Category: Bangalore University B.com Notes

Currency Risk

Currency risk, commonly referred to as exchange-rate risk, arises from the change in price of one currency in relation to another. Investors or companies that have assets or business operations across national borders are exposed to currency risk that may create unpredictable profits and losses. Many institutional investors, such as hedge funds and mutual funds, and multinational corporations use forex, futures, options contracts, or other derivatives to hedge the risk.

Currency Risk, sometimes referred to as exchange rate risk, is the possibility that currency depreciation will negatively affect the value of one’s assets, investments, and their related interest and dividend payment streams, especially those securities denominated in foreign currency. Corporations with operations in overseas markets are also exposed to currency risk since their foreign financial results must be consolidated into the company’s home currency. Corporate treasurers and investment managers, particularly with larger multi-national firms where the risk is material, attempt to manage this risk with various hedging techniques where appropriate. Typically, a Treasury Policy exists that states that currency risk must be mitigated where economically justified by using a specified list of financial instruments that may be employed for the purpose. Generally, a combination of forex forwards and options allow the company to fix country risk within acceptable levels as along as premiums are reasonable. These hedging techniques are not consistently effective, but diversification into many major currencies can help limit this risk.

Examples of Currency Risk

To reduce currency risk, investors can consider investing in countries that have strong rising currencies and interest rates. Investors need to review a country’s inflation, however, as high debt typically precedes inflation. This may result in a loss of economic confidence, which can cause a country’s currency to fall. Rising currencies are associated with a low debt-to-gross domestic product (GDP) ratio.

The Swiss franc is an example of a currency that is likely to remain well-supported due to the country’s stable political system and low debt-to-GDP ratio. The New Zealand dollar is likely to remain robust due to stable exports from its agriculture and dairy industry that may contribute to the possibility of interest rate rises. Foreign stocks sometimes outperform during periods of U.S. dollar weakness, which typically occurs when interest rates in the United States are lower than other countries.

Investing in bonds may expose investors to currency risk as they have smaller profits to offset losses caused by currency fluctuations. Currency fluctuations in a foreign bond index are often double a bond’s return. Investing in U.S. dollar-denominated bonds produces more consistent returns as currency risk is avoided. Meanwhile, investing globally is a prudent strategy for mitigating currency risk, as having a portfolio that is diversified by geographic regions provides a hedge for fluctuating currencies. Investors may consider investing in countries that have their currency pegged to the U.S. dollar, such as China. This is not without risk, however, as central banks may adjust the pegging relationship, which would be likely to affect investment returns.

Interest Rate Risk

Interest rate risk is the risk that arises for bond owners from fluctuating interest rates. How much interest rate risk a bond has depends on how sensitive its price is to interest rate changes in the market. The sensitivity depends on two things, the bond’s time to maturity, and the coupon rate of the bond.

Interest-rate risk is the risk, taken by bond investors, that interest rates will rise after they buy. Stated another way, it is the risk that a bond’s yield will rise (as its price falls) after it has been purchased.

All bonds involve interest-rate risk, but some involve more than others. The more interest-rate risk a bond involves, the more its price will fall as its yield rises. Duration quantifies the amount of interest-rate risk a bond involves.

Interest rate risk in a bond or a bond portfolio arises on account of the vulnerability of the value of the bond or the portfolio to the changes in interest rates.

When interest rates change, it has an impact on new and existing bonds. New bonds will now pay a coupon rate that reflects the prevailing interest rates, while existing fixed-rate bonds will not see a change in their coupon rates. However, the price of the bond will adjust so that the yield will reflect the new levels of interest rates.

If interest rates go up, existing bonds that pay a lower coupon will see a decline in the prices so that the yield from them will adjust upwards to the current market rates.

How to Mitigate Interest Rate Risk?

Similar to other types of risks, the interest rate risk can be mitigated. The most common tools for interest rate mitigation include:

1. Diversification

If a bondholder is afraid of interest rate risk that can negatively affect the value of his portfolio, he can diversify his existing portfolio by adding securities whose value is less prone to the interest rate fluctuations (e.g., equity). If the investor has a “bonds only” portfolio, he can diversify the portfolio by including a mix of short-term and long-term bonds.

2. Hedging

The interest rate risk can also be mitigated through various hedging strategies. These strategies generally include the purchase of different types of derivatives. The most common examples include interest rate swaps, options, futures, and forward rate agreements (FRAs).

Business Risk management is a subset of risk management used to evaluate the business risks involved if any changes occur in the business operations, systems and process. It identifies, prioritizes and addresses the risk to minimize penalties from unexpected incidents, by keeping them on track. It also enables an integrated response to multiple risks, and facilitates a more informed risk-based decision making capability.

Businesses today are unpredictable, volatile and seem to become more complex every day. By its very nature, it is filled with risk. Businesses have viewed risk as an evil that should be minimized or mitigated, whenever possible. However, risk assessment provides a mechanism for identifying which risks represent opportunities and which represent potential pitfalls. Risks can have negative impact, positive impact, or both. Risks with a negative impact can prevent value creation or erode existing value. Risks with positive impact may offset negative impacts or represent opportunities.

The risk management process involves:

• Identifying risks: Spotting the evolving risks by studying internal and external factors that impact the business objectives
• Analyzing risks: It includes the calibration and, if possible, creation of probability distributions of outcomes for each material risk.
• Responding to risk: After identifying and analyzing the potential risk, appropriate strategy needs to be incorporated. Either by establishing new processes or eliminating, depending on kind and severity of the risk.
• Monitoring risk and opportunities: Continually measuring the risks and opportunities of the business environment. Also keep a check on performance of management strategies.

Types of risks

• Hazard risk: A hazard is anything in the workplace that has the potential to harm people. Hazard risk includes factors which are not under the control of business environment, such as fallout of machinery or dangerous chemical, natural calamities.
• Financial risk: A large number of businesses take risk with their financial assets, quite regularly. Sometimes choosing a wrong supplier or distributor can backfire. Financial risk also includes risk in pricing, currency exchange and during liquidation of any asset. Business risk management should say how much risk is too much in financial relationship.
• Operational risk: Evaluation of risk loss resulting from internal process, system, people or due to any external factor through which a company operates.
• Strategic risks: Might arise from making poor or wrong business plans and losing the competition in the market. Failure to respond to changes in the business environment or inadequate capital allocation also represents strategic risk.

Running a business comes with many different types of risk. Some of these potential hazards can destroy a business while others can cause serious damage that can be costly and time-consuming to repair. Despite the risks implicit in doing business, CEOs and risk management officers can anticipate and prepare for potential risks regardless of the size of the business.

Identifying Risks

If and when a risk becomes a reality, a well-prepared business can minimize the impact on earnings, the lost time and productivity, and the negative impact on customers. For startup businesses and established organizations, the ability to identify which risks pose a threat to successful operations is a key component of strategic business planning. Business risks are identified using various methods, but each identifying strategy relies on a comprehensive analysis of specific business activities that could present challenges to the company. Under most business models, organizations face preventable, strategic, and external threats that can be managed through either acceptance, transfer, reduction, or elimination.

