Risk

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Risk Management: Making Sure the Tail Doesn’t Wag the Dog

Posted by

This blog post originally appeared on TabbFORUM.

Risk can and should be seen as the core of a financial institution. The management of risk has become an industry in itself, led in turn by regulatory drivers, technological advancement, trading floor developments and quantitative research. In this blur of evolution, it is easy to lose sight of exactly what is required of the risk department, and it is worth taking a step back to refocus on what is important.

There has always been a risk function. The key to that function is ensuring that the firm takes risks commensurate with the risk objectives as spelled out by the management of that firm, and that there is sufficient liquidity within the organization to withstand those losses that are reasonably foreseeable.

When risk management was primarily concerned with prudence in granting loans and investment diversification, there were challenges – but these were generally well understood, to the extent that many of the quantitative methods used by funds without derivative exposure are more than 30 years old. The use of derivatives, however, introduced the need for a new level of analytics, started as an offshoot of the trading desks themselves, and moving through being a trading strategy to becoming the central plank of the regulatory reporting requirements across the world. These requirements now include:

  • VaR (and various VaR derivative measures, such as VaR Shortfall)
  • Stress testing
  • Tail analysis
  • Sensitivity analysis
  • Liquidity stress testing
  • Potential future exposure
  • CVA

The essence of the risk management function though, remains the same, ensuring that risks are in line with what is now known as the “risk appetite” and that there is sufficient liquid capital available to mitigate losses that will inevitably occur as a result of taking those risks. This is fundamentally a human activity, a fact that can become lost within the overgrown architecture of many modern risk infrastructures. The first step to re-establishing the function as an efficient, people-led one is to understand how badly planned technological deployments hamper that intention.

The key barriers to risk efficiency are:

  • Too many disparate data sources leading to risk analysts spending much of their time ensuring that various systems have produced results and aggregating those results (a process that in itself often leads to significant loss of accuracy).
  • Black-box processes make the validation of the risk results difficult to check. This is a particularly thorny issue, as results indicating no issues do not attract the same level of attention as results pointing to potential breaches of risk limits. Given the potential impact to the business, these investigations are conducted in pressurized situations.
  • Regulatory reporting has increased in response to the crises that have hit the financial world, from Barings collapse to the recent credit crunch. As regulators seek to protect the system from individual firm failure, the amount of time spent complying with the rules has risen exponentially.

The dichotomy is that the need for technology has never been greater. The power and speed available now should enable risk systems that allow risk management to view, analyze, understand and communicate risk profiles in a way that promotes their function far above regulatory compliance and (back) into trading and portfolio strategy. To achieve this, the technological stack must enable certain core capabilities.

  • Processes that can be automated should be both automated and subject to audit and reporting – manual aggregation leads directly to operational risk. Communication systems and protocols now exist that enable almost any systems to speak to each other, with reporting and feedback available. As long as reporting on these systems exist and are available as standard daily outputs, there should be little to no human involvement in data aggregation.
  • Risk reporting should allow for “deep dive” investigation of the risk profile by risk analysts – this should be one of the core activities of the department and should allow sources of risk to be identified, whether those sources are related to the risk-generation process itself…
  • Trade representation
  • Market data
  • Risk methodology

…or actual trading positions affected by:

  • Individual, identifiable trades or positions
  • Risk factors impacting the portfolio as a whole
  • Risk management should be able to communicate both the risk position and the risk appetite across the organization – along with risk investigation; this should be the main activity for the risk department. It is exactly this communication that creates the platform for the chief risk officer and the board to determine the risk appetite itself, and to express that appetite in the terms and language of the risk reporting. It is equally important that the risk takers are kept informed of the same risk positioning in order that they use the risk system and its results as a critical input into decision making.
  • Risk management needs the ability to make trade corrections on an intraday basis. In order to achieve the level of credibility required for risk to become a strategic tool, when errors in the input data are discovered, they must be corrected and the risk made accurate. The correction capacity for the risk analysts has to be built, in a compliant way, into the risk architecture.

