An interesting comment from a respected senior associate today is worth pondering on:
Am guessing/hoping this [Systemic Risk] is directly in your wheelhouse & not sure how ISO 31000 deals with it as it involves or influences multiple systems within a sector or industry.
In my world, this type of issue is viewed as an external influence which essentially sidelines what should be considered a strategic risk.
Would be interested to see your thoughts on your site or in the group.
My response can be found below ...
Thanks for sending this article through and I pretty much agree with what the DTCC have written.
"FINANCIAL networks tend to be robust yet fragile, absorbing shocks up to a certain tipping point, beyond which they spread risks rather than contain them, according to the Depository Trust & Clearing Corporation (DTCC)"
Banking and Finance | The Business Times - LINK
All players taking positions in a market are at risk from systemic shocks such as regime shifts in the economic horizon or the collapse of asset price bubbles. It is very challenging for intermediaries that have open economic interest to avoid outcomes from such asset price routs without enduring some kind of punishment. The big question of course is how to survive these catastrophes?
Most of what we know in managing risk generally works well with small sessions of volatility, exceptions and erroneous processes if you prefer but large spikes and black swans are extremely difficult to time although they can be relatively straightforward to spot.
One challenge in managing systemic shock is that much of what seems logical in risk management is counter intuitive when facing extreme adversity and when firms rush to save themselves from a rout, they tend to damage the community as a whole.
This issue is exemplified by observing the entities or people that make up markets and actors are rarely utilitarian, certainly as a catastrophe is in the 'building up' phase. Everyone tries to save themselves and the rush for the exit can exacerbate the problem, whatever that problem is.
More work needs to be done by regulators in this area of risk management and stress testing is a good start but automated, integrated and non balkanized stress tests are very complex to design. From what I am seeing on the ground, few banks have been able to successfully entertain stress tests coherently.
Systemic Risk Response
Commercial tools for responding to market wide shock (systemic risk) may include:
- Living Wills, Bail-Ins and Bail-Outs
- Catastrophe Bonds
- Diversification of Funding and Revenue Lines
- Redundant Operating Systems
- Contingent Bilateral Guarantees with Contractual Breaks
- Capital Reserves (Equity Tranche)
Most regulators are focusing too heavily on capital reserves in my opinion and the issue with Capital Reserves is; during deep market wide routs even the best capital pools can become suppressed, depleted and illiquid or difficult to enable. When a business needs a capital injection, if the capital isn't already shored up and on the balance sheet, it is pretty much unobtainable.
Systemic Risk Measurement
Tools for measuring and identifying market wide shock may include:
- Integrated stress tests from existing coherent measures of risk
- Reverse stress tests (Transformation Stress Testing)
- Aggregated Covariance Markov Matrix Reports & Copulas
- Positional Cluster Monitoring & Concentration Risk Measurement
- Scenario Analysis
- Early warning quantitative indicator systems
Most firms in the finance domain are addressing these measurements with integrated stress tests and many banks aren’t doing too well with this risk management initiative. In effect, the “integrated” aspect is really quite a challenge for all financial institutions.
The Credit Risk View of Capital | Martin Davies [ Click image to enlarge ]
Integrated stress testing requires the development of databases, extensible models and risk reports that are likely to contradict existing risk management structures. My advice here is to throw more research and development under the Asset Liability Management and ICAAP team but fragility is likely to remain either way.
Why is it so hard to manage systemic risk?
In simplicity, many market routs present themselves through alternate causal routes or signatures and consequently it is hard for firms to learn from past experiences. Additionally, designing a firm wide response to systemic shock stretches right across large management teams and many of these people won't be aligned in either their opinion or desired outcomes. Finally, designing a business to be less fragile can negate present opportunities and senior management are rarely motivated to entertain a downside before it actually occurs. Once it does occur, it's simply too late !!!
To finish up, do I believe ISO 31000 can help in this area of risk management?
Not directly without being substantially extended and we have to be very real here, the principles and guidelines brief of ISO 31000 makes no mention to "systemic shock" or "stress testing" but it does reference "systemic and logical process in detail". All this said and indirectly I suppose, ISO 31000 is enterprise wide!!! It should join the dots and it could become the conduit for bridging risk management silos in a business and if such a risk framework is deployed in a robust manner, that should surely help with addressing systemic wide shocks when they occur.