Joint NBER/IFRI Brainstorming Day
May 15th 2007
Venue: 47th Floor, Deutsche Bank,
Time
|
Topic |
Facilitators |
|
Arrival Breakfast
Available |
|
09:00 |
Introductions of
participants |
|
|
Topic 1: Objectives of Risk
Management within a Financial Firm |
David Bushnell (Citicorp) |
|
Coffee Break |
|
|
Topic 2: The Pursuit of
Risk Management Objectives |
Richard Evans (Deutsche Bank) |
|
Lunch |
|
12.45 |
Topic 3: Role of Risk
Management in Providing Information Useful in (External) Governance |
Robert Le Blanc (Barclays) |
|
Coffee Break |
|
|
Topic 4: Value,
Valuation and Governance of Risk Management Itself |
Robert Berry (Goldman Sachs) |
|
Coffee Break |
|
|
Topic 5: The Corporate
Governance required to Manage Reputational Risk |
David Bushnell (Citicorp)
|
|
Wrap Up and Next Steps |
|
|
END |
|
TOPIC 1: OBJECTIVES OF RISK MANAGEMENT
WITHIN A FINANCIAL FIRM
What are the objectives of risk management? Should they be different than they are
now? What is missing from the following
list of objectives? What is mis-stated?
Inform others about the firms risk posture (senior management, board of
directors, managers of units, shareholders, debtholders, rating agencies,
regulators, others?)
Set the framework, and the terms of tradeoffs, for making risk decisions (risk
posture of the firm as a whole, including leverage; risk allocations to units;
other?)
Prevent large losses from occurring?
Prevent exposure to such losses?
What is large?
Help maximize firm value? Over what
horizon? From whose
perspective?
Identify kinds of risk faced by the firm and by each unit.
Develop and implement models and other methods of measuring risk.
Develop and implement systems to control, limit, mitigate and manage the risks
taken by different individuals and units.
Do any objectives conflict with one another, or do they just compete for
resources?
Who sets the objectives? What is the
role of the board of directors? What
should it be?
Most board members dont fully understand the capabilities or methods of risk
management. How much of a problem is
this for setting objectives?
What are the important conflicts between the firms external stakeholders about
the proper objectives for risk management (between equity holders,
counterparties, debtholders, regulators, etc.)? Do any stakeholders apart from regulators
try to influence the firms risk choices
by influencing its risk management objectives or operations? Do all external stakeholders want risk to be
measured well?
Objectives support both the management of the firm (or internal governance)
and governance of the firm by external stakeholders. What is the relative
importance or management and governance as motivators of objectives?
To what extent should risk management be purely a control and measurement
function versus a designer of compensation and decision processes? Should it have a role in design of the firms
strategy? Would such roles conflict with
its control and measurement functions?
TOPIC 2: CHALLENGES TO THE PURSUIT OF
OBJECTIVES
(or, incentives and conflicts of interest within the firm)
To what extent do challenges in the pursuit of risk management objectives flow
from the technical limitations of current art and to what extent are they due
to incentive conflicts?
Where are the most important conflicts between the objectives of risk
management and the objectives of others within the financial firm? Do such conflicts come from differences in
views or understanding, differences in incentives, or technical limitations of
current risk management technology?
At a senior level?
At a junior level?
Objectives of business units, versus interests of
individuals?
How, and to what extent, can the incentives of others within the firm be
designed to support behavior consistent with risk management objectives (or can
risk management only impose controls)? How much of a problem is it for incentive
design when the employees dont understand the objectives and practices of risk
management?
How seriously does senior management take the proposition that risk management
is integral to maximizing firm value? What
about others outside of risk management?
What happens when the CRO disagrees with the CEO (about risk posture, process,
or other matters)? What should
happen? Do CROs have direct reporting
lines to the board, and to what extent are such reporting lines effective when
board members dont fully understand risk management?