 Hiring a risk management consultant is a good investment for most companies. A consultant can analyze a business and determine which risks should be covered by insurance.

Below are the main types of risk that firms face:

Physical Risks

Building risks are the most common type of physical risk. Fire or explosions are the most common risk to a building. To manage building risk, and the risk to employees, it is important that organizations do the following:

• Make sure all employees know the exact street address of the building to give to the 911 operator in case of emergency.
• Make sure all employees know the location of all exits.
• Install fire alarms and smoke detectors.
• Install a sprinkler system to provide additional protection to the physical plant, equipment, documents, and, of course, personnel.
• Inform all employees that in the event of emergency their personal safety takes priority over everything else. Employees should be instructed to leave the building and abandon all work-associated documents, equipment, and/or products.

Location Risks

Among the location hazards facing a business are nearby fires, storm damage, floods, hurricanes or tornados, earthquakes, and other natural disasters. Employees should be familiar with the streets leading in and out of the neighborhood on all sides of the place of business. Individuals should keep sufficient fuel in their vehicles to drive out of and away from the area. Liability or property and casualty insurance are often used to transfer the financial burden of location risks to a third-party or a business insurance company.

Human Risks

Alcohol and drug abuse are major risks to personnel in the workforce. Employees suffering from alcohol or drug abuse should be urged to seek treatment, counseling, and rehabilitation, if necessary. Some insurance policies may provide partial coverage for the cost of treatment.

Protecting against embezzlement, theft, and fraud may be difficult, but these are common crimes in the workplace. A system of double-signature requirements for checks, invoices, and payables verification can help prevent embezzlement and fraud. Stringent accounting procedures may discover embezzlement or fraud. A thorough background check before hiring personnel can uncover previous offenses in an applicant’s past. While this may not be grounds for refusing to hire an applicant, it would help HR to avoid placing the new hire in a critical position where the employee is open to temptation.

Illness or injury among the workforce is inevitable and a persistent problem. To prevent loss of productivity, assign and train backup personnel to handle the work of critical employees when they are absent due to a health-related concern.

Technology Risks

A power outage is perhaps the most common technology risk. Auxiliary gas-driven power generators are a reliable back-up system to provide electrical energy for lighting and other functions. Manufacturing plants use several large auxiliary generators to keep a factory operational until utility power is restored.

Computers may be kept up and running with high-performance back-up batteries. Power surges may occur during a lightning storm (or randomly), so organizations should furnish critical business systems with surge-protection devices to avoid loss of documents and destruction of equipment. Establish offline and online data back-up systems to protect critical documents.

Although telephone and communications failure are relatively uncommon, risk managers may consider providing emergency-use-only company cell phones to personnel whose use of the phone or internet is critical to their business.

Strategic Risks

Strategy risks are not altogether undesirable. Financial institutions such as banks or credit unions take on strategy risk when lending to consumers while pharmaceutical companies are exposed to strategy risk through research and development for a new drug. Each of these strategy-related risks is inherent in an organization’s business objectives. When structured efficiently, the acceptance of strategy risks can create highly profitable operations.

Companies exposed to substantial strategy risk can mitigate the potential for negative consequences by creating and maintaining infrastructures that support high-risk projects. A system established to control the financial hardship that occurs when a risky venture fails often includes diversification of current projects, healthy cash flow, or the ability to finance new projects in an affordable way, and a comprehensive process to review and analyze potential ventures based on future return on investment.

Making a Risk Assessment

After the risks have been identified, they must be prioritized in accordance with an assessment of their probability.

Establish a probability scale for purposes of risk assessment.

For example, risks may be:

• Very likely to occur
• Have some chance of occurring
• Have a small chance of occurring
• Have very little chance of occurring

Other risks must be prioritized and managed in accordance with their likelihood of occurring. Actuarial tables—statistical analysis of the probability of any risk occurring and the potential financial damage ensuing from the occurrence of those risks—may be accessed online and can provide guidance in prioritizing risk.

Insuring Against Risks

Insurance is a principle safeguard in managing risk, and many risks are insurable. Fire insurance is a necessity for any business that occupies a physical space, whether owned outright or rented, and should be a top priority. Product liability insurance, as an obvious example, is not necessary for a service business.

Some risks are an inarguably high priority, for example, the risk of fraud or embezzlement where employees handle money or perform accounting duties in accounts payable and receivable. Specialized insurance companies will underwrite a cash bond to provide financial coverage in the event of embezzlement, theft, or fraud.

When insuring against potential risks, never assume a best-case scenario. Even if employees have worked for years with no problems and their service has been exemplary, insurance against employee error may be a necessity. The extent of insurance coverage against injury will depend on the nature of your business. A heavy manufacturing plant will, of course, require more extensive coverage for employees. Product liability insurance is also a necessity in this context.]

If a business relies heavily on computerized data—customer lists and accounting data, for example—exterior backup and insurance coverage are mandatory. Finally, hiring a risk management consultant may be a prudent step in the prevention and management of risks.

Risk Prevention

The best risk insurance is prevention. Preventing the many risks from occurring in your business is best achieved through employee training, background checks, safety checks, equipment maintenance, and maintenance of the physical premises. A single, accountable staff member with managerial authority should be appointed to handle risk management responsibilities. A risk management committee may also be formed with members assigned specific tasks with a requirement to report to the risk manager.

The risk manager, in conjunction with a committee, should formulate plans for emergency situations such as:

• Fire
• Explosion
• Hazardous materials accidents or the occurrence of other emergencies

Employees must know what to do and where to exit the building or office space in an emergency. A plan for the safety inspection of the physical premises and equipment should be developed and implemented regularly including the training and education of personnel when necessary. A periodic, stringent review of all potential risks should be conducted. Any problems should be immediately addressed. Insurance coverage should also be periodically reviewed and upgraded or downgraded as needed.

The coordination of the risk management process should be centralized: the risk office analyses and draws up information related to each process phase, and proceeds with strategic planning, in coordination with the organization’s board.

The risk committee, with the risk manager playing the role of coordinator, sets up the criteria to select the most relevant information coming from the risk management information system (selective approach). Significant risks in terms of impact or strategic level are reported by the office supporting the risk manager on a regular, specific and exceptional basis. The risk manager gives directions on translating strategies into risk management objectives, and monitors their achievement by divisions/offices and managers within their own competence. The risk manager therefore finalizes the information received, by adapting it to the organizational context (down to the any single office level), in order to correct possible deviations from strategic priorities.

Risk register development involves detailing organizational risks (corporate as well as project and operational ones), and setting up specific risk registers on particular topics (work health and safety, fraud, IT security, environment, etc.).