The current technology makes the above possible, with the recent increases in computation speed, data storage capacity and quantitative sophistication all available to complement online reporting and communication. In short, the technology has finally caught up with the needs of the industry – as long as existing, inefficient infrastructure and the regulatory pull on resources allow for what is available to be deployed intelligently across the organization.

Risk management, as a central financial function, has never enjoyed as high a profile as it does at the moment, but it also has never had the barrage of issue to deal with simultaneously. As long as the technical designers remember that the technology must empower the human activity that is risk management, then the outcome can and should be truly effective and credible risk structures acting as the nervous systems of the firms they exist within.

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Enterprise Risk Management and the Vernal Equinox

Posted by

A version of this blog post was originally published by Markets Media.

In a time long forgotten, seven days before the third full moon of the year, a drum beats a slow and terrible accompaniment to the death march of the sacrifices to a god whose satisfaction is needed to guarantee a good harvest and the survival of the tribe for another 12 months. As the mid-afternoon sun moves through the sky, the deity himself appears – a winged snake – and makes his way down the steps of the temple built to honor him. At the base of the temple, a carved statue of Kukulkan’s head meets the shadowy shape of his body, bringing together his astral and physical form. At that moment, the human sacrifices are made, and the people pray in terrified silence that it is enough.

An eon later, and March 20 sees the 2013 vernal equinox, signifying the end of winter and the astronomical start of spring. This annual event carries with it echoes of legends and rituals from ancient cultures that have direct relevance to our approach to financial risk management today.

Within the Mayan city of Chichén Itzá lies the pyramid temple of Kukulkan, a deity who took the shape of a winged serpent. On the vernal (and autumnal) equinox each year, the god can be seen descending the temple steps in the form of light and shadows, meeting his own carved head at the base. This astonishing feat of architectural design is generally thought to be associated with Mayan agricultural rites. There is also pictorial evidence of the god overseeing human sacrifice.

Photo via worldmysteries.com

What is striking about the pyramid, the visage of the ancient god and its linkage to a successful agricultural season, is that in many ways this is similar to the development and build out of much modern enterprise risk architecture.

Just as the Maya structured their lives and rituals around balancing risks which included not angering their gods, financial firms of today must also use risk assessment as a key decision-making tool. The basic purposes and aims of a modern risk system being:

  • Allow the risks being taken by the firm, both market and credit, to be understood by the risk management department
  • Enable the CRO, or whoever is responsible for developing the overall risk appetite, to see that the defined risk-taking aims are being adhered to
  • Empower the risk takers, the portfolio managers or traders, to understand the impacts of their positions on both their and the institution’s risk profile
  • Ensure that all regulatory requirements are fully met with regards to risk management

The danger comes when the regulatory needs overshadow the other considerations, and the creation of those numbers becomes the only end-point of the system. This, essentially, creates a large, often dislocated system where the firm will:

  • Run all parts of the system once the trading day has finished
  • Combine those results and produce a series of regulatory reports and numbers
  • Allocate capital in accordance with those numbers and reports
  • Sign off for the day

As long as there are no unexpected catastrophes throughout the following period, and the regulatory numbers are supplied, the risk system is presumed to be working. In many ways, this is exactly the situation accepted by the Mayans, where a technically brilliant design created a result that would be verified by a successful harvest, regardless of the scientific non-connectedness of the temple equinox event to the actual agricultural outcome.

Of course, in the case of financial risk management today, one required outcome is met entirely. The regulatory requirements could be said to be the most important, as without them, the firm’s ability to perform its business is threatened. The key to understanding regulatory requirements, though, is that they are primarily designed to ensure that the financial system is protected from specific bank failures, not to protect individual institutions from failing.

Regulatory reporting is a result of the positioning of the bank. While referred to in the reports, risk appetite and the adherence to that appetite tend to be secondary considerations. The risk appetite is a forward-looking plan of action, designed to ensure that in a business where financial risk-taking is the core business, there is a C-suite control of the activity, and a grass-roots understanding of that strategy. Any enterprise-wide risk system should see the regulatory reporting as a starting point for deeper analysis and understanding.

