ERMDavid L. Olson, University of Nebraska-LincolnDesheng Wu, University of Reykjavik, University of Toronto

Enterprise Risk ManagementNot just insurance, auditing, risk analysis

A philosophy – A way of business

Definition

• Systematic, integrated approach– Manage all risks facing organization

• External– Economic (market - price, demand change)– Financial (insurance, currency exchange)– Political/Legal– Technological– Demographic

• Internal– Human error– Fraud– Systems failure– Disrupted production

• Means to anticipate, measure, control risk

2Finland May 2010

3Finland May 2010

4Finland May 2010

DIFFERENCES

Traditional Risk Mgmt ERM

Individual hazards Context - business strategy

Identification & assessment Risk portfolio development

Focus on discrete risks Focus on critical risks

Risk mitigation Risk optimization

Risk limits Risk strategy

No owners Defined responsibilities

Haphazard quantification Monitor & measure

“Not my job” “Everyone’s responsibility”

5Finland May 2010

Risk & Business

• Taking risk is fundamental to doing business– Insurance

• Lloyd’s of London

– Hedging• Risk exchange swaps• Derivatives/options• Catastrophe equity puts (cat-e-puts)

– ERM seeks to rationally manage these risks

• Be a Risk Shaper6Finland May 2010

Types of RiskStroh [2005]

• External environment– Competitors; Legal; Medical; Markets

• Business strategies & policies– Capital allocation; Product portfolio; Policies

• Business process execution– Planning; Technology; Resources

• People– Leadership; Skills; Accountability; Fraud

• Analysis & reporting– Performance; Budgeting; Accounting; Disclosure

• Technology & data– Architecture; Integrity; Security; Recovery

7Finland May 2010

Another viewSlywotzky & Drzik, HBR [2005]

• Financial– Currency fluctuation

• DEFENSE: Hedging

• Hazard– Chemical spill

• DEFENSE: Insurance

• Operational– Computer system failure

• DEFENSE: Backup (dispersion, firewalls)

• New technology overtaking your product– ACE inhibitors, calcium channel blockers ate into hypertension

drug market of beta-blockers & diuretics• Demand shifts

– Gradual – Oldsmobile; Rapid - Station wagons to Minivans

8Finland May 2010

Technology Shift

• Loss of patent protection

• Outdated manufacturing process– DEFENSE: Double bet

• Invest in multiple versions of technology• Microsoft: OS/2 & Windows• Intel: RISC & CISC• Motorola didn’t – Nokia, Samsung entered

9Finland May 2010

Brand Erosion

• Perrier – contamination

• Firestone – Ford Explorer

• GM Saturn – not enough new models– DEFENSE: Redefine scope

• Emphasize service, quality

– DEFENSE: Reallocate brand investment• AMEX – responded to VISA campaign, reduced

transaction fees, sped up payments, more ads

10Finland May 2010

One-of-a-kind Competitor

• Competitor redefines market• Wal-Mart

– DEFENSE: Create new, non-overlapping business design

• Target – unique product selection

11Finland May 2010

Customer Priority Shift

– DEFENSE: Analyze proprietary information• Identify next customer shift

– Coach leather goods – competes with Gucci– Went trendy, aggressive in-market testing

» Customer interviews, in-store product tests

– DEFENSE: Market experiments• Capital One – 65,000 experiments annually

– Identify ever-smaller customer segments for credit cards

12Finland May 2010

New Project Failure

• Edsel – DEFENSE: Initial analysis

• Best defense

– DEFENSE: Smart sequencing• Do better-controllable projects first

– Applied Materials – chip-making

– DEFENSE: Develop excess options• Improve odds of eventual success

– Toyota – hybrid: proliferation of Prius options

– DEFENSE: Stepping-stone method• Create series of projects

– Toyota – rolling out Prius

13Finland May 2010

COSOCommittee of Sponsoring Organizations

Treadway Committee – 1990sSmiechewicz [2001]

• Assign responsibility– Board of directors

• Establish organization’s risk appetite• establish audit & risk management policies

– Executives assume ownership• Policies express position on integrity, ethics• Responsibilities for insurance, auditing, loan review, credit,

legal compliance, quality, security

• Common language– Risk definitions specific to organization

• Value-adding framework

14Finland May 2010

COSO Integrated Framework 2004Levinsohn [2004]; Bowling & Rieger [2005]

