliers.

• Loss of potential customers.

• Distractions to managers.

• Utilize comparative advantage in hedging relative to hedging ability of

investors.

• (More . .)
Risk management allows firms to: (2)
•  Minimize negative tax effects due to convexity in tax code.
• Example:
• A: EBT of $50K in Years 1 and 2, total EBT of $100K,
• Tax $7.5K each year, total tax of $15.
• Less volatile income
• B: EBT of $0K in Year 1 and $100K in Year 2,
• Tax $0K in Year 1 and $22.5K in Year 2. total 22.5
• Reduce borrowing costs by using interest rate swaps.
• Maximize bonuses if system has floor or ceiling—Bad Reason!
• (More . .)
LO 1.a: Explain the concept of risk and compare risk
management with risk taking.

• In an investing context, risk is the uncertainty surrounding outcomes. Investors are

generally more concerned about negative outcomes (unexpected investment
losses) than they are about positive surprises (unexpected investment gains).
• Additionally, there is an observed natural trade-off between risk and return;
opportunities with high risk have the potential for high returns and those with
lower risk also have lower return potential.
• Risk is not necessarily related to the size of the potential loss. For example, many
potential losses are large but are quite predictable and can be accounted for using
risk management techniques. The more important concern is the variability of the
loss, especially an unexpected loss that could rise to unexpectedly high levels.
LO 1.a: Explain the concept of risk and compare risk
management with risk taking.
• As a starting point, risk management includes the sequence of activities aimed to
reduce or eliminate an entity’s potential to incur expected losses. On top of that,
there is the need to manage the unexpected variability of some costs.
• In managing both expected and unexpected losses, risk management can be thought of as a
defensive technique.
• However, risk management is actually broader in the sense that it considers how an entity
can consciously determine how much risk it is willing to take to earn future uncertain returns.
• The concept of risk taking refers to the active acceptance of incremental risk in
the pursuit of incremental gains. In this context, risk taking can be thought of as
an opportunistic action.
LO 1.b: Describe elements of the risk management
process and identify problems and challenges that can
arise in the risk management process.

• The risk management process is a formal series of actions designed to determine

if the perceived reward justifies the expected risks. A related query is whether the
risks could be reduced and still provide an approximately similar reward.
• There are several core building blocks in the risk management process.
• Identify risks.
• Measure and manage risks.
• Distinguish between expected and unexpected risks.
• Address the relationships among risks.
• Develop a risk mitigation strategy.
• Monitor the risk mitigation strategy and adjust as needed.
• Figure 1.1 illustrates that risks can move
along a spectrum from being expected
(i.e., known) to being fully unknown.
The unknown category can be
subdivided into the known unknowns
(i.e., Knightian uncertainty) and the
unknown unknowns.
• The former are items that may impact a
firm, while the latter are truly unknown
(i.e., tail risk events). Where possible,
risk managers should move a risk into
the known category, but this does not
work for risks that cannot be quantified
LO 1.b: Describe elements of the risk management
process

• The risk management process involves a four-way decision.

• The company might decide to avoid risk directly by selling a product line,
avoiding certain markets or jurisdictions, or offshoring production.
• They also might decide to retain risk, depending on the expected rewards
relative to the probability and frequency of any expected losses.
• Another option is to mitigate risk by reducing either the magnitude or the
frequency of exposure to a given risk factor.
• Finally, risk managers could transfer risk to a third party using derivatives or
structured products. They could also purchase insurance to outsource risk to
an insurance company.
 LO 1.b: Identify problems and challenges that can arise
in the risk management process.
• One of the challenges in ensuring that risk management will be beneficial to the
economy is that risk must be sufficiently dispersed among willing and able participants in
the economy.
• It has failed to consistently assist in preventing market disruptions or preventing financial
accounting fraud (due to corporate governance failures). For example, the existence of
derivative financial instruments greatly facilitates the ability to assume high levels of risk
and the tendency of risk managers to follow each other’s actions.
• The use of derivatives as complex trading strategies assisted in overstating the financial
position (i.e., net assets on balance sheet) of many entities and complicating the level of
risk assumed by many entities.
• Finally, risk management may not be effective on an overall economic basis because it
only involves risk transferring by one party and risk assumption by another party.
The Evolution of Risk Management
• Commodity futures contracts
• 2000 B.C.E in India
• 1800s: grain traders in Midwest
• Insurance
• Maritime: 1300s, Genoa
• Fire:
• 1680, London
• 1752, Benjamin Franklin and the Union Fire Company
20th Century Risk Management
• Before 1970s
• Not much other than property & casualty insurance, commodity futures, and
a little bit of foreign exchange hedging.

