Material derived from books of IIA. CIMA. IRM. recomended for students of ICMAP.

1. RISK MANAGEMENT

2. Risk

3. Risky World
 Food prices spiked in 2008, riots breakout in
more than dozen countries in Africa and Asia,
and in Egypt a worker feeding his family with
34$ monthly salary.
 In Indonesia a village montie lost one out of
five residents when hit by tsunami.
 Global financial crises 53 million people will
remain stuck in extreme poverty by 2015,
who otherwise would not so poor.
 Crimes, diseases, loss of employment, war,
Terrorist attack……….. World is risky?

4. Risky World

5. Risk
 Risk ‘Uncertainty’ an unexpected outcome of
an event
 Even the most successful persons have a bad
day in their life
 Risk can be defined as the combination of the
probability of an event and its consequences
(ISO/IEC Guide 73).

6. Risky worth pursuing

7. Risk
 Risk is virtually anything that threatens or
limits the ability of an organization to achieve
its mission.
 It can be unexpected and unpredictable
events such as destruction of a building, the
wiping of all your computer files, loss of funds
through theft or an injury to a member.
 anything can happen, that have the potential
to damage your organization, cost you
money, or in a worst scenario, cause your
organization to close.

8. 8
Basic principles, concepts,
definitions
A risk is ANYTHING that may affect the
achievement of an organization’s objectives.
It is the UNCERTAINTY that surrounds future
events and outcomes.
It is the expression of the likelihood and impact of
an event with the potential to influence the
achievement of an organization’s objectives.

9. Source of Risk
 Risk is based on the uncertainty principle means that
business decisions are subject to the changes in the
business environment
 constantly changing environment in which organizations
exist
 In Business only one thing is constant and that is change
 Change is not an Event it’s a process that is continuous
 Uncertain environment constitutes
 Customers
 Technology
 Govt Regulation
 Competition

10. What’s Risk in Change
 ‘Grow or Die’ (Technology)
 ‘Stay Connected Stay alive’ (customers)
 ‘Survival of The fittest’ (Competition)
 ‘Adapt or Die’ (G. Regulation)
 The most significant risk to an organization is
the losing touch to its environment

11.  What’s meaning of risk?
 Who is at risk?
 What’s source of risk?
 What’s business environment?
 What’s risk in change?

12. Nature of Change
 Org are living in the turbulent transition between
industrial age and information age
 Reengineering, revaluation, downsizing, reinvesting
and restructuring all reflect change in business
environment
 The uncertain environment does not change in a
straight line
 To know the path of change you have to understand
phases of change
 Forming(Invent,create,try)
 Norming (repeat,improve,control)
 Fulfilling(improve quality, reinvent)
 The most significant risk to an organization is the
losing touch to its environment

13. 13
Basic Concepts

14. Risky World
 In recent years the world have suffered a
multitude of crises, financial and economic
turmoil have disrupted the world economy
through loss of income, jobs, social instability.
Natural disasters have devastated entire
communities from haiti to japan, there is a trail
of fatalities leaving behind a question.
 How can we become more resilient to such
risks?

15. Risky World
 An other concern is missed development
opportunities that arise when necessary risks are
not taken.
 Inability to mange risk to leads to crises and
missed opportunities, risk management calls for
people from crises fighters to risk managers.
 Risk comes from change….
 BUT
 Solution is not to reject it but to be well
prepared

16. Risk Effects
 Risk can effect positively or negatively, we cal
positive effect as opportunity(up side Risk) and
negative effect as threat(downside risk).
 Risk if ignored can be turn into crises if well
managed can be an opportunity
 Risk bears some cost in shape of losses if its
not managed and it also have some
management cost.
 Risk can be reduced if not eliminated.

