RISK FINANCE

DEFINITION

Risk finance refers to the strategies and tools used to secure funds to cover potential losses
from risks. It ensures that an organization can absorb financial shocks without significantly
disrupting operations.

Risk financing is a process that helps a company align its willingness to take risks with its ability
to do so. It's part of risk management, which is the process of reducing the effect of uncertainty
on an organization's objectives.

Risk financing involves: Identifying and monitoring key metrics, Allocating capital and cash, and
Measuring the cost of risk (COR).

Risk financing helps businesses weigh the potential costs of their actions and whether they will
help the business reach its objectives. Businesses can use a variety of options to protect
themselves from risk, including: Commercial insurance policies, Captive insurance, Self-
insurance, and Other alternative risk transfer schemes. It is primarily divided into two
categories:

1. Retention:

The organization absorbs the loss through self-insurance or reserves.Retention is suitable for
risks with low frequency but high predictability.Examples include creating contingency reserves,
captive insurance, and self-funding.

2. Transfer:

Transferring risk to third parties, such as insurers or financial markets.Common methods

include purchasing insurance, hedging, and using derivatives.Transfer mechanisms are effective
for high-severity risks with low probability.

ELEMENTS OF RISK FINANCE

Elements of risk finance include:

Risk identification:

The first step in risk management is to define the risk universe, which is a list of all possible
risks. The process of determining risks that could potentially prevent the program, enterprise, or investment
from achieving its objectives.
Author: ISO 31000:2018. Risk Management – Guidelines. International Organization for Standardization.

Risk assessment:

Financial institutions assess risks and prioritize and quantify them. The overall process of risk
analysis and risk evaluation, which involves determining the likelihood and impact of identified
risks.

Author: Aven, T. (2016). Risk Analysis: Assessing Uncertainties Beyond Expected Values and
Probabilities. Wiley.

Risk response:

Financial institutions formulate, implement, and monitor risk responses.

Risk mitigation:

Risk mitigation is a key element in trade financing, and banks use documents to manage risks.
Strategies and actions taken to reduce the likelihood or impact of risks.

Author: COSO (2017). Enterprise Risk Management – Integrating with Strategy and Performance. Committee
of Sponsoring Organizations of the Treadway Commission.

Risk types: Some types of financial risk include:

Credit risk:

The risk that a borrower may be unable or unwilling to meet their contractual obligations.

Liquidity risk:

The risk that an organization may be unable to meet its financial obligations due to a lack of
funds.

Operational risk:

A non-financial risk that includes cybersecurity risks, internal fraud, external fraud, business
disruption, and system failures. The risk of loss resulting from inadequate or failed internal processes,
people, and systems, or from external events.

Author: Basel Committee on Banking Supervision (2006). Guidelines on Operational Risk Management.

Market risk:

A broad risk that is caused by economic uncertainties and the dynamics of supply and demand.
RISK MANAGEMENT

INTRODUCTION

Management involves taking risks. Business risks are associated with the success or failure of
business operations -eg launching a new product that might not be profitable etc . Financial
risks are risks associated with the way in which a business conduct it's financial affairs,and the
possibility of making losses (or even going into liquidation)as a result.

Risk management generally encompasses the organising of activities and controlling the use of
resources in such a manner as to minimize the effect of uncertainties surrounding business
entities.

Why is risk management important?

Linda Tucci, Industry Editor -- CIO/IT Strategy

Craig Stedman, Industry Editor

Risk management has perhaps never been more important to business success than it is now.
The risks that modern organizations face have grown more complex, fueled by the rapid pace of
globalization. New risks constantly emerge, often related to and generated by the now-
pervasive use of technology. Climate change has been dubbed a "threat multiplier" by risk
experts.

The COVID-19 pandemic quickly became an existential threat for businesses in various
industries. Many made rapid adjustments to manage the risks posed by the pandemic. But,
going forward, they're still grappling with some of those risks, including the ongoing need to
manage remote or hybrid work environments and what can be done to make supply chains less
vulnerable to disruptions.

In many companies, business executives and the board of directors are taking a fresh look at
their risk management programs. Organizations are reassessing their risk exposure, examining
risk processes and reconsidering who should be involved in risk management. Companies that
currently take a reactive approach to risk management -- guarding against past risks and
changing practices after a new risk causes harm -- are considering the competitive advantages
of a more proactive approach. There is heightened interest in supporting business
sustainability, resiliency and agility. Companies are also exploring how AI technologies and
sophisticated GRC platforms can improve risk management.
Graphic summarizing what risk exposure is and why it is important.Here's a primer on risk
exposure and how it is calculated.

