KOLEJ UNIVERSITI TUNKUABDUL RAHMAN

FACULTY OF ACCOUNTANCY, FINANCE AND BUSINESS

SEMESTER MAY 2016/2017
BBMF 3073 RISK MANAGEMENT
WEEK 2
TUTORIAL 1

• Define risk. In your definition, state the relationship between risk and uncertainty.

Solution
Risk in a particular situation is understood as uncertainty about an outcome, and the
possibility exists that the outcome will be unfavorable. In other words, risk is a condition
in which there is a possibility of an adverse deviation from a desired outcome that is
expected or hoped for.

Because the term uncertainty is often used in connection with the term risk. The most
widely held meaning of uncertainty refers to a state of mind characterized by doubt,
based on a lack of knowledge about what will or will not happen in the future. The
existence of risk, that is a condition or combination of circumstances in which there is a
possibility of loss, creates uncertainty on the part of individuals when that risk is
recognized. Uncertainty when connected to risk usually produces a feeling of frustration
and mental unrest.

• Risk may be sub-classified in several ways. List the three principal ways in which risk
may be categorized, and explain the distinguishing characteristics of each class.

Solutions
Three categories of risks:
Static and Dynamic Risks
An important distinction is between static and dynamic risks Dynamic risks are
those resulting from changes in the economy. Changes in the price level,
consumer tastes, income and output, and technology may cause financial loss to
members of the economy. These dynamic risks normally benefit society over the
long run, since they are the result of adjustments to misallocation of resources.
Although these dynamic risks may affect a large number of individuals, they are
 generally considered less predictable than static risks, since the former do not
occur with any precise degree of regularity.
Static risks involve those losses that would occur even if there were no changes in
the economy. If we could hold consumer tastes, output and income, and the level
of technology constant, some individuals would still suffer financial loss. These
losses arise from causes other than the changes in the economy, such as the perils
of nature and the dis- honesty of other individuals. Unlike dynamic risks, static
risks are not a source of gain to society. Static losses involve either the destruction
of the asset or a change in its possession as a result of dishonesty or human
failure. Static losses tend to occur with a degree of regularity over time and, as a
result, are generally predictable. Because they are predictable, static risks are more
suited to treatment by insurance than are dynamic risks.
(b) Fundamental and Particular Risks
The distinction between fundamental and particular risks is based on the
difference in the origin and consequences of the losses. Fundamental risks
involve losses that are impersonal in origin and consequence. They are group
risks, caused for the most part by economic, social, and political phenomena,
although they may also result from physical occurrences. They affect large
segments or even all of the population. Particular risks involve losses that arise
out of individual events and are felt by individuals rather than by the entire
group. They may be static or dynamic. Unemployment, war, inflation, earth-
quakes, and floods are all fundamental risks. The burning of a house and the
robbery of a bank are particular risks.
(c) Pure and Speculative Risks
One of the most useful distinctions is that between pure risk and speculative risk.
Speculative risk describes a situation in which there is a possibility of loss, but
also a possibility of gain. Gambling is a good example of a speculative risk. In a
gambling situation, risk is deliberately created in the hope of gain. The student
wagering $10 on the outcome of Saturday’s game faces the possibility of loss, but
this is accompanied by the possibility of gain. The entrepreneur or capitalist faces
speculative risk in the quest for profit. The investment made may be lost if the
product is not accepted by the market at a price sufficient to cover costs, but this
risk is borne in return for the possibility of profit. The term pure risk, in contrast,
is used to designate those situations that involve only the chance of loss or no loss.
One of the best examples of pure risk is the possibility of loss surrounding the
ownership of property. The person who buys an automobile, for example,
immediately faces the possibility that something may happen to damage or
destroy the automobile. The possible outcomes are loss or no loss. The distinction
between pure and speculative risks is an important one, because normally only
pure risks are insurable, however not all pure risks are insurable.
 3. The distinction between “pure risk” and “speculative risk” is important because the
insurers need to determine if a resulting loss is insurable or not. On the other hand, it is
important to know the distinction between ‘fundamental’ and ‘particular’ risks. Why is the
distinction between the two important?
Solution
Fundamental risks and particular risk (in finance, known as specific risk). A common example of
the fundamental risk is market risk. This type of risk is known in finanace as the systematic risk
or non-diversifiable risk. The clear distinction between these two risks will help portfolio
managers in investment management to achieve the best level of efficiency through
diversification.

4. Explain how pure risk has an adverse effect on economic activity.

Solutions
Speculative risk differs from pure risk because there is the possibility of profit or loss, such as
investing in financial markets. Most speculative risks are uninsurable, because they are
undertaken willingly for the hope of profit. Also, speculative risk will generally involve a greater
frequency of loss than a pure risk, since profit is the only other possibility. So although many
people take precautions to protect their lives or their property, they willingly engage in
speculative risks, such as investing in the stock market, to make a profit; otherwise, a person
could avoid most speculative risks simply by avoiding the activity that gives rise to it.

However, unlike pure risk, where there is only possibility of a loss, society benefits from
speculative risks. For instance, investments benefit society, and starting a business helps to create
jobs and generate tax revenue for society, and can lead to economic growth, or even
technological advancement. Pure risks would only bring adverse impact to the factors of
production and other economic entities.

5. List the four types of pure risk facing an individual or an organization and give an example of
each.
Solution
Personal risks. These consist of the possibility of loss of income or assets as a result of the
loss of the ability to earn income. For example, (a) premature death, (b) dependent old age,
(c) sickness or disability, and (d) unemployment.
Property risks. Anyone who owns property faces property risks simply because such
possessions can be destroyed or stolen. Property risks, may involve two types of losses:
(a) the loss of the property and (b) loss of use of the property resulting in lost income or
additional expenses.
Liability risks. The basic peril in the liability risk is the unintentional injury of other
persons or dam- age to their property through negligence or carelessness; however,
liability may also result from intentional injuries or damage.

Risks arising from failure of others. When an- other person agrees to perform a service for
you, he or she undertakes an obligation that you hope will be met. When the person’s failure
to meet this obligation would result in your financial loss, risk exists. Examples of risks in
this category would include failure of a contractor to complete a construction project as
scheduled, or failure of debtors to make payments as expected. With the development of the
Internet, the rapid evolution of e -commerce, and the increased trend toward outsourcing by
big businesses, a variety of new risks relating to the failure of others have emerged.

6. The text discusses the “burden of risk.” What are the two principal ways in which the impact
of risk may be felt by an individual or an organization?
Solution
Regardless of the manner in which risk is defined, the greatest burden in connection with risk is that
some losses will actually occur. When a house is destroyed by fire, or money is stolen, or a wage
earner dies, there is a financial loss. When someone is negligent and that negligence results in injury
to a per- son or damage to property, there is a financial loss. These losses are the primary burden of
risk and the primary reason that individuals attempt to avoid risk or alleviate its impact.
**Students may provide any example to demonstrate their understanding for the ‘burden of risk’
concept with the guidance of their tutor.

7. Distinguish between “perils” and “hazards” and give two specific examples of each.
Solution
A peril is a cause of a loss. We speak of the peril of fire, or windstorm, or hail, or theft. Each of
these is the cause of the loss that occurs. A hazard, on the other hand, is a condition that may
create or increase the chance of a loss arising from a given peril. It is possible for something to
be both a peril and a hazard. For instance, sickness is a peril causing economic loss, but it is also
a hazard that increases the chance of loss from the peril of premature death.

8. Briefly distinguish among the three categories into which hazards may be divided and give an
example of each.
Solution
Physical hazards consist of those physical properties that increase the chance of loss from the
various perils. Examples of physical hazards that increase the possibility of loss from the peril of
fire are the type of construction, the location of the property, and the occupancy of the building.
Moral hazard refers to the increase in the probability of loss that results from dishonest
tendencies in the character of the insured person. More simply, it is the dishonest tendencies on
the part of an insured that may induce that person to attempt to defraud the insurance company.
Morale hazard, not to be confused with moral hazard, acts to increase losses where insurance
exists, not necessarily because of dishonesty but because of a different attitude toward losses that
will be paid by insurance. When people have purchased insurance, they may have a more
careless attitude toward preventing losses or may have a different attitude toward the cost of
restoring damage.