17. Risk Types
 Financial risk
 Operational Risk
 Strategic Risk
 Hazard Risk

18. Strategic Risks
External Risk
 Competition
 MNC’s vs local
 Reputatation risk
 Media
 Customer Demand
 Industry Change
 Industry norms change, change in output/input
Internal Risk
 R&D
 low quality products and services

19. Financial Risks
 External Risk
 Interest Rate
 Foreign Exchange
Dollar rate effect on imports
 Credit
Banks credit lines,renewl,reschedule
 Internal Risk
 Liquidity &Cash flow
 Credit
Non payment by customers

20. Operational Risks
External Risk
 Regulation
Compliance risk in Govt rules, taxes
introduction of new health and safety legislation
 Culture
West facing in china
Internal Risk
 Information System
IT having Flaws, customers see you as unreliable, IT system
causes loss of all data.
 Supply chain
interruptions to your supply chain, reliance on one supplier

21. Hazard Risks
 External Risk
 Natural Events
Flood, Earthquake, Natural Disaster,
 Political and Economical
Law and order, Economy slow down, Govt Destabilization
 Internal Risk
 Properties
Damage to property stock, building,Business inturuptions
 Employees
Strikes,intruption to production, customer service,Crime

22. Speculative Risk(Business Risk)
Most business decisions,
such as marketing a new
product, involve
speculative risk.
speculative risk risk that
is inherent to a business,
involving the chance of
either profit or loss

23. Pure Risk(Hazard Risk)
A natural disaster, such as a
flood, or an accident
involving a customer or an
employee is a pure risk for
a business owner.
pure risk the threat of a
loss to a business without
any possibility of gain,
such as robbery or
employee theft

24. The bank call centre
 The managers at the call centre of a big
commercial bank are reviewing the risks facing
the business in the coming year. One issue is that
the centre has always had high staff turnover,
which is thought to be a result of low pay and
demanding shift patterns, along with the high
number of similar jobs being offered by other
employers in the area.
 Highlight Risks

25. The bank call centre
 High staff turnover,
 low pay and demanding shift patterns,
 similar jobs being offered
 Training; It takes about two weeks to familiarize new recruits
with the bank’s product range and IT systems
 aware of the processes required for dealing with customers
 heavily regulated industry.
 Reputation Risk
 Training cost
 End up with unsatisfied customers(leaving) and poorly trained,
low paid demorale employees(leaving).

26. Risk Terms
 Risk appetite
 This is the amount of risk an organisation is willing to
accept in pursuit of value. It is directly related to an
organisation's strategy and may be expressed as the
acceptable balance between growth, risk and return.
 Risk culture
 This is the set of shared attitudes, values and practices
that characterise how an entity considers risk in its daily
activities. Risk culture is mainly derived from an analysis
of organisational practices, namely rewards or sanctions
for risk-taking or risk-avoiding behaviour.

27. Risk Nature
 Risk in the form of uncertain changes in the
environment can effect the assets or the
management process
 The effect of risk also depend upon the types of
assets involved and nature of management
controls
 The assets at risk can be;
 Human
 Physical
 Financial
 intangible

28. Risk Nature
Org. Goals
Mgt.
Controls
Organization Assets
Risks

29. ICMAP Mission

30. Risk Nature
 risk involves uncertainty about meeting
organizational goals
 The only tangible outcome of risk is its
consequences we can not see intangibles that are
risks
 Risk is risk neither good nor bad but its
consequences
 Consequences depend upon
 Assets at risk
 Type of threat
 Duration of its consequences
 Controls effectiveness

31. Risk Nature
 Risk is a measure of uncertainty on the conditions of
environment, management focuses on consequences
of risk
 The key to risk assessment lies in the chain of goals and
objectives that saturate The organization
 Management control system plays an important role in
perception of risk, controls minimize consequences of
risk and not risk
 There are no practical methods for making uncertain
events more certain
 The management of risk follows the assessment as
treatment follows the diagnosis
 The management of risk is the essence of
management

32. Risk Analysis
 It’s a decision making tool for considering the
consequences of alternatives
 Why Risk Analysis?
 To take decisions in business
 To allocate resources to different projects
 Risk analysis include risk assessment and risk
management
 Risk Assessment is understanding risk and risk
management is doing some thing about risk

33. Risk Analysis
 Risk Analysis t is a process of thinking
systematically about all possible risks,problems
or disasters before they happen and setting up
procedures that will avoid the risk, or minimise
its impact, or cope with its impact.
 It is basically setting up a process where you can
identify the risk and set up a strategy to control
or deal with it.

