business

profilenecolas00073
2.pdf

FRAME SELECTION (CH 2)

19

FRAME — INTRODUCTION • Everything is becoming more complex; a frame (or framework)

helps tease out the most important factors to consider

• Having a process to deliberately identify the relevant framework helps avoid many well-known human biases

• Action basis

• Gut-based thinking (Type I thinking)

• “Hammer looking for a nail” — the “default” frame 20

FRAME — EXAMPLES • Key to a successful framework is to identify 2 to 3

critical factors among the many in a complex system

• Most frames end up being a 2 by 2 or 3 by 3 matrix (both with two factors)

• Ansoff matrix, BCG matrix, Porter’s 5 forces

• Personal decision frames 21

FRAMES — ANSOFF MATRIX

• Products and markets

• Existing and new

22

FRAMES — BCG

• Profitability

• Growth

23

FRAMES — FINANCIAL RISK FRAMEWORK

• Capital and liquidity

• Severity of environment

24

FRAMES — PERSONAL DECISIONS

25

FAILURE MODE AND EFFECT ANALYSIS

(CH 2)

26

FMEA — TERMINOLOGY • Broadly speaking, a risk assessment attempts to identify key risk

factors and their potential impacts

• Risk assessments range from enterprise in scale (company’s annual top risk assessment; CCAR for large banks; ORSA by insurance companies) to focusing on a particular project or initiative. FMEA is the latter

• Risk assessments can be performed by second-line of defense, or by the first-line, which is often called RCSA (Risk and Control Self Assessment)

27

FMEA — KEY STEPS • Identify risk factors (“failure modes”)

• Probability of adverse events occurring (“occurrence”)

• Impact of such occurrences (“severity”)

• Mitigating mechanisms and controls (“control”)

• Likelihood of detection (“detection”)

• A risk score summarizes these metrics into one number

• Risk Priority Number (RPN) is such an example

• Best practices identify a “gross” or “inherent” risk metric (before mitigation and controls), and a “net” metric (after mitigation and controls)

28

FMEA — QUANTITATIVE VS QUANTITATIVE

• FMEA dealing with processes and people (so-called “non-financial” risks) is inherently qualitative

• There is more art than science in assigning quantitative metrics to occurrences, severity, detection and so on

• Use simple 1-5 or 1-10 scales to avoid false precision and promote good dialogue

• As much as possible, relate the scales to much better defined performance metrics (such as lost revenue, lost income, stock price declines)

• Beware of inherent human biases; institute a robust “challenge” process from SMEs

29

FMEA — CONTROLS AND MITIGATION

• Preventive measures

• Mandatory checklists (for complex systems, the human mind is simply not reliable enough)

• Redundancy checks

• Pre-release regression testing

• Pre-release stress testing

• Training

• Detection measures

• Sampling and testing

• Early warning system (EWS) and risk reports

30

EARLY WARNING SYSTEM (CH 4)

31

EWS — FORECASTING MODELS

• Forecasting models identify key factors, and relate these factors to predicted outcomes

• Altman’s Z-Score model assesses possibilities of company defaults by linearly combining 5 observable metrics, such as level of capital and earnings power

• Data science uses generally statistical and machine-learning techniques to “mine” large volumes of data for signals

• These analytical tools often require standardized data and sophisticated modeling resources that are out of reach

32

EWS — CAUSAL FORECASTS • A causal forecast uses expert judgment to identify leading indicators

(causes) and effects or outcomes, i.e., lagging indicators

• Leading and lagging indicators are related by “connectors”, often a ratio of the two

• A systematic mechanism to keep track of actual realizations of these indicators to expected levels, fine-tuning and adjusting the model along the way

• It is also important to identify key assumptions, and track if these assumptions remain valid

33

EWS — DASHBOARD • It’s important to design a clear and concise report containing these key

leading and lagging indicators, essentially a risk dashboard for senior managers

• Many, if not most, of the data-driven risk reports and dashboards are ineffective:

• Too much information

• Too much false precision

• Key information buried with all other data

• Lack of trend analysis

34