9. Explain why the number of risks and the severity of losses increase over time. Solution
From the dawn of civilization, humans have faced the possibility of loss. Our ancestors
confronted an environment characterized by incredible perils and hazards. The earliest perils
giving rise to risk were those of nature and predators (including not only savage beasts but
human predators as well). Humans learned to anticipate and prepare for adversity, both
collectively and individually. They built shelter and they saved for the future. This provided
protection from the elements and savage beasts, but it created new risks. Structures constructed
for protection were vulnerable to damage, and saving meant accumulation of wealth, which
inevitably created new risks. Those who saved were exposed to the predatory inclinations of
those who did not (an exposure that continues to the present day). Despite progress in learning
how to deal with risks, the challenge of dealing with risk continued to grow. As new ways of
addressing risk are found, new risks appear, often as a result of progress.
Since the early 1800s, advances in technology have increased the sources of energy available to
humankind, and with each new source have come new risks. For example, the industrial
revolution witnessed the application of steam to the production process, and with steam came
new risks.
One can argue that the invention of the legal sys- tem was an effort to address risk. By defining
individual rights and responsibilities, the legal system created a framework whose basic function
was to protect those rights. At the same time, the legal sys- tem itself became a source of risk, by
creating a system in which those who are injured or damaged by others may seek compensation
The information age in which we are now immersed embodies a variety of new exposures.
Information has value, and as such, its exposure to loss represents risk. Information has, of
course, always had value.

10. With respect to each of the following, indicate whether you would classify the event or
condition as a peril or a hazard: an earthquake, sickness, worry, a careless act, an economic
depression.
Solution
Peril- an earthquake
Peril/ hazard- sickness
Hazard- worry
Hazard- a careless act
Peril- an economic depression

11. Two 9-year-old boys are watching a television replay of a boxing match between
Muhammad Ali and Joe Frazier on a program called “Great Fights of the Century.” Since the
fight took place before they were old enough to remember the outcome, neither knows who won
and they bet on the outcome. Tom bets on Ali and Tim bets on Frazier. Does risk exist in this
situation? For Tim? For Tom?
Solution
Yes. There is risk of speculation/ speculative risk. In Tim or Tom’s bet, either one would win
and the other losses. There are both chances of loss and gain.
Tim and Tom took the bet in the first place hoping for the chance of winning. With this
intention, their behavior classifies them as speculators in Finance.

12. Mike says, “The possibility that my house may burn is a pure risk for me, but if I buy
insurance, it is a speculative risk for the insurance company.” Do you agree? Why or why not?
Solution
Yes, the above statements are correct. When Mike entered the contract with the insurance
company, he held the hope to have his house indemnified for possible losses due to fire. He does
not want his house burnt. With the insurance coverage, Mike’s worry about losses minimization
due to a fire is reduced.
On the other hand, the insurance company knew before the contract takes place that it would
incur losses if Mike the claimant files any fire related damage.

TUTORIAL 2& 3
1. Explain risk management framework. State arguments supporting the importance
of the enterprise risk management (ERM).

The purpose of the risk management framework is to assist an organization in integrating

risk management into its management processes so that it becomes a routine activity.
Enterprise risk management (ERM) is a response to the sense of inadequacy in using a
silo-based approach to manage increasingly interdependent risks. The discipline of ERM,
sometimes referred to as strategic business risk management, is seen as a more robust
method of managing risk and opportunity and an answer to these business pressures.
ERM is designed to improve business performance.

2. State the SEVEN (7) components of an enterprise risk management explain each
component while incorporating these components within the context of the banking
system.

A way of exploring the mechanisms for implementing a risk management process is to

break it down into its component parts and examine what each part should contribute to
the whole. It is proposed here that the risk management process is broken down into 8
stages: Internal environment, context, identification, analysis, evaluation, treatment,
monitoring/review and communication/consultation. While activities follow a largely
sequential pattern, it may be a highly iterative process over time. For instance, as new
risks are identified, the earlier process of (examples on how the seven process, from
establishing the risk context to communication and consultation in a bank can be given)

3. How has the discipline of risk management in an organization developed? What, in

your opinion, were the primary motivating forces and the strategic factors that led
to the development of risk management? (In another word, explain the reasons for
increased importance attached to enterprise risk management.)

Evolving nature of risk and expectations about its management have now put pressure on
previous working practices. Historically, within both private and public organisations,
risk management has traditionally been segmented and carried out in “silos”. This has
arisen for a number of reasons such as the way our mind works in problem solving, the
structure of business organisations and the evolution of risk management practice.

The benefits of ERM: Enterprise risk management provides enhanced capability to:
1) Increase the likelihood of a business realizing its objectives. ERM will equip
organisations with techniques to identify record and assess the opportunities they
seek to proactively pursue and exploit.
2) Build confidence in stakeholders and the investment community. As a result of the
global financial crisis institutional investors, rating agencies and regulators are
more focused on and more eager to learn about an organisation’s capabilities for
understanding and managing risk.
3) Comply with relevant legal and regulatory requirements. ERM, through
establishing (and subsequently monitoring) a risk management framework,
requires an organization to understand, record (and keep up to date) the business
 context including, but not limited to, the legal and regulatory requirements it has
to comply with and, where appropriate, the implications of not doing so.
4) Align risk appetite and strategy. Risk appetite is the degree of risk, on a broad-
based level, that a business is willing to accept in pursuit of its objectives.
5) Improve organizational resilience. As the business environment continues to
change and the pace of change accelerates, resilience is critical to business
longevity.
6) Enhance corporate governance (CG). ERM and CG augment each other. ERM
strengthens governance through challenging potential excessive risk taking as
occurred in the global financial crisis, encouraging board-level engagement in the
high-level risk process and improving decision making on risk appetite and
tolerance.
7) Embed the risk process throughout the organization. ERM, through the creation
of a framework, policy, process, plans and training can embed risk management
throughout the organization form the board down to all elements of the
organizational structure as risk exposure can emanate from any corner of the
organization (Eg. From a breach of ethics at board level to a breach of
environmental legislation by production)
8) Minimise operational surprises and losses.
9) Enhance risk response decisions.
10) Optimise allocation of resources.

4. Discuss the role of corporate governance as the proponent to good enterprise risk
management system.

Examination of recent developments in corporate governance reveals that they form

catalysts for and contribute to the current pressures on ERM. It explains the expectations
that shareholders have of boards of directors. It explains the approaches companies have
adopted to risk management and the extent of disclosure of risk management practice.
Corporate governance now forms an essential component of ERM because it provides the
top-down monitoring and management of risk management. It places responsibility on
the board for ensuring that appropriate systems and policies for risk management are in
place. Good board practices and corporate governance are crucial for effective ERM.

5. Explain the relationship between risk undertaking and opportunities for returns. If
risk undertaking provides opportunity for returns, why is gharar (speculation)
prohibited in the religious teaching in Islam?

There should be a preoccupation with downside risk. Risk management of both upside
risks (opportunities) and downside risks (threats) is at the heart of business growth and
wealth creation. Once a board has determined its vision, mission and values, it must set
its corporate strategy, its method of delivering the business’s vision. Risk is inescapable
in business activity. As Peter Drucker explained as far back as the 1970s, economic
activity by definition commits present resources to an uncertain future. The one thing that
is certain about the future is its uncertainty, it risks. Hence, to take risks is the essence of
economic activity.
 Knight and Petty (2001) stress that risk management is about seeking out the upside risks
or opportunities, that getting rid of risk stifles the source of value creation and upside
potential. Any behavior that attempts to escape risk altogether will lead to the least
rational decision of all, doing nothing. While risks are important, as all businesses face
risk from inception, they are not grounds for inaction but restraints on action. Hence risk
management is about controlling risk as far as possible to enable a business to maximize
its opportunities.

Islamic finance describes risk or hazards (especially in the sale of services of products
with details of the sale is uncertain). Gharar or speculation is prohibited under Islam
because Islam prohibits trades that produce excessive risk as the result of uncertainty.
There are strict rules in Islamic finance against transactions that are highly uncertain or
may cause any injustice or deceit against any of the parties.

In finance, Gharar is observed within derivative transactions, such as forwards, futures

and options, in short selling, and in speculation. In Islamic finance, most derivative
contracts are forbidden and considered invalid because of the uncertainty involved in the
future delivery of the underlying asset. The failure of an investment company (Barings
Plc) is largely due to the course of speculations using derivatives.

6. Outline (using the guide of a diagram), the relationship between corporate

governance and internal risk control in effort of promoting a good ERM.

7. The key lessons to be learnt form losses incurred by organizations is the importance
of risk controls. The Enron’s bank counterparties, for example, and many other
 financial institutions have failed to do this, and face huge adverse financial
consequences.

Risk Management is a subset of internal control. It is an essential element to a good CG.

The Turnbull report provides the composition of an internal control as an internal control
system that encompasses the policies, processes, tasks, behaviors and other aspects that
are within the company’s management capacity and monitoring.

8. Why is risk management important in the public sector?

In an economy where certain businesses are considered “too important to fail” and the
taxpayer is called upon to underwrite the risks of banks in the private sector, banks were
severely criticized for gambling with taxpayers’ money. Banks and financial institutions
in general have a pivotal role in the global financial crisis which could cause economic
instability and erosion of national prosperity. The need to nationalize the banks’ losses
resulted in unemployment particularly in the public sector and left those in employment
facing a significant drop in their standard of living.