Risk management in financial services vs. other industries

Many experts note that managing risk is a formal function at companies that are heavily
regulated and have a risk-based business model. Banks and insurance companies, for example,
have long had large risk departments typically headed by a chief risk officer (CRO), a title still
relatively uncommon outside of the financial industry. Moreover, the risks that financial
services companies face tend to be rooted in numbers. Therefore, they can be quantified and
effectively analyzed using known technology and mature methods. Risk scenarios can be
modeled with some precision.

For other industries, risk tends to be more qualitative. That increases the need for a deliberate,
thorough and consistent approach to risk management, said Gartner analyst Matt Shinkman,
who leads the consulting firm's risk management and audit practices. "Enterprise risk
management programs aim to help these companies be as smart as they can be about
managing risk," he added.

Traditional risk management vs. enterpriCopyright 2000 - 2024st a range of risks, from losses
due to fire and theft to cyber liability. Both adhere to guidance provided by major standards
bodies. But traditional risk management, experts argue, lacks the mindset and mechanisms
required to understand risk as an integral part of enterprise strategy and performance.

For many companies, "risk is a dirty four-letter word -- and that's unfortunate," Valente said. "In
ERM, risk is looked at as a strategic enabler versus the cost of doing business."

"Siloed" vs. holistic is one of the big distinctions between the two approaches, according to
Shinkman. In traditional programs, managing risk has typically been the job of the business
leaders in charge of the units where the risk resides. For example, the CIO or CTO is responsible
for IT risk, the CFO is responsible for financial risk, the COO for operational risk and so on.
Departments and business units might have sophisticated systems in place to manage their
various types of risks. But Shinkman explained that a company can still run into trouble by
failing to see the relationships among risks or their cumulative impact on operations.
Traditional risk management also tends to be reactive.

"The pandemic is a great example of a risk issue that is very easy to ignore if you don't take a
holistic, long-term strategic view of the kinds of risks that could hurt you as a company,"
Shinkman said. "A lot of companies will look back and say, 'You know, we should have known
about this, or at least thought about the financial implications of something like this before it
happened.
In enterprise risk management, managing risk is a collaborative, cross-functional and big-picture
effort. An ERM team debriefs business unit leaders and staff about risks in their areas and helps
them use the right tools to think through the risks. The team then collates information about all
the risks and presents it to senior executives and the board. Having credibility with executives
across the enterprise is a must for ERM leaders, Shinkman said.

These types of risk practitioners increasingly come from a consulting background or have a
"consulting mindset," he said, and they possess a deep understanding of the mechanics of
business. Unlike in traditional risk management, where the program head typically reports to
the CFO, the heads of enterprise risk management teams commonly report to the CEO -- an
acknowledgement that managing risk is part and parcel of business strategy.

In defining the chief risk officer role, Forrester makes a distinction between the "transactional
CROs" typically found in traditional risk management programs and the "transformational
CROs" who take an ERM approach. The former work at companies that see risk management as
an insurance policy, according to Forrester. Transformational CROs focus on their company's
brand reputation, understand the horizontal nature of risk and view ERM as a way to enable
the "proper amount of risk needed to grow," as Valente put it.

Risk averse is another trait of organizations with traditional risk management programs. But,
Valente noted, companies that define themselves as risk averse with a low risk appetite are
sometimes off the mark in their risk assessments.

"A lot of organizations think they have a low risk appetite, but do they have plans to grow? Are
they launching new products? Is innovation important? All of these are growth strategies and
not without risk," she said.

BENEFITS OF RISK MANAGEMENT

Effectively managing risks brings many benefits to an organization, including the following:

(a) Increased awareness of risk across the organization.

(b) More confidence in organizational objectives and goals because risk is factored into
strategy.

(c) Better and more efficient compliance with regulatory and internal compliance mandates.

(d) Improved operational efficiency through more consistent application of risk processes and
controls.

(e)Improved workplace safety and security.

(f) A competitive advantage in the market.

CHALLENGES OF RISK MANAGEMENT

Risk initiatives also present various challenges, even for companies with mature GRC and risk
management strategies. The following are some of the challenges risk management teams
should expect to encounter:

(i) Expenditures go up initially, as risk management programs can require expensive software
and services.

