:: Risk Room
Guideline on Risk Management
Articles

 

 

The Need for Risk Management System

Decision about risk

When risks have been identified and measured we will need to understand their nature (the probability that they will occur and their potential impact) before deciding what to do about them.
  • Accept Risk: Maintain status quo and accept the inherent risks
  • Transfer Risk: For example, from one business unit to another or from one business area to a third party (i.e., insurer)
  • Eliminate Risk: Through the dissolution of a key business unit or operating area
  • Increase Risk: Increase exposure to achieve anticipated higher returns
  • Reduce Risk: Through improvement in controls and processes
  • Mitigate Risk: Accept current level of risk but undertake key actions to mitigate risks through changing the way it conducts business

Implementation of an effective risk management

It can be summarized as the followings.

  1. Establish a risk-oriented organization culture.
  2. Top executives are directly responsible to corporate risk. They have to endorse the enterprise-wide risk policy and procedures.
  3. Deploy appropriate methodologies to quantify.
  4. Employ risk management staffs with knowledge in advanced quantitative methods and experiencing in core business activities.
  5. Risk managers in the independent middle office have to report directly to the ALCO or risk committee.
  6. Able to use and x-rays through financial engineering tools in portfolio and in hedging risk.
  7. Apply risk-adjusted performance measure, e.g. RaRoRaC.
  8. Effective use of capital for risky business lines
  9. Integrated IT systems that can segregate front, middle and back offices and ensure the data integrity.
  10. Use intelligence software tools to compute risk figures and reports and spend lot of time in managing corporate risk.
 
Risk Assessment

Proactive risk managers should keep the following questions in mind and always have the answers for them as well.

  • Are we taking the right risks?
  • How are the risks we take related to our strategies and objectives?
  • Do we know the significant risks we are taking?
  • Do the risks we take give us a competitive advantage?
  • How are the risks we take related to activities that create value?
  • Do we recognize that business is about taking risks and do we make conscious choices concerning these risks?
  • Are we taking the right amount of risk ?
  • Are we getting a return that is consistent with our overall level of risk?
  • Does our organizational culture promote or discourage the right level of risk taking activities?
  • Do we have a well defined organizational risk appetite?
  • Has our risk appetite been quantified in aggregate and per occurrence?
  • Is our actual risk level consistent with our risk appetite?
  • Do we have the right infrastructure and processes to manage risk ?
  • Is our risk management process aligned with our strategic decision-making process and existing performance measures?
  • Is our risk management process coordinated and consistent across the entire enterprise? Does everyone use the same definition of risk?
  • Do we have gaps and/or overlaps in our risk coverage?
  • Is our risk management process cost effective?
 
 
Next
 
CopyRight 2005 by The Thai Bond Market Association 900 Tonson Tower 10th Floor, A,D Zone, Ploenchit Road, Lumpini, Pathumwan, Bangkok 10330, Thailand Tel. +66 2257-0357  Fax.  +66 2257-0355 E-Mail: irisk@thaibma.or.th