34. Risk Analysis Case study
 CEO of hexon Organization had to take a
decision, Org in a growth phase and want more
space for extended operations, Alternatives
 Purchase adjacent land
 Build an additional facility
 Build a new building large enough to handle all
operation and sell older one
 Lease additional facility

35. Risk Analysis Case study
 Risk ,uncertainties; External
 Market demand(Major)
 Interest rate
 Political Risk
 Compliance risk
 What decision can be made
 Postponing
 Or taking an alternative of building or
 Short term arrangements
 Who should be involved
 Every one concerned in his area

36. Risk assessment and Management

37. Risk assessment and Management
Risk management is about taking risk knowingly, not
unwittingly.”
 Risk assessment is a method of identifying and
measuring Risk
 Risk Management is taking action to minimize Risk
 Good risk management is not just about avoiding
value destruction - it is also about facilitating value
creation.
 Risk assessment and Risk Management are tools to
help us to understand and solve the problem

38. Risk assessment
 Strategic; conducted for a period of 5 to 10
years by senior management, it includes
identification, measurement and prioritization
 Project /program/process; use to mange the
current period activity , its blend of both
strategic and operational
 Operational ; used in every day operations
largely for health and safety issue, deals with
work place risks

39. Risk assessment
 Strategic
 Project
 Operational
Risk Assessment
Risk Management

40. Risk Management
 Diversify or Avoid the Risk: changing the
nature of the activity to spread the exposure
over multiple activities
 Sharing the Risk: it’s a form of diversification
in which risk can be shared with customers,
suppliers, or Banks (like Insurance)
 Contingency Planning establishing controls
for known risks (DRP) Disaster recovery plan

41. Risk Assessment & Management
 Risk management process that helps ensure
the financial stability and safe operation of an
organization. It involves answering three
interrelated questions:
1. What are the most significant risks that the
organization faces;
2. how are they likely to arise or occur;
3. and what can be done about them either to
minimize their potential impact, or otherwise
to make proper provision for them?

42. Risk Assessment & Management
 Risk assessment and risk management are
imprecise tools so we should not expect too
much from risk analysis
 As Complete security can not b provided so the
risks can not be eliminated completely,
however key to Risk Management is to insure
all the known risks and get a right mix of plans
overtime that help you to achieve your goals

43. 43
The Cyclist and the Risk
Manager

44. 44
The Cyclist and the Risk
Manager
 Identify risks that the cyclists faces in cycling to
work.
 Report back.

45. 45
The Cyclist and the Risk
Manager
 Identify risks that the cyclists faces in cycling to
work.
 Report back.

46. 46
Risks
Threats:
 Death
 Head Injury
 Injury
 Reputation
 Financial
 Damage to the bike
 Sunburn/frost bite
Opportunities:
 Exercise
 Sunlight
 Reputation
 Financial
 Role model
 Environment

47. 47
Mitigation Strategies for
threats
 Death, head injury, other injury –
 helmet, bright clothes, lights, bell, CANbike course, obeying traffic laws, positive
attitude, anger management course
 Reputation –
 great outfit, change of wrinkle-free clothes, shower, time management
 Financial –
 high quality locks,stopping at stop signs
 Damage to the bike –
 regular maintenance, avoiding pot holes
 Sunburn/frost bite –
 sunscreen, mittens, hats, token/change
 Dehydration-
 filled water bottle

48. High risks in Industry
 The risks of damage to reputation, brand, and
image; network, privacy, and security risks; loss
of intellectual property; potential changes in
corporate governance, regulatory and legal
environment; and fluctuations in economic
conditions, were all found to be the top risks in
all the sectors of the industry.
 High risk with entities that are victim of cyber
crime, Banks do not have fraud detection
systems that can detect and alert business
owners to suspicious or unusual activity in their
bank accounts.

