René M. Stulz put together Six Ways Companies Mismanage Risk for the March issue of the Harvard Business Review. Professor Stulz summarizes his thoughts in that “conventional approaches to risk management present many pitfalls. Even in the best of times, if you are to manage risk effectively, you must make extremely good judgment calls involving data and metrics, have a clear sense of how all the moving parts work together, and communicate that well.” Risk management is a new discipline, moving from the domain of the quant geeks to the board room. It is hard to pull it all together
Based on the recent downfalls of financial companies, it is clear that they lost a sense of of how the pieces of their risk management worked together. (See my earlier post: The Risk Management Formula That Killed Wall Street.) You need to understand the data, understand the weaknesses of the formulas that manipulate the data, and the understand what is missing from the end result. Most of the danger comes from what you don’t know that you don’t know. To avoid that you need to continually learn so there is less you don’t know and continually be cognizant that there is still much that you don’t know.
Here are the six ways from Professor Stulz:
- Lack of appropriate data. The rapid financial innovation of recent decades has made historical data less useful.
- Narrow measures of risk. Traditional daily measures of risk can’t capture a company’s full exposure when market fundamentals are shifting.
- Overlooked risks. Hedge funds that bought high-yielding Russian debt in the 1990s failed to properly account for counterparty risk.
- Hidden risks. Unreported risks have a tendency to expand in financial institutions.
- Poor communication. Complex and expensive risk-management systems can induce a false sense of security when their output is poorly communicated to top management.
- Rate of change. The risk characteristics of securities may change too quickly to enable managers to properly assess and hedge risks.
“If you live in Florida or Louisiana, you shouldn’t spend a lot of time thinking about how likely it is that you’ll be hit by a hurricane. Rather, you should think about what would happen to your organization if it was hit by one and how you would deal with the situation. Instead of focusing on the fact that the probabilities of catastrophic risks are extremely small, risk managers should build scenarios for such risks, and the organization should design strategies for surviving them.”
René M. Stulz is the Everett D. Reese Chair of Banking and Monetary Economics at The Ohio State University’s Fisher College of Business in Columbus.
See:
- Six Ways Companies Mismanage Risk
- March Issue of the Harvard Business Review
- René M. Stulz homepage at Ohio State University
- The Risk Management Formula That Killed Wall Street
Doug – Thanks for the tip! Have you checked out “Risk Intelligence” at all and if so – what do you think? http://www.amazon.com/Risk-Intelligence-Learning-Manage-What/dp/1591399548
Matt –
How are things down under?
I was not aware of that book. Thanks for pointing it out. I just added it to my reading list.