Government departments are responsible for services such as the provision of health care
and education, protecting the environment, regulating industry and the payment of social
services. All involve some degree of risk. However, it may be argued that they now have
to deal with risks from more diverse range of sources, emanating from the broad
spectrum of public services currently provided. But this is no real surprise, as there has
been a similar broadening of business risk exposure.

Government is also an entity like multinational companies, faced with multitude levels of
risks. On top of these, it is also the responsibility of the government to deal with
terrorism (counterterrorism activities, to protect against IT systems vulnerability,
environment and other safety related enforcements as well as reputational risk
management.

There is increasing expectations form the government’s stakeholders as society moves

towards civilization.

Additional risks arise due to development in the global connectedness and international
trade between countries (SARS, outbreak of diseases, threat form viruses in IT systems
and so on).

9. Describe in detail the stages or steps entailing a complete risk management process.
The following are the indicators to sufficiency of the completion of each stage.
1) Establishing the context: is sufficiently completed when the risks criteria that will
be evaluated in later stages are established.
2) Risk Identification: is sufficiently completed when questions like “what, why and
how” an event or occurrence arise, as the basis for further analysis.
 3) Risk Analysis: is sufficiently completed when the existing controls are
determined and analysed in terms of likelihood and consequences form such risk
exposure. Consequence and likelihood may be combined for better risk estimates.
4) Risk Evaluation: is sufficiently completed when the process of risk comparison
against pre-determined criteria has been carried out. This process enables risk
ranking and prioritization.
5) Risk Treatment: is sufficiently completed when low priority risks are accepted
and monitored. This stage requires the development of the risk management plan,
and setting up of budgets for risk funding.
6) Monitor and Review: this stage entails monitoring and reviewing for feedback
and improvements needed for better risk management process, to begin with, in
the next risk management cycle.
7) Communication and Consultation: this is the process when the risk registry is
updated, policies revised and documented for the preparation of the next risk
management iteration

10. In some sense, a risk manager must be a “jack of all trades,” because of the breadth
of his or her activities. Identify several areas in which a risk manager should be
knowledgeable, and explain why this would be useful. What type of educational
background should a risk manager have?
About one-fourth of risk managers reported having responsibility for some loss
prevention activities within their organisations. A higher percentage reported more
responsibility for safety and fire engineering. However, than for security, which seems
risk manager evolved from the insurance manager, who was traditionally located in the
finance division or under the control or quality assurance division. In these companies,
risk management is viewed as financial function and reports to the finance department. In
companies in which the risk manager evolved from the employee benefits manager, the
risk manager may be in the personnel division. Finally, in some companies, the risk
manager will have developed form the safety function. Here, the risk manager will
generally be located in the division that traditionally housed the safety director, usually
the production division.
Most risk managers have a financial orientation, reporting to a vice president (finance,
treasurer or comptroller), although there is a growing school of thought that says he or
she should be in a less specialised department, reporting to an executive vice president or
even to the president to illustrate the company-wide scope of risk management activities.

11. In a large, multidivisional company, risk management may be centralized or

decentralized. Which approach, in your opinion, is likely to produce the greatest
benefits? Why?
Based on the modern risk management concept, enterprise-wide risk management is
more effective and efficient to organisations with multidivisional settings, therefore, wish
management should be decentralized. (Provide further justifications on how the benefits
of ERM can help address multinational issues in the evolving business environment).

12. The primary objective of risk management is to preserve the operating effectiveness
of the organization, that is, to guarantee that the organization is not prevented from
 achieving its other objectives by the losses that might arise out of pure risk.
Concluding this, the ultimate goal of risk management is the same as the ultimate
goal of the other functions in a business, that is, to maximize the value of the
organization. Explain how risk management is able to serve as a booster to the value
of an organization.
Modern financial theory suggests that this value that is to be maximized is reflected in
the market value of the organisation’s common stock. According to this view, risk
management decisions should be appraised against the standard of whether or not they
contribute to value maximization.
The risk management objective must reflect the uncertainty inherent in the risk
management situation because one cannot know what losses will occur and what the
amount of such losses will be, the arrangements made to guarantee survival in the event
of loss must reflect the worst possible combination of outcomes. If a loss occurs and, as a
result, organization is prevented from pursuing its other objectives, it is clear that the risk
management objective has not been achieved. While not immediately obvious, it is
equally true that the risk management objectives has not been achieved when there are
unprotected loss exposures that could prevent the organization from pursuing its other
objectives should the loss occur, even if the loss does not occur. For this reason, the
objective refers to losses that might arise out of pure risks.

13. Outline the six (6) bases for poor risk management.
1) Risk management is ‘inward-looking’ or very much project oriented without
considerations for the projects’ risk as a whole.
2) The ignorance of the correlation-ship between different risks types.
3) Failure in understanding the different objectives in risk management.
4) Entering into contracts for unnecessary liabilities that could arise due to defaults.
5) No constant risk monitoring and thus no contingencies for matters that could
arise as he results of certain risk exposures.
6) Lacking of management would walk the talk. No proper guidance’s for the
current employees especially for risk ‘owners’, personnel’s who are involved
directly with the risk exposures.

14. What are the concerns for pre- and post-risk management strategies?

15. What are the criteria to look in a well construed as the well management program?
A well designed and well implemented business ethics programmed provides employees
with both the guidance and the information they need to implement required ethics
practices. Guidance, in particular, enables employees to make choices and select courses
of action with confidence. Employees need to know what is expected of them, but
specifically what they should and (possibly more importantly) what they should not do,
to meet the business’s ethics objectives. The business needs to develop standards and
procedures so that employees are clear who is responsible for which decisions and how
individuals will be held accountable for their actions. If standards and procedures are not
prepared, it will be difficult to guide employees or hold them accountable for poor
judgement or unacceptable behavior. Criticism leveled at staff when procedures and
 processes are not in place will undermine employee loyalty, and employee morale will be
a serious risk.

KOLEJ UNIVERSITI TUNKU ABDUL RAHMAN

BBMF 4823 RISK MANAGEMENT
Tutorial 4 (WEEK 5)

1. Discuss the concept of finance theory. What is the relation between the knowledge of finance
and its importance to risk management and insurance? Should universities and colleges
separate these concepts from other fields of business studies?

The concept of finance theory includes the study of money and other assets, managing and
profiling project risks, control and management of assets and science of managing money.

Finance theory involves the functions of:

• Capital markets
• Financial intermediaries,
• Asset valuation
• Fixed income securities
• Common Stocks
• Capital budgeting
• Diversification
• Portfolio selection
• Theory of efficient market

Much of the interest in enterprise risk management is driven by a desire to better manage
the ways in which a firm’s capital is used. As firms seek to enter new business lines or
expand in a given business line, it is not enough to know that the expected return is high.
The return must be sufficiently high to compensate the firm for the risk. Enterprise risk
management, then, seeks to identify the risks facing the firm, to quantify those risks, and to
manage the risks efficiently consistent with the firm’s strategic objectives, which is a
significant branch of the concept in finance . The holy grail for enterprise risk management
is a single firm -wide measure of risk that can be used to allocate capital and evaluate the
performance of business units (also a subset of the knowledge in finance) . In order to
minimize the impact from the potential risks facing organization, insurance is one of the
way for organization to transfer or hedge the potential risk impact.
Additionally, we believe that insurance and risk management is a subject that needs to be
taught in colleges and universities. Far from being the narrow specialty it is sometimes
characterized as, the study of insurance has a breadth that few disciplines equal. As you
progress through the book, you will encounter applications from economics, statistics,
finance, accounting, law, decision theory, and ethics.

Because the study of risk management and insurance draws on these different disciplines,
it is some - times considered a subset of one of them. Thus, in many colleges and
universities, insurance and risk management are a part of the finance curriculum,
reflecting the financial nature of the risk management function. In other schools, it is
considered a part of economics, while in still others it is located in another department.
This organizational ambiguity reflects the confusion concerning what the study of risk
management and insurance entails.

In fact, risk management and insurance is a separate and distinct discipline, which draws
on and integrates the knowledge from a variety of other business fields. In a micro sense, it
is a discipline in which a variety of methodologies are brought to bear on a significant
problem.

2. What are the theoretical underpinnings of risk management? Identify the approaches to risk
analysis when dealing with risks recognized by modern management theory.

The theoretical underpinnings of risk mgt takes into account 3 orders of phenomena:
(d) The uncertainties present in the economy.
(e) How financial markets react to external uncertainty.
(f) How uncertainties can be modified or reduced.

Theoretical underpinnings of risk management such as “Probability Theory.