49. Risk Assessment
 Every entity faces a variety of risks from external and
internal sources that must be assessed. A
precondition to risk assessment is establishment of
objectives, linked at different levels and internally
consistent. Risk assessment is the identification and
analysis of relevant risks to achievement of
objectives, forming a basis for determining how the
risks should be managed.
 Because economic, industry, regulatory and operating
conditions will continue to change, mechanisms are
needed to identify and deal with the special risks
associated with change.

50. Risk Assessment
 It’s the quantitative and qualitative evaluation of
exposures arising from some activity
 Risk Identification:
the identification and the classification of what the risk
are and their characteristics.
 Risk Measurement and Evaluation:
the measurement of possible consequences
 Risk Prioritization:
how the risks are related to each other

51. Process of risk assessment
1. Gain an understanding of the organization's overall
goals
Examine documents i.e mission statement
Classify into time span of short medium and long term
2. Choose the risks that important to Org.
Operational
Financial
Strategic
3. Define the environment that are important to org.
Technology
Customer
Competitor
Economical
Financial

52. Process of risk assessment
4. Create a series of matrices
5. Using various creative process such as brain
storming, imagine scenarios out of box, may
out sourcing.
6. Combine the risk assessment for various
goals and objectives. Based on the
assessment management can plan how to
deal with those risks.

53. Project risk assessment
 Project risk assessment uses a different
method to identify risk may use one of the
following methods
 Exposure analysis; assets involved
 Environmental analysis; change in
environment
 Threat scenarios; what is. What might
happen

54. Project Risk assessment
Identify Risks
Alternatives/
Risk vs Cost
Design Controls
Monitor
Risks

55. Project risk assessment procedure
a) Identify risk; with mentioned approaches
b) Measure Risk/ develop alternatives; measure
risk on score scales with different approaches
and price out alternatives
c) Control design; choose cost effective controls
d) Risk management; monitor risks and hazards
making adjustment to project

56. Risk Identification
 Risks are an everyday part of life, so organisations
need a system to identify all those they face. This
involves collecting information from a variety of
sources: individuals, reports, observation and
environmental
 assessments. Common methods of collecting data
that identify risks include workshops, scenarios,
brainstorming and
 surveys. These may be linked with consultations with
stakeholders, environmental analyses, strategic plans
etc.

57. Risk Identification
 Risk identification is a key process of Risk
assessment. Risk can not measured, prioritized or
managed unless identified
 Risk identification sets out to identify an
organization's exposure to uncertainty, it requires an
intimate knowledge of the organization, the market
in which it operates,
 the legal, social, political and cultural environment in
which it exists, as well as the development of a sound
understanding of its strategic and operational
objectives,
 factors critical to its success and the threats and
opportunities related to the achievement of these
objectives.

58. Approaches to identify risk
 Exposure Analysis: Managers put physical,
financial, human assets at risk to achieve Org.
objectives.
• Identification of risks that can effect assets that
are critical for any Org. Matrices are created
• Exposure analysis is suitable for asset intensive
industries like manufacturing and construction
industry
• STPL Size Type portability and location
Approach is used.

59. Risk Identification approaches
 Environmental Analysis: the organizations
environment constitutes Customer, competitor,
economic, Govt Regulations
• the identification of environment risks that could
effect organization’s operations
• PEST -- A high level technique to understand the
external environment affecting the industry and some
of the specific external factors that may affect the
business. It considers Political, Economic, Social and
Technological factors and the risks to the business
that flow from these.
• Suitable for service industry like phone companies

60. PEST

61. Risk Identification approaches
Threat Scenarios: specialized risk identification
for frauds and disasters
• This approach not frequently used like the above
two mentioned Because of time and skills required
• Its always documented and time specific process
and its record must keep secure

62. Risk Identification approaches
 Five Forces analysis This technique considers all the
forces that influence the company, its industry and its
market place. It helps to analyse why a business is
successful or not. The five forces are the threat of new
entrants, threat of substitute products or services, the
bargaining power of suppliers and buyers, the
competitors and the intensity of rivalry in the industry.
 Facilitated methods (eg, brain storming) have the
advantage of drawing upon those experienced in risk
assessment, whilst maximising the input of management
who should know the business best.