• Internal environment – describe domain• Objective setting – objectives consistent with

mission, risk appetite• Event identification – risks/opportunities• Risk assessment - analysis• Risk response – based on risk tolerance &

appetite• Control activities• Information & communication – to responsible

people• Monitoring

15Finland May 2010

Risk Management Tools

• Simulation (Beneda [2005])– Monte Carlo – Crystal Ball

• Multiple criteria analysis– Tradeoffs between risk & return

• Balanced Scorecard– Organizational performance measurement

16Finland May 2010

ERM SoftwareRhoden [2006]

Penny [2002]• Algorithmics Incorporated – ERM software, global financial institutionsJane’s Defence Industry [2005]• Strategic Thought – Active Risk Manager – defence industryRhoden [2006]• Q5AIMS

– From Q5 Systems Ltd– Safety audit & corrective action tracking– Mobile devices, Web-link

• Preceptor– Learning management system– Regulatory compliance, technical training

• PicketdynaQ– Workplace audit & assessment management– Regulatory references built in

17Finland May 2010

SIMULATION

• Crystal Ball– Spreadsheet add-in– Value at Risk (VaR)

• Distribution of expected value at specified probability level

• >3.42 @ 0.95

18Finland May 2010

Spreadsheet

Year 1 2 3 4 5Sales 10000 11000 12100 13310 14641

COGS 4500 5500 6500 7500 8500

Gross 5500 5500 5600 5810 6141

Fixed 5400 5500 5600 5700 5800

Net 100 0 1.82E-12 110 341

ATP 62 0 1.13E-12 68.2 211.42

19Finland May 2010

Stochastic Elements

these PRO FORMA models include a number of inherently STOCHASTIC elements– costs are really guesses

• can base variance on subjective estimates• for repetitive operations, collect data

– revenues are even more uncertain– discount rates in NPV uncertain

20Finland May 2010

Net Present Value

where n = number of time periods in analysisini = revenues in period i

outi = cash outflow in period i

r = discount rate

i = END of time period

NPV =in out

(1+ r)i i

ii=0

n

21Finland May 2010

EXCEL RN generation

• Options– Analysis Tools

– Random Number Generation» Output Range» Number of Variables» Number of Random Numbers» Distribution» Parameters» Random Seed

22Finland May 2010

Sharpe Ratio

• Consider variance of stock as measure of risk– Tradeoff between mean and variance– Efficient investment opportunities

23Finland May 2010

Simulation studies involving the Sharpe ratio

• Opdyke – Journal of Asset Management [2008] 8:5, 308-336– Simulated to reflect autocorrelation of distributions

• Yu et al. – Journal of Asset Management [2007] 8:2, 133-145– Value-at-risk = max expected loss over a given time period at a given confidence

level– Simulation showed simply using Sharpe ratio insufficient – need to reflect

covariance

• Chen & Estes – Journal of Financial Planning [2007] 20:2, 56-59– Dollar-cost averaging for 401k contributions– Simulated different strategies for contributions, allocation ratios, growth targets

as decision variables

• Boscaljon & Sun – Journal of Financial Service Professionals [2006] 60:5, 60-65

– Value-at-risk & return-at-risk more conservative than variance– Simulated all 3

24Finland May 2010

Simulation studies involving Black-Scholes model

• Alam – Journal of Economics & Finance [1992] 16:3, 1-20

• Figlewski et al. – Financial Analysts Journal [1993] 49:4, 46-56• Barraquand & Martineau – Journal of Financial & Quantitative

Analysis [1995] 30:3, 383-405• Frey – Finance & Stochastics [2000] 4:2, 161-187• Gopal et al. – Decision Sciences [2005] 36:3, 397-425• Fink & Fink – Journal of Applied Finance [2006] 16:2, 92-105

25Finland May 2010

Black-Scholes Option Pricing

• Model to value optionsPrice of call = Prob{x<d1}*S – Prob{x<d2}*E*e-rT

where S = price of stock

E = exercise price

r = risk-free interest rate

T = time to maturity (years)

