Risk Management in Financial Institutions
Financial institutions must consider when and under what circumstances they should use their own resources to provide services, and how they should manage their portfolios to achieve the highest value for stakeholders. Oldfield and Santomero, in addressing these two issues, define the role of institutions in the financial sector and focus on risk management. They explain when an institution should transfer risk to the purchases of assets that the firm has issued and when it should itself absorb the risk.
Managers can consider three strategies for mitigating risk:
1. Avoid risk by eliminating those that are unessential to the financial service.
2. Transfer risks rather than absorbing them.
3. Aggressively manage risks that are inherent in the business activity.
The authors delineate the various types of financial institutions and the different services and risk associated with each. Services are divided into six categories: origination, distribution, servicing, packaging, intermediation, and market making. Principal and agency activities vary in each service because the risks and incentives are quite different.
There are five generic risks in providing services: systematic, credit, counterparty, operational, and legal. To some extent, all financial institutions face these risks. The authors focus, however, on those businesses in which the institutions participate as principals.
The authors contrast two different types of intermediaries at opposite ends of the spectrum -- a REMIC (real estate mortgage investment conduit) and a commercial bank. In the banking business, given its nature, risk management assumes a much more important role than in the passive REMIC. The difference is the transparency or permanency of each organization's investor interests. The authors envision principal financial institutions as transparent, translucent, or opaque in information and either active or passive in operation. For example, in transparent institutions with passive investment strategies, such as unit trusts or REMICs, rules replace management.
The authors propose four ways that a firm can actively manage risk:
1. Establish standards and reports. Managers need consistent information to understand the portfolio risks; investors need standard reports to gauge asset quality.
2. Impose position limits and rules. Each person who can commit capital -- trader, lender, and portfolio manager -- should have a well-defined limit.
3. Set investment guidelines and strategies. The firm should outline strategies for risk taking.
4. Align incentive contracts and compensation. The firm should compensate managers in line with the risks they bear.
To implement risk management across the firm, the authors offer five guiding principles: (1) make risk management integral to the business plan; (2) define specific risks of each activity and measure them; (3) establish procedures so that risk management begins at the point nearest the assumption of risk; (4) develop databases and measurement systems that relate to how the firm does business, for example, systems that record positions on a trade-date basis; and (5) ensure that senior managers use the overall risk management system to evaluate businesses, individual performance, and value added.