63. Risk Measurement
 Assess Risk impact. Once the risks have been identified,
some assessment needs to be made of their likely impact.
This involves quantifying the risk in some way. We might
conduct market surveys, computer simulations, cost-benefit
analyses, or apply probabilities, statistical tests or sensitivity
analysis. Alternatively, we may rely on subjective judgments.
 Mathematicians prefer to measure it in quant through
probability but managers measure it on qualitative scale as
low medium and high
 Risks are the events with some probability of occurring,
consequences are results of risk
 Risks and its consequences can be measured on three
dimensions
1. Risk occurrence
2. Severity of consequences
3. The timing of risk and duration of consequences

64. Risk Measurement

65. Risk Measurement methods
1. Probability; its application of probabilities to
asset values to calculate loss in numbers
 The problem with that approach is some
situations are difficult to measure in quant way
 Take different scenarios of threats like fire,
flood and assume probability of threat its
duration, assets at risk and expected loss
 But most mangers not prefer probability
approach

66. Risk Measurement methods
2. Risk Factors are observed; more presence of risk factors
means higher risk;
 Complexity
 Asset liquidity
 Management competence
 Control strengths
 Three types of risk factors used
 Subjective risk factors
Integrity of management
Extent of rapid changes in process
 Objective risk factors
Value at risk
Employee turn over
 Calculated risk factors
Distance from office

67. Risk Measurement methods
 Weighted matrices: its similar to using risk
factors we allocate weights to different
components it involve 5 step process
1. Limit risk factors
2. Choose a scale 1-5
3. Evaluate factors and assign a score
4. Develop weight for each risk factors
5. Multiply weight with factor score

68. Case study
 The national bank has branches all over the
country and each branch is independent in
operations
 Source of risk
 Insider loan activity
 Collateral verification
 controls
 Every loan secured by collateral
 Employees loan reported
 Each collateral loan full documentation and
segregation of authorities
 Measure risk and allocate 20 hour budget

69. Case Study Branch Banking
1. Get your scenario?
1. Organization type nature, size, of business goals
general/ specific.
2. Source of risk/ categorization/ types of risk ,
why… explain….
3. Measure/ mapping/ ranking as medium, high
or low/ explain…….. Why?
4. What can be done about it… measures why
explain…………..

70. Case Study Branch Banking
1. Get your scenario?
 Organization type nature, size, of business goals general/ specific.
 Bank, deals in money, large number of customers, Maximum profit / fraud
prevention & detection of errors
2. Source of risk/ categorization/ types of risk , why… explain…
 Banks are inherited with risks, Risk of fraud, liquidity risk, interest rate risk,
reputation risk, branch independent risk of abuse of authority.
 Risks identified relate with revenue, how they constituents total revenue profit
and risk?
 What are the controls there? Chances of failure of controls.
 Collateral value decline
3. Measure/ mapping/ ranking as medium, high or low/ explain……..
Why?
 Rank the risks with your explanation which you think is comparatively high risk
i.e collateral verification
4. What can be done about it… measures why explain…………..
 Independent Valuation of collateral
 Decline in collateral value,
 manual may subject to errors
 Setting limits of employee loan with respect of time and amount
 Insider loan Approval from H.O, disclosure in F.S
 15 hour budget to Collatral verfication

71. Risk Prioritization
 Prioritization is also called ranking; purpose of
ranking is to put relative effort to the various
components of the org. based on risks, place more
effort on highest risks
 Prioritization of identified risks, thereby enabling
organizations to improve on project performance
by focusing on high-priority risks.
 Risk priority is identified using the probability of
occurring, the impact on project objectives if
realized, as well as time frame and risk tolerance
of the project constraints of scope, schedule, cost
and quality.