The Mayans focused on appeasing and venerating the winged serpent god Kukulkan, and did so by creating an awe-inspiring pyramid and making human sacrifices. Of course, with the value of hindsight and more modern farming knowledge, we know this approach cannot guarantee or even improve the chances of a good growing season. Financial failures also bear out that simply calculating and correctly reporting risk numbers to regulatory bodies cannot guarantee financial stability.

It is always a risk to be in awe of technical achievement and to mistake that achievement for success in the overall task. It is a necessity, when architecting a risk system, to bear in mind the full scope of the requirements of the system.

These system requirements include the ability to define the risk appetite within the C-suite, and for the risk takers to work within that appetite. Analysts and risk takers need to be able to explore both regulatory and non-regulatory measures in pursuit of the adherence of the risk appetite. That can only be achieved by taking the most granular approach possible, and building, through user-defined aggregation, a series of answers to risk questions that include but are certainly not limited to regulatory reporting. Once those questions are being asked, there is a natural feedback loop that develops through the firm, enabling both a validation of the risk production and the development of a risk culture.

Technical architects should aim for greatness, for systems that are fast and accurate, and for systems that create and strengthen the cultural nervous system of risk-taking organization. The priests and the architects of the temple of Kukulkan at Chichén Itzá achieved technical greatness, but focused solely on veneration. On March 20, 2013, as the winged serpent makes its way down the pyramid constructed in its honor, we should make sure that we are looking at our enterprise risk systems with greater importance and through a wider angle lens.

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Beware the Ides of March: A Warning about Central Clearing from 44 BC

Posted by

This blog post was originally published by DerivSource.

In March of 44 BC, Gaius Julius Caesar was killed on the steps of the Forum of Rome – before his ambition to centralize power in the Republic, removing the checks and balances of Roman politics, could be fully realized. It is striking that the date for mandatory clearing is set for mid-March 2013, and there are clear parallels to March 15, 44 BC, better known as the Ides of March.

Crossing the Rubicon

In present day, the road to mandatory clearing began in the aftermath of the credit crisis, and is a central plank of the Dodd-Frank Act and plays a role in many new market reforms across the globe. In essence, its ambition is to remove the systemic risk created by the multitude of opaque bilateral agreements and collateral agreements characteristic of the OTC derivatives market previously. The solution the regulators devised was to take the largest pool of derivatives and to have their trading, clearing and margin/collateralization run centrally through central counterparties, whose overall level of financial health and liquidity could be better tracked by the regulatory bodies.

This backdrop is remarkably similar to the situation in ancient Rome, as a system designed around democracy and accountability had become mired in dishonesty and strife, as Sulla and Pompey fought for supremacy in the most powerful city-state in history. Caesar’s decision to cross the Rubicon River with his legion intact, essentially an act of insurrection, was seen by many, including Caesar himself, as the only way for Rome to maintain its lofty status on the global stage.

I came, I saw, I conquered

In both cases, the battle was fought and the victors were named. In the U.S. financial markets, swaps will be cleared centrally beginning in mid-March 2013 for all institutions with notional trading of 8bn or above, as well as some smaller specialized trading vehicles where the activity is deemed risky.

The margin will, in part be decided by each CCP using a VaR-based method, replicating the method previously used to calculate regulatory and economic capital. This margin is calculated by the CCP, and while member futures commission merchants can dispute the amount on behalf of themselves or their clients, it is not a bilateral collateral dispute as has been the case, but a notional dispute. The margin requested by the CCP must be paid.

Again, there is an echo from the move from republican to imperial rule of the Roman Empire. Caesar and his supporters saw that Rome had become weak and that it needed stronger, more centralized leadership, which in theory would remove the corruption of the elections but would retain a senate as a nod towards the system that had served the Republic through its massive expansion.

Experience is the teacher of all things

What lessons can be learned from the violent demise of one of the most celebrated tacticians in history?