Three kinds of approach can be followed for involving management and stakeholders in identifying risks:

• Top down-approach: The decision-making process is centralized at governance level. This approach can show two modes: a) Full top-down mode, where the business units’ risks are listed at department level, meaning that heads of unit cannot add risks themselves at unit level. There is no need of risk escalation, except at departmental level. b) Prevailing top-down mode, where a corporate risk register is directly created from a detailed operational risk register.
• Bottom-up approach: The decision-making process is done at management level. Operational risks are identified by any staff member while performing his or her daily work (e.g., in order to encourage the staff to be more active in defining non-conformities, an opportunity to register them online has been provided).
• Mixed approach: The board entity states the criteria (top-down) by which the heads of unit identify and manage risks (bottom-up). Risks may be viewed and assessed throughout the organization at any level (e.g., group, program, office, project, etc.). In order to set the framework, the hierarchy of risks on which attention is focused corresponds to the enterprise, operational and project levels.

Such approaches are not mutually exclusive, and a combination of approaches to the management of processes is desirable to achieve effective integration of risk management at any level within the organization.

These risk management approaches are also a way of cutting across the organization hierarchy and overcome organizational barriers.

The figure below outlines the risk management process according to the top-down perspective; it also highlights the information flows related to decision-making processes, according to the different roles involved.

Processes of Corporate Risk Management

The risk management process is a framework for the actions that need to be taken. There are five basic steps that are taken to manage risk; these steps are referred to as the risk management process. It begins with identifying risks, goes on to analyze risks, then the risk is prioritized, a solution is implemented, and finally, the risk is monitored. In manual systems, each step involves a lot of documentation and administration.

Step 1: Identify the Risk

The first step is to identify the risks that the business is exposed to in its operating environment. There are many different types of risks – legal risks, environmental risks, market risks, regulatory risks, and much more. It is important to identify as many of these risk factors as possible. In a manual environment, these risks are noted down manually. If the organization has a risk management solution employed all this information is inserted directly into the system. The advantage of this approach is that these risks are now visible to every stakeholder in the organization with access to the system. Instead of this vital information being locked away in a report which has to be requested via email, anyone who wants to see which risks have been identified can access the information in the risk management system.

Step 2: Analyze the risk

Once a risk has been identified it needs to be analyzed. The scope of the risk must be determined. It is also important to understand the link between the risk and different factors within the organization. To determine the severity and seriousness of the risk it is necessary to see how many business functions the risk affects. There are risks that can bring the whole business to a standstill if actualized, while there are risks that will only be minor inconveniences in analyzed. In a manual risk management environment, this analysis must be done manually. When a risk management solution is implemented one of the most important basic steps is to map risks to different documents, policies, procedures, and business processes.

Step 3: Evaluate or Rank the Risk

Risks need to be ranked and prioritized. Most risk management solutions have different categories of risks, depending on the severity of the risk. A risk that may cause some inconvenience is rated lowly, risks that can result in catastrophic loss are rated the highest. It is important to rank risks because it allows the organization to gain a holistic view of the risk exposure of the whole organization. The business may be vulnerable to several low-level risks, but it may not require upper management intervention. On the other hand, just one of the highest-rated risks is enough to require immediate intervention.

Step 4: Treat the Risk

Every risk needs to be eliminated or contained as much as possible. This is done by connecting with the experts of the field to which the risk belongs to. In a manual environment, this entails contacting each and every stakeholder and then setting up meetings so everyone can talk and discuss the issues. The problem is that the discussion is broken into many different email threads, across different documents and spreadsheets, and many different phone calls. In a risk management solution, all the relevant stakeholders can be sent notifications from within the system. The discussion regarding the risk and its possible solution can take place from within the system. Upper management can also keep a close eye on the solutions being suggested and the progress being made from within the system. Instead of everyone contacting each other to get updates, everyone can get updates directly from within the risk management solution.

Step 5: Monitor and Review the risk

Not all risks can be eliminated – some risks are always present. Market risks and environmental risks are just two examples of risks that always need to be monitored. Under manual systems monitoring happens through diligent employees. These professionals must make sure that they keep a close watch on all risk factors. Under a digital environment, the risk management system monitors the entire risk framework of the organization. If any factor or risk changes, it is immediately visible to everyone. Computers are also much better at continuously monitoring risks than people. Monitoring risks also allows your business to ensure continuity.

The basics of the risk management process stay the same

Even under a digital environment, the basics of the risk management process stay the same. What changes is how efficiently these steps can be taken, and as it should be clear by now, there is simply no competition between a manual risk management system and a digital one.

Risk management

Risk management is an important business practice that helps businesses identify, evaluate, track, and mitigate the risks present in the business environment. Risk management is practiced by the business of all sizes; small businesses do it informally, while enterprises codify it.

Businesses want to ensure stability as they grow. Managing the risks that are affecting the business is a critical part of this stability. Not knowing about the risks that can affect the business can result in losses for the organization. Being unaware of a competitive risk can result in loss of market share, being unaware of a financial risk can result in financial losses, being aware of a safety risk can result in an accident, and so on.

Businesses have dedicated risk management resources; small businesses may have just one risk manager or a small team while enterprises have a risk management department. People who work in the risk management domain monitor the organization and its environment. They look at the business processes being followed within the organization and they look at the external factors which can affect the organization one way or the other.

A business that can predict a risk will always be at an advantage. A business which can predict a financial risk will limit its investments and focus on strengthening its finances. A business which can assess the impact of a safety risk can devise a safe way to work which can be a major competitive advantage.

If we think of the business world as a racecourse then the risks are the potholes which every business on the course must avoid if they want to win the race. Risk management is the process of identifying all the potholes, assessing their depth to understand how damaging they can be, and then preparing a strategy to avoid damages. A small pothole may simply require the business to slow down while a major pothole will require the business to avoid it completely.

Knowing the severity of a risk and the probability of a risk helps businesses allocate their resources effectively. If businesses understand the risks that affect them then they will know which risks need the most attention and resources and which ones the business can disregard. Risk management allows businesses to act proactively in mitigating vulnerabilities before any major damage is incurred. There are different types of risk management strategies and solutions for different types of risks.

Cost of Risk is a quantifiable, controllable number that can be identified and reduced. Simply put, TCoR is the total cost of your insurance premiums, retained losses (deductibles/uninsured losses) and internal/external risk control costs. By recognizing these costs we can plan and implement management strategies to reduce them.

Most people assume it’s their insurance premiums alone. They’re only partially correct: premiums are only a piece of the puzzle. While insurance premiums are the most visible cost associated with risk, they are hardly the only cost. There are many other costs associated with risk that are either not tracked or are viewed as fixed costs. That is the paradigm. What most business owners don’t realize is that these additional costs are controllable. All of the costs related to risk can be tracked and monitored. In addition, there are operational strategies that can be implemented which will manage and ultimately reduce these costs.

Elements of Total Cost of Risk

Insurance premiums

The first and most easily tracked component of Total Cost of Risk is insurance premiums. This includes the amount a firm spends on insurance coverage and brokers’ commissions.