• Each type of risk management was compartmentalized within corporation

1970s Bring Changes
• Risk increases:
• End of gold standard: increased exchange rate volatility
• OPEC: increased oil volatility
• Expansion of global trade and competition
• Risk management tools improve:
• Black-Scholes option pricing model leads to other derivative pricing models
• Technology
• Information collection and processing
• Computers that can easily conduct Monte Carlo simulation
1970s-1980s: Bribery and Fraud
• Foreign Corrupt Practices Act (FCPA), 1977
• To prevent corporate bribery
• Required accounting systems to be able to identify
funds used for bribery
• Savings & Loan Crisis, 1980s
• Bad business models, but also fraud
• Congress and SEC threaten to intervene in self-
regulatory activities and standards that previously
had been determined by the accounting profession
1990s-early 2000s: More Fraudulent
Accounting
• Enron, Tyco, and more
• 2002, Congress passes the Sarbanes-Oxley (SOX) act
• Section 404: Annual report must include section that addresses the
accounting system’s internal control.
• Framework of system
• Assessment of system’s ability to detect fraud
Late 2000s-Now: Cumulative Impact of Regulatory
Environment
• Companies must demonstrate compliance with FCPA and SOX
• Need to have an enterprise risk management system that meets the
compliance requirement

• COSO provides ERM system that meets requirement– See next slide
COSO: Committee of Sponsoring Organizations
(1)

• In response to Congressional and SEC criticism in mid-1980s, a

group of five private accounting firms created a commission to
study accounting fraud and write a report.
• James Treadway (former SEC Commissioner) was chairman.
• The Treadway commission recommended that its sponsoring
organizations create guidelines for an accounting system that would be
able to detect fraud.

• Continued…
COSO: Committee of Sponsoring Organizations
(2)
• The Committee of Sponsoring Organizations extended their original
framework to include enterprise risk management (ERM).
• The COSO ERM framework:
• Satisfies the regulatory requirements related to financial reporting required
by FCPA and SOX.
• Is widely used.
How does COSO define ERM?
• “A process, effected by an entity’s board of directors, management
and other personnel, applied in strategy setting and across the
enterprise, designed to identify potential events that may affect the
entity, and manage risk to be within its risk appetite, to provide
reasonable assurance regarding the achievement of entity objectives.”

• Source: See page 2 of COSO, "Summary of Enterprise Risk Management—Integrated Framework,” 2004,
www.coso.org/documents/coso_erm_executivesummary.pdf.
How to Categorize Risk?
• No single set of categories is best for all companies.
• Following is a set of categories that are widely used.
Seven Major Categories of Risk (1)
1. Strategy and reputation:
• Include competitors’ actions, corporate social responsibilities, the public’s
perception of its activities, and reputation among suppliers, peers, and
customers.
2. Control and compliance:
• Include regulatory requirements, litigation risks, intellectual property rights,
reporting accuracy, and internal control systems.

• Continued…
Seven Major Categories of Risk (2)
3. Hazards:
• Fires, floods, riots, acts of terrorism, and other natural or man-made
disasters.
• All downside, no upside.
4. Human resources:
• Risk related to recruiting, succession planning, employee health, and
employee safety.

• Continued…
Seven Major Categories of Risk (3)
5. Operations:
• Risk events include supply chain disruptions, equipment failures, product
recalls, and changes in customer demand.
6. Technology:
• Risk events related to innovations, technological failures, and IT reliability
and security.

• Continued…
 Seven Major Categories of Risk (4)

7. Financial management:
• Foreign exchange risk
• Commodity price risk.
• Interest rate risk.
• Project selection risk.
• Liquidity risk.
• Customer credit risk.
• Portfolio risk.
What are some actions that companies can take to
minimize or reduce risk exposures? (1)
• Transfer risk to an insurance company by paying periodic premiums.
• Transfer functions which produce risk to third parties.
• Share risk with third party by using derivatives contracts to reduce
input and financial risks.

• (More...)
What are some actions that companies can take to
minimize or reduce risk exposures? (2)
• Take actions to reduce the probability of occurrence of adverse
events.
• Take actions to reduce the magnitude of the loss associated with
adverse events.
• Avoid the activities that give rise to risk.