72. Risk Prioritization –
likelihood and impact
Likelihood of a risk event occurring
 Very High: Is almost certain to occur
Slide 72 72
 High: Is likely to occur
 Medium: Is as likely as not to occur
 Low: May occur occasionally
 Very Low: Unlikely to occur
Risk Impact: Level of damage that can
occur when a risk event occurs
 Very High: Threatens the success of the
project
 High: Substantial impact on time, cost or
quality
 Medium: Notable impact on time, cost
or quality
 Low: Minor impact on time, cost or
quality
 Very Low: Negligible impact

73. Methods of prioritization
 Absolute ranking; ranked by score in order of
magnitude
 Relative ranking; ranked as high, medium,
low sufficient for general planning purposes
 Matrices ranking; components at left and
threats at top than rank as H, M ,L

74. Exercise
The finance director of xyz has to prepare an
assessment of credit risk to report on board.
The company has annual credit sales of Rs. 12
Million and credit terms are 60 days.
 Irrecoverable debts 1.5% of total credit sales
 10 % of Irrecoverable is recovered through
legal action
 Required
 What is credit risk exposure of the company?
 What is expected loss each year due to credit risk?

75. Risk Management
 Process of acting upon the assessment of risk
is called Risk management
 A prudent management will take steps to
manage the risk
 Risk Management includes what can be done
with the assessed risks

76. Risk Management
 Avoid the Risk: design the process to eliminate
particular risks, minimize the risks or change the
nature of risks
 Control the Risk: introduce procedures to control the
process that minimize the consequences and
severity of risk occurrence.
 Pool Risk
 Risk of different transactions pooled together
 Diversification
 Share or Transfer the Risk: Burden of risk shared
;through contractual arrangements with suppliers,
customers, banks and insurance companies.

77. Diversification
 Diversification is an other method to control risk
 ‘Don’t check depth of water with both legs’
 ‘Don’t put all your eggs in one basket’, spread risk
across investments
 Change is the source of risk; so select different
investments which change in opposite to each
other, which are negatively correlated;
 Investments can be from different ranges as;
 Different Biz sectors
 week economy to strong economy
 One country to other country
 Seasonal to non seasonal

78. Project Risk management
Begin Proposal Risk
Assessment
Risk Rieturn higher Risk Management cost higher
Higher
risk higher
Measure Cost
of Project
Assessment
for high Risk
Risk
Management
Risk
mang
cost &
Risk
Cost of
leaving
project
Risk
return
trade
off
Submit 4
Approval
disapp
rove
Cost of Risk

79. Residual Risk
 There is always an amount of risk that left
instead of all your management efforts its
called residual Risk
 If residual risk too high than leave the project
if risk not too high than accept it
 Risk vs return
 Inherent risk, control risk, risk of relying on
procedures that can fail to detect

80. Next
Risk Management process
Risk Assessment
Identify the risks
Prioritize the risks
Measure the risk
Manage the risk

81. Benefits of Risk Management
 Risk management helps a company avoid
cost, disruption and unhappiness.
 helps management to decide which risks are
worth pursuing, and which should be
shunned.
 benefits of risk management are not easy to
quantify as,we can’t say, two major fires, a
burglary and three serious accidents
prevented

82. Type of risk
Benefits of
proactive management
a) Marketing risks
b) Health & safety
risks
c) Environmental
risks
d) Fire risks
e) Computer
f) Theft and fraud
g) Technical
h) Product
contamination
a) Maintain market share
b) Avoid worker litigation; reduce insurance premiums
c) Avoid litigation from regulatory authorities; reduced
premiums
d) Avoid loss of production, avoid going out of business;
reduced premiums Avoid loss of life or destruction of a
building
e) risks Prevent inability to invoice, lack of access to
information
f) Prevent loss of money, assets or concepts, loss of market
share
g) Avoid being left behind with obsolete manufacturing
methods or technologies; avoid production stoppage
h) Avoid harming customers and prevent litigation