T

TrESd

)2/()/ln( 2

1

Tdd 12

26Finland May 2010

Estimation of specification error biases – Black-Scholes & Cox-Ross models

Alam, Journal of Economics & Finance, Fall 1992, 16:3, 1-20

• Black-Scholes – assumes constant variance of returns– Tends to underprice options at-the-money,

overprices at extremes (“u-shaped”)

• Cox-Ross– Variance changes with stock price– Analytically intractable

27Finland May 2010

Evaluating Performance of Protective Put Strategy

Figlewski et al., Financial Analysts Journal, Jul/Aug 1993, 49:4, 46-56

• Having put in place protects portfolio from loss below strike price

• Simulated 3 put strategies:– Fixed strike price– Strike price a fixed % below asset price– Upward ratcheting policy

• Ignores buying, selling, settlement costs (taxes)• Cost of put strategy is path dependent, thus only cost

effective if expect high volatility in market

28Finland May 2010

Numerical ValuationBarraquand & Martineau, Journal of Financial & Quantitative Analysis, Sep 1995, 30:3, 383-405

• Cox-Ross does well for one asset, but computational demands increase exponentially

• Closed form solution unfound

• Monte-Carlo only tractable method

29Finland May 2010

Advanced Option Pricing

Fink & Fink, Journal of Applied Finance, Fall/Winter 2006, 16:2, 92-105

• Foreign currency options have volatility smiles (“u-shaped”)

• Equity options have volatility skews (higher volatility for lower strike prices)

• Bates model uses mean reversion for volatility estimates• Simulated Black-Scholes, Merton & Heston, Bates

– Bates won easily– Black Scholes inflexible (Merton & Heston better here)

30Finland May 2010

More efficient super-hedging

Frey, Finance & Stochastics, 2000, 4:2, 161-187

• Add descriptive, predictive power by allowing variation of volatility estimate

• Hedge what you intend to hedge– Minimize transactions costs

• Probabilistic argument

31Finland May 2010

Online Auction Risk

Gopal et al., Decision Sciences, Aug 2005, 36:3, 397-425

• Buyer’s risk – loser’s lament (bid too low & lose; bid too high & pay too much)

• Seller’s risk – accept too low

• Simulation used to estimate volatility

• Searches through combinations of strike price & option price

32Finland May 2010

Financial Simulations

• a very rich field for simulation– high degrees of uncertainty in cash flows

• SPREADSHEETS for the most-part

33Finland May 2010

Iceland heating pipesMean Lognormal (30.76,38.61) – offset 30

MONTH Seasonal Differential from MeanApr 3.604167May 10.45833Jun 72.3125Jul 46.5Aug -24.6458Sep 1.875Oct 29.0625Nov 22.0833Dec -27.8958Jan -15.375Feb -26.5208

