Managing risk is one of the core activities of a financial institution. Of course, procedures and governance structures have to be in place, but on top of that front experience and common sense are critical, argues financial expert Patrick Oberhaensli.
He teaches the Financial Risk Management program at the Amsterdam Institute of Finance, and shares unique insights from a career spanning over thirty years in banking and finance.
Financial institutions face three main kinds of financial risks: market risks, liquidity risks, and credit risks. Market risks result from movements in financial markets like interest rates going up or down, or, having a long exposure, declining valuations in stock markets. Liquidity risks relate to both market transactions as well as funding including the risk of a bank run. Finally, credit risks typically involve losses due to debtors’ inability to honor their obligations.
“You should never rely on just a mathematical perspective of a problem.”Patrick Oberhaensli, CFA, Founder/CEO EVOLIDS FINANCE LLC
Origin of risk
To be able to manage risks it’s important to properly identify what the origin of a specific risk is. Though the difference seems clear cut, often there are difficulties properly defining the categories, Oberhaensli explains. “Take credit spreads. These can increase or decrease depending on the market. So, unless the spread explodes, this is a market risk. But some would put it under credit risk. This leads to confusion.”
Another complication is that risks tend to be correlated, especially when market conditions deteriorate. A famous example occurred during the 2008 financial crisis when large numbers of supposedly partly diversified subprime mortgages went into default at the same time. Highly rated senior products that had these mortgages as collateral, CDO’s AAA tranches, were therefore hit as well.
“To manage these kinds of correlations you have to map and model the risks systematically and then use common sense as well. You should never rely on just a mathematical perspective of a problem”, says Oberhaensli.
Common sense in risk management and control can develop with experience in the financial markets.
Front experience and common sense
This is key in financial risk management. “When I say common sense, it means that you need to have people with experience in the financial markets. Only then can common sense in risk management and control develop. People with profit and loss (P&L) responsibility that have actually seen their numbers going down when the markets got into trouble. In the role of Chief Risk Officer function, you have to be able to recognize unfavorable market situations and, even better, be able to anticipate those with realistic scenarios. If you lack experience you cannot do that extensively.”
Silicon Valley Bank
Recently the financial industry got a reminder how dramatic the outcome can be if risk management is inadequate. When many of its clients tried to withdraw their deposits within the span of a few hours, Silicon Valley Bank was brought down. Depositors had to be bailed out via the US Treasury and Federal Reserve and the bank was put in receivership.
The loss of confidence was the result of market developments. A strong rise in interest rates had driven down prices of bonds on the bank’s books, from an economic point of view virtually wiping out its capital. The bank had made the mistake of letting deposits grow too large, says Oberhaensli. “It’s almost unthinkable that they did not see what kind of unhedged exposure they were building. One thing they could have done was to not accept further cash deposits. Of course, when you refuse business that’s normally bad for your bottom line. This means that strategically they would have needed to clearly state the way they did business and how they hedged their unwanted exposures.”
At the operational level, the interest rate exposure should have been managed by hedging. “A typical way to do this would be to use interest rate swaps. With a payer swap they would have paid the counterparty interest based on a fixed rate, while they would have received interest based on a floating rate. That income stream could then have been used to pay interest on cash deposits. But you could also have used futures or options. The rest risks still required to be dealt with.”
That SVB did neither of these is in Oberhaensli’s view the result of very poor risk management and control. He points to gaps in the governance structure. “For months while the CEO speculated that interest rates would stay as low as at the end of 2021 there was no Chief Risk officer. That’s bad corporate governance. Had they had a proper organization with, among others, a permanent professional Chief Risk Officer, the likelihood of this happening the way it did would have been much lower.”
Coherent risk management framework
Adequate risk control is about putting in place a coherent risk management framework that goes from the strategic down to the operational level, Oberhaensli concludes. “It’s about properly identifying the risks and then mapping them. Then it is also about procedures. If you say that you want to hedge systematically, you need to have that correctly implemented in terms of human resources, and of course IT resources. Finally, risk control is about keeping things under control and addressing the major risks”, he concludes.
Develop essential financial risk management skills in a consistent way, with unique insights. Join the 3-day Financial Risk Management program by financial expert Patrick Oberhaensli at AIF. Learn more & reserve your place here.