83. Risk management is growing in
importance
 Legislation getting tougher
 Company directors can be jailed for corporate
offences, and fines can be high for health and
safety, product liability & finance issues
 Insurance is more expensive and more difficult to
get as Insurance companies;
 putting up premiums For higher risk.
 adding more exclusions, to the point where the
insurance won’t cover the business
 require their clients to actively manage their risks.
 can’t pay for loss of reputation

84. Risk management is growing in
importance
 Customer attitudes:
 Customer less likely to accept product failure
especially for drugs
 Shareholders awareness of risk. information in
annual reports about the company’s exposure to
risk, direct affect on company’s future profits.
 Management attitude
• Management has learnt from other’s
disaster if want to grow globally they have to
be more professional about risk

85. Fraud
 Fraud ‘Whit Collar Crime’, cheating, dishonesty, frogery,
embezzlement, insider trading, intentional deception.
 Fraud definition; ‘fraud is any intentional act or omission
designed to deceive others, resulting in the victim suffering
a loss and/or the perpetrator achieving the gain’.
 Fraud risk assessment;
 Inherent fraud risk
Business specific
Culture specific
 Identify three indicators;
Incentive/Pressure
Opportunity-control weakness
Ability to rationalize

86. Fraud Risk management
 FRM required where stakeholders have greater
expectations and regulators have large
penalties, Five principles of FRM;
1. Governance structure
1. Defined and documented policies and procedures
2. Ethical Culture
1. apply while hiring, promoting employees
2. Relationship with customers, suppliers
3. Business strategy and operations
2. Fraud Risk Exposure should be assessed periodically
1. Identify indicators as mentioned in above slide

87. Fraud Risk management
3. Feasible prevention techniques to avoid risk event
3. Strong Controls and Communication to all concerned
4. Design Edit Checks in IS
5. Cameras and Alarms
6. Reconciling accounts
7. Employees training
8. monitoring
4. Detection and Investigation
3. Establish hotlines for complains of stakeholders
4. Audit and Inventory count
5. Investigation by independent and qualified personnel
5. Reporting to
3. BOD, Legal Authorities.

88. Counterparty Risk
 The risk to each party of a contract that the
counterparty will not live up to its contractual
obligations. Counterparty risk as a risk to both parties
and should be considered when evaluating a contract.
 Counterparty risk is the potential exposure any
individual firm bears that the second party to any
financial contract will be unable to fulfill its
obligations under the contract’s specifications.
 Counterparty risk has long been one of the major
factors that favor the use of exchange-traded rather
than over-the-counter derivatives.
In most financial contracts, counterparty risk is also
known as "default risk".

89. Counterparty risk Management
 The recent market turmoil has reinforced the
importance of adequate risk management, including
dealing with exposure to counterparties.
 For a new product, the back office facilities need to
be developed in order to record the trades and to
keep track of the counterparties.
• Some contracts will require the counterparty party
to make collateral payments on being
downgraded. Does the value of the collateral also
decrease?
• Assessment of credit rating that is up to date and
accurate?

90. 90
Counterparty risk Management
A master agreement reduce counterparty exposure,
as it allows netting. For a new product this provides an
incentive to standardize the contract terms (if
possible) and develop a master agreement.
A clearing house concentrates exposure – need only
worry about the clearing house.

91. 91
IT risk
• Risk Management when applied to information
system, this process involves identifying and assessing
risks and take appropriate action to manage those
risks
• Classifying Risks; risk can be categorized as to the
achievement of strategic financial and operational
objectives
• Ineffective system design and testing risk from
inefficient operations

92. Political Risk
 Political change that alters the probability of
achieving business objectives“the risk of a
strategic, financial, or personnel loss because
of such nonmarket factors as macroeconomic
factors (fiscal, monetary, trade, investment,
industrial, income), political instability
(terrorism, riots, civil war and revolution).”
 Seeing negative risk is easier than finding an
opportunity

93. Sources of Political Risk
 Confiscation or destruction of overseas assets
 Discrimination
 Restrictions on repatriating cash
 Price fixing
 Expropriating assets
 Restriction on currency conversion
 Import quotas
 Company structure
 Super taxes

