In the previous chapters, we spent a large amount of time describing how risks can be measured. In this chapter, we discuss how risk measurement is used in risk management. A bank’s risk-management function is typically headed by the chief risk officer (CRO). Reporting to the CRO will be the chief credit officer, the chief market risk officer, and the chief operating risk officer. Within the market-risk organization there are three groups: policies and procedures, risk measurement, and risk management (Figure 11-1). In this chapter, we describe the work of each of these groups, especially the business of setting and managing risk limits.
The staff of the policies and procedures group typically has a background in audit, operations, and financial reporting. Their task is to establish and maintain a framework of policies and procedures to ensure that the trading operation is well controlled. The task can be broken into three components: defining responsibilities, ensuring disciplined risk measurement, and approving new operations.
Responsibilities should be established for the risk management group, the head of trading, accounting, information technology, operations, and the legal department. The distribution of responsibilities should ensure that for every risk the bank faces, someone is responsible for reporting the amount of risk, and someone is responsible for acting to control the risk.
FIGURE 11-1 Typical Organization of a Market-Risk Management Group
In establishing the responsibilities, it is very important that the risk management group does not report to the trading group. They must report directly to the CEO or senior risk committee. Their pay and promotion must not be dependent on the trading group. Similarly, the settlements and accounting groups must also be separate from the traders.
Before individuals are allowed to trade, they must receive a formal delegation of authority to trade. The delegation of authority to trade is a document signed on behalf of the CEO that specifies the individuals who are allowed to commit the bank to make a trade with a counterparty. The document should specify which products may be traded by each individual and desk. The document may also specify the pricing models that may be used.
The policy group should establish the procedures to be used for reporting risk-measurement results. The risk measurements are used to control the bank and report to external authorities, such as the regulators. It is therefore important that the measurements should be made in an approved fashion. The policy group will provide the rules for how new risk-measurement models get approved for use by the bank, when and how they should be tested, and who is allowed to use them. For example, it should not be the case that a trader is able to access and alter a system that is calculating the risk of his or her position.
In the natural push to remain competitive, the bank’s operations and products are continually changing. Policies should be in place for approving new products, new pricing models, and new counterparties. The approval policy for new products should require that there be a business case for introducing the new product, clear specification of who may trade the product, and a plan for how the risk-monitoring and accounting systems will be changed to include the product.
The approval policy for new pricing models should include a parallel spreadsheet calculation made by the risk management group to verify the accuracy of the model. The approval should also specify which products are to be priced using each model.
The approval policy for new counterparties is typically created in conjunction with the settlements and credit groups. The settlements group will ensure that they are satisfied that the counterparty can reliably deliver and settle any trade that the counterparty makes. The credit group must verify that they are satisfied that the counterparty is unlikely to default. According to the creditworthiness, limits will be set on the amount of trading that can be done with the counterparty.
The risk-measurement group is typically staffed with “quants,” i.e., people with strong quantitative skills. The group must also have information technology (IT) staff to operate the systems required to manage the large amounts of data that must be fed into the risk calculators.
The goal of the group is to produce frequent, timely, accurate risk reports both for internal and external constituencies. The main internal constituencies are risk management, senior management, and the traders.
Senior management uses the reports created by risk measurement to ensure that the risks match the amount of available capital, and to decide if they are comfortable with the risk profile of the bank. To do this, they need to know the total risk and the main sources of risk, both in terms of portfolio and risk factors.
The traders use the reports to better understand their risk, to let them see how their position is correlated with the rest of the bank, and to let them challenge any possible errors in the report before it is used to assess capital charges or gets reported to external constituencies.
The main external constituencies are the regulators, rating agencies, and investors. Regulators and rating agencies use risk reports to ensure that the bank has a low probability of failure and that the capital is adequate to cover the risks. Typically, the external reports are generated monthly or quarterly and include bank-level VaR, backtesting results, and available capital being held.
Investors use the risk section of the annual report to be sure that the bank has adequate risk controls and that the risk is commensurate with their expected return. All major banks now include a report from the risk management group including the average VaR for the bank’s major operations. The section discloses the broad methodology used for risk measurement, a description of controls, and measures of the absolute level of risk, such as the average VaR.
The daily reports for internal management contain the following information:
• The absolute position showing the value of each security held and the net value of the trading operation, i.e., the available economic capital
• The P&L from the previous day according to accounting
• The P&L from the previous day according to the risk calculator
• Sensitivity, stress, and scenario reports for every portfolio and subportfolio
• The stand-alone VaR according to the Parametric, Historical, and Monte Carlo approaches
• VaRC by desk and risk factor
• The extent of limit utilization
• Required and available regulatory and economic capital
• Comments on any unusual risks or discrepancies
Wherever possible, graphics should be used to communicate this information so executives can quickly see the risk situation. Figure 11-2 illustrates the first page of a market-risk report. The subsequent pages would give the details for each portfolio, risk factor, and type of risk measurement. Figure 11-3 illustrates the contents of the first page of detailed analysis. From these reports, the risk management group should be able to identify any particularly dangerous situations quickly and take action to reduce the risk. In Figure 11-3, the most significant risk is revealed by the scenario test for a default in the emerging markets.