34Finland May 2010

Supply Chain SimulationProduce to Forecast

35Finland May 2010

Supply Chain SimulationProduce to ROP/Q

Q30 Q40 Q50 Q60

AVG STOCKOUTS To forecast – 0 to 643, mean 50

ROP 30 468 495 440 393

ROP 40 421 366 398 352

ROP 50 377 324 287 313

ROP 60 334 283 249 223

AVG HOLD To forecast – 81 to 559, mean 253

ROP 30 39 38 45 51

ROP 40 43 51 49 56

ROP 50 47 55 63 61

ROP 60 52 61 68 76

AVG SALES To forecast – 452 to 1281, mean 1032

ROP 30 612 585 640 687

ROP 40 658 714 682 728

ROP 50 703 756 793 767

ROP 60 746 797 831 85736Finland May 2010

Monte Carlo Simulation

Quoted price

Exchange distribution

Product failure

Organizational failure

Political failure

Expected price

China 0.82 No(1.3,.2) 0.10 0.15 0.05 2.13

Taiwan 1.36 No(1.03,.02) 0.01 0.01 0.10 1.81

Vietnam 0.85 No(1.1,.1) 0.15 0.25 0.05 2.51

Germany 3.20 No(1.05,.02) 0.01 0.02 0.01 3.43

Alabama 2.05 1 0.03 0.20 0.03 2.78

Finland May 201037

China vendor price distribution

Finland May 201038

Taiwan vendor price distribution

Finland May 201039

Simulation Output

Mean cost Min cost Prob{failure} Prob{low}

China 2.06 0.54 0.253 0.406

Taiwan 1.84 1.30 0.123 0.103

Vietnam 2.60 0.58 0.410 0.479

Germany 3.43 3.14 0.040 0.003

Alabama 2.05 2.05 0.254 0.009

Finland May 201040

MCDM j alternatives, I criteria

weights, scores

Finland May 2010

K

iijij xuwvalue

1

41

MCDM Weights

Criteria Base 100 Base 10 Best (100) Worst (10) Average

Quality 100 60 0.2299 0.2308 0.23

Experience 90 55 0.2069 0.2115 0.21

Cost 85 50 0.1954 0.1923 0.19

Flexibility 60 40 0.1379 0.1538 0.14

Technical 50 30 0.1149 0.1154 0.11

Exchange 30 15 0.0690 0.0577 0.06

Capital 20 10 0.0460 0.0385 0.06

435 260

Finland May 201042

ScoresQuality Experience Cost Flexibility Technical Exchange Capital

China Problems 2 years 0.82 High Average High Weak

Taiwan High 17 years 1.36 High High Moderate High

Vietnam Concerns 1 year 0.85 Low Low Moderate Weak

Germany High 5 years 3.20 Low High Moderate High

Alabama good 7 years 2.05 Low High None Average

China 0.20 0.30 1.00 1.00 0.60 0.00 0.20

Taiwan 1.00 1.00 0.50 1.00 1.00 0.50 1.00

Vietnam 0.40 0.10 0.95 0.20 0.20 0.50 0.20

Germany 1.00 0.70 0.00 0.20 1.00 0.50 1.00

Alabama 0.70 0.90 0.30 0.20 1.00 1.00 0.50

Finland May 201043

ValuesCriteria Weights CHINA TAIWAN VIETNAM GERMANY ALABAMA

Quality 0.23 0.20 1.00 0.40 1.00 0.70

Experience 0.21 0.30 1.00 0.10 0.70 0.90

Cost 0.19 1.00 0.50 0.95 0.00 0.30

Flexibility 0.14 1.00 1.00 0.20 0.20 0.20

Technical 0.11 0.60 1.00 0.20 1.00 1.00

Exchange 0.06 0.00 0.50 0.50 0.50 1.00

Capital 0.06 0.20 1.00 0.20 1.00 0.50

Score 0.52 0.88 0.39 0.61 0.64

Rank 4 1 5 3 2

Finland May 201044

Balanced Scorecard

Perspectives Goals Measures

Financial SurviveSucceedProsper

Cash flowSales, growth, incomeIncrease in Market share, ROI

Customer New productsResponsive supplyPreferred suppliersCustomer partnerships

% sales new productsOn-time deliveryShare of key accounts’ purchases# Cooperative engineering efforts

Internal business

Technology capabilityManufacturing experienceDesign productivityNew product innovation

Benchmark vs. competitionCycle time, unit cost, yieldEngineering efficiencyPlanned vs. actual schedule

Innovation & learning

Technology leadershipManufacturing learningProduct focusTime to market

Time to develop next generationProcess time to maturity% products yielding 80% salesNew product innovation vs. competition

Finland May 201045

Conclusions

• Outsourcing provides competitive access– Broader opportunities

• Demonstrate 3 tools– Monte Carlo simulation

• Evaluate probabilistic elements

– MCDM• Consider multiple criteria• Select vendor by decision maker preference

– Balanced Scorecard• Measure effectiveness of selected vendor

Finland May 2010 46

ERM Research• Mostly descriptive, frameworks• SURVEY

– Lynch-Bell [2002] surveyed 52 companies• Examined practices of governance, strategy, processes, technology, functions, culture

– Milladge [2005]; Gates [2006] surveyed 271 members of the Conference Board• Skelton & Thamhain [2003]; Thamhain [2004]

– 3 year field study R&D product development– Suggest look-ahead simulation, rapid prototyping to anticipate problems

• Beasley et al. [2005]– Gathered data on 123 organizations, found ERM implementation positively

related to:• Chief risk officer presence• Board independence• Top management support• Big Four auditor presence• Entity size• Banking, Education, Insurance

47Finland May 2010