(ii) The increased emphasis on governance also requires business units to invest time and
money to comply.

(iii) Reaching consensus on the severity of risk and how to treat it can be complicated and
contentious, sometimes leading to risk analysis paralysis.

(iv) It's difficult to demonstrate the value of risk management to executives without being able
to give them hard ROI numbers.

ELEMENTS OF RISK MANAGEMENT

Risk management can be broken into three principal elements, namely:

(a) Risk analysis ;

(b) Risk control;

(c) Risk financing;

RISK ANALYSIS

Risk analysis involves the identification of risk and its analysis in term of estimating the
probability of a loss occuring and considering the potential impact if the loss does occur. It may
be possible to quantify the potential loss. In order cases where the financial loss cannot be
estimated, the risk can be described in qualitative terms such as significant.

RISK CONTROL

Risk control covers all those measures aimed at avoiding, eliminating or reducing the chances of
loss producing events occuring or limiting the severity of the losses that do happen,eg safety
control measures in factories,fire extinguishers in cars and offices
RISK FINANCING

The primary objective of risk financing is to spread more evenly over time, the costs of risks in
order to reduce the strain (financial and otherwise), and possible insolvency which the random
occurrence of large losses may cause. The secondary objective is to minimize risk associated
costs. These can be done in three ways namely:

(a) Losses may be charged as they occur to current profits,

(b) Provisions may be made for, losses, before they occur, either through insurance or building
up a sinking/ contingency fund;

(c) When losses occur, they can be financed by loans which are repaid over the next few
months or years.

STAGES IN RISK MANAGEMENT

Risk management involves the identification of risk, the evaluation of its potential impact on
the organization and the institution of measures either to eliminate the risk entirely or to
reduce its impact. Risk management can involve three stages:-

(i) Identification

(ii) Evaluation -Risk measurement

(iii) Management -Risk control

IDENTIFICATION

Identification concerns all the risk to which the enterprise is exposed. Some risks are obvious
such as the

Loss of property through fire, theft and loss in transit, and liability for injury to employees or to
third parties. Some risks are less obvious, for example the liability for negligent or tortuous acts
of employees, and their identification, requires knowledge combined with imagination.

EVALUATION

It requires that risks shall be measured according to likelihood of occurrence and value.

MANAGEMENT

Management requires the exercise of judgement. Among the possibilities are:

(a) AVOIDANCE: A risk may be avoided by:

- a change in location, procedure, materials, process or equipment.

- giving up the activity that gives rise to the risk.

(b) REDUCTION: Risks can be reduced in a variety of ways:

- by physical security devices such as locks: alarms, pressure gauges, and safety doors.

- by procedural devices, such as inspections, security patrols, checks on employees.

- by education and training in safe methods of working and in procedures for dealing with
emergencies;

- by providing for risk reduction when designing production processes.

(c) TRANSFER: This is the legal assignment of potential losses to another party:

- by insurance which is the most common form of transfer:

- by a contractual device such as a change in the terms of buying, selling or leasing.

(d) RETENTION: A business may assume the risk itself and make appropriate financial reserves
for this purpose.

DISTINCTION BETWEEN RISK AND UNCERTAINTY

Uncertain events fall into two broad categories:

(a) Risks

These are those in which the probability of their occurrence can be estimated through the
statistical analysis of a series of similar events;

(b) Uncertainties

The remaining events which do not lend themselves to such measurement either because their
occurrence follows no discernible pattern or because they are unique events.

RISK CLASSIFICATION AND INSURABLE INTEREST

One way of classifying risks is through changes in financial position as follows:

(i) PURE RISKS

Are those risks where the occurrence of the event results at best in no change in the situation
of the organization or individual exposed to the risk; though more likely, they cause losses, ie
there is no possiblity of a gain. Examples of pure risk are fire, storm, accidental death, injury;

SPECULATIVE RISKS

Where the outcome maybe a loss or a profit, the risk is called a speculative risk. Examples of
speculative risk are brokerage, smuggling, stock jobbing, foreign exchange futures under
FEM(Fund and Expenditure Management).

Most pure risks can be dealt with by insurance, while speculative risks are generally
uninsurable.