Probability theory is the body of knowledge concerned with measuring the likelihood
that something will happen and making predictions on the basis of this likelihood. The
theory deals with random events and is based on the premise that although some
events appear to be a matter of chance, they actually occur with regularity over a
large number of trials. The likelihood of an event is assigned a numerical value between
0 and 1 , with those that are impossible
 assigned a value of 0 and those that are inevitable assigned a value of 1. Events that
may or may not happen are assigned a value between 0 and 1, with higher values
assigned to those estimated to have a greater likelihood or “probability” of occurring.

Other than these, one may also incorporate other theories in finance like the relevant
statistical tools which include decision trees, sensitivity analysis, VaR, simulations,
investment appraisal techniques and many more.

3. Risk management is often associated with the objective of firm’s value maximization.
Explain using statistical models or diagrams (which could include relevant mathematical
functions) to depict risk management and the firm’s value maximization.

ANS: The ultimate goal of risk management is the same as the ultimate goal of the
other functions in a business —to maximize the value of the organization. The modern
financial theory suggests that this value that is to be maximized is reflected in the
market value of the organization’s common stock.

Risk management decisions should be appraised against the standard of whether or

not they contribute to value maximization. With reasonably standard appraisal
method in corporate decisions, the value of the firm can be estimated.

At the same time, the value maximization objective has some limitations for risk
management. The most important is that it is relevant primarily to the business sector.
For other organizations — nonprofit organizations and government bodies—value
maximization is not particularly relevant. For example, through operational risk
management in preserving the operating effectiveness of the organization, that is, to
guarantee that the organization is not prevented from achieving its other objectives by
the losses that might arise out of pure risk.
4. Apart from the failure of financial systems, regulatory non-conformance, bad debts, adverse
exchange rate changes, overdependence on a single supplier, loss of a key customer, poor
hedging decisions, what other TWO failures are to be included as financial risk?

There are both qualitative and quantitative predictions to corporate failure. They are:

Qualitative:
5. decline in the overall industry performance
6. poor management quality
7. insufficient insurance coverage
8. inability to raise additional business funding
9. obsolete business model, products and services
10. not being up to date with the current market affairs
11. poor risk culture/ organizational culture
12. overly ingrained in the current status quo

Quantitative:
A lot of academic research has been done on whether we can devise "regime switching"
models based on some complicated pattern -recognition algorithms to decide whether a
market is in a certain "regime" which favors this or that particular model or parameter
set. And often, these regime switching models rely on the recognition of some complicated
set of patterns in the historical price series. As the saying goes, quantitative analysis is not
the perfect science in risk assessment.

As for the courses’ purpos e, please refer to the nine predictors of a company’s failure from
the lecture slides, plus z -score.
5. After linearly combining these ratios, Altman arrived at an empirical equation (called the the
Z -Score) that predicted the risk of corporate failure. These are the so-called Z-Score model
(Altman, 1968) and ZETA® (1977) credit-risk. With the financial information given below,
determine the company’s stress position in terms of corporate failure.
Additional information includes that the average share price for the period was RM3.75.

Total current assets (TCA) 588,015,000

Total non-current assets
569,749,000
(TNCA)
Total assets (TA) 1,157,764,000
Total current liabilities
403,930,000
(TCL)
Total non-current
203,608,000
liabilities (TNCL)
Total liabilities (TL) 6,075,538,000
Shareholders' equity (SE) 550,326,000
Retained earnings (RE) 278,893,000
Number of shares issued
142,869,000
( NSI)
Profit before tax (PBT) 156,290,000
Sales (S) 521,566,000
Inventory (1) 61,001,000

ANS:
The Altman Z-score (1968) model includes five predictors (X1, X2, X3, X4, X5) and the
Altman Z’’ -Score (1993) model contains only four predictors (X1, X2, X3, X4*). The
two models use the same predictors, with a different definition for X4, and with the
exclus ion of X5 in the Altman Z’’-score (1993) model. The predictors stand for:
X1 = working capital/total assets.
X2 = retained earnings/total assets.
X3 = earnings before interest and taxes/ total assets. X4 = market
value equity/book value of total liabilitie s.
X4* = book value equity/book value of total liabilities (i.e. X4* differs from X4 in that it
uses the book value
rather than the market value of equity). X5 =
sales/total assets and
 Z-Scores = overall indexes.
The Z-score for the above company is therefore;
Z-score is (1.2*X1 + 1.4*X2 + 3.3*X3 + 0.60*X4 + 0.3*X5) = Y (**Tell the
students to compute the answers).
Elaborate the results obtained where a score of >1.8 = average or could be moving
towards having bankruptcy symptoms. >3.0 = unlikely bankrupt; <1.8 = heading
towards bankruptcy.

6. Market risk is one of the components of financial risk. Define both financial and market.

Financial risks are risks is the exposure to adverse events that erode profitability and in
extreme cases, lead to the company’s failure, on the other hand, a market risk is that the
possibility for an investor to experience losses due to factors that affect the overall
performance of the financial markets. Market risk, also called "systematic risk," cannot be
eliminated through diversification, though it can be hedged against. The risk that a major
natural disaster will cause a decline in the market as a whole is an example of market risk.
Other sources of market risk include recessions, political turmoil, changes in interest rates
and terrorist attack (Investopedia (2015)).

9. What is Value at Risk? What are the VaR model assumptions? Discuss the use of VaR.

VaR is one of the most common measurements of market risk in the financial sector. It
gives a fixed probability (or confidence level) that any losses suffered by the portfolio over
the holding period will be less than the limit established by VaR (Chapman, 20 09; pp.
490).

VaR Model Assumptions;

Before the financial crisis VaR models were based on SEVEN (7) assumptions.

1. Short observation periods (of, say, 12 months) provide a sufficient time span to be able
to make robust defendable predictions about likel y future events.

2. Robust inferences can be drawn from past asset -price volatility to guide thinking about
the probability of future events.
3. The distribution of likely values will most likely be normally distributed (shaped like a
bell curve), as value s will be grouped equally above and below the mean and then tail off
symmetrically from the mean. 4. Risk can be reliably projected to enable businesses to
make informed investment decisions and implement controls according to an investor’s or
firm’s appet ite for risk.

5. The actions of one firm are independent of the actions of other firms in the same market,
and a single player is incapable of affecting market equilibriums by inducing similar and
simultaneous behavior.
6. Top management and boards underst and how VaR models are constructed and the
reliance that can be placed on the results, and are able to assess and appropriately exercise
judgment over the risks being taken.

7. The increasing sophistication of VaR models matches and makes safe participation in
the increasingly complex securitized credit market through the ability to both measure and
manage risk.

Even after the heavy criticism that VaR received after the financial crisis it continues to be
used today. The approach adopted depends on the lessons learned and boards
receptiveness to risk management

Financial institutions continue to manage market risk in different ways, depending on how
risk management has evolved over time and the working practices of risk management
specialists employed to support its implementation.

The use of VaR as a good tool to limit market risk, can be seen in the case of JPMorgan
Chase, an American multinational banking and financial services holding company.
JPMorgan Chase’s primary statistical risk measure, VaR, estimates the potential loss from
adverse market moves in a normal market environment and provides a consistent cross-
business measure of risk profiles and levels of diversification. VaR is used for comparing
risks across businesses, monitoring limits, and as an input to economic capital calculations.
Each business day, as part of its risk management activities, the Firm undertakes a
comprehensive VaR calculations that includes the majority of its market risks. These VaR
results are reported to senior management.
To calculate VaR, the Firm uses historical simulation, based on a one-day time horizon and
an expected tail-loss methodology, which measures risk across instruments and portfolios
in a consistent and comparable way.
Other than the Historical simulations method, variance-covariance analytical methods and
Monte-Carlo Simulations can be used as a Value-at-risk management tool.

Risk Management Tutorial 5

1. Discuss the risk identification process critically (i.e. its objectives, when it is sufficiently
completed, the tools and the techniques for risk identification and the outcome of this stage).
Make your discussions brief, with the necessary summaries to understand essential terms,
unique, for this stage of risk management.

Solution :
The primary process goal of risk identification is to identify both the risks to the business,
which would reduce or remove the likelihood of the business reaching its objectives, and
the opportunities, which could enhance business performance. The risk and opportunity
identification process will have been sufficient when it has satisfied . The process is sufficient
when these subgoals are achieved:
 The overall management of the business activity was understood.
 The risk identification process was not commenced before the business objectives (or the
objectives of the activity under examination) were made explicit.
 Risk identification was not commenced prior to a “map” or flow chart of the business
process being prepared.
 The risk identification process was comprehensive, examining all primary sources of risk
 and opportunity.