95. political risk Management
 Pragmatic usage of contingency planning, intellectual
property safeguards, risk diversification, and sound
exit planning to guard against Risk
 Transfer Risk
 Borrow locally if foreign investment
 Participative management
• Share Risk
 Insurance
 Joint ventures
 Negotiate in advance for compensation
 Control Risk
 Hedging
 diversification

96. Financial Risks
 Financial risk is a risk of change in a financial
condition such as exchange rate interest rate
credit rating of a customer.
 Types of Financial risk
1. Credit risk
2. Political risk
3. Interest rate risk
4. Currency risk

97. Credit Risk
• Credit risk is the risk of non payment or late
payment of receivables.
• Due to credit sales Credit Risk is always there in
business so need to be managed;
Risk of default of borrower, nonpayment or late
payment
Controls; Keep amounts and maturities short
Insurance
Debt factoring without resource

98. Currency risk
 currency risk that arises from possible future movements
of in an exchange rate, its two way risk as exchange rate
can move either adversely or favorably. Currency risk of
three types
1. Transaction Risk: That is risk is associated with buying
and selling in foreign currencies, there is danger that at
time of transaction and at time of cash flow exchange
rate will fluctuate, it will actually effect cash flow of
entity.
2. Translation risk: this risk arises when a company has assets or
liabilities denominated in foreign currency. The risk is the
exchange rate volatility will cause the value of assets to or
liabilities to increase resulting looses to the company.
3. No assets/ liabilities or transaction denominated in foreign
currency but it may face economic risk as competitors may be
in better position due to favorable exchange rates

99. Transaction Risk
 A Co. purchases goods on six month credit
for 150,000$ , exchange rate was 98 Rs./ 1
$. At time of transaction and expected
payment?
 Suppose the rate changes dollar strengths
and now it is 110 Rs/ 1 $.now expected
payment?
 How much loss?

100. Transaction Risk Management
 Invoice in home currency: transaction can be transferred to
customer or supplier if invoice is in home currency
 Leading and lagging – making a payment before its due or
delaying ; used to hedge against foreign currency
fluctuations, this involves changing the timing payments or
receivables depending on expected change in exchange rate.
 Matching – matching assets and liabilities of the same
nature. For example, to hedge against foreign currency
movements you would match assets and liabilities
denominated in the same currency. Conversely, to protect
against movements in interest rates, financing foreign
investment with foreign loan.

101. Transaction Risk Management –
Internal Hedging
 Netting – Receipts and payments are netted to determine
the overall exposure which then can be hedged using
external techniques
 Pooling; a system of managing cash separate bank balances
are pooled together to minimise markup and maximize
interest earned

102. Interest rate risk:
 risk that interest rate changes will affect the financial
well-being of an entity. This includes changes in
interest rates adversely affecting the value and
liquidity of fixed or floating rate exposures. In addition
to bond prices, interest rate fluctuations also directly
affect stock prices, foreign exchange rates and
economic growth.
 Interest Rate
Effect the cost of borrowing
Rise in price of funds will effect its movement
Effect PV of future cash flows
Controls; Diversification

103. Management
 Smoothing – used for interest rate risk management, this
involves maintaining a balance between fixed and floating
rate debt.
 Matching –To protect against movements in interest rates,
you would match assets and liabilities having a common
interest rate.

104. Management
Leading and lagging – used to hedge against foreign currency
fluctuations, this involves changing the timing payments
or receivables depending on changes in foreign currencies.
 Netting – assets and liabilities are netted to determine the
overall exposure which then can be hedged using external
techniques

105. Management
 Manage the risk using external (derivative) hedging
techniques such as the use of derivatives (forwards,
futures, options, swaps and hybrids of these). This is
usually the responsibility of the treasury department.

106. Risk Management Case Studies
Presentation
1. Airline
2. Automotive Retail
3. Healthcare
4. Manufacturing
5. Mining
6. Retail
7. Software
8. Wholesale