With the majority of financial institutions and regulated pension funds undertaking extensive de-risking of their respective trading portfolios, it is imperative that robust risk frameworks are in place to ensure that all aspects of the portfolio are managed in a transparent and efficient way, particularly in terms of asset diversification. Financial institutions’ balance sheets are currently undergoing major asset reductions in order to achieve their regulatory capital requirements, without compromising their core business revenue targets. Given these regulatory demands, it is now more crucial than ever to ensure that adequate investment in process, controls and systems is maintained in order to achieve the accuracy, timely risk, position reporting and benchmarking for both management and regulatory disclosure.
Trading desks are being assessed not only on the revenue that they produce but also on the capital utilisation being used to achieve this income. This requires risk managers within their respective organisations to work closely with the business across all risk functions and asset classes. They need to analyse the specific concentrations and diversifications in order to determine the most appropriate de-risking and hedging strategies to be implemented. This can only be effectively achieved with the existence of a comprehensive risk framework that empowers policies to incorporate updated regulatory requirements and the risk appetite of the institution.
Risk Framework Objectives
The overall objective of any risk framework is to ensure that all regulatory requirements are maintained, without impinging on the commercial needs of the business. At the same time, it needs to be scaled appropriately against the risk appetite of the organisation’s board of directors. With this in mind it is important to ensure that a ‘best-in-class’ risk framework is used and to be confident that this framework has the ability to produce transparency and accurate reporting of the risk portfolio. That way an analysis of de-risking strategies can be accurately carried out for management consumption.
An organisation’s risk framework has to be reviewed periodically across both policies and procedures in order to ensure that all aspects of the business are clear on the ownership of risk, along with the governance structure and standards of measuring, monitoring and reporting on an accurate and timely basis. The delivery of an appropriate risk framework essentially enables an organisation to meet its regulatory requirements while facilitating the business needs of its trading desks, in-line with the risk-reward appetite in order to achieve defined revenue targets.
The risk strategies and the risk-bearing capacity of an organisation for the individual business divisions needs to be consistent and continually developed as part of an interactive process. The regulatory environment has matured considerably in recent years in this regard, with organisations now required to articulate and report on their risk-bearing capacity, risk strategy and risk appetite as part of the Basel II requirement of the Internal Capital Adequacy Assessment Process (ICAAP). Basel III is on the way as well.
The Core Principles of Risk Management
The management of risk can be defined through the following core principles:
- Engagement and approval authority.
Incorporating these principles into a robust risk framework enables an organisation to de-risk and manage its capital requirements across all asset classes effectively and efficiently.
Within the risk framework, it is the responsibility of each trading desk, fund manager or business area, which may include some treasurers at advanced multinationals that look to profit from their hedging activities, to manage their risk exposures. Both the hedging/de-risking strategies and positions that they implement are a fundamental component of ownership and responsibility, providing the framework on which a trading portfolio can be hedged or positions closed for de-risking, on either a micro or a more high-level management of exposures across a business line. Ultimately, the responsibility for implementing any de-risking strategy lies with the individual business line manager or fund manager on a daily basis, and with central management or the board at the very top level.
The Fundamentals of the Review Process
As part of their primary function, risk managers should undertake a review of the de-risking strategies that are being undertaken, at either a macro level or business line, or on a daily basis within the trading group in order to determine both concentration and diversification effects. When performing such reviews of de-risking strategies, a number of considerations need to be taken into consideration; such as the choice of instrument, the size of the hedging position, market liquidity and concentration, and the degree of basis risk between the underlying and hedging instrument, along with timing factors for implementation of the de-risking strategy. This is even more relevant to fund managers where concentration risk in industry sectors, countries and counterparties can make de-risking difficult to achieve in a short period due to market conditions and liquidity.
Where de-risking is being performed, risk managers also need to weigh up the individual capital impacts on credit, market, liquidity and operational charges, along with the diversification and concentration effects across the portfolio in respect of the asset classes. Where concentration risks arise, either as holding positions with similar characteristics to a significant size, or an adverse development of a limited number of risk factors, this could lead to both a significant loss and major capital requirement under current regulatory rules.
Defining Risk Appetite and Strategy
Given these potentially dangerous and unwanted outcomes, it is important that the appropriate governance and supervision that the risk framework provides is matched to the overall risk appetite and strategy set by senior management. By establishing limits and monitoring, an organisation is guaranteed the key control and transparency needed to manage both the portfolio and capital requirements effectively. The use of key metrics, such as economic capital, value-at-risk (VaR), stress testing, sensitivity and position limits, credit and default limits and concentration risk, combined with robust, accurate and timely reporting, effectively allows an organisation to de-risk appropriately.
On the reporting of de-risking strategies, such as the implementation of hedge positions, it is important that the calculations used in determining the risk are easily decomposed at each stage of the risk reporting process to give transparency and validation. Risk managers often request macro hedges to be segregated, to enable more accurate monitoring of the de-risking strategy as well as standalone analysis to be undertaken.
Within a robust risk framework, reporting principles such as standardised reporting platform, materiality and relevance of reports, production scalability and flexibility along with infrastructure enhancement are required to enable efficient risk management to undertake both de-risking and hedging strategies. This has become paramount over recent years with the regulatory requirements of both Basel II and III, and the Capital Requirement Directive (CRD3), coupled with every organisation attempting to rebalance their respective balance sheets by focusing on their core businesses. Don’t forget either that the final CRD4 proposals, associated with the incoming Basel III changes, are due to be unveiled in Europe next year.
Senior management is now more focused on analysing the drivers and diversification affect that macro hedges have across the portfolio, on the basis of managing the risk weighted assets (RWA) for capital efficiency effectively. This has created an operational strain on risk infrastructures, in order to produce and maintain transparent and accurate reporting, especially for regulatory requirements. This puts further emphasis on the need for an infrastructure that provides timely, transparent and accurate reporting of the risk portfolio, to support de-risking decisions in an effective and efficient manner by senior management.
The steep demands of the CRD3 changes, such as stressed VaR and incremental risk charge (IRC) on a timely basis for regulatory reporting, have impacted the vast majority of institutions. Their ability to leverage their current risk framework is no longer feasible due to capacity constraints on the systems’ infrastructure. In turn, this has dictated the need for a greater integration of risk reporting within the organisation’s hierarchy, combined with the flexibility to undertake scenario analysis to determine the diversification impact of macro hedging.
Robust processes and systems are essential for accurate and timely risk reports, combined with the ability for increased capacity of usage at all levels of the business. This requirement has necessitated further investment in the current infrastructure, together with ensuring transparency of the risk factors being used in both VaR and economic capital calculations, if the de-risking and capital management strategies are to be effective.
Overall, it is important that institutions have a robust risk framework in place to provide management and the business with the transparency needed to enable efficient de-risking to be performed. That being said, the significance of a robust systems infrastructure cannot be underestimated, complete with the appropriate controls and capacity to facilitate these requirements. Only then can it be managed efficiently with timely and accurate reporting in place.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.
Despite all the automation and improvements that digital banking has the potential to achieve, customers and their needs still form the very core of the banking sector.
Banks might feel justified in victim blaming when fraud occurs, but it does little for customer confidence.