When reading risk reports, the main things to look for are the following:
• Significant discrepancies between the accounting P&L and the P&L predicted by the risk calculator.
• The absolute VaR relative to the net value of the operation.
• The distribution of VaR across different desks.
• Significant differences between Parametric and Monte Carlo VaR, which would indicate that the portfolio has a significant nonlinear sensitivity to price changes.
• Significant differences between Monte Carlo VaR and Historical VaR, which would indicate that the correlations assumed in the Monte Carlo VaR may not be stable or the kurtosis may be high.
• Significant nonlinearities in the results of the stress tests, which could indicate options that have the potential for creating unusually large losses if the market changes significantly.
FIGURE 11-2 Illustration of the First Page of a Market-Risk Report
• Large differences between the results of the VaR and the results of the scenario tests, which would indicate that the bank’s experts can foresee a scenario which is not reflected in the historical data used to calculate the VaR (this is the most significant risk in Figure 11-3.)
Based on the reports, the market-risk management team will investigate any areas of concern, and when necessary, act to reduce the risk to the bank.
Creation of the reports takes significant effort because of the short time available and the number of systems that feed into the risk calculator. It is very common that there will be data missing or corrupted in the market-data feeds or the bank’s position
FIGURE 11-3 Illustration of the Details of a Market-Risk Report
Conclusions from this report would be as follows: P&L from the accounting system and the risk models match moderately well. The stress tests show that there are no unusual nonlinearities in the changes in value. The scenarios show a worrying possibility of a significant loss if there is a default in the emerging markets. The results of the three different VaRs match reasonably well, so there is unlikely to be an unusual nonlinearity or sensitivity to an extreme market movement. The VaR contribution shows that almost half the risk comes from the bond desk, but all desks are well within their limits, and the available capital is in excess of the required capital.
information. It is good practice to get the relatively fast Parametric VaR results first and check them for gross errors before setting off the long Historical and Monte Carlo evaluations.
The risk management group must be able both to understand the complexities of the risk reports, and to be able to discuss the results with traders. The group is therefore generally staffed with a mixture of quants and ex-traders.
It is rare that banks give their risk managers the authority to make trades to reduce the risk. Normally, risk managers have two avenues for taking action if they detect an excessive risk: they can bring the risk to the attention of the trader and senior management, or they can change the risk limits. The risk limits are set by senior management and the market-risk management group. If traders want to extend their limits, they must first obtain the approval of the market risk manager.
The setting and management of limits is both important and complex. We take the next few pages to explore limits in detail. We discuss the purpose of limits, the different types of limits, the general principles for setting limits, and how limits can be set using the VaR-contribution methodology.
A bank’s framework of limits is the mechanism by which senior management controls the total risk that can be taken and the general nature of the risk. The limits tell each trader and trading group the maximum amount of risk that they can take. For senior management, the limits provide comfort in knowing that the total amount of risk will not be too high, and they provide a way of allocating the bank’s risk capacity to the opportunities that are likely to give the greatest risk-adjusted return. Limits also allow a delegation of authority in that a trader or desk is allowed to take any position it sees fit, so long as it does not exceed the limits.
There are two overall types of risk limits used in trading operations: counterparty-credit limits and market-risk limits. Counterparty limits depend on the creditworthiness of the counterparty, and limit the total exposure of the bank to that counterparty. The measurement and management of credit exposure is treated in the later chapters. Here, we discuss only limits on market risks.
Limits on market risks can be classified into two groups: operational limits and limits on position size. Let us first look at three types of operational limits: inventory age, concentration, and stop-loss limits.
Inventory age limits set the time for which any security is held without being sold. This is to prevent traders from sitting on illiquid positions or positions with an unrecognized loss. The time allowed will depend on the overall purpose of the desk. If the desk is expected to trade in and out of positions quickly, the limit will be on the order of days. If the desk is expected to use long-term strategies, the limits can be on the order of weeks or months.
Concentration limits prevent traders from putting all their eggs in one basket. They ensure that a trader’s risk is not concentrated in one instrument or market. For example, the FX desk may be limited to taking no more than 25% of its risk in any one currency, or the equities desk may be limited to a maximum of 10% in any one company. As protection against illiquidity, the risk managers may also limit the total percentage of a company’s equity that may be held.