Seismic changes, regardless of intent, need to carry the mass market with them. In Gaius Julius Caesar’s case, the political change was too dramatic for the senate, and it was to be his heir Octavian who would become Rome’s first emperor.

In the case of central clearing, there are the means available for the FCMs and their underlying clients to replicate, validate and maintain a check on their required margins. As long as such remedial actions are taken, the switch to a systemically safer swaps market in the twenty-first century should be considerably less painful than the change from republic to empire in Rome 2050 years ago.

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Risk, Baseball and a Brand New Year of Opportunity

Posted by

This blog post was originally published on TabbFORUM.

It’s 2013. The days are lengthening again, and the risk world is facing an environment that is more concrete, while remaining every bit as challenging as it was before the millennium became a teenager.

The challenges faced by risk departments everywhere are well known, and include rafts of new regulations from Basel and Dodd-Frank, and data sets including the recent financial crisis, pointing to very likely high volatility in the months and years ahead, central clearing making calls to the risk management quant teams, and a low inflation/interest rate state continuing to cause anxiety in the pension world. With such a backdrop, it is easy to see risk management as an exercise in compliance at the lowest cost, but as Brad Pitt playing Billy Beane in the baseball movie “Moneyball,” demanded of his staffers: Are we asking the right question?

It is true that risk can be seen as simply calculation of “buffer capital” in the form of regulatory capital, margin, or collateral, depending on the underlying activity, but this crucially ignores the management aspect of “risk management.”

A couple areas in the financial markets illustrate this point well.

On the buy side there are the pension funds, where risk management has traditionally been based around performance and volatility tracking of fund managers against their benchmarks. Essentially, this meant that the risk management itself was really only addressing the risk of poor manager selection, rather than exploring the deeper risks of the fund as a whole. This view of risk is changing, however, as many funds face being under-funded against their liabilities as returns dry up and pensioners live longer than originally accounted for.

The question becomes one of calculated excess risk, often with derivatives being used to leverage the fund, and risk budgeting being used to allocate that excess. In a nutshell, risk budgeting involves:

  • Understanding the risk, or possible loss profile, of the benchmark of the overall pension fund. VaR or conditional VaR (VaR shortfall) is most typically used as the risk metric
  • Determining a level of risk, or increased level of possible loss, that the fund is willing to take on, to make up any underlying funding deficiencies
  • Allocating the excess risk to the underlying managers who run the assets for the fund

So far so good, but the situation is complicated by the fact that many funds use external managers who operate against alternative benchmarks. This means that for the fund to be well managed, and the risks fully understood, the central risk managers also need to understand:

  • The risk or potential loss profile of the fund benchmark (i.e. the fund assuming that it was invested exactly against its benchmark)
  • The risk or loss profile of each external manager’s benchmark (again the amount of the fund allocated to that manager, assuming investment to be exactly in line with the benchmark)
  • The basis or allocation risk between the aggregate external benchmarks and the fund’s official benchmark (this is the risk associated with the selection of the external managers themselves)
  • The risk or potential loss profile created by the external manager’s investment choices, or the stock selection risk (this is measured between the actual external portfolio and the external manager’s benchmark)

The risk budgeting itself is a mix of selecting managers with riskier benchmarks and then allowing those managers the latitude to actively increase their risky positions against their own benchmarks.  The two elements have to be taken together, and once they are, the risk profile of the fund, using well tested risk methodologies, can be fully understood, and used to actively control the increase in overall fund riskiness, in search of higher returns to make up funding gaps.

This type of risk-based fine tuning transforms risk departments from performance measurement departments into active risk controllers, adding considerable value to the business at a time when it is desperately needed. In this instance, the right question is really about solving an under-funding issue, rather than a risk management one.

On the sell side, the adoption of VaR-based margining by central clearing venues opens up many opportunities for risk practitioners to actively add value to their firms. These would include:

  • Ability to calculate the optimum venue, margin-wise, for any new trades to be cleared
  • Full control of regulator-required “independent margin”
  • Margin minimization using futures, where allowed, to offset cleared OTC trades

In both cases, on the sell side and on the buy side, risk is actively enabling informed decision making and empowering those who choose to use it in that way. Both are simply asking a different question to the original, “How do we cope with the latest requirement?”  In the case of pension funds, we are asking how best to solve the under-funding problem, and in the case of central clearing, we are asking how best to profit from the new environment. In both cases, the use of well understood risk management techniques is the answer.

