Recent events within the capital markets have highlighted a long-ignored tension within risk management. As credit deteriorates, markets make huge jumps on scant rumours and central bankers try (paradoxically) to balance inflation mitigation with restoring market confidence, the age old question has arisen - how much control over the central business of a capital markets organisation should the risk division of that institution hold?

Clearly there is a need for risk controls to be created and maintained, and for the trading activities to conform to these controls. This is a truism and it masks the deeper conflict between risk control and controlled risk.

In the past there have been two schools of thought with regard to risk ‘management'. The first was that a risk control group would monitor risks taken by the organisation and report these upwards on a periodic basis, from daily through to monthly, depending upon the organisation and its specific activities. Such measures would include:

• Basis point sensitivity to various underlying risk factors
• Value at Risk calculations across the entire book
• Historic scenario reruns

In turn, the stakeholders of such reports would determine whether the risks reported were consistent with the institution's level of risk conservatism. To a certain extent the sensitivity measures were the most watched as these gave an idea of the leverage against the market. The VaR numbers were often regulatory and not always put into context and the historic scenarios, while required, sat in an entirely different context altogether, and were not specifically relevant to the situation facing the market at the time. It must also be said that in more cases than not, the forward-looking risk measures produced were compared to achieved results to obtain a measure of the risk-reward relationship.

The second school of thought was to establish strict risk limits against the measures detailed above and enforce them on traders. Risk would be managed on an exception basis meaning that trading positions would only be looked at when a limit was breached.

There are problems with both of these approaches, and these should be considered when looking for the systemic approach to managing risk at any institution.

For both risk management approaches, there are issues with the risk measures as flat results. Specifically:

•  Basis point sensitivity is a very short frame measure. Such measures are very useful for predicting day-to-day P&L but fail to take into account the high level of non-linearity prevalent in the current markets of structured products. The obvious result is short-term ‘passing' of sensitivity limit checks, whilst doing nothing to address the potential toxicity of the inbuilt break points of the structure. These should be captured in the VaR calculation.
• VaR measures are designed to show a very specific result, namely the minimum loss that should be expected within the timeframe implied by the percentile used (i.e. 99% read as one day in a hundred) as long as markets move in a relatively normalised manner. This is not predicting shocks but, using correlations calculated from past market movements, reporting a singular risk number. In no way does this utilise or build-in market expectancy and as such is least effective, on its own, following a turbulent market. There are entirely reasonable predictions of how the market will behave as the news and the responses to that news are rationalised again, and portfolios could reasonably be expected to position themselves accordingly. The issue here is that this very positioning may push the VaR number to a level implying it is very risky, but this is based on market directions and drifts consistent with a recent turbulent past, rather than the current situation.

Historic simulations suffer from the same issues outlined above. Running situational scenarios revolving around a market crash in a situation following a fall, without looking at the current pricing measures and ratios will clearly lead to risk management inconsistencies.

The first approach is problematic in as much as deciding current risk on past returns is inherently risky. It can clearly lead to a bubble of profit over risk build up. There are a number of structural problems with daily risk reporting, such as if a trader is tasked with making excess profit, whilst knowing that his overnight position is to reduce risk for the overnight run. This is scarcely the intended result of a more robust approach to institutional risk policy.

Setting limits in a vacuum can also lead to problems. If the limit is created using the normalised data discussed above, then it can be inhibitive to the firm in terms of positioning portfolios in accordance to expected market conditions.

The above illustrate some of the reasons why there is a tension between traditional risk management and trading activities. Indeed, it could be said that role of risk management team is to curb the effectiveness of the trading team whose success is measured by the excess profits made by taking risks.

The obvious answer is a far more integrated approach to risk management. This means going beyond risk measurement (overnight runs producing risk reports for next day scrutiny) and risk monitoring (calculating risk numbers to handle breaches to preset risk limits). This means moving to an evolved form of actual risk management.

Firstly, along with the standard measures, there should be additional scenarios within the standard reporting. These should be scenarios based around the expected market behaviour from an in-house prospective. Accompanying the main predictive scenario should be further scenarios which effectively grid the possible effects prediction error. These could be modelled as a central scenario in each risk factor, as well as parallel shifts moving away in both directions from that scenario. This could then be considered as the path against which portfolios should be positioned and profitable, whilst the upside and downside of being wrong in the prediction are also looked at and run against the calibration of the firm's risk appetite.

The effect of this is to reset the base case risk in accordance with the internal market expectancy and to measure risk-taking against it. There are two main effects of this: the first is that the traders and risk management teams are working from the same base case, and the second, which is often overlooked is that the desk heads and trading managers can have an active view into the ‘risk taking' of the traders rather than just the downside risk. This would enable trading managers to ensure that portfolios were positioned to profit within the ‘risk corridor' for each risk factor. This last point essentially re-invigorates the risk system as an enhancement to P&L rather than a check or impediment.

It is also important to include time in the scenarios and to ensure that movements from the expected norm are understood. The reason for this is that profits should be looked for and risks measured within the corridor, and the impact of getting it wrong by varying amounts has to be known, particularly where structured products are employed and the non-linearity has to be accounted for.

Once such a risk corridor has been established, both the trading and risk teams need intraday access to the outputs and both need to be active in managing the risk. By managing the risk, it is meant that where certain risk factors breach the corridor, the investigation should be immediate and the first step should be to establish whether the breach is inadvertent (i.e. a volatility change due to an At The Market  change which in turn is due to a yield curve change). It should then be a risk management role to determine a hedge which protects against the offending risk factor but keeps the intended risk factor exposure intact.

Once the above scenarios are run, the rest of the standard risk measures should also be run, as to have value, when contextualised correctly, but they can now be understood against the backdrop of the expected returns and investment objectives. This should lead to clearly understood risk reporting within the firm and clearly communicated risk policies to the trading desks.

It should be clear that rebasing the risk policy in accordance with a turbulent world will take an effort of will and will require tools which can scale, provide intraday risk numbers in a timely manner, and a process of making the same tool/system available to the risk and trading teams. If addressed correctly, the benefits should include:

• Transparency in risk numbers
• Transparency in risk limits
• Co-operation between risk and trading divisions
• Decreased incentive to take large intra-day positions to increase profit
• Level playing field between risk and profit actors in the firm.

Marcus Cree, principal consultant, Adaptiv, SunGard