Retained losses

The next element is retained losses. The retained loss value is the amount of money that a firm spends “out of pocket” for losses incurred. These are costs that are below a company’s deductible. An example is a small mishap such as dry-cleaning a client’s suit due to spillage from an employee.

Costs to protect employees/customers from injury

The next applicable costs may not be as easy to track but are still important components captured in the TCoR calculation. These are the costs needed to protect your employees or customers from injuries. Examples are safety equipment, mats, warning signs, training, etc. These costs should be tracked as part of the TCoR for your business internally.

Costs to engage firms for help with risk & insurance issues

The next component is money spent with professional firms to help you handle insurance or other risk associated issues. These would include costs for an attorney to respond to a complaint or to review a contract’s indemnification agreement. These are also part of the TCoR calculation and are considered external risk control costs.

Productivity loss

Other relevant cost is productivity loss due to injuries or losses. Having your employees spend their time either driving other employees to the doctor, investigating incidents, cleaning up spills, etc. are also costs that are risk related and are taking away from your bottom line.

Administration Costs

Financial impacts incurred in providing the services required to effectively administer a Total Cost of Risk Program. They include claims management, risk control and all other project costs such as data analytics. In the case where a firm pays additional fees or expense for these services, they are an addition to the TCOR formula. However, when they are provided by a third party (Insurance Brokerage or Risk Management Services Provider) as part of the relationship, they are a reduction to the extent that the measurable ROI exceeds the cost of the services.

Loss Costs

Loss Costs are generally broken up into 2 parts. The direct cost of the losses and the indirect cost of losses. Both of these items impact the organization’s Total Cost of Risk.

• Direct Cost of Losses: Deductibles and claims that are anticipated and funded inside the organizations risk financing program. (i.e. Captive, Deductible or Self Insurance Programs) In addition the cost of administering claims by third party administrators (TPA’s) are considered a direct cost of the loss as the TPA expense is usually a direct correlation of the claims experience. Any uninsured loss is also a direct cost of loss.
• Indirect Loss Costs: Every loss creates a corresponding expense that is unfunded and in some cases unanticipated. While the risk financing (insurance) may pay the known claim, there is a high correlation of additional unfunded business expenses that arise from virtually any claim. These loss costs are commonly known as The Iceberg. These are quantified and measured in an accurate Total Cost of Risk calculation. (For more on the subject of Indirect Loss Costs see the Wikipedia Indirect Loss cost topic)

A static risk refers to damage or loss to a property or entity that is not caused by a stable economy but by destructive human behavior or an unexpected natural event. This risk can be covered by insurance.

Static risks are often associated with a commodity the value of which will not be affected by an economic change. It even further presumes that the financial state is, more or less, stable.

Static risks include damage caused by human behavior, such as theft, vandalism, robbery, arson, and burglary. It also includes damage caused by natural conditions like rain, thunder, or lightning.

Insurance covers these kinds of risk. A policy might require a policyholder to specify which risks they want to have covered or they might simply opt for a more comprehensive insurance coverage.

Static Risk

Static risks are risks that involve losses brought about by irregular action of nature or by dishonest misdeeds and mistakes of man.  Static losses are present in an economy that is not changing (static economy) and as such, static risks are associated with losses that would occur in an unchanging economy.  For example, if all economic variables remain constant, some people with fraudulent tendencies would still go out steal, embezzle funds and abuse their positions.  So, some people would still suffer financial losses.  These losses are brought about by causes other than changes in the economy.  Such as perils of nature, and the dishonesty of other people.

Static losses involve destruction of assets or change in their possession because of dishonesty.  Static losses seem to appear periodically and because of these they are generally predictable.  Because of their relative predictability, static risks are more easily taken care of, by insurance cover then are dynamic risks.  Example of static risk include theft, arson assassination and bad weather.  Static risks are pure risks.

Dynamic Risk

Dynamic risk is risks brought about by changes in the economy.  Changes in price level, income, tastes of consumers, technology etc (which is examples of dynamic risk) can bring about financial losses to members of the economy.  Generally dynamic risks are the result of adjustments to misallocation of resources.  In the long run, dynamic risks are beneficial to the society.  For example, technological change, which brings about a more efficient way of mass producing a higher quality of article at a cheaper price to consumers than was previously the case, has obviously benefited the society.

Dynamic risk normally affects many individuals, but because they do not occur regularly, they are more difficult to predict than static risk.

Difference between dynamic risk and static risk

Static Risk	Dynamic Risk
Most static risks are pure risks	They are mainly speculative risks.
They are easily predictable	They are not easily predictable
The society derives no benefit or gain   from static risk.  Static risks are always harmful.	The society derives some benefits from dynamic risk.
Static risks are present in an unchanging economy.	Dynamic risks are only present in a changing economy
Static risks affect only individuals or very few individuals.	Dynamic risk affect large number of  Individuals.

Sources of Risk:

There are a variety of situations that give rise to risk.

1. Decision/Indecision:

Taking or not taking a decision at the right time is generally the first cause of risk. Suppose a banker takes deposits and decides not to put money in statutory liquidity requirements, the bank would be called upon to pay penalties. Indecision in selling a Government security when the market is upswing is also a risk as it causes loss of revenue. The risk of revenue loss is on account of indecision.

2. Business Cycles/Seasonality:

There are certain exposures that are affected by seasonality or business cycles. Lending to sugar industry in India disregarding the fact that the production of sugar is restricted to six/seven months in a year, may give rise to risky situations.

3. Economic/Fiscal Changes:

The Government’s economic and taxation policies are sources of risk. The levying of import duty on certain capital goods can escalate the funding cost and bank finance requirement. While the borrower’s repay­ing capacity remains the same, such a situation enhances the exposure adding to the risk. The changes in Government policies can impact the cash inflow for the borrowing cus­tomer thereby limiting his repayment capacity.

4. Market Preferences:

Over the years, the consumer demands and preferences particularly from the youth segment, are changing substantially. The preference for a motorcycle over a scooter is an example. Lending to scooter dealers or manufacturers will have to be cautious due to this market trend.

5. Political Compulsions:

A Government may force the banks to lend in areas where the rewards may not be proportional.

6. Regulations:

The impact of change in regulations is similar to the changes in Government policies. In developed countries like the USA, there are certain anti- boycott laws prescribing restrictions. The anti-boycott laws specifically refer to boy­cotts involving one foreign Government against another foreign Government and participation of people in the US in those boycotts.

Indian banks operating in the USA do have to assess the regulatory risks. With the passing of USA Patriot Act, the processes for anti-money laundering have been strengthened. Compliance of a variety of regulations is also a source of risk.

7. Competition:

In order to remain competitive banks assume risks for enhancing the returns. In the quest to achieve better result there could be a tendency to assume risks highly unrelated to the return. The selection of the right counter party, lack of proper risk assessment, failure to appreciate the borrower rating, etc., all contribute in risk acceleration. Competition remains a major source of risk for banks as for all other sectors.