Techniques use to identify risk. Using :

1-Risk Checklist (developed from past experience or lessons learnt).
2-Risk Prompt List (a list that categories risks).
3-Gap Analysis (A study for a reason why there is a gap).
4-PEST Prompt (A tool to uncover risks).
5-SWOT Prompt (A tool to discover risk & opportunity)
6-Risk Questionnaire (A checklist to seek answer)
7-Register Register (A records of description, cause, impact, probability, risk impact).

2. What is/ are the roles of sub-goal(s) (smaller and short-term targets promoting an
organization’s mission attainment) in the risk identification, risk management process.
Solution
Goals and sub-goals are important to ensure the achievement of criteria under the
risk identification stage and also to serve as enablers before proceeding to
subsequent phases in the risk management process.
Solution :
 Overall management of the business activity was understood.
 Risk identification process was not commenced before the business objectives were made
explicit.
 Risk identification was not commenced prior to a "map" or flow chart of the business
process being prepared.
 The risk identification process was comprehensive, examining all primary sources of risk
  and opportunity.

3. Emerging risks identification is never easy. What is/are emerging risks to an organization:
give examples of emerging risks? Since emerging risk detection or identification pose challenges
to organizations, should it be ignored totally? If not, how do you suggest the risk managers (on
behalf of the organization) to identify these risks?
Solution :
The importance of risk management is significant to the understanding of emerging risks; the
development of emerging risks is shifting more rapidly than ever; insurers and reinsurers are
developing integrated approaches to identifying and mitigating emerging risks. The emerging
risks today are assessed mainly as a reactionary approach due to loss experiences; however, due
to the faster pace of change, insurers and reinsurers will require a more anticipatory
approach to charting the rate at which changes occurred in the past to create ways to
develop pre-emptive processes to manage such changes in the future.
Here are some emerging risks that merit consideration:
(1) Global Cyber- Attacks (2) Political Risk (3) Natural Disasters (4) Terrorism risk

The four emerging risks listed above are emerging risks that have the propensity to affect the
world’s economy. For example, the systematic cyber-attacks to financial institutions could cause
a global crisis risk to both emerging and developed nations. The advent of cloud computing may
be a way to mitigate the loss of data and systems capabilities, but such systems are still
vulnerable to cyber-attacks.
4. What are potential and existing risks? How do organizations (at best with the help of a
diagram) approach potential and existing risks?

Solution :
5. Identify Risks both macro and micro risks (give at least 2 examples each. You
may also include emerging risks types like terrorism risks with grounded
justifications or theories with proper citations) from a published work or
Framework.
Solution
Launching a business is a risky endeavor and as businesses expand they are likely
to face a variety of risks beyond the possibility of unprofitability. Businesses that
expand operations into foreign countries face many political risks that purely
domestic companies do not have to deal with. Risk management describes the
methods businesses use to control and adapt to the risks they face, including
"macro" and "micro" political risks.
NOTE: The methods differentiating the two depend largely on where the nature
of businesses is held. Domestic (micro political risks: within the country or
international (Macro political risk: co-operations and trade activities/ agreements
between different geographical areas)? Guide the students the right concepts first
before assisting them with the two required examples above,
6. Franziska Ohnsorge, global economic prospects lead author at World Bank, discusses the
bank's call for a downturn in global growth and the risk posed by China and emerging markets.
She speaks on "On The Move." (Source: Bloomberg). What, in you opinion are the key risks
according to Franziska, faced by emerging markets? What are the macro and micro sources of
risk facing domestic businesses in Malaysia?

(My own answer to Part 1 after watching the video ,not sure correct or not) :
Solution
A recent press by IMF warned about the growing debt (debt risk/ financial risk)
from Big Firms in China and other Emerging Markets.
The consequences below can be based on the students’ rational/ matured opinions
or from exiting reliable online sources (i.e. news)
The consequences of Malaysia Macro risk to Malaysia: Lower trade activity
between these countries, reduced number of Chinese students in our educational
institutions, lower demand for the Malaysian products and services. To ail this
situation, the Malaysian government could alter the monetary policy, which could
lead to the country’s uncertain economic future.
The consequences of Malaysia Macro risk to Malaysia: Monetary policy for some
— particularly for Indonesia and Malaysia — will probably be on hold in the
short term given the significant proportion of foreigners holding government
bonds, which prioritizes currency stability to reassure investors. Reflux of forign
direct investments from the Chinese businesses within the country.
Downside risks that faced by emerging market :
i. Intention of policymaker to shift economy sector
ii. Turmoil in financial sector
 iii. Commodity prices risk
iv. Currency risk
v. Tightening of monetary policy

7. What is a risk register and what are the importance of risk registers to an organization?
Solution : (Slides 12 and 15)
 A risk register is used to capture information in a controlled and consistent way.
 Depending on its construction, its availability on a computer network and the access
rights established, it can permit multiple users to enter data or view the current
information held.
 The fields that a database would commonly hold are those listed below.
 Risk registers provide an audit trail of identification, assessment and implementation of
management actions.
 Where risk information is collected on the completion of a project as part of a lessons
learnt study it can be used to inform subsequent projects. This is accomplished by
recording the risks that materialized, how they were addressed, budget and outturn
costs, contingency allocation and spend and achievement against objectives.
 Risk ID
 Date of entry
 Status of the risk
 Originator
 Owner
 Actionee
 Manager Risk category but not limited to the above. Refer to subsequent slides for
examples.

Most of the risk register content are :

1. Risk identifier and category
2. Risk cause and description
3. Risk impact and status
 4. Probability of occurrence
5. Impact and proximity
6. Risk response category- owner, manager and actionee
7. Risk response action- planned start date, planned finish date and expected value.

Risk Management Tutorial 6

1. What is impact of risk and the usefulness of having effective risk assesment? In your opinion,
how would risks impact a business?
Solution :
Definition : Risk impact assessment is the process of assessing the probabilities and
consequences of risk events if they are realized. The results of this assessment are then used to
prioritize risks to establish a most-to-least critical importance ranking.
It is only when the risk occurs that it will have an impact on the project or the value of an asset.
Sometimes, these impacts could affect the condition (betterment of worsening conditions) to a
person's health. If financial impact is concerned, it may be related to the duration of an event (the
number of periods a firm suffers the impact), or it may affect the quality of the product. For each
risk it is necessary to assess, qualitatively (morale, time taken to regain business confidence,
reputation damage and so on) or quantitatively (monetary qualification of business loss and
gains), the impact of its consequence on each of these dimensions.
2. Why is risk assessment an important objective to shareholder s ’ value maximization?

Solution :

Value is a function of risk and return. Every decision, either increases, preserves or erodes
value. Given that risk is integral to the pursuit of value, strategic-minded enterprises do not strive
to eliminate risk or even to minimize it, a perspective that represents a critical change from the
traditional view of risk as something to avoid. Rather, these enterprises seek to manage risk
exposures across all parts of their organizations so that, at any given time, they incur just enough
of the right kinds of risk- no more, no less- to effectively pursue strategic goals.

That's why risk assessment is important. It's the way in which enterprises get a handle on
how significant each risk is to the achievement of their overall goals.
3. Explain the methods used to evaluate risks with the concepts of likelihood and severity.

Solution :
LIKELIHOOD
The final essential piece of information we need about a risk, in order to consider how we might
manage it, is to understand how likely it is that it will occur. Again, this can be expressed
qualitatively or quantitatively. Qualitatively as "likelihood" and quantitatively as a "probability".
Where something that may affect the project outcome is certain to happen, it is referred to as an
issue. Issues need to be addressed by the project team in a similar way to risks.
SEVERITY/IMPACT :
It is only when the risk occurs that it will have an impact on the project. The impact may be
financial, it may be related to the duration of an event, or it may affect the quality of the product.
It may, of course, affect all three. For each risk it is necessary to assess, qualitatively or
quantitatively, the impact of its consequence on each of these aspect.

4. Probability distribution is one of the methods used to evaluate risks. Discuss this concept, its
application and calculate the probability distribution of the following data (number of fire in a
year in factories in Malaysia) gathered by a factory which is measuring its potential losses due to
a fire.

Losses Probability
(RM) (Distribution)

0 0.800
500 0.150
1,000 0.030
5,000 0.007
10,000 0.002
75,000 0.011

Solution :
Losses Probability Expected Loss (in RM'000)
(RM) (Distribution)

0 0.800 0
500 0.150 75
1,000 0.030 30
5,000 0.007 35
10,000 0.002 20
75,000 0.011 825
TOTAL expected losses RM985,000.00

Probability distributions : The probability distributions, commonly selected where there is very
little data to model, are the Rectangular/Uniform and curved triangular distributions. Where
historical data is available it may be possible to use the Normal, Binomial and/or Poisson
distributions. There are many more distributions to select from, however, their use will be
dictated by the circumstances.
Information to statistically model the impact of each risk should it occur. For example, the
minimum, most likely and maximum costs to create a triangular distribution. The most
commonly used distributions include : (EXTRA INFORMATION)
 Uniform - There is an equal chance that the parameter will have any value between two
limits (e.g. the cost per ton will be between RM X and RM Y).
 Triangular - The minimum value of the parameter is X, the most likely is Y, and the
maximum is Z.
 Discrete - Either the event happens or it does not.

