The inadequacy of current risk management models
Watson Wyatt’s report “Defining Moments’ contains this item on the inadequacy of current RM models.
“The force for change was a fresh view of risk as something more unpredictable and less capable of being modelled and yet even more critical to funds’ endeavours. Perhaps the most important philosophical shift is to recognise that we can no longer derive comfort that we have managed risk simply by having some quantitative representation. When the future is unknowable, risk is impossible to quantify.
So alongside our efforts on quantitative techniques we will need to improve our qualitative skills - essentially asking ‘what could go wrong? How likely is it?’ And ‘what are the consequences if it does go wrong?’.
The current risk management mindset is built on a foundation of normal, or at least symmetrical, distributions and the basing of risk models on past data - witness the prevalence of VaR (value at risk) statistics as the leading indicator of the risks being run. (Please note, we are not describing leading edge risk management, which is grappling seriously with the implied issues, but trying to describe normal practice.)
The move to a complexity model, as more representative of the real world, means that we need to reassess our approach to risk management. The fact that evolution and adaptation become part of the scene means that our reliance on past data is flawed. The past was simply one version of history out of many different possible versions. It is likely that path-dependency is also important - the future evolution will necessarily be influenced by the present starting conditions. For this reason, we would argue that risk models based on past data, even when stress-tested, are potentially dangerous, as they will underestimate the probability of extreme outcomes.
The evolution of investment content and new mandates, and the embracing of higher moments of the return distribution will also require significant advance in risk management tools and techniques. There remains a doubt in our minds that innovation in risk sophistication will come ahead of product innovation.
The events of the credit crisis have tested the risk management systems of organisations across the financial sector and found many wanting. The big lesson is that extreme events do happen, perhaps more often and with greater potential severity than we generally expect. We do not live in a mean-variance world, so the risk models that many built on past data squeezed into a mean-variance framework have not dealt with 2007’s reality. The right risk models (for surely organisations should be drawing risk data from a number of models) will, between them, be able to cope with:
- the whole of the distribution not just the most comfortable 95 per cent
- the fact that optionality in many investment decisions and pay-offs require the use of non-linear models
- the existence of so-called black swans - occurrences that are outside of practitioners’ experience but are not impossible.
For the quantitative measurement of risk, this means an extension beyond Value at Risk (VaR) measures to other risk measures that consider the shape of the distribution and the data in the tails. For qualitative risk assessments this means organisational intelligence and decision-making processes that recognise the possibility of outliers and are aware of the role of agency issues,incentive structures and collective action.”