8. Technology:

Technology is both, a solution and a cause of risk. Deals worth millions are made in treasury operations through advanced technology supports. The process of maker-checker is scrupulously followed while entering into such deals. Still, machines can go wrong. The reflection of inaccurate values like dates, amounts, interest rates, etc., can cause a huge risk. It is a part of operational risk wherein technology itself becomes the source of risk.

9. Non-availability of Information:

Technology is an enabler for decision support for rational and data-based decision mak­ing. More often than not, in the absence of information support, banks do take decisions. The banks fix exposure limits per party or per industry. Exposures exceed these prudential limits in the absence of real time information, thereby multiplying the risk exposures.

In reality, the risk drivers are:

1. Changes in external environment, including regulatory as­pects,
2. Deficiencies in systems and procedures,
3. Errors, either intentional or otherwise,
4. Inadequate information and absence of required flows,
5. Unsuitable technology supports,
6. Communication gap or failure,
7. Lack of leadership, and 
8. Excessive and unreasonable incentives.

Indicators of Risk:

Risks very rarely occur as accidents. There are symptoms that indicate the possibility of risk. These indicators can be used to take pre-emptive actions. These actions may not eliminate the risks, but they would at least facilitate to minimize their impact.

1. Lack of supervision of lending/investment activities by designated officers.
2. Lack of specific lending or treasury policies or failure to enforce the existing policies.
3. Lack of code of conduct or failure to enforce existing code.
4. Dominant figure allowed to exerting influence without re­straint.
5. Lack of separation of duties.
6. Lack of accountability.
7. Lack of written policies and/or internal controls.
8. Circumvention of established policies and/or controls.
9. Lack of independent members of management and / or Board.
10. Entering into transactions where the institution lacks exper­tise.
11. Excessive growth through low quality loans.
12. Unwarranted concentrations.
13. Volatile sources of funding such as short-term deposits from out of area brokers.
14. Too much emphasis on earnings at the expense of safety and soundness.
15. Compromising credit policies.
16. High rate high risk investments.
17. Underwriting criteria allowing high risk loans.
18. Lack of documentation or poor documentation.
19. Lack of adequate credit analysis.
20. Failure to properly obtain and evaluate credit data, collat­eral, etc.
21. Failure to properly analyze and verify financial statement data.
22. Too much emphasis on character and collateral and not enough emphasis on credit.
23. Lack of proper mix in asset portfolio.
24. Unresolved exceptions or frequently recurring exceptions on exception reports.
25. Out of balance conditions.
26. Funds used for purposes other than the purpose recorded.
27. Lax policies on payment of checks against uncollected funds.
28. The institution is a defendant in a number of lawsuits alleging improper handling of transactions.

Pure Risk

There are only two possibilities; something bad happening or nothing happening. It is unlikely that any measurable benefit will arise from a pure risk. The house will enjoy a year with nothing bad occurring or there will be damage caused by a covered cause of loss (fire, wind, etc.). Predicting the outcomes of a pure risk is accomplished (sometimes) using the law of large numbers, a prior data or empirical data. Pure risk, also known as absolute risk, is insurable.

Pure risk is a type of risk that cannot be controlled and has two outcomes: complete loss or no loss at all. There are no opportunities for gain or profit when pure risk is involved.

Pure risk is generally prevalent in situations such as natural disasters, fires, or death. These situations cannot be predicted and are beyond anyone’s control. Pure risk is also referred to as absolute risk.

Pure risk examples

Personal risks affect individuals and involve losing or reducing personal assets. For example, unemployment is a pure risk resulting in financial loss when income and benefits are taken away. There are numerous other types of personal, pure risks, however: Poor health runs the risk of large medical bills, and the risk of an unforeseen, permanent disability could end a person’s career and, as a result, dramatically reduce their income. The pure risk of premature death also impacts the deceased family members who might struggle to pay household bills if the breadwinner unexpectedly dies.

Pure risk to property includes fires, wind damage, flooding and other natural disasters that cause damage to personal belongings.

Liability risks are also considered pure risks and pertain to potential litigation against a person or organization. For example, a homeowner could be sued by a person who slipped on their walkway for medical expenses, lost income or other damages.

Types of Pure Risk

Personal risks directly affect an individual and may involve the loss of earnings and assets or an increase in expenses. For example, unemployment may create financial burdens from the loss of income and employment benefits. Identity theft may result in damaged credit, and poor health may result in substantial medical bills, as well as the loss of earning power and the depletion of savings.

Property risks involve property damaged due to uncontrollable forces such as fire, lightning, hurricanes, tornados, or hail.

Liability risks may involve litigation due to real or perceived injustice. For example, a person injured after slipping on someone else’s icy driveway may sue for medical expenses, lost income, and other associated damages.

Insuring Against Pure Risk

Unlike most speculative risks, pure risks are typically insurable through commercial, personal, or liability insurance policies. Individuals transfer part of a pure risk to an insurer. For example, homeowners purchase home insurance to protect against perils that cause damage or loss. The insurer now shares the potential risk with the homeowner.

Pure risks are insurable partly because the law of large numbers applies more readily than to speculative risk. Insurers are more capable of predicting loss figures in advance and will not extend themselves into a market if they see it as unprofitable.

Speculative Risk

Unlike pure risk, speculative risk has opportunities for loss or gain and requires the consideration of all potential risks before choosing an action. For example, investors purchase securities believing they will increase in value.

But the opportunity for loss is always present. Businesses venture into new markets, purchase new equipment, and diversify existing product lines because they recognize the potential gain surpasses the potential loss.

Speculative risk is a category of risk that, when undertaken, results in an uncertain degree of gain or loss. All speculative risks are made as conscious choices and are not just a result of uncontrollable circumstances. Since there is some chance of either a gain or a loss, speculative risk is the opposite of pure risk, which is the possibility of only a loss and no potential for gain.

Almost all investment activities involve some speculative risks, as an investor has no idea whether an investment will be a blazing success or an utter failure. Some assets such as an options contract carry a combination of speculative risk and risk that you can hedge.

Some investments are more speculative than others. For example, investing in government bonds has much less speculative risk than investing in junk bonds because government bonds have a much lower risk of default. In many cases, the greater the speculative risk, the higher the potential for profits or returns on the investment.

Examples of Speculative Risk

Most financial investments, such as the purchase of stock, involve speculative risk. It is possible for the share value to go up, resulting in a gain, or go down, resulting in a loss. While data may allow certain assumptions to be made regarding the likelihood of a particular outcome, the outcome is not guaranteed.

Sports betting also qualifies as having speculative risk. If a person is betting on which team will win a football game, the outcome could result in a gain or loss, depending on which team wins. While the outcome cannot be known ahead of time, it is known that a gain or loss are both possible.

If you buy a call option, you know in advance that your maximum downside risk is the loss of the premium paid if the options contract expires worthless. At the same time, you do not know what your potential upside gain will be since nobody can know the future.

