Risk Assessment as Due Diligence in Finance

Questioning the foundations of the economy
In the previous post, issues were raised about the Canadian financial system: Is Canada relatively immune from a deepening depression in the US and Europe? Are Canadian banks, in particular, on solid ground? The main implication I am trying to point out for risk managers is that, in whatever context you happen to be working, a multi-faceted risk assessment that questions common assumptions is needed.

Read the rest of this entry »

Read More

Risk in Canadian Financial System

In a previous post on Canadian Financial Risk, I reported on commentator Bob Chapman’s assessment. He had said that Canada has a very solvent financial system; has always been very conservative; and that while the US and Europe are headed for a significant crisis, the magnitude of its effect on Canada should be about half of what they will experience. I expressed doubt that Canada’s isolation is really guaranteed.

Read the rest of this entry »

Read More

Greek Debt Crisis-Bob Chapman’s Summary

2011-10-27 / Social, Economic and Financial Risk / 0 Comments

interview-CorbettReport-Chapman-pt2This is part 2 of financial commentator Bob Chapman’s answer to my question about the actions of speculators targeting countries’ economies, and Canada’s position. In my last post, he covered Canadian Financial Risk; here I paraphrase his answer about Greece. The interview was podcast by James Corbett.

Part 2:
What happened in Greece was a combination of things…
Read the rest of this entry »

Read More

Canadian Financial Risk

2011-10-24 / Social, Economic and Financial Risk / 1 Comments

interview-CorbettReport-ChapmanI sent in a question on Canadian financial risk to be posed to financial commentator Bob Chapman, who is interviewed every Monday by Canadian expat James Corbett. Corbett lives in Japan, where he produces The Corbett Report on political, educational, financial and other topics. The Q/A begins just before the 31:00 mark in the podcast. I will summarize the main points of Chapman’s answer here, with the caveat that it is a paraphrase, and for the exact language, readers must go to the interview itself.
Read the rest of this entry »

Read More

Risk Assessment: Manufacturing and Credit Risk

2010-06-10 / How to do Risk Assessment / 0 Comments

How should risk assessment in business be conducted? We might differentiate risk identification as an exercise in exposure analysis, using conventional categories of loss, from a more comprehensive concept of risk ID called for in Enterprise Risk Management.

An expanded idea of risk ID and assessment is useful in complex contexts.

In recent weeks I’ve been corresponding with a loss control expert based in Dubai who took my online course (How to Conduct High Quality Risk Assessment). We were trading notes on how risk assessment in business is done. He has particular challenges in risk assessment: construction and manufacturing firms are his specialty. He described credit risk analysis for manufacturing concerns:

“The most important factor is the collateral back up shown to the credit manager at the time of availing the credit, and the projected revenues after (supposed) infusion of the borrowed funds.”

He went on to say that the analyst has to check the deployment of the borrowed funds, using his/her knowledge of the manufacturing process, inputs and associated costs. The next task: “root cause analysis of failure (if the venture is on the red side ) and of the activity to generate the required revenues”, using both financial and technical engineering expertise.

I suggested: It seems to me that just here might be the right stage at which to conduct a comprehensive risk identification and assessment session, or a series of them, using a round table of experts. As long as the sessions are carefully prepared by establishing context, and the right visual and discussion aids are used, it is possible to identify risk reasonably comprehensively along several lines of inquiry in a systematic fashion:

  • strategic concept: macro-economic risk and market conditions;
  • cash flows and financial model: examine assumptions and probability estimates;
  • business continuity and resiliency;
  • manufacturing process flows and technical infrastructure;
  • management and HR; organizational culture;
  • supply chain: sole/single source and third party suppliers;

and so on, depending on the scope of the project and time available to conduct the analysis. As a rule, in past projects, I’ve been able to complete sessions with 6 to 8 participants on a particular risk context in 2 or 3 sessions of 3 hours each, assuming adequate preparation and follow-up by email.

This idea seemed to strike a chord with my correspondent:

“Yes, the 4th para of your second mail [multi-disciplinary risk ID session] is a good solution. The finance professional alone holding responsibility for the risk management of any organisation is definitely a misconstrued idea… Statistical data, models, assumptions and precedents can help to some extent only. A correct and responsible study of the risk exposures and arriving at mitigation is the correct and useful method. Many times the collateral is not properly and professionally assessed and is commonly over-stated /over-valued to satisfy the lender.”

