A Comprehensive Enterprise Risk Framework Touches All Important Business Areas
The risk management function in asset management is central to the investment process and it should interact closely with all the major business areas of the firm. Five commonly distinguished areas of Enterprise Risk include market and liquidity risk, counterparty risk, model risk, operational risk, and technology risk. While individual business areas are the front-line owners of the risk they create, the risk management department is tasked with providing independent oversight and effective challenge to support informed business decision making.
A robust Enterprise Risk Framework helps ensure that risk exposures across all five pillars are identified, managed, monitored and reported in a comprehensive and timely manner. It begins by asking the question “What kinds of risks do we face?” and then by systematically building out an inventory of relevant risks. It is critical that the risk identification component of the framework relies on a detailed understanding of the individual steps in the investment process and then overlays an appropriate risk taxonomy to pinpoint which types of risks may arise at each step, what controls are in place, and what are the residual risks.
For illustrative purposes only.
Market and Liquidity Risk
Managing market and liquidity risk is a primary concern for both portfolio managers and
risk managers, albeit from slightly different perspectives. Portfolio managers generally
strive to build portfolios that require minimal risk mitigation. They do this by
building portfolios that maintain desired market exposures (i.e. minimize unintended
market and factor bets) and keep leverage, liquidity, free cash and expected volatility
within a desired range. Risk managers will generally put more emphasis on extreme
outcomes by making sure that stress losses are consistent with risk tolerances and by
managing exposures to crowded trades or illiquid securities. Generally, this is done by
enforcing limits (e.g. on cash and leverage) and monitoring various risk metrics.
Model Risk
With the increasing use of complex quantitative models by asset managers, be it for
alpha generation, portfolio construction, trading or reporting, model risk has become an
increased area of focus. Model risk can be defined as the possibility of unintended
outcomes arising from the design, implementation, and use of models. Model errors can
result in unexpected exposures, misaligned strategies and unintended performance.
Examples include coding errors during model implementation and erroneous data feeding
into a model. Therefore, asset managers should establish a model risk management
framework to oversee the integrity of the models that feed their investment processes.
Counterparty Risk
Prime brokers, derivative counterparties, clearing banks and custodians are some of the
most important relationships for an asset manager. The main goal of counterparty risk
management is to protect the firm and its clients against financial losses or
reputational damage that would result if a counterparty does not, or may not, fulfill
its contractual obligations. To this end, risk mitigating arrangements should be set up,
where possible, along with internal procedures to monitor for signs of weakness in the
potential creditworthiness of the firm’s counterparties.
Operational Risk
Operational risks associated with the execution of processes and the performance and
conduct of the people responsible for their execution should be comprehensively
understood, consistently assessed and effectively managed. The operational risk
framework should be founded upon a detailed understanding of the processes that support
the business ‘front to back’. This includes the risks inherent in executing each
process, the controls in place to manage these risks and the residual risks after the
effect of controls. It is also important to understand the varying operational risks
associated with each of the products the firm offers. Asset managers often run a diverse
portfolio of products and mandates, each of which can present a unique, and sometimes
nuanced, set of operational challenges.
Technology Risk
As asset management firms rely increasingly on advanced technology platforms to deliver
financial products and services, managing technology risk has become increasingly
important. The increased reliance on technologists to provide efficient, automated, and
innovative solutions to enable business growth requires that risk managers understand
the risks inherent in these process and work to manage these risks in a structured and
disciplined manner. A robust technology risk management framework will likely comprise
of four broad areas of focus: infrastructure risk, information security risk, data risk,
and software risks.
Ultimately the effectiveness of any risk management framework depends on the quality of the team assembled, the soundness of the governance structure, a firmwide culture of risk awareness, and the breadth of risks that need to be managed.
This information is for informational purposes only and not intended to, and does not relate specifically to any investment strategy or product that Lodestone Wealth offers. The risk management process described herein will not always be successful. It is being provided merely to provide a framework to assist in the implementation of an investor’s own analysis and an investor’s own view on the topic discussed herein.