On the other hand, selling or writing a call option carries unlimited risk in exchange for the premium collected. However, some of that speculative risk can be hedged with other strategies, such as owning shares of the stock or by purchasing a call option with higher strike price. In the end, the amount of speculative risk will depend on whether the option is bought or sold and whether it is hedged or not.

Pure vs. speculative risk

While pure risk is beyond human control and can only result in a loss if it occurs, speculative risk is taken on voluntarily and can result in either a profit or loss. Speculative risks are undertaken through a conscious choice, and they are considered a controllable risk. Almost all financial investment activities, for example, are considered speculative risk because they ultimately result in an unknown amount of success or failure.

Betting on sports is also considered a speculative, controllable risk. A person betting on an NFL game could see either a financial gain or financial loss from the bet, depending on which team wins. Unlike pure risk that will only result in a loss, betting on the game could result in either a gain or a loss for the person undertaking the bet, or in this case, the risk.

Risk assessment is one method in a much broader field of risk management. Risk assessment is a process that does not result in a fixed final answer. It is impossible to determine the true magnitude and extent of any actual contamination at a site.

Advantages or Benefits of Risk Management Process

Risk management process is considered as an important discipline that the business has in its recent times.

Many organizations tend to realize the advantages of enterprise risk management. Following are a few benefits of risk management in projects:

1. Benefits of risk identification

Risk identification helps in fostering the vigilance in times of discipline and calm at the times of crisis. It implies all the risks in prior that are most likely to happen and are planned to execute without any assumptions that run.

These positive risks are often held upon most of the occurrences. It helps in opportunity risks so as to be aware of the forthcoming issues.

2. Benefits of risk assessment

It focuses on the identified tasks on assisting the impact of business or projects. This phase focuses on the ideas that are discussed among the stakeholders. It has the greatest advantage of dealing with the points that are finalized with more possible solutions.

It has a sense of all views that turns into accountability of each and every social life. Participation in these kinds of assessments will help one to tackle his/her risks. It promotes organizational culture.

3. Treatment of risks

It helps in treating one’s own risks that are the subsets of implementing a plan. It has internal compliance that is brought and mitigated towards the forsaken actions.

Its opportunity falls in the lack of preparation and even more realized upon the profitable data that relieves through internal controls.

4. Minimization of risks

The risks that are handled within the given assessments plans are foreseen within the business functions. It enables one to speed up the data to change policies and contingencies that are made successful within the mapped business functions.

Here the cost-beneficial analysis is to be revised within the ownership of risks. It focuses on the change of policies within the detailed structural behavior.

5. Awareness about the risks

Here the terms that are noticed will create awareness among the scheduled terms of risks that are a successful analysis and evaluation of exercising the modules of risks.

It enables one to concentrate on the risk treatments within the lessons learned and are scheduled into lack of preparation. It has subsequent phases regarding each module within the identified data.

6. Successful business strategies

Risk management strategy is not a one-time activity and the grade points are finalized within the recent status. It has different stages that modulate to lack of preparation, planning and successful implementations of all the plans.

It has the operational efficiency that is realized upon the mitigation of negative risks. It has contingent policies over the preparation of business in the measures of treatment.

7. Saving cost and time

It threats to the task that is completed over the projects and the other business strategies.

It always results in saving the costs that are consolidated within the items that are practiced. It prevents wastage and makeup time for firefighting.

8. New opportunities

The opportunities that are emerging are held within the new ways of communicating on the unravel issues.

It has a collective and least significant part that matches with most of the scenarios. It prepares for future endeavors and the related exhaustive efforts as inputs.

9. Harvesting knowledge

Here one must try to spend the knowledge about the stakeholder’s experience of the preemptive approach that is made applicable for the unprepared threats towards the knowledge gained and this provides a template to face the readymade risks.

It has successive plans that are indulged from the start till the collective knowledge.

10. Protecting resources

The risk management plans and policies under help in protecting the resources of the organization. This helps in promoting the resources instead of using them illegally.

It also equips safety among the adaptive changes to the staff alternatives and is bundled together with the other resources. It builds production plans and alternative plans for the process of re-routing.

11. Improvement in credit ratings

The improvement in credit ratings evolves numerous agencies that support the accomplished tasks resulting in lower budget investments.

It has capital volatility that translates the greater confidence issues, particularly with the stakeholders. It aims at building multiple business aspects that have tangible benefits.

12. Regulatory compliances

This framework helps in meeting regulatory needs. It performs and measures risk management. This improvement helps in attaining higher credit aspects.

It also derives higher efficiency towards the capital volatility and even the rating metrics that are assigned to the compensated business plans. It translates into greater confidence of improved stakeholders that are made applicable within the insured business.

13. Values shareholders

It aims at the borrowing capacity of the shareholder that has significant effort within the management and assumes the determinant roles that the company can extend to.

It has the exact decision-making process within the current models and also the expected regulatory recruitment.

14. Possibilities of risks

It dictates the clear possibilities of risk that are managed within the severity or impact of the organization that is updated to own risk strategies. It has an insight of real balance sheets that supports the culture of risk management.

It modulates the designed data and even the approach towards the compatible and the insight of balancing. It supports all the ordinary requirements of a plan.

15. Faster competition

When the organization contributes to different levels of budgets with the people of various skills set, the commitment towards the work will be more.

It achieves competitive advantage on the logic schedules that are better. It has the deepest level of managing risks. These competitions are managed within the up and downs of an entire life.

16. Provides support

It provides support to the organization that is handled between both the chances of achieving and losing the financial plans.

Here the benefits of financial risk management are uninformed at both the level of improving chances to make the acquisition of achieving a potential breakthrough in the supply chain. It has concentrated support of the chances of achieving the pre-planned financial activities.

17. Identification of risks

A risk management system helps in identifying the risks that have a precise network to determine the optimal management of risks. It has the maximized opportunity of the risks that are relevant in implementing the guidance provided.

It has holistic support from the entire organization when the risks are identified. It will become streamlined and efficient within the complex elements.

18. Provides guidance

It provides prior guidance about the framework that is enabled within the experience and assessing the risks that are modeled within the strategies of risk.

It has the development of advanced risk management techniques that are interrelated within the consequences of the gained knowledge and the other risks.

19. Identification of possible threats

This identification provides compensatory mundane activities that aim at motivating the employees to gather information about the consequent changes.

It spends time on the research and development of the execution of maintenance strategies. It accustoms the employees within the persuaded timing.

20. Reduces impact and loss

Risk management has more defined proceedings when there is a pre-planned schedule or loss of the object. It contributes a part to stress and worry. The complexity matters when they are gathered.

Here it ensures the organization with all possible outcomes of the independent and objective assessments that are analyzed on taking challenges.

21. Stability of earnings

The business operations that are held within the next operation level will concentrate more on the scheduled amount of data.

It reduces the impact of business activities. Employees will be retrenched so as to keep in the comfort zone.

22. Managing strategic plans

Managing risks has the strategic plans that are related to the plans that are most used in various strategic plans. This manages the data that depends on most of the resources that are linked to the migration defined data.

