Not according to Scholes, who points to the inconsistency of praising intuition over quantitative analysis on one hand, while simultaneously using intuition to develop and select financial models in the first place. However, even the strongest advocates of quantitative risk measurement will concede that it is an imperfect science, and the simplifying assumptions required to model risk will necessarily represent a distortion of reality to some extent.
In order to effectively use financial modelling as a risk management tool, it is therefore important that the inevitable weaknesses of attempting to model risk are understood, and that these weaknesses are considered in the design and application of the model. When this is the case, risk modelling can be an extremely helpful technique to help corporate treasurers to expose, communicate and manage financial risk within their organisations.
The central idea behind risk modelling (and indeed financial modelling generally) is to isolate certain key variables (model inputs) and use them to determine potential future outcomes (model outputs). Models which directly link specific inputs to specific outputs are often referred to as deterministic models. Conversely, in a probabilistic model, an element of randomness is included, and therefore the output is not a unique value, but a rather a probability distribution. Both types of model can be used to model risk; basic scenario analysis (e.g. the impact on cash flow if euro/US dollar increases by 10% is US$1m) would be a commonly used example of a simple deterministic model, whereas using a Monte Carlo engine to generate multiple possible paths for the underlying exposure (e.g. foreign exchange (FX) rates) would turn the model into a probabilistic one (e.g. the probability of a US$1m cash flow impact is 10%).
Clearly, the assumptions which lie behind both deterministic and probabilistic models are, in effect, simplifications of the real world. Many factors, some of which may be of significance, are ignored, and certain assumptions regarding model inputs (and the relationships between them) may not always hold. While such simplifying assumptions are necessary to make risk models workable (the complexity of a model increases exponentially as new factors and relationships are added), they are also one of the main reasons why risk modelling is the victim of such vociferous criticism.
Particularly following the ‘failure’ of risk models during the financial crisis, a number of critics have highlighted the flaws inherent in several common assumptions used in risk modelling (the use of normal distributions in probabilistic models, and the subsequent failure of models to account for extreme market events, was an especially easy target). Not only is risk modelling based on unrealistic assumptions, state the critics, but it leads to overconfidence and creates an illusion of control. If your smoke alarm is faulty, you might sleep a little bit too deeply, confident in the possibly false belief that you will be alerted in the event of a fire.
While such criticisms have undoubted merit, and should be carefully considered when designing and using a risk model, the benefits of risk modelling can be substantial when used appropriately.
Perhaps the main benefit of modelling financial risk is that it adds structure to the risk management process, by encouraging the analysis of both individual risk factors and the relationships between them. The very process of gathering, inspecting and structuring the data that is often necessary to build a risk model can contribute to a better of understanding of the sources and effects of financial risk on an organisation.
A second important benefit is that it can facilitate the communication of risk to key stakeholders, both internal and external. It is only through modelling risk that certain key risk dynamics, such as probability, can be clearly communicated, and even if such models are not completely accurate, they can still help communicate the potential impact of risk in a way that is much more tangible and resonant. Quantifying the probability of an adverse impact will tend to make that impact much more real than vague, non-specific statements (even if the measurement is an imperfect estimate).
Third, a robust risk modelling process facilitates risk management decision-making by enabling the objective comparison of alternative hedging strategies; if risks are not modelled, the ex-ante impact of hedging strategies cannot be meaningfully compared.
The key to the successful application of financial risk models within the corporate treasury will usually involve ensuring that the key weaknesses of risk modelling, oversimplification and overconfidence are carefully managed. This can be achieved in a number of ways, including:
Explicitly stating model assumptions and their implications (particularly when they are known to be inaccurate – such as assumptions of constant volatility, or normal return distributions).
Make the model as simple as possible – the law of diminishing returns will often apply when adding complexity to a financial model, and clarity can be inadvertently sacrificed in the quest for accuracy.
Relative outputs can often be more valuable than the absolute outputs – for example, using a probabilistic model such as cash flow at risk (CFaR) to compare the relative ex-ante performance of possible hedging strategies can often be more useful than the actual CFaR figure itself.
Most importantly, ensuring that risk models are always used, interpreted and applied using common sense, judgement and experience.
Referring to the futility of attempting to apply scientific analysis to the markets, Sir Issaac Newton once stated: “I can calculate the movement of the stars, but not the madness of men.” (Understandably, this comment was apparently made after he lost £20,000 during the South Sea Bubble). When dealing with financial markets, these words clearly illustrate why humility is perhaps the most important trait of the successful risk modeller.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.
Accidental data breaches are causing almost as much concern as the steady rise in ransomware attacks, reports insurer Beazley.
The statement issued by the bank also suggests that fiat currencies are superior, due to their price stability.