In what should be an interesting year for risk managers across all sectors, the first step begins in looking afresh at the problem, seeing the opportunity and ‘getting on first base’ with the solution.

Happy New Year!

While you’re here…

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Risk Management: Yippee Ki Yay, Rogue Traders

Posted by

This blog post originally appeared on TabbFORUM.

The holiday season is upon us, and with it comes a slew of reruns of classic holiday films along with the annual financial reporting season and its attendant analysis of institutions’ risk management capabilities. Seemingly unrelated? Actually, the two are inextricably linked via one of the greatest holiday season films of all time: Die Hard.

At its heart, the Die Hard franchise is a veritable case study in risk management, with stress testing and the role of an “on-the-ground” risk manager front and center.

What closely aligns the film series with practical risk management are the recurring themes of:

  • Distraction – Typically the villains engage in a more elaborate “meta plan” which fully occupies the law enforcement agencies, while they (the villains) concentrate on a far smaller, and often simple robbery
  • Automation – The law enforcement agency moves through a tried and tested “playbook” in response to the more elaborate plan, which leaves the underlying crime being committed largely undetected until it is too late

This has always struck me as being exactly the situation risk managers face. Typically, when risk tolerance breaches are detected, there is a reasonably automated response, which runs something along the lines of:

  1. System alerts a breach
  2. Breach is identified to risk-taking area (trading, portfolio management, etc.)
  3. Risk-taking area refute the basis of the breach (bad data, incorrect trade representation, bad risk models, etc.)
    1. Risk analysts scramble to check data inputs and re-validate models
    2. Risk-taking area continues with the position
    3. Risk finally (re)prove those elements in doubt
    4. Position is closed by risk-taking area
    5. Profits were made (or losses were incurred) on a position that was out of risk tolerance

It is not reasonable to suggest that every time a trader or portfolio manager doubts the risk reporting they are, in fact, using the system to maintain an out-of-compliance open position, but there are certainly cases where this is the case and even when not the case, the risk of losses from a position that was identified as out of tolerance exists and needs to be addressed.

The only way that this (deliberate or accidental) distraction play can be beaten is to start with a more transparent base for the results. This means that when the breach is identified, the underlying parameters of that breach are also identified. This would include:

  • Trades, and the representation used by the risk engines, shown in the risk reports
  • Market data used to calculate the risk disclosed within the risk reporting
  • Back-testing of risk models shown within the risk reporting

Once these areas are made open for scrutiny, it becomes much harder to simply send the risk analyst back to the risk department to check their data, and far more likely to initiate a discussion regarding the underlying cause of the risk tolerance breach. Of course, opening up the models for scrutiny can create more initial negative feedback, but does result in a far more bought-in and well-grounded risk architecture.

But back to the film. Die Hard is not just a well-made warning against distraction and automated responses. Perhaps its greatest contribution to the genre of risk management is in its attitude to stress testing.  The first, third and fourth in the series are particularly striking in this regard. It is interesting how the stress testing within the films magnifies with each installment:

  • Robbery of bond certificates using law enforcement protocols around hostage-taking to guarantee the “fail-proof” safe will open
  • Robbery of gold bullion using law enforcement protocols around threatening multiple schools, in New York to guarantee no police interference
  • Theft of electronic financial records using law enforcement protocols around an organized cyber-attack, on the US infrastructure, to avoid detection of actual crime

Each of these stress tests is dynamic and designed to test the infrastructure to failure. Each uses the technology and incentives of the time and each shows holes in the fabric of the risk management in place. These are textbook descriptions of what a financial institution’s stress tests should be designed to do.