It reflects on the generated data that manages most of the generated cash flows that are in adverse situations.

23. Handling previous projects

If the analyzing of risk is done correctly in the previous stages, then it can be moved without processing the detailed information along various channels of risks. This memory can be held to unfold the future risks that are conflicted within the schematic schedule.

It enlarges new risk towards the competitors that are managed within the forbidden strategies.

24. Nurturing risks

Each possibility of the risks will be accompanied by the different logics that can compensate within the rigid comparisons and the choices made defining the aligned decision-makers of each project. This requires well-trained operators so as to optimize the situations of risks.

25. Collaborated work

Risks focus payoff and even to yield the profit. Sometimes the mistakes done can also be productive. It manages the possibility to perform tasks with organizational behavior.

Here managers are encouraged to focus on the risks that can be defined as exploitable challenging proposals.

Disadvantages of Risk Management Process

Managing the risks provides the waste of time to compensate for the projects. It persuades the projects that reciprocate to improve the funds in the company. It is spent on the research and development of the allocated issues that hold to ensure project management.

1. Complex calculations

Risk management involves complex calculations in terms of managing risks. Without the automatic tool, each and every calculation regarding risks becomes difficult.

2. Unmanaged losses

If the organization meddles with a loss, then that pay will be delivered to the pay loss of the firm.

Here, the organization is responsible for the loss that happened due to improper schedule about risk management.

3. Ambiguity

Even if the ambiguity is out of loss then people have to cover it within the planned scale of losses of the discounts and even the consideration into unnecessary insurance discounts.

4. Depends on external entities

Managing risks depends on the external entities that are modulated within the organization, usually depends on the external data.

It includes all the dependent information about the risks regarding other valid resources. The transferable resources depend on the external entities that tend to have data.

5. Mitigation

Usually, mitigation guarantees losses of the concealed impairment of money which may cause improper management of risks. This leads to unsafe acceptance of data within rare company losses.

6. Difficulty in implementing

Risk management takes a long time to gather information regarding strategic plans. It has universal standards that are mitigated and accepted according to the monetary values.

It matches with a hard understanding without recent experience without compensation of the required quantity of data.

7. Performance

Since the risk management can be processed only with subjectivity, it holds on the control of prospects within each issue. It can be identified with the difficult implementation of controls.

It manages the cost-benefits analysis that is not implemented. This process concentrates more on the implementation of controls.

8. Potential threats

These potential threats are to be maintained carefully so as to organize and disappear from the market. This implementation reduces the level of risk and proportionally increases the control over it.

Any kind of process will have its own limitations and benefits of project risk management. Thus to build an effective risk management one has to focus on the mitigated strategic plans of risks that are effective on the risk-takers. It is to identify the maximum of the entire management to overcome forthcoming dangers.

Risk management becomes the major case when the organization has targeted results apart from potential threats, damages, and vulnerabilities.

Risk Management is the process of identifying, assessing, and controlling threats to an organization’s capital and earnings. These threats, or risks, could stem from a wide variety of sources, including financial uncertainty, legal liabilities, strategic management errors, accidents, and natural disasters. IT security threats and data-related risks, and the risk management strategies to alleviate them, have become a top priority for digitized companies. As a result, a risk management plan increasingly includes companies’ processes for identifying and controlling threats to its digital assets, including proprietary corporate data, a customer’s personally identifiable information (PII) and intellectual property.

All risk management processes follow the same basic steps, although sometimes different jargon is used to describe these steps. Together these 5 risk management process steps combine to deliver a simple and effective risk management process.

Step 1

Identify the Risk. You and your team uncover, recognize and describe risks that might affect your project or its outcomes. There are a number of techniques you can use to find project risks. During this step you start to prepare your Project Risk Register.

Step 2

Analyze the risk. Once risks are identified you determine the likelihood and consequence of each risk. You develop an understanding of the nature of the risk and its potential to affect project goals and objectives. This information is also input to your Project Risk Register.

Step 3

Evaluate or Rank the Risk. You evaluate or rank the risk by determining the risk magnitude, which is the combination of likelihood and consequence. You make decisions about whether the risk is acceptable or whether it is serious enough to warrant treatment. These risk rankings are also added to your Project Risk Register.

Step 4

Treat the Risk. This is also referred to as Risk Response Planning. During this step you assess your highest ranked risks and set out a plan to treat or modify these risks to achieve acceptable risk levels. How can you minimize the probability of the negative risks as well as enhancing the opportunities? You create risk mitigation strategies, preventive plans and contingency plans in this step. And you add the risk treatment measures for the highest ranking or most serious risks to your Project Risk Register.

Step 5

Monitor and Review the risk. This is the step where you take your Project Risk Register and use it to monitor, track and review risks.

Risk is about uncertainty. If you put a framework around that uncertainty, then you effectively de-risk your project. And that means you can move much more confidently to achieve your project goals. By identifying and managing a comprehensive list of project risks, unpleasant surprises and barriers can be reduced and golden opportunities discovered. The risk management process also helps to resolve problems when they occur, because those problems have been envisaged, and plans to treat them have already been developed and agreed. You avoid impulsive reactions and going into “fire-fighting” mode to rectify problems that could have been anticipated. This makes for happier, less stressed project teams and stakeholders. The end result is that you minimize the impacts of project threats and capture the opportunities that occur.

Preventable Risks

These are internal risks, arising from within the organization, that are controllable and ought to be eliminated or avoided. Examples are the risks from employees’ and managers’ unauthorized, illegal, unethical, incorrect, or inappropriate actions and the risks from breakdowns in routine operational processes. To be sure, companies should have a zone of tolerance for defects or errors that would not cause severe damage to the enterprise and for which achieving complete avoidance would be too costly. But in general, companies should seek to eliminate these risks since they get no strategic benefits from taking them on. A rogue trader or an employee bribing a local official may produce some short-term profits for the firm, but over time such actions will diminish the company’s value.

This risk category is best managed through active prevention: monitoring operational processes and guiding people’s behaviors and decisions toward desired norms. Since considerable literature already exists on the rules-based compliance approach, we refer interested readers to the sidebar “Identifying and Managing Preventable Risks” in lieu of a full discussion of best practices here.

Strategy Risks

A company voluntarily accepts some risk in order to generate superior returns from its strategy. A bank assumes credit risk, for example, when it lends money; many companies take on risks through their research and development activities.

Strategy risks are quite different from preventable risks because they are not inherently undesirable. A strategy with high expected returns generally requires the company to take on significant risks, and managing those risks is a key driver in capturing the potential gains. BP accepted the high risks of drilling several miles below the surface of the Gulf of Mexico because of the high value of the oil and gas it hoped to extract.

Strategy risks cannot be managed through a rules-based control model. Instead, you need a risk-management system designed to reduce the probability that the assumed risks actually materialize and to improve the company’s ability to manage or contain the risk events should they occur. Such a system would not stop companies from undertaking risky ventures; to the contrary, it would enable companies to take on higher-risk, higher-reward ventures than could competitors with less effective risk management.

