IFT Notes for Level I CFA® Program
R55 Introduction to Risk Management
4. Identification of Risks
There are two categories of risks: financial risks and non-financial risks.
4.1. Financial Risks
Financial risks are the risks that originate from financial markets, such as changes in interest rates or prices. There are three primary types of financial risks:
- Market risk: This risk arises from movements in stock prices, exchange rates, interest rates, and commodity prices. Any changes in fundamental economic conditions, events in the industry or economy, give rise to market risk.
- Credit risk: This is the risk that a counterparty will not pay an amount owed on an obligation, such as a bond, loan, derivative, to another party.
- Liquidity risk: This is the risk that, as a result of degradation in market conditions or the lack of market participants, one will be unable to sell an asset without lowering the price to less than the fundamental value. Liquidity risk is also known as transaction cost risk. Liquidity risk arises when the market for a specific asset becomes less liquid or the size of a position increases.
4.2. Non-Financial Risks
Non-financial risks are risks that arise from sources outside the financial markets, “from actions within the organization or from external origins, such as the environment as well as from the relationship between the organization and counterparties, regulators, governments, suppliers, and customers”.. These risks also have a monetary impact on the organization. The various types of non-financial risks are discussed below:
- Operational risk: This risk arises from within the operations of an organization and includes both human and system or process errors. All the internal risks in an organization are collectively called operational risk. Examples of operational risk include inadequate or failed employees, programming errors, systems, and internal policies, procedures and processes making an organization susceptible to hackers, rogue trader in a brokerage firm, natural disasters that interrupt operations, and terrorist attacks. Operational risk can also arise due to extreme weather and natural disasters such as floods, earthquakes, or hurricanes.
- Solvency risk: This risk arises when the entity does not survive or succeed because it runs out of cash to meet its financial obligations. One example of solvency risk is what happened to Lehman Brothers in 2008 because of taking on excessive leverage.
- Settlement risk: This is the default risk that occurs just before payments are to be settled.
- Legal risk: Any risk related to the law is a legal risk. For instance, an entity may be sued by another over a transaction, or what it does or does not do, as per the contract.
- Regulatory, accounting, and tax risk: The three risks are collectively known as compliance risk. This risk arises when an entity fails to comply with laws, regulations, and policies set by the government or regulatory authorities.
- Model risk: This is the risk of a valuation error that arises from improperly using a model. For instance, using the DDM (dividend discount model) to value a company whose growth is not constant.
- Tail risk: This risk arises when there are more events in the tail of the distribution.
- Sovereign or political risk.
Individuals face many of the same organizational risks outlined here, in addition they also face health risk, mortality or longevity risk, and property and casualty risk.
4.3. Interactions between Risks
Risks are not independent of each other and there is no clear distinction between the various risks as one risk may lead to another. For example, market risk leads to credit risk, which in turn leads to settlement risk and legal risk.
Risk interactions can be non-linear and harmful. The combined risk faced is worse than the sum of the risks of the separate components. This was seen during the 2008 crisis when many investment firms were forced to shut down because of their high leverage and insolvency. Most risk models do not take into account the interactions between risks.