5. Discuss the statistical relationship between expected losses and standard deviation as a risk
concept.

Solution :

The expected value ȓ (the expected returns and standard deviation SD is defined by the following
formulas :

Note : Guide the students on the need or the reason for the value 'P i' (the probability) in the
following formula in risk management.
Expected return and standard deviation are two statistical measures that can be used to analyze a
portfolio.

The expected return of a portfolio is the anticipated amount of returns that a portfolio may
generate, whereas the standard deviation of a portfolio measures the amount that the
returns deviate from its mean.

6. During the process of conducting risk analysis and evaluation, it is important to understand
how and why risk events can happen. Explain.
Solution :
The assessments made were defined as pre-mitigation assessments. These are performed to
prepare the management for design and implementation of the risk response plans. In
other words if no risk response action was taken and when risks materialize, it would affect
the success of a project or is detrimental to the value of the company, and eventually the
shareholders' wealth.

7. Identify and explain different approaches to risk management. Explain the ‘heat map’ as one
of the tool in risk assessment.
Solution:
TARA Risk Matrix :
T - Risk Transfer : Transfer to the external party such as buying insurance policies
A - Risk Avoidance : Don't do it
R- Risk Reduction : (i) Loss prevention : reduces probability of a particular loss
(ii) Loss control : reduces or minimize severity of loss
A - Risk Acceptance - Just accept the loss
Other examples of risk reduction include :
Risk minimization :
This is where controls are implemented that may not prevent the risk occurring but will reduce
its impact if it were to arise.
Risk pooling :
When risks are pooled, the risks from many different transactions of items are pooled together,
Each individual transaction or items has its potential upside and its downside. For example, each
transaction might make a loss or a profit by treating them all as part of the same pool. The risks
tend to cancel each other out, and are lower for the pool as a whole than for each item
individually.
An example of risk reduction through pooling is evident in the investment strategies of investors
in equities and bonds. An investment in shares of one company could be very risky, but by
pooling investment risks of many different companies into a single portfolio, risks can be
reduced (and the risk of the portfolio as a whole can be limited to the unavoidable risks of
investing in the stock market).
Reducing Financial Risk- Hedging techniques
Risks in a situation are hedged by establishing an opposite position, so that if the situation results
in a loss, the position created as a hedge will provide an offsetting gain. Hedging is used to
manage exposures to financial risks, frequently using derivatives such as futures, swaps and
options.
With hedging, however, it often happens that if the situation for which the hedge has been
created shown a gain, there will be an offsetting loss on the hedge position.

8. ABC Sdn. Bhd. is a medium sized manufacturing firm in Kuala Lumpur. It is unable to make
loan repayments it borrowed from LMN Bank. It’s total liability with LMN is RM10 million,
and with ABC’s current financial pposition, the finance manager expects that a repayment of RM
3 million could be done if they are able to secure a repayment from their cash-secured collateral.
Calculate the recovery
rate in percentage (%) and the loss given default (LGD) in RM for ABC Sdn. Bhd.

Solution:
Loss Given Default (LGD) = 1 - Recovery Rate (RR)
RR = RM3 million / RM10 million = 30%
%LGD = 1 - 0.30 = 0.70 or 70%
70% of RM10 million = RM7 million LGD
 Week 10
Tutorial 11
Instructor’s Version

1. What is e-risk (session 9, 10; slide 20)? Identify the importance of e-risk management? The
Birmingham Business Journal reported the case below on identity theft and authorized
access to highlight the importance of e-risk management:
Solution
(Slides 40-44)

“Nakeisha Hall, 39, on Monday entered her guilty pleas during a hearing before U.S.
District Judge Karon O. Bowdre to theft of government funds, aggravated identity theft,
unauthorized access to a protected computer and conspiracy to commit bank fraud and mail
fraud affecting a financial institution.”

In your opinion, why is managing unauthorized computer access an important component of

the enterprise risk management. (Note: You may relate your discussions with the
importance highlighted in Nakeisha Hall’s case, above).
Solution
Nakeisha Hall, 39, on Monday entered her guilty pleas during a hearing before U.S. District
Judge Karon O. Bowdre to theft of government funds, aggravated identity theft,
unauthorized access to a protected computer and conspiracy to commit bank fraud and mail
fraud affecting a financial institution.
Feds charge 4 in $1 million identity theft scheme

The stolen identity tax refund scheme operated between 2008 and 2011 and is believed to
involve more than $1 million in false claims. It involved stealing personal identity
information from the Internal Revenue Service to create fraudulent tax returns and
collecting the stolen refunds, according to U.S. Attorney Joyce White Vance, the IRS and
FBI.

The guilty plea was announced by U.S. Attorney Joyce White Vance, IRS Criminal
Investigation, St. Louis Field Office, Special Agent in Charge Karl A. Stiften, and Treasury
Inspector General for Tax Administration, Mid-States Field Division, Special Agent in
Charge Ruben Florez, whose agencies investigated the case.
In her plea, Hall acknowledged that the tax fraud scheme had an intended loss to the IRS of
between $550,000 and $1.5 million. She agreed to restitution and forfeiture of $438,187,
representing funds actually paid out by IRS as a result of the scheme.

Hall is to be sentenced June 29.

According to the statement from federal authorities:

Hall worked in the Taxpayer Advocate Service office in Birmingham from July 2007 to
November 2011. Since November 2011, she had worked in TAS offices in Omaha, Neb.,
New Orleans, La., and Salt Lake City, Utah.

TAS is responsible for assisting taxpayers who are having difficulties with the IRS and
works with victims of identity theft to help them remove fraudulent tax information from
their accounts and file corrected tax returns, if necessary.

"Ms. Hall used her IRS access to compromise taxpayers' identities and try to steal more than
$1 million dollars from the U.S. Treasury," Vance stated. "Taxpayers must be able to trust
that IRS employees will protect their sensitive information, not steal it and corrupt it for
personal gain."

Stiften said Hall abused her position with the IRS, stealing the identities of taxpayers
through unauthorized access to IRS computers. Hall filed false tax returns seeking more
than a million dollars in tax refunds, Stiften said.

A federal grand jury in December indicted Hall, along with Jimmie Goodman, 37, and
Abdulla Coleman, 37, both of Birmingham, on charges they took part in the scheme
operated out of Birmingham between 2008 and 2011, according to the federal authorities'
statement. The scheme involved stealing personal identity information from the IRS to
create fraudulent tax returns, and collecting the stolen refunds that were generated,
according to the statement.

Another co-conspirator, Lashon Roberson, 36, of Pelham, was also indicted separately for
conspiracy and four counts of mail fraud affecting a financial institution, according to the
statement.

Roberson is scheduled to plead guilty Wednesday.

Goodman is scheduled for trial Feb. 29, and Coleman is to be arraigned on the charges
against him on Thursday, after being arrested in Madison, Wis., and transferred to the
Northern District of Alabama, according to the statement. Donald Centreal Smith, 33, of
Birmingham, was sentenced Tuesday by U.S. District Court Judge David Proctor to 37
months in prison for Smith's guilty plea to one count of conspiracy to file false tax returns
and one count wire fraud. The judge also sentenced Smith to a mandatory minimum two
years for his guilty plea to one count of aggravated identity theft, a sentence that has to run
consecutive to the first sentence.

According to the indictments and Hall's plea, Hall, Goodman, Coleman, Roberson and at
least one other individual, conspired to defraud both the IRS and financial institutions,
including Bancorp Bank, between January 2008 and November 2011, and used the U.S.
mail to execute the fraud. Hall, Goodman, Coleman and Roberson also conspired to obtain
money from Bancorp Bank and other financial institutions. Bancorp Bank and other
financial institutions issue stand-alone debit cards for the purpose of accepting tax refunds.

The scheme was conducted, according to the statement, as follows: Hall obtained
individuals' names, birth dates and Social Security numbers through unauthorized access to
IRS computers. She then used the personal identity information to prepare fraudulent
income tax returns and submitted them electronically to the IRS. Hall asked the IRS pay the
refunds onto debit cards and directed that the cards be mailed to drop addresses that she
controlled.

Hall solicited and received drop addresses from Goodman, Coleman, Roberson and at least
one other person. The co-conspirators also collected the refund cards from the mail.