Note that this is not the same as regulatory stress testing, mandated by the system to test that system’s resiliency, but more about ensuring that the practical risk management in place in a financial services firm is robust enough to detect, and flexible enough to operate, at the practical level, to be effective during an unexpected event. Determining exposures and risk sources at the tail in a high pressure situation should be within the remit of a risk management system.

The final lesson of the franchised powerhouse is the need to maintain human control. Notably, it is Bruce Willis’s hard bitten cop who initiates the override of the automated response and takes control of the situation, thwarting the underlying crime. This is a subtle yet compelling message to risk managers.

Risk management architecture and tools are just that: tools. They should aid the risk management, but to be truly effective, risk managers need to understand the underlying rationale for the tools, the underlying math of the risk engines and the underlying purpose of the risk management department itself.

If they can do that, they should rarely find themselves “in the wrong place at the wrong time.

While you’re here…

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Risk Management: Conferences, Convergence and Catastrophe

Posted by

This blog post was originally published on TabbFORUM.

Late October 2012 saw an RMA conference on risk management in Dallas, the annual FIA conference in Chicago, and a catastrophic natural disaster in and around New York. While these were separate events with very different impact levels, all three were connected by the complexity of modern risk management, what it means, and how its outputs can be understood and used.

Dallas

Conversation at the Risk Management Association event in Dallas was focused largely on developing, implementing and managing a risk appetite within a financial institution. This tackled from multiple angles, including liquidity risk, market risk and credit risk. The recurring theme of the discussions was the difficulty in developing a framework that works both top-down from an enterprise-wide risk tolerance perspective, and bottom-up from an individual risk contributor’s perspective.

Risk appetite definitions ranged across benchmarked “active” risk budgeting (VaR against benchmarks), economic capital, collateral and funding costs, VaR and VaR shortfall. As has been noted before, it is interesting that in the aftermath of a financial crisis which saw VaR receive critical attention, its use is expanding into bilateral calculation of collateral and central clearing margins.

Chicago

It was those same central clearing margins that took center stage at Chicago’s Futures Industry Association conference. As a business more used to exact calculations built on lot sizes and observable prices, the relative complexity, convexity and simulation-based margining of interest rate swaps are causing many to strengthen their technical architecture and approach. As the single largest OTC derivative class heads to the margin model, FCMs and their clients are becoming familiar with historic simulation, decay factors and look-back periods. At the same time, the margin posted is looking more and more like an alternative for economic capital, even using the same techniques to generate the number.

The VaR number itself, of course, is essentially predicting the minimum loss that would be expected to happen at the specified percentile. For example, a 99th percent VaR predicts the minimum loss that should be expected to happen once in every hundred days.

New York, New Jersey, and Neighboring Areas

As the conferences in Dallas and Chicago were happening, the tri-state area of New York, New Jersey and Connecticut were actually experiencing a devastating weather event.

The parallels between a VaR calculation and this “perfect storm” are as inescapable as they are shocking. Defined variously as a tail event or a 2.33 standard deviation event, the VaR cases are typically characterized by multiple loss-causing events occurring within the same simulation. This is a low percentile by definition, but has an extremely large impact. In terms of what faced the northeast U.S., a high tide and a hurricane create the worst possible outcome for the shoreline areas. Here, risk management hits closer to home.

Risk management is a control function that mitigates, to a degree, the impact of the extremes. It is also a fact that events deep in the tail are often uncontrollable.  It was with shock that reports of Hurricane Sandy’s effects were viewed, and with a sense of humility that the aftermath restorations are being tackled.

Risk can often be seen as a dry academic subject, as more theory than reality, and the discussions in Dallas and Chicago could lend weight to that opinion. However, the events in the tri-state area graphically and violently demonstrated that tail events do happen, and enormous damage can be caused when extremes collide.

While you’re here…

vice president, risk solutions, SunGard's capital markets business

Connect on LinkedIn

Cage Goes in the Water. You Go in the Water. Shark’s in the Water.

Posted by

This blog post originally appeared on TabbFORUM.