Do CROs bear personal reputational risk from the risk outcomes of the firm to a
greater extent than other senior executives?
Do objectives, their pursuit, or conflicts of interest differ at the trough of
a risk cycle versus at a peak? Is it
appropriate that such differences exist?
Should an objective of risk management be to smooth out cyclical
variations in the firms behavior or strategy?
Does behavior differ in crisis and non-crisis situations? Do firms batten down too much after a crisis,
or minimize the implications and not react enough, or both?
On the whole, have regulators aided the pursuit or risk management objectives
or gotten in the way?
TOPIC 3: ROLE OF RISK MANAGEMENT IN PROVIDING INFORMATION
TO EXTERNAL PARTIES INVOLVED IN GOVERNANCE
To value the firm properly, and to exercise influence
over its decisions and strategy, external parties need information about the
firms risk posture and strategies. Risk
management functions produce a lot of value-relevant information. How can it be disclosed, efficiently and
effectively?
To what extent do stakeholders currently use information from the risk
management function?
In valuing claims on the firm?
In setting the terms of contracts (e.g., derivatives, loans, credit lines)?
Do gatekeepers (underwriters, analysts, auditors) use information from risk
management? Do they understand risk management?
What kind of information do stakeholders say they want? What should they want?
What are the technical constraints on what can be provided?
What are the competitive constraints?
How much variation across stakeholders in the nature of desired information?
How much of a problem is legal risk associated with disclosure?
Many stakeholders say they want information that is comparable across
institutions. What are the barriers to
collective action by firms in moving together to disclose comparables?
Do CROs routinely use information produced by risk management functions at
competing firms in helping their firm make strategic or tactical business
decisions?
What is the proper extent of information sharing across CROs, or across risk
management personnel at different firms?
TOPIC 4: VALUE, VALUATION AND GOVERNANCE
OF RISK MANAGEMENT ITSELF
An important function of risk management is the design
and operation of systems used to measure the performance of other units and
staff members. How can the performance
of risk management be measured?
How do senior managers of the firm, and the board of directors, think about the
value added by risk management?
Do they understand all the objectives?
Do they understand why risk management resources are allocated as they are?
How should a board of directors evaluate risk management performance?
What are the key differences, if any, between the risk management function and
Treasury or CFO functions, and what are the implications of such differences
for the organization of risk management?
To what extent do external parties consider the quality of a firms risk
management in valuing the firm (or in making value-relevant decisions, like
rating actions)?
Do different parties place different values on risk management? Are the values consistent with their
differing objectives and interests?
Do capital market prices reflect the value added by risk management? If so, whats the relative importance to such
recognition of value of disclosure of risk metrics about the firm versus information about the risk
management function?
If external parties cannot value the characteristics of a firms risk
management, how much of a problem is created for internal valuation of the
function?
What kind of information do external parties need in order to properly value
risk management?
What are the barriers to providing the information they need? Are such barriers surmountable?
To what extent can different parties be given different information (e.g.,
rating agencies versus equity analysts)?
What is the right design for incentive compensation for risk managers? To what extent should risk managers be
incentivized to make non-risk-management contributions?
At a junior level?
At a senior level?
TOPIC 5: REPUTATION RISK
How do we think properly about reputation risk? Can it
be measured? Is it a fad? Is it a distraction?
Does a reputation-reducing event have a near-term impact on profitability,
apart from any losses associated with the event itself? Does the value of the
firm decrease by more than the direct losses from the event?
Are the losses primarily due to perceived or real constraints on the firms
strategy in the wake of the event? Due to distraction of senior management? Due to perceptions of the
risk of similar losses in the future?
To what extent are
reputation events costly because they draw attention of
regulators? Of gatekeepers? Are litigation costs an
important consideration?
What is the role of risk management in identifying and limiting reputational
risks? Is it through a reputation risk
audit? Is it through an approval process? Is it through capital allocation ? To what extent can risk management hope to be
effective in such a role?