Read More

Finance Risks in Business Decisions

2010-06-01 / Social, Economic and Financial Risk / 1 Comments

RIMS Workshops: Financial and Quantitative Risk
I recently attended one of the Risk and Insurance Management Society’s (RIMS) workshops in Toronto: “Finance for the Risk Manager”, facilitated by Philippe Sarfati, Chief Risk Officer for Coast Capital Savings in Vancouver. My motive was to become familiar with finance risk analysis, and then somehow to integrate it with my current techniques for risk assessment: business decisions should benefit from a comprehensive approach.

This quest has some history: I first became interested in risk in finance when participating in the review of public-private partnerships in BC government. Much later I attended another workshop (Risk Analysis Tools Boot Camp) with the idea of exploring how financial and statistical modeling should be related to the whole planning process. My thought is that risk managers really ought to oversee data analysis and financial models, to review their scope and assumptions, and situate them in a wider context of corporate goals and values (see my February 2009 post Financial Risk Modeling).

Well, my overall impression was that the course was a ‘tour de force’ from the banking world. It was fascinating to see how a career banker brought rigorous methods to risk quantification for individual projects.

It was clear that the facilitator conceived of the world of risk management as primarily a financial exercise, because ERM (enterprise risk management) was relegated to a sub-category within Ops, while the main rubrics of the risk regime were: Credit Risk; Operations Risk; Market Risk; Liquidity and Funding; and Legal/Regulatory/Compliance Risk.

Therefore, we were really learning financial analysis for projects – from a risk management perspective, largely to recommend or reject a given project. Among other things, we looked at Expected Loss, Risk Adjusted Return on Capital, and the relationship between discounted cash flows to likely and required returns. Earnings at Risk ,Value at Risk and Credit Risk exercises are included in the slide deck.

We had an interesting discussion on the role of professional financial advisors: while everyone agreed that we are all to some degree dependent on outside sources to substantiate investment decisions, there is no substitute for your own analysis.

The idea was for risk managers to understand that they really need to present to senior executive or the Board a range of options, with risk factors made clear. You can present the likely rate of return for a given project; that is, the forecast or expected return. It must be equal to or greater than the firm’s required rate of return – their own internal benchmark. You must also present the probability of success for each of 3 options. You need to use stress testing, present the risks of doing nothing, and explain the opportunity cost associated with each option.

Business Decisions and Risk
Project decisions, in conjunction with the financial analysis, are then go/no-go decisions made by virtue of:

  • the difference between required and expected returns;
  • the organization’s tolerance for risk; i.e.,
  • the degree of variability or volatility that the organization’s capital structure can support; and
  • the possibility of correlated risk.

What struck me was that the financial analysis fundamentally relied on various calculated probabilities of events: that is, the typical probabilities of failure for similar projects or lines of business.

The trouble is, rating agency reports, as well as peer or industry data, can be either hard to obtain, or suffer from poor validity and comparability. The instructor pointed out that, indeed, a firm’s proprietary Internal Risk Rating – a system that models income, risks and losses based on similar projects or lines of business – if well developed and accurate, can be a source of competitive advantage.

I would add that projects are also dependent upon the probabilities of events that are not necessarily catalogued, assigned a probability distribution, or even identified without a concerted effort. There are unique elements, and many risk categories that are not strictly financial, within a given scenario. Projects and program plans should be checked at the conceptual stage re: alignment with strategic direction and core business, reputation risk, stakeholder and consultation risk, and the organization’s system of ethics and values.

This workshop met very well my expectation to gain some understanding of how the financial analysis is done. I think, to be comprehensive, the risk manager has to facilitate the discussion to integrate the financial view with strategic and operational risk assessment.

Read More

Blog launch: risk management professional

2010-05-04 / Uncategorized / 0 Comments

This is blog about enterprise risk management – both ERM implementation in the organization, and how to do risk assessment in individual cases. I was Senior Manager, Enterprise Risk Management, in the provincial government (British Columbia, Canada) until the fall of 2008. I left to set up my own ERM consulting, and developed online risk management courses for RIMS – the Risk and Insurance Management Society, New York. There is still a lot left to say.

Risk assessment for business or public sector organizations needs to be a comprehensive and rigorous process, within a well-defined context. What we see (and studies show) is that people often don’t have great confidence in their risk identification process. Effective risk identification within a properly defined context quickly proves its value as a method to solve business problems.

Later there will be lots of opportunity to give views on related business topics, such as international business practices and innovation.

Thanks for taking the time out – comments welcome!

Read More