CONDITIONS FOR INSURANCE

In order that an insurer can offer insurance against a particular type of risk, the following
conditions are necessary:

(i) Large number of exposure units which should be sufficiently large and independently
exposed to enable insurers to predict future occurrence through past data;

(ii) Loss should be fortuitous so far the insured is concerned and he should not be in a position
to gain from the occurrence of the event;

(iii) Loss should be capable of measurement in monetary terms and definite in amount;

(iv) Loss potential should be sufficiently large to encourage insurance;

(v) Premiums should be economically feasible for both the insurer and the insured.

In practice, all these conditions need not obtain before the insurer would take up the risk. It
depends on the specific circumstances surrounding each proposal. Two other concepts are
important in insurance as follows.

SEIF INSURANCE

This is any plan of risk retention in which a programme or procedure has been established to
meet the adverse effects of financial losses. The need for self insurance may arise from the
following sources:

(a) It may not be possible to eliminate risk fully by other techniques;

(b) It may be less expensive than risk transfer techniques;

(c) A prospective client may not want to disclose information required by an insurer.
CO-INSURANCE

This occurs where more than one insurer is in direct contractual relationship with the insured
for part of the same risk. In law, separate contracts exist between insurers and the insured. In
practice, however, it may be that one particular agent conducts or re- insures all the risk and
handles all the correspondence on behalf of the different insurers. In some cases only one
policy is issued but the sum assured and the different parties involved are specified in the
policy.

Claims Procedure

(i) Notification

The insurer should be notified of the claims as soon as possible on the occurrence of the events
insured against.

(ii) Particulars and Proofs or Loss

The duty of providing full particulars and proof of loss rests squarely upon the insured.

(iii) Investigation

Careful investigation and reasonable proof both of the insurance liability and the amount
involved should be made before any claim is settled.

(iv) Payment

Once liability is established before the insurer, immediately payment of claim should be
effected.

(e) Method of Settlement

Can be any of the following, cash payment, replacement of assets, repair of assets,
reinstatement of the insured or property insured back to the position before the loss occur.

FURTHER ASPECTS OF FINANCIAL RISK

One aspect of financial risk is gearing. A high-geared company is more at risk than a low-geared
company particularly in periods when profits before interest and tax are low.

Other aspects of financial risk involve interest rates on borrowing and foreign exchange. One of
the tasks of a treasurer or financial manager is to reduce these risks to an acceptable level.

Exposure and Hedging

Exposure means vulnerability to risk and an exposure is an amount that is subject to risk.

(a) Interest rate exposure arises when a company's borrowing (loan structure) is such that a
change in interest rates might expose it to interest charges that are unacceptably high (or
higher than the 'norm') . For example, if a company's debt capital is all at fixed rates of interest
and due for repayment within the next few months, and all the loans are to be replaced or
renegotiated, the company would be vulnerable to a sudden increase in market interest rates.

(b) Foreign exchange exposure is of two kinds.

(i) Transaction Exposure

It is also called 'Conversion Exposure'. This arises when exporting or importing companies wish
to exchange naira into foreign currency or vice versa, because of receipts or payments for
international trade transactions being in a foreign currency. Exposure arises because the
exporter or importer is vulnerable to adverse movements in foreign exchange rates when there
is a period of credit involved (as there almost always is). For example, if an exporter sells goods
to the USA for US $1,000 when the exchange rate is US $1.00 to #1,700.00 he will expect to
earn #1,700,000 from the sale. However, if the customer is allowed credit of 3 months and the
exchange rate alters to US $1.00 = #1,600.00 in this time, the eventual income of US $1,000
would fetch only #1,600,000 about #100,000 less.

Transaction exposure is the major foreign exchange risk.

(ii) Translation Exposure

This occurs when the Nigerian group has assets in a subsidiary denominated in a foreign
currency. When the end-of- year accounts are prepared, there might be a loss on translation of
the asset value into naira for consolidation into the group's balance sheet.

HEDGING

Means taking action to reduce or 'cover' an exposure - ie. hedging is the process of financial risk
management. Hedging has a cost - either a fee to a financial institution or a reduction in profit -
but companies night well consider the costs to be justified by the reduction in financial risks
that the hedging achieves.

MANAGING A DEBT PORTFOLIO

There are four important considerations for corporate treasurers in managing a debt portfolio -
ie. in deciding how a company should obtain its short term funds so as to be able to repay debts
as they mature and to minimize any inherent risks, notably foreign exchange risk, in the debts
the company owes and is owed. These four considerations are:
(a) Maturity Mix:

The treasurer must ensure that an excessive amount of debt does not become repayable within
one year, or within an even shorter period of time.

