adapted for a two-course sequence. End of chapter questions provide students an opportunity to test their understanding of important concepts covered and the Test Bank provided to instructors contains ready-made examinations that can be used directly in class. Further, a set of comprehensive PowerPoint instruction slides is provided for each chapter, tying directly to the material discussed in the chapter. Instructors are invited to visit www.wiley.com for additional materials.
As a former senior risk executive at several large financial institutions, my staff and I were always looking for useful references on risk management that could help us improve our understanding of applied risk management concepts and methodologies. In that spirit, this book is meant to fill a gap in this field that provides a comprehensive applied reference for risk managers, now and in the future.
Acknowledgments
While my name appears on the cover of this book, this project could not have been completed without the direct and indirect support from a number of people critical to the process. First, and foremost, Jim Thompson, a colleague of mine from a former workplace is credited with putting together the Excel/VBA workbooks contained in this book. Jim’s exceptional work, particularly evidenced in the Market Risk, Interest Rate Risk, and Consumer Credit Risk chapters provides readers with user-friendly tools, allowing them to test highly complex risk methodologies easily. These Excel tools bring the story of SifiBank alive and without this material the utility of this book would be severely limited.
Linda Rossi, my wife, not only endured the writing and editing process, but also volunteered her time to take on the role of project manager and jack-of-all-trades in manuscript preparation and version control. Without her assistance and moral support throughout the project, this process would have been significantly more difficult for me.
Finally, a number of people have provided reviews and support along this path. Professor Larry Gordon, from the Robert H. Smith School of Business, University of Maryland, provided guidance and insight on the book-writing process from his own experience, motivating me to take on this project. Likewise, Dean Alex Triantis, Robert H. Smith School of Business, University of Maryland, provided support and an introduction to Bill Falloon at John Wiley & Sons. Bill’s support of the concept for the book provided the catalyst for it to become something more than just an idea. Thanks also go out to Meg Freeborn and Vincent Nordhaus whose editorial skills greatly enhanced the end product while keeping me on schedule. Finally, I would like to thank the MS Finance students taking my Corporate Risk Management course at the Robert H. Smith School of Business, University of Maryland, who provided feedback and critical input on the materials during the project.
To all of you go my sincerest thanks for your patience and understanding. Your support enabled the book to come to fruition, and any remaining errors and omissions are solely my own.
About the Author
Dr. Rossi is Professor-of-the-Practice and Executive-in-Residence at the Robert H. Smith School of Business, University of Maryland. Prior to entering academia, Dr. Rossi had nearly 25 years’ experience in banking and government, having held senior executive roles in risk management at several of the largest financial services companies.
His most recent position was Managing Director and Chief Risk Officer for Citigroup’s Consumer Lending Group. He also served as Chief Credit Officer at Washington Mutual (WaMu) and as Managing Director and Chief Risk Officer at Countrywide Bank. Previous to these assignments, Dr. Rossi held senior risk management positions at Freddie Mac and Fannie Mae. He started his career during the thrift crisis at the U.S. Treasury’s Office of Domestic Finance and later at the Office of Thrift Supervision, working on key policy issues affecting depositories. Dr. Rossi was also an adjunct professor in the Finance Department at the Robert H. Smith School of Business for eight years and has numerous academic and nonacademic articles on banking industry topics. Dr. Rossi is frequently quoted on financial policy issues in major newspapers and has appeared on such programs as Fox News, Canada’s BNN, C-SPAN’s Washington Journal and CNN’s Situation Room. He also has a weekly column, Risk Doctor, in the American Banker on risk and regulatory reform issues. Dr. Rossi serves as an advisor to a number of banks, federal regulatory agencies, private equity investment companies, and hedge funds on banking and regulatory topics, and founded Chesapeake Risk Advisors, LLC, a financial risk management consulting practice. He received his PhD from Cornell University.
CHAPTER 1
Navigating Risk at SifiBank
OVERVIEW
Managing risk at a banking institution is one of the most critical activities carried out by financial firms. Banks could not expect to have much longevity if risk management were ignored or poorly executed. The subprime mortgage crisis of 2008 offers a once-in-a-lifetime case study of how many different types of financial institutions lost sight of the importance of risk management and either went out of business, were forced to merge with healthier firms or had to take a bailout from U.S. taxpayers. And this was not a U.S. phenomenon limited to only the U.S. banking industry: The global financial sector during the 2008–2009 period was in virtual free fall with many experts fearing an economic depression on an unprecedented scale. While many causes have been attributed to the crisis – a number of gaps in regulation, a financial incentive structure that rewarded short-run profitability and production, the interconnectedness of banks and other financial entities comprising the so-called shadow banking sector – nevertheless, at the heart of the crisis was a fundamental lapse in risk management across a great swath of the industry. Particularly problematic was that the largest financial institutions were among the companies where risk management deficiencies were most acute. Given the scale and scope of these global financial behemoths, these gaps in risk management at the institution level would manifest as systemic risk and contribute to one of the worst financial calamities on a global scale. These institutions became the focus of intense scrutiny by regulators after the crisis and have been designated as systemically important financial institutions, or SIFIs for short.
We begin our journey of risk management by taking one such SIFI (we will refer to it as SifiBank) and following it though its various business functions with the intention of understanding how such firms identify, measure and manage their risks. Risk management is not a separate discipline as is finance or accounting, and in practice every employee of a bank should take an active role in risk management, whether they are in sales and production, trading, operations, or other important areas of the company.
SIFIs are a unique class of financial institution. The term SIFI surfaced after the crisis as concerns arose over the size and complexity of some firms to become, in principle and reality, too-big-to-fail (TBTF). Institutions were designed as SIFIs by U.S. federal regulators and as G-SIFIs by the United Kingdom’s Financial Stability Board (FSB) based on their size, complexity of operations, degree of interconnectedness across the financial sector, global reach and substitutability of activities. The largest banking institutions worldwide have found their way onto this list and in addition, regulators have developed a set of criteria to designate other institutions as systematically important, such as insurance companies and nonbank companies.1
SifiBank makes an excellent case study for risk management since its far-flung businesses touch on every aspect of financial risk management that most banks would encounter. In fact, one could say that banks are in the business to take prudent risk. As will be seen shortly, banks that take zero risk are not going to be profitable enterprises. Similarly, banks taking excessive risk – that is, risk not well understood and outside the firm’s capabilities to price and manage that risk and its risk appetite – will eventually be doomed. That’s why the term prudent risk is critical to understanding the process of risk management.
Thinking of risk management as a process or system in itself is helpful since managing risk effectively entails establishing a feedback loop (Figure 1.1) in which risk tolerance is communicated across the organization; expectations are set in terms of how much risk is acceptable for businesses to take (usually expressed in terms of capital allocated to each line of business); there is