In the 1975 summer smash Jaws, a rogue shark terrorizes a summer town. In addition to being responsible for more aquaphobia and galeophobia (the fear of sharks) than any other film in history, it does highlight different responses to a problem. Much of the film is set on board the Orca, highlighting the tension between an old-school captain and a scientist who is keen to make sure that “non-rogue” sharks are left in peace. The bemusement of the boat skipper at the scientist’s willingness to jump in the water with the sharks is emphasized by the singing of an old shanty after most of the two men’s encounters.

The comparison comes to mind when reading that a CRO has been appointed at Knight Capital. While I am claiming no specific knowledge of Knight Capital’s particular situation, it is clear that the announcement of a CRO role at any firm would convey a sense that the institution is taking its risk controls very seriously, and implies that a C-level appointee will be tasked with instilling a more culturally based risk attitude across the firm. Although this is usually the case – and certainly may be with Knight – there are also occasions when the net effect is a person receiving the same risk reports as before, but they are now called “Chief Risk Officer” instead of head of market or credit risk.

There are some risk managers who seem to truly believe in being in the water with the sharks, with or without a cage. Those folks will typically have the risk function in or near the middle of the trading or portfolio management areas, and are more interested in actively engaging in strategic and tactical discussions than producing increasingly detailed reports. Key to this engagement is the CRO’s willingness and capacity to debate the risk numbers, what they mean, and the models used to create them. Typically this debate results in some changes on the risk side, but supports a far more bought-in stakeholder group. Further, in this scenario, the floor-level understanding of risk evolves quickly into expectancy that risk is represented in strategic discussions at all levels.

The language of risk should really become the language of a financial institution. This can only happen if looking through the risk lens adds value to those in charge of taking risk and enables senior management to express the firm’s strategy and outlook in risk-based terms. It is important that this goes beyond simply risk-adjusting returns in order to control incentives. The risk numbers have to actively add value. And when that value is added and understood, the cultural shift will follow.

So, as we read about the growing number of CROs in financial services, we should pay more attention to the language used to express the future direction of the firms with those new members of the C-suite. Are they simply paying a bounty to a weatherworn fisherman and putting up a “beaches are open” sign, or are they actually in the water, in the cage, with the sharks?

…Farewell and adieu to you fair Spanish ladies…

While you’re here…

Connect on LinkedIn

How to Use Cash Flow at Risk

Posted by

We’ve all been hearing a lot about Value at Risk (VaR) lately, from discussions about its usefulness as a risk metric to likening it to a hero’s journey in Star Wars. What we don’t see discussed quite as much is Cash Flow at Risk (CFaR), which can offer significant insights in as one looks to control costs. But it’s important to know the differences between VaR and CFaR, and to know how CFaR can benefit the firm.

How does CFaR differ from VaR?

VaR signifies the value which can be lost in a portfolio of financial derivatives with x% certainty (e.g. 95%), in a given time horizon (e.g. 1 day). On the other hand, CFaR signifies the cash that would be received from or paid to a portfolio of transactions with x% of certainty over a given time horizon (e.g. 365 days). Value at Risk looks at the anticipated change in the value, while Cash Flow at Risk looks at the expected cash-flows exchanged upon consummation of the transaction. This makes CFaR a value that corporate hedgers can use to identify the risk associated with changes in the prices of a commodity they may purchase or sell.

How could a firm use CFaR?

Cash Flow at Risk is a Monte Carlo simulation methodology with a longer time horizon. For example, an airline could use CFaR to simulate the future expected price of jet fuel for next quarter, or over the next six months, or even over the course of the next year.

If that airline were considering hedging their potential exposure that could result from jet fuel purchases, several critical management decisions must be made, starting with these:

  1. What is the firm’s business objective?
  2. Should we hedge at all?
  3. If so, how much should we hedge?

For more details about the best practice approach to hedging using CFaR and for the step-by-step of a real-world example, download the latest paper from SunGard’s Kiodex business unit.