Hall activated the cards by using stolen identity information. She, Goodman, Coleman,
Roberson and the unnamed co-conspirator took the money off the debit cards at ATMs or
used the cards for purchases. If the fraudulent returns generated U.S. Treasury checks rather
than the requested debit cards, Hall and her co-conspirators used fraudulent endorsements in
order to cash the checks. Hall compensated Goodman, Coleman, Roberson and the fifth co-
conspirator by giving them a portion of the refund money, or by giving them refund cards
for their own use.

The theft, aggravated identity, and unauthorized access counts relate to two specific
taxpayers' information that Hall accessed and used in 2010.

The conspiracy charge carries a maximum penalty of 30 years in prison and a $1 million
fine. The maximum prison penalty for theft of government funds is 10 years in prison.
Aggravated identity theft carries a mandatory two-year prison term, which must be served
consecutively to any other sentence imposed in the case, and unauthorized access to a
protected computer carries a maximum five-year prison term. All three charges carry a
maximum $250,000 penalty.
2. Describe the essentials of managing international risks. Explain the following types of
international risks; (a) transaction risk; and (b) translation risk (economic risk). How would
you suggest a treasurer of a multinational company on the management of these risks; in (a)
and (b)? Besides these, what are the other examples of international risks?
Solutions
(A) What is 'Translation Risk
The exchange rate risk associated with companies that deal in foreign currencies or
list foreign assets on their balance sheets. The greater the proportion of asset,
liability and equity classes denominated in a foreign currency, the greater the
translation risk.

(B) What is 'Transaction Risk

Transaction risk is the exchange rate risk associated with the time delay between
entering into a contract and settling it. The greater the time differential between the
entrance and settlement of the contract, the greater the transaction risk, because there
is more time for the two exchange rates to fluctuate.

3. Identify the differences between risk reduction (loss control and prevention) for both
employee and non-non-employee related crime risk in an organization. Provide relevant
examples for the above cases based on sources such as reliable social medias or the news
reports.
Solution
Employees
Preventing employee theft is a constant challenge for retailers. The industry knows
that it must put systems in place to prevent or deter internal theft. To be effective,
loss prevention systems must be designed to reduce the opportunity, desire, and
motivation for employee theft.

One way of reducing employee theft motivation is to show a deep commitment to

prevent losses at every level and a policy to prosecute dishonest emplyees if
warranted. Having systems in place to control shoplifting takes away the excuse that
external theft is responsible for store inventory shrinkage and not employee theft.

Basic loss prevention steps involve good procedures for hiring, training, and
supervision of employees and managers. Procedures that are clearly defined,
 articulated, and fully implemented will reduce the opportunity, desire, and
motivation for employees to steal. I will talk about each of these concepts in future
articles.

Non-employees
External Theft is often caused by shoplifting, break-ins, robberies or other acts by
outside sources.
Controlling external theft requires a commitment to educating your employees on
good customer service, awareness to the signs of a potential loss and how to best
protect the store and inventory against external loss.
This requires the establishment of procedures and training in areas such as;
shoplifting prevention, robbery awareness, safety and how to handle various
situations dealing with people.
What security measurements you have in place within your retail location can also
greatly assist you in your efforts against external loss (although not always).

4. Explain the meaning of risk financing as one of the risk management techniques. Provide
TWO (2) examples of the risk financing method. With your examples, relate the usefulness
of the risk financing technique in risk management. When should it be used and in what
situation, it should not be used?

Solution
The determination of how an organization will pay for loss events in the most effective
and least costly way possible.
Risk financing involves the identification of risks, determining how to finance risk,
and monitoring the effectiveness of the financing technique one has chosen.

When to use this risk management technique?

Risk financing is designed to help a business align its desire to take on new risks in order
to grow, with its ability to pay for those risks. Businesses must weigh the potential costs
of its actions against whether the action will help the business reach its objectives.

Hence, the main functions of risk financing is to provide adequate, reliable and affordable
sources of funds to finance recovery from accidental losses that interrupt the
organization’s operations
5. What are the general characteristics of insurable risks? In other words, what are the six
standard prerequisites of insurable risk? Provide the common types of insurance and the
brief details for each of these common types of insurance identified.
Solution
1-A sufficiently large numbers of homogeneous exposure units in the risk pool.
This fundamental requirement allows the insurer to apply the law of large numbers to
past experience to predict the future expected loss of the risk pool' An accurate prediction
of future expected loss is a prerequisite for the sound operation of the risk pool because it
enables the insurers to collect sufficient premium to pay off the actual losses and
expenses, leaving a reasonable size of profit to pay dividends to their shareholders'
2-Definite and measurable loss produced by the risks
The loss payable under the insurance contract represents the liability of the insurer. The
loss must be definite or determinate in time, place, cause and capable of financial
measurement. Such characteristics will allow the insurer to determine whether a loss
insured under the contract has taken place and to quantify the value of loss to be paid as
claim.
3-The loss should be fortuitous or accidental with respect to the insured
As far as the insured is concerned, the loss must be accidental, resulting from a chance or
event or contingency and not an intentional loss' In addition, loss should not be certain to
occur, such as wear and tear an depreciation of assets over time.
4-The loss must not be catastrophic (disastrous)
The risk is unlikely to produce large losses with a large percentage of exposure units at
the same time indicating that, the exposure units are independent of one another.
However, there are exceptions to this requirement when insurance is arranged to cover
natural perils such as earthquake, hurricane or flood. These risks tend to produce losses to
a large number of exposure units. In certain countries, these risks remain uninsurable in
the private insurance industry and such risks are covered by insurance schemes funded by
the government.
5-Calculable chance of loss
A fifth requirement is that the chance of loss should be calculable. The insurer must be
able to calculate both the average frequency and the average severity of future losses with
some accuracy. This requirement is necessary so that a proper premium can be charged
that is sufficient to pay all claims and expenses and yield a profit during the policy
period.
Certain losses, however, are difficult to insure because the chance of loss cannot be
accurately estimated, and the potential for a catastrophic loss is present. For example,
floods, wars, and cyclical unemployment occur on an irregular basis, and prediction of
the average frequency and severity of losses is difficult. Thus, without government
assistance, these losses are difficult for private carriers to insure.
6-Economically feasible premium
 A final requirement is that the premium should be economically feasible. The insured must
be able to afford the premium. In addition, for the insurance to be an attractive purchase,
the premiums paid must be substantially less than the face value, or amount, of the policy.
To have an economically feasible premium, the chance of loss must be relatively low. One
view is that if the chance of loss exceeds 40 percent, the cost of the policy will exceed the
amount that the insurer must pay under the contract. For example, an insurer could issue a
RM1,000 life insurance on a man aged 99, but the pure premium would be about RM980,
and an additional amount for expenses would have to be added. The total premium would
exceed the face amount of the insurance.

6. As was previously explained in Tutorial 1, the ‘burden of risk’ arises due to different risk
taking nature in between individuals in an organization. With this concept, discuss the
details of the ‘burden of risk’ on the society in relation to insurance.

Solution

The presence of risks saddles on the individual and society some measure of social and
economic pains. Every risk holds the prospect of actually resulting in some economic
losses and in addition some social pains.

When a house is destroyed by fire, or a vehicle is ruined in a crash, or a breadwinner dies

or money is stolen or you negligently injure a person or damage his property, financial
losses would be involved. In addition to the financial cost of losses brought about by risk,
there is the pain of fears and worries resulting from the uncertainty as to whether or not loss
would occur. All these underwrite the need why a prudent individual and society should
prepare for a possible occurrence of loss. The greatest burden of risk therefore is loss.

Risk put three major “burden on the society”:

(i) The creation of adequate contingency

(ii) Deprivation of society of needed goods and services

(iii) The creation of perpetual state of fear and mental worry.

7. Explain the nature and application of commercial insurance to finance losses.

Solution
 Insurance policy is not a contract that guarantees to pay all losses suffered by the insured.
The policy will express the perils and losses covered, together with the excluded losses and
the terms and conditions that affect the loss compensation payment
Slides 16-19
How does insurance work?

Insurance works by pooling risk. What does this mean? It simply means that a large group
of people who want to insure against a particular loss pay their premiums into what we will
call the insurance bucket, or pool. Because the number of insured individuals is so large,
insurance companies can use statistical analysis to project what their actual losses will be
within the given class. They know that not all insured individuals will suffer losses at the
same time or at all. This allows the insurance companies to operate profitably and at the
same time pay for claims that may arise. For instance, most people have auto insurance but
only a few actually get into an accident. You pay for the probability of the loss and for the
protection that you will be paid for losses in the event they occur.