External Risks

Some risks arise from events outside the company and are beyond its influence or control. Sources of these risks include natural and political disasters and major macroeconomic shifts. External risks require yet another approach. Because companies cannot prevent such events from occurring, their management must focus on identification (they tend to be obvious in hindsight) and mitigation of their impact.

Companies should tailor their risk-management processes to these different categories. While a compliance-based approach is effective for managing preventable risks, it is wholly inadequate for strategy risks or external risks, which require a fundamentally different approach based on open and explicit risk discussions. That, however, is easier said than done; extensive behavioral and organizational research has shown that individuals have strong cognitive biases that discourage them from thinking about and discussing risk until it’s too late.

Classification of Risks in Banking sector

     

1. Credit Risk

• Credit risks involve borrower risk, industry risk and portfolio risk. As it checks the creditworthiness of the industry, borrower etc.
• It is also known as default risk which checks the inability of an industry, counter-party or a customer who are unable to meet the commitments of making settlement of financial transactions.
• Internal and external factors both influences credit risk of bank portfolio.
• Internal factors consist of lack of appraisal of borrower’s financial status, inadequate risk pricing, lending limits are not defined properly, absence of post sanctions surveillance, proper loan agreements or policies are not defined etc.
• Whereas external factor comprises of trade restrictions, fluctuation in exchange rates and interest rates, fluctuations in commodities or equity prices, tax structure, government policies, political system etc.

How banks manage this risk?

• Top management consent or attention should be received in order to manage the credit risk.
• Credit Risk Management Process include:

1. In a loan policy of banks, risk management process should be articulated.
2. Through credit rating or scoring the degree of risk can be measured.
3. It can be quantified through estimating expected and unexpected financial losses and even risk pricing can be done on scientific basic.

• Credit Policy Committee should be formed in each bank that can look after the credit policies, procedures and agreements and thus can analyze, evaluate and manage the credit risk of a bank on a wide basis.
• Credit Risk Management consists of many management techniques which helps the bank to curb the adverse effect of credit risk. Techniques includes: credit approving authority, risk rating, prudential limits, loan review mechanism, risk pricing, portfolio management etc.

2.  Market Risk 

• Earlier, majorly for all the banks managing credit risk was the primary task or challenge.
• But due to the modernization and progress in banking sector, market risk started arising such as fluctuation in interest rates, changes in market variables, fluctuation in commodity prices or equity prices and even fluctuation in foreign exchange rates etc.
• So, it became essential to manage the market risk too. As even a minute change in market variables results into substantial change of economic value of banks.
• Market risk comprises of liquidity risk, interest rate risk, foreign exchange rate risk and hedging risk.

How banks manage this risk?

• The major concern for the top management of banks is to manage the market risk.
• Top management of banks should clearly articulate the market risk policies, agreements, review mechanisms, auditing & reporting systems etc. and these policies should clearly mention the risk measurement systems which captures the sources of materials from banks and thus has an effect on banks.
• Banks should form Asset-Liability Management Committee whose main task is to maintain & manage the balance sheet within the risk or performance parameters.
• In order to track the market risk on a real time basis, banks should set up an independent middle office.
• Middle office should consist of members who are market experts in analyzing the market risk. The experts can be: economists, statisticians and general bankers.
• The members of Middle office should be separated from treasury departments or in daily activities of treasury department.

3. Operational Risk

• For a better risk management practice, it has become essential to manage the operational risk.
• Operational risk arise due to the modernization of banking sector and financial markets which gave rise to structural changes, increase in volume of transactions and complex support systems.
• Operational risk cannot be categorized as market risk or credit risk as this risk can be described as risk related to settlement of payments, interruption in business activities, legal and administrative risk.
• As operational risk involves risk related to business interruption or problem so this could trigger the market or credit risks. Therefore, operational risk has some sort of linkages with credit or market risks.

How banks manage this risk?

• There is no uniform approach in measuring the operational risk of banks. Till date simple and experimental methods are used but foreign banks have introduced some advance techniques to manage the operational risk.
• For measuring operational risk, it requires estimation of the probability of operational loss and also potential size of the loss.
• Banks can make use of analytical and judgmental techniques to measure operational risk level.
• Risk of operations can be: audit ratings, data on quality, historical loss experience, data on turnover or volume etc. Some international banks has developed rating matrix which is similar to bond credit rating.
• Operational risk should be assessed & reviewed at regular intervals.
• For quantifying operational risk, Indian banks have not evolved any scientific methods and are using simple benchmark system which measures business activity.

Risk is the chance of loss, and peril is the direct cause of the loss. If a house burns down, then fire is the peril. A hazard is anything that either causes or increases the likelihood of a loss. For instance, gas furnaces are a hazard for carbon monoxide poisoning. A physical hazard is a physical condition that increases the possibility of a loss. Thus, smoking is a physical hazard that increases the likelihood of a house fire and illness.

Moral hazards are losses that results from dishonesty. Thus, insurance companies suffer losses because of fraudulent or inflated claims. The legal system is a moral hazard in that it motivates many people to sue simply for financial profit because of the enormous amount of money that can sometimes be won, and because there is little cost to the plaintiff, even if he loses. A good example is the current asbestos litigation, which has bankrupted many companies, even though very few plaintiffs show any real evidence of disease, and are unlikely to ever develop any disease that can be shown, by the preponderance of the evidence, to have resulted from asbestos exposure. This type of moral hazard is often referred to as legal hazard. Legal hazard can also result from laws or regulations that force insurance companies to cover risks that they would otherwise not cover, such as including coverage for alcoholism in health insurance.

Insurance can be regarded as a morale hazard because it increases the possibility of a loss that results from the insured worrying less about losses. Therefore, they take fewer precautions and may engage in riskier activities because they have insurance. A good example of morale hazard is when the federal government bails out financial institutions who have made bad decisions. Many financial institutions have taken significant risks in the recent subprime debacle by buying toxic instruments, such as CDOs and mortgage-backed securities based on subprime mortgages that paid high yields, but were extremely risky. The financial institutions have considered themselves too big to fail in other words, if things started going badly, then the federal government would step in to stop their collapse for fear that the whole financial system will collapse, which is exactly what the federal government did in September, 2008. Freddie Mac and Fannie Mae have both been taken over by the government, and American International Group (AIG) has been propped up by an infusion of $85 billion of taxpayers’ money. AIG sold credit default swaps on mortgage-backed securities to buyers, mostly banks, thinking that they could collect the premiums, but would never have to actually to pay for defaults but if they were wrong, then the government would save them, because otherwise the banks that had bought that credit default protection could also possibly fail. As recent events have demonstrated all too clearly, this federal government “insurance” creates a morale hazard for financial institutions taxpayers pay the premium, but the big financial institutions, with their overpaid CEOs and managers, receive the benefits.