Step 3 is where CFaR really comes into play. Results from running a Cash Flow at Risk calculation ultimately represent a “market consensus” forecast of the jet fuel prices that uses objective statistical analysis, eliminating subjectivity. As a result, CFaR should increase shareholder and management confidence that the company is making intelligent hedging decisions, which should lead to better cost management.

It should go without saying that an effective risk management policy requires an objective and statistically sound methodology. Cash Flow at Risk is a tool that can provide this. At the end of the day, CFaR answers one of the most pressing questions facing the company:  What is the consensus opinion on the outcome of commodity prices in the future? Knowing the answer to this question can mean the difference between making an intelligent or a misguided hedging decision.

While you’re here…

trading and client connectivity, SunGard’s global trading business

The State of Listed Derivatives [UPDATE]

Posted by

DECEMBER 2012 UPDATE:

2012 has seen the multi-year boom in listed derivatives trading suffer an abrupt reversal, with a 10%+ decline in year-on-year volumes. The boom had seemed to be indestructible, buoyed up as it was by the surge in world commodity markets and growth in currency futures volumes. Several other factors also contributed: wider buy-side market awareness, particularly in emerging markets, more flexible investment mandates at many firms, and the need to hedge against persistent cash market volatility.

ORIGINAL POST:

2011 saw the highest volumes ever recorded across the world’s listed derivatives markets. Despite some quieter early months in 2012, the longstanding volume growth trend still appears to be in place, led by the surge in commodity trading and by booming currency futures volumes. Several factors continue to drive this trend: wider buy-side market awareness, particularly in emerging markets, more flexible investment mandates at many firms, and the need to hedge against persistent cash market volatility.

But look more closely, and things don’t seem quite so rosy. Deal sizes are shrinking, driven in part by growth in the use of algorithmic trading strategies, and client demands continue to grow for DMA and algo access to an increasing number of global exchanges. Coping with these amid rapid changes in market conditions, such as the commodities boom, and in increasingly competitive conditions, is clearly no rest cure. And trading and clearing costs for the brokerage community remain relatively high: the pricing pressures due to inter-market competition in equities have not yet translated to the world of derivatives, with its proprietary contracts and vertical trading/clearing silos.

Adding to these direct business pressures, in the wake of the global financial crisis the derivatives sell-side is also receiving unprecedented levels of regulatory attention. The largest issues are of course those associated with global regulators’ drive to push OTC business onto electronic platforms and central clearing. As the OTC and exchange traded markets become more alike, we can expect significant impact on the way that brokerage firms structure themselves to address their clients and interface to trading venues. But while we wait for these changes to take effect, the primary regulation-driven focus in most exchange-traded brokerage businesses is on risk management.

This former Cinderella area of business operations is now central. Derivatives position risk forms part of firm-wide considerations, but two core issues are specific trading room concerns:

  1. Pre-trade risk management traps some major risks – including many erroneous and/or limit-breaking orders – at the most appropriate time: before they hit the markets. Responding in some cases to direct regulatory demands, many firms are extending and tightening their electronic pre-trade controls, with latency considerations ultimately determining how much it is practical to do before sending an order to market. Guidelines published by FIX Protocol Limited, recently updated and extended to cover futures and options, are a useful contribution to developing best practices. In Europe, the 2012 ESMA Guidelines for automated trading engines are also relevant: fortunately for firms striving to stay in compliance, the ESMA risk management requirements are broadly consistent with the FPL recommendations.
  2. The biggest issue in commodities is of course position limits. While legal tussles continue over the Dodd-Frank/CFTC rules, implementation may be required by year-end 2012, and we await ESMA’s crafting of the MiFID 2 principles into new European regulations. Full compliance with the CFTC rules in their current form implies assessing real-time global positions in a range of commodities: this will be very demanding for U.S. firms trading internationally and across multiple listed and OTC markets. There must be concerns about potential regulatory arbitrage as long as these rules are not applied worldwide.

Keeping up with all of this change is not easy. But it’s not only about compliance: it is enabling risk managers to win budget and resources for projects that they have long thought important or even necessary. The end result, one hopes, will be fewer concerns about business survival if we face another market meltdown.

While you’re here…