Stop-loss limits act as a safety valve in case something starts to go wrong. Stop-loss limits state that specified action must take place if the loss exceeds a threshold amount. An example of a stop-loss limit would be to say that if a position loses more than 15%, it must be sold immediately to prevent further loss, and the trader should be suspended from trading for a “cooling-off” period of two weeks. Tight stop-loss limits reduce the maximum possible loss, and therefore reduce the capital required for the business. However, if the limits are too tight, they reduce the trader’s ability to make a profit.
Let us turn now to limits on position size. There are three common ways of limiting the position size: the nominal amount, the sensitivity, and the VaR. A limit on the nominal amount simply specifies the total amount of securities that a trader/desk or portfolio can hold. For example, the equities desk may be told that they may not own more than $500 million of equities. Sensitivity limits restrict measures such as the duration of a bond portfolio, the beta of an equities portfolio or the Greeks of an options portfolio.
For controlling risk, neither of these methods are as good as VaR limits, but they are still used for three reasons:
• They provide familiar, traditional risk metrics to the trader.
• They provide a safety net in case there is a problem in the VaR calculation.
• They are quickly and easily calculated, which is especially useful for positions that change rapidly within each day.
Although these methods provide a useful backstop, most banks have now adopted a VaR-limit system, at least for the major desks in the trading room, if not for the individual traders. VaR limits specify the maximum amount of VaR that each desk can cause. Before looking at the mechanics of setting the amounts for VaR limits, let us first look at the general characteristics of a good framework for limits.
The main principles to be followed in setting limits are as follows:
• They should be risk based; i.e., the measurement of limit utilization should be directly proportional to the amount of risk taken. This is the case for VaR, and generally the case for sensitivities. However, nominal limits are not risk based because two securities with the same nominal value can have very different risk profiles.
• Limits should be fungible at lower levels. This means that a trader should be allowed to take risks to exploit the best opportunities available without being too tightly bound by a complex limit system. Similarly, a senior trader should be able to move limits from one subordinate desk to another.
• The limits should be aligned with the bank’s competitive advantages. For example, a Norwegian bank could be expected to have large limits for trading Scandinavian equities but small limits for trading Asian equities.
• If a portfolio is to be managed within a given set of limits, it should not be possible for changes in another portfolio to cause the limits to be broken. Given this principle, limiting with stand-alone VaR is good, but limiting directly according to VaR contribution would not work well because the VaRC of one portfolio changes whenever there is a change in the composition of any of the other portfolios.
• Both hard and soft limits may be set. If the limit is hard, then traders know that they will be disciplined or fired for violating the limit. If the limit is soft, a violation simply leads to a conversation in which the trader is advised to reduce the position.
VaR can be used to create a limits framework that conforms to these principles.
The usual practical starting point for setting VaR limits is to measure the current stand-alone VaR for each desk and set the limits to be a little higher or lower depending on whether management wants the given desk to grow or shrink.
However, if you were starting from a blank sheet, the limits would be set by starting with the total capital available to the trading operation and relating that to the maximum amount of VaR that can be supported by that capital. For regulatory capital, the relationship is as follows:
Therefore:
This sets the VaR limit for the trading operation as a whole. For the portfolios within the trading operation, the VaR limit (VaRL) should be set including the average correlation between each portfolio. If there were only two portfolios, this would be as follows:
In this equation, we know the limit for all trading (VaRLAll) and we know the average correlation between the two portfolios (ρ1,2). We can therefore use the quadratic equation to get VaRL2 in terms of VaRL1:
The optimal amount to be allocated to each portfolio depends on the expected return per unit of stand-alone VaR. Consider an example in which one business unit is expected to return $1.5 per dollar of VaR, and another is expected to return $1.3 per dollar of VaR. Let us assume that the correlation between them (ρ1,2) is 0.3, and that the VaR limit for the trading operation (VaRLAll) is $100. Table 11-1 shows different values for VaRL1 and the consequent values for VaRL2 to ensure that the total VaR remains at $100. It also shows the expected revenue from each desk and the total revenue. For this example, the total revenue is expected to be maximized if VaRL1 equals $70 and VaRL2 equals $53.
TABLE 11-1 Finding the Optimal Combination for VaR Limits
For strategic purposes, market-risk managers typically set the VaR limits for the major desks and allow the heads of the desks to set limits for the subordinate desks. For subordinate desks, the limits may be translated from VaR into a measure that is more familiar to the trader, such as duration dollars or Greeks. To translate from VaR to duration dollars we reverse the process used to calculate VaR from duration:
VaR = 2.32 Durations$ × σr
Therefore
After the limits have been set, each day the VaR limit for each desk and subdesk is compared with the calculated stand-alone VaR for that level. The calculated VaR includes the full correlation of all positions as they stand that day.
In this chapter, we detailed how market-risk measurement is used to support market-risk-management decisions and control trading risks. This concludes our discussion of market risks in trading operations. Next, we will turn our attention to asset liability management (ALM), which comprises the market and liquidity risks associated with the rest of a bank’s balance sheet.