8. A recent source by the malaymail.online reported a statement made by the transport

ministry titled “Uber, GrabCar must have commercial insurance to run” highlighted the
importance of commercial insurance among the Malaysians. What do you think is/are the
benefit(s) of insurance to the society? In the case of ‘Uber’ above, do you think a revamp
of the transportation industry with added value through commercial insurance will benefit
consumers?
(Link: http://www.themalaymailonline.com/malaysia/article/ministry-uber-grabcar-must-
have-commercial-insurance-to-run#sthash.esJNJLUp.dpuf).

Solution

NOTE: with these benefits, guide your students in applying the benefits to the mini problem
above.
• 1-Indemnification for loss-permits individuals and families to be restored to their former
financial position after a loss.
• 2-Reduction of worry and fear.
• 3- Source of investment income.
• 4-Loss prevention-Insurers involve in loss prevention activities.
• 5-Enhance of credit: Credit standing . It makes a borrower a better credit risk because the
value of insurance policy can be used as collateral for loan.
• 6-Reduce the uncertainty faced by insured.
• 7- Obtain loss control service from specialist.
See this example:
“Uber drivers in Ontario now insured automatically”
by Allison Jones
The Canadian Press
Published Thursday, Jul. 07, 2016 4:09PM EDT
Last updated Thursday, Jul. 07, 2016 4:13PM EDT
Uber drivers in two Canadian provinces are now insured, as Ontario joins Alberta in
approving coverage that extends from when the app is turned on to when passengers exit
the vehicle.

Ontario’s insurance regulator announced Thursday that it has approved a policy from
Intact Financial Corp. for private vehicles transporting paying passengers through the
ride-hailing service.

Last week, Intact began offering coverage for Uber drivers in Alberta and both
companies are working with Quebec to get similar insurance in place.

“This new ridesharing insurance approved by (the Financial Services Commission of

Ontario) should serve as a practical solution designed for ridesharing,” Uber Canada’s
general manager, Ian Black, said in a statement.

“Both (Intact) and Uber remain engaged with regulators across Canada to bring new
ridesharing insurance policies that offer a smart, seamless and simple solution for driver-
partners.”

The Financial Services Commission of Ontario said the “blanket fleet coverage”
addresses a “critical insurance gap” for the industry.

CEO Brian Mills said in a bulletin posted to the regulator’s website that he anticipates
new insurance policies that build on what has been approved for Intact will be filed in the
future.

“Going forward, I want to emphasize that the sharing economy in general, and the
automobile insurance implications in particular, will continue to evolve and will require
innovative solutions and responses by all stakeholders, including FSCO, that respond to
technological advances,” Mills wrote.

“At the same time, I want to emphasize that approved solutions may also need to evolve
and adapt as circumstances and legal requirements change. Therefore, any policy form or
endorsement that I approve is also subject to ongoing review.”
 The new policy covers all Uber drivers, passengers and vehicle owners when Uber is in
use, and when the app is off the vehicle owner’s personal auto insurance policy
applies.

The Ontario government approved a regulatory change under the Insurance Act to
allow insurance companies to develop commercial fleet insurance policies for ride-
hailing companies.

It says the regulatory change is an interim measure while the province works with FSCO
and the insurance industry “to modernize the auto insurance system to develop a
permanent solution for emerging transportation services.”

The Liberal government doesn’t appear keen to pass a private member’s bill from
Progressive Conservative Tim Hudak to regulate Uber, AirBnB and other services in the
so-called sharing economy. The bill passed second reading in last fall but has yet to go
before committee to be studied.

But the government has set up a sharing economy advisory committee to look at policy,
regulatory and legislative challenges associated with the emerging industry.

The Intact policy provides coverage that includes statutory accident benefits,
uninsured motorist coverage and third-party liability of up to $1 million while the
app is in use but no ride has been accepted and $2 million after a ride has been
accepted.

For collision and comprehensive coverage to apply, the vehicle owner must be
covered in that way under their personal policy.

T 12 1 3 14

1. Explain Pillar 1: the capital requirements, of the Basel 3 in detail and provide the
formula proposed under this Basel reformation for credit risk exposure management.
Why is there the need for “countercyclical buffers”?

Capital Requirements
 The original Basel III rule from 2010 required banks to fund themselves with 4.5% of
common equity (up from 2% in Basel II) of risk-weighted assets (RWAs). Since 2015, a minimum
Common Equity Tier 1 (CET1) ratio of 4.5% must be maintained at all times by the bank. This
ratio is calculated as follows:
CET1/ RWAs > 4.5%
The minimum Tier 1 capital increases from 4% in Basel Ii to 6% , applicable in 2015, over RWAs.
This 6% is composed of 4.5% of CET1, plus an extra 1.5% of Additional Tier 1(AT1).
Reasons for “countercyclical buffets”
The countercyclical capital buffer aims to ensure that banking sector capital requirements take
account of the macro-financial environment in which banks operate. Its primary objective is to
use a buffer of capital to achieve the broader macro prudential goal of protecting the banking
sector from periods of excess aggregate credit growth that have often been associated with the
build-up of system0wide risk,. The Committee is introducing a framework to promote the
conservation of capital and the build-up of adequate buffers above the minimum that can be
drawn down in periods of stress.
The Basel III countercyclical capital buffer is calculated as the weighted average of the buffer in
effect in the jurisdictions to which banks have a credit exposure. It is implemented as an
extension of the capital conservation buffer. It consists entirely of Common Equity Tier 1 capital
and, if the minimum buffer requirements are breached, capital distribution constraints will be
imposed on the bank. Consistent with the capital conservation buffer, the constraints imposed
relate only to capital distributions, not the operation of the bank.
2. Discuss “containing leverage” and the purpose of the new leverage ratio requirement
under Basel III.
Solution
Leverage Ratio
One of the major capital standards changes of the Basel III account was a reduction in excess
leverage from the banking sector. For these purposes, banking leverage means the proportion
of a bank’s non –risk weighted assets and its total financial capital. Under basel III, tier 1 capital
must be at least 3% of non-risk-weighted assets. The Federal Reserve subsequently increased
the minimum leverage ratio for eight unique financial institutions to 6%
Tier 1 Capital / Total Exposure > 3%
The Basel Committee decided on new leverage measurements and requirements because it was
deemed “complementary to the risk-based capital framework, and ensures broad and
adequate capture of both the on- and off- balance sheet leverage of banks.”
3. Discuss the importance of Pillars 2 and 3 of Basel III. How do these pillars enhance
the performance of the banking system?
Pillar 2 : Provides Supervisory review processes and the Four key principles of review.
Principle 1 : Banks should have a process for assessing their overall capital adequacy in
relation to their risk profile and a strategy for maintaining their capital levels.
Principle 2 : Supervisors should review and evaluate banks’ internal capital adequacy
assessments and strategies, as well as their ability to monitor and ensure their compliance
with regulatory capital ratios. Supervisors should take appropriate supervisory action if they
are not satisfied with the result of this process.
Principle 3 : Supervisors should expect banks to operate above the minimum regulatory
capital ratios and should have the ability to require banks to hold capital in excess of the
minimum.
Principle 4 : Supervisors should seek to intervene at an early stage to prevent capital from
falling below the minimum levels required to support the risk characteristics of a particular
bank and should require rapid remedial action if capital is not maintained or restored.
4. Explain alternative risk transfers (ART) with examples. When would a
company choose ART as a risk management solution?
- Session 11 : Slides 38-41
- Alternative risk transfer market is the combined risk management marketplace for
innovative insurance and capital market solutions.
- ART market is an innovative sector comprising intermediaries; capacity suppliers,
services, products and solutions that help institutions manage their financial and operating risk
efficiently.
- The Alternative Risk Transfer, or ART, market includes (1) risk retention groups (RPGs),
insurance pools and captive insurers.
- The alternative risk transfer market is broken into two primary segments: (1)risk
transfer through alternative products and (2) risk transfer through alternative carriers.
Transferring risk to alternative carriers entails finding organizations, such as captive insurers or
pools, which are willing to take on some of the insurer’s risk for a fee. Transferring risk through
alternative products entails the purchase of insurance policies or other financial products such
as securities.
- For example, Allianz Risk Transfer is an alternative risk transfer managing organization:
we provide tailored insurance, reinsurance and other non-traditional risk management
solutions for corporate and financial clients worldwide.
- Example: Structured quota shares, structured whole account covers, and structured per
risk covers, as well as retroactive products such as loss portfolio transfers.
5. What is financial risk hedging? Is there difference between financial risk hedging
and insurance in risk management?
Section 11 : Slides 32,33
Hedging typically only involves risk transfer, not risk reduction. For example, the risk
adverse price fluctuations is transferred to speculators who believe they can make a profit
because of superior knowledge of market conditions.
Hedging by which risk can be transferred to a speculator through purchase of some contracts
(e.g futures, options, forward contract). It is a technique for handling risks that are typically
uninsurable.