Treasurers may also wish to ensure that in case there is a heavy demand for cash by their
company, they have also arranged adequate standby lines of credit at a low interest cost.

(b) Currency Mix

Foreign currency debts create a risk of losses through adverse movements in foreign exchange
rates before the debt falls due for payment. Foreign currency management involves 'hedging'
against foreign currency risks (eg. by means of forward exchange contracts).

(c) The mix of fixed interest and floating rate debts:

(i) too much fixed interest rate debt creates an unnecessary cost when market interest rates
fall. A company might find itself committed to high interest costs that it could have avoided;

(ii) too much borrowing at a variable rate of interest (eg. bank overdrafts, medium - term bank
lending) creates a high cost when interest rates go up.

' The treasurer must, therefore, put his management in the position of being able to set an
informed objective of the desired earnings vulnerability to interest rate movements. The
objective can then be converted by the treasurer into the debt management plans which he can
implement' .

(d) Interest Rate Sensitivity

This is closely connected to the fixed/floating rate mix consideration. It measures the
vulnerability of a company to changes in the term structure of interest rates (ie. the interest
rate yield curve).

RISK MANAGEMENT AND RISK FINANCE

Risk finance and risk management are integral components of an organization's approach to
handling uncertainties that could impact its objectives. Risk management involves identifying,
assessing, and mitigating risks, while risk finance focuses on funding mechanisms to address
financial consequences of risks.

Risk finance and risk management are complementary. Effective risk management minimizes
the frequency and impact of risks, reducing the cost of risk financing. Conversely, adequate risk
finance ensures that an organization has the resources to manage residual risks and recover
from losses.

Key Intersections:

Decision-Making: The balance between retaining risks and transferring them influences both
risk management strategies and financial planning.

Cost-Benefit Analysis: Organizations weigh the cost of mitigation measures against the cost of
financing potential losses.

Strategic Planning: Risk finance decisions, such as the choice of insurance coverage, align with
broader risk management objectives.

Case Studies

1. Natural Disasters:

A company in a flood-prone area uses a combination of risk management (flood barriers,

emergency response plans) and risk finance (property insurance, disaster bonds).

2. Cybersecurity Risks:

Risk management involves deploying firewalls, encryption, and training.Risk finance includes
cyber liability insurance to cover potential losses from data breaches.

3. Supply Chain Disruptions:

Organizations implement risk management by diversifying suppliers and monitoring geopolitical

risks.Risk finance strategies include business interruption insurance to compensate for lost
revenue.

Conclusion

Risk finance and risk management are vital to organizational resilience. While risk management
focuses on proactively addressing risks, risk finance provides a safety net for financial losses. A
comprehensive approach combining these disciplines ensures long-term sustainability and
stability.
References

1. Oye Akinsulire, (2003) Financial management (2019) tenth edition.

2. Dorfman, M. S. (2008). Introduction to Risk Management and Insurance. Pearson Education.

3. Vaughan, E. J., & Vaughan, T. (2013). Fundamentals of Risk and Insurance. Wiley.

4. Lam, J. (2017). Enterprise Risk Management: From Incentives to Controls. Wiley.

5. Kaplan, R. S., & Mikes, A. (2012). Managing Risks: A New Framework. Harvard Business
Review.

6. ISO 31000:2018. Risk Management – Guidelines. International Organization for

Standardization.

7. Frigo, M. L., & Anderson, R. J. (2011).

"Strategic Risk Management: A Foundation for Improved Decision Making." Strategic Finance,
93(3), 24-31.This article discusses the importance of strategic risk management and its impact
on decision-making processes.

8.European Insurance and

Occupational Pensions Authority (EIOPA)

2015 Solvency II: Key Elements. This document provides insights into the Solvency Il framework
and its implications for risk management in the insurance.

9. The Risk Management Society

(RIMS). RIMS.orgRIMS provides resources, tools, and best practices for risk management
professionals.

10. World Economic Forum (WEF).

Global Risks Report. WEF.orgThis annual report provides insights into global risks and trends
affecting businesses and economies.

11. PwC (2021). "The Future of Risk Management: Trends and Insights."This publication
discusses emerging trends in risk management and provides insights into how organizations can
prepare for future challenges.

12. Institute of Risk Management (IRM).