This Is the End


Markets, Risk and Human Interaction

October 12, 2007

Risk Management and Shake-up Time at the Investment Banks

What a mess. With multi-billion dollar trading losses, we are starting to see heads roll. Citigroup is losing its long-time fixed income head Tom Maheras and several of his lieutenants. Merrill is continuing in its approach to managing human capital, bringing in new blood and losing experienced hands in the fixed income business. Oh, and they are putting someone into a Chief Risk Officer role. Talk about closing the barn door….

Other firms have fared very poorly but so far without executing any of the troops. Morgan Stanley layered a heart-stopping $390MM one-day loss in its prop trading desk on top of far bigger losses on leveraged loans and the like. This loss in Process Driven Trading was similar in timing to the losses at Goldman’s Global Alpha fund, AQR and other quant hedge funds. Which pretty much tells us that what this secretive group at Morgan Stanley was up to was a not-so-secretive strategy: They had a lot of capital riding on the same sort of momentum and value versus growth quant equity strategies as the rest of the gang.

What I don’t understand in all of this is that for all the mention in the press of the risk takers, there is not a single mention I have found of the people who are supposed to be overseeing the risk. If you are the Chief Risk Officer and everything blows up, don’t you bear some responsibility?

To get the idea of the CRO job, let me tell you a bit about myself. Although I am older and have a slight build, I am an Olympic athlete. My event is the shot put. I consider myself a top notch athlete in this event. I work out like the other competitors, follow a high protein diet, steer clear of performance enhancing drugs and train at the local track. The only trouble I have is when the Olympics roll around every four years, because it turns out that for an Olympic athlete, I am not very good. But then, that is only an occasional blip in my otherwise Olympic-worthy regimen.

In the CRO job 99% of the days there is nothing going wrong. The only test you get of how well you are doing – short of pouring out risk reports and looking ponderous and prudent in meetings – is what happens to the firm during times of market crisis. Every few years something calamitous happens in the market; if the firm gets blown away, that suggests you did not do a very good job.

What about the job of the risk taker? Well, a risk taker does, after all, take risk. He tries to do so intelligently, that is, he tries to put on positions that he hopes have a high return per unit of risk. But how much risk he takes and where he takes it has to be dictated by someone. You can’t just say “take risk, and good luck”.

The job of the risk manager at these firms is to convey the risk parameters to the risk takers, to define the boundaries. And that should involve more than simply running a value at risk calculation on the computer. If that is all you want, you don’t need a guy making a few million a year and employing a staff of hundreds. Before I would be so harsh on Tom Maheras and his compatriots, I would be calling to task the people who allowed that risk level to be taken in the first place.


  1. I just saw your blog. Could not agree with you more.

    Just one point - You mentioned "The job of the risk manager at these firms is to convey the risk parameters to the risk takers, to define the boundaries"

    Citibank in the late 1980s (when I worked for them as a Prop FX Trader in India) did define boundaries very clearly. If we traders broke position or risk limits we would be fired almost instantaneously.
    Now that was all fine in places like India and I recall being extremely careful never to breach any risk limits. Even my Chief Trader would take me to task if I did so.

    However, it seems that the sound principles of risk management which were applied to traders in India are non-existent at the headquarters in New York. I wonder why.

  2. I really loved your analogy of the Olympic shot putter. It's easy to appear to be great at your job as a risk manager as long as there are no major market disruptions.

    You speak to some of the challenges in your book, and you should know (having been a risk manager).

    It seems that firms are overly reliant on VaR calculations. The problem is that VaR is an overly simplistic way to look at risk and does not deal well with the dynamic nature of markets.

    I believe that you have written, in several places, about how reduced volatility can INCREASE risk because it artificially lowers VaR.

    I don't believe, given my readings in the area, that there is no one measure that has been developed that can accurately reflect the risk in a portfolio. I believe that this problem is amplified by the complexity of portfolios and the requirement to mark illiquid securities to market.

    I plan to write a little more about these issues on my blog in the near future.

  3. Would it be possible for a CRO to increase risk?

    Take the example of Rick's Olympic ability, and extend the metaphor a bit. If, likewise, he had deceived the US Olympic team and committee into believing he could genuinely perform at the Olympic level in the shot put, then during the Olympics, the team will be caught completely flat-footed when it turns out his only Olympic level-skill is metaphors about the Olympics.

    Extending this to the CRO role, would it be possible that by having an incompetent CRO, risks will be taken that otherwise would not have been, owing to an inappropriately strong feeling of security? Amusing to think people could be paid millions of dollars to subtract value from their firm.

  4. The mere presence of “Chief Risk Officers” shows how out of whack the American corporate and financial system has become. Investing has always been a matter of balancing risk and reward; by creating a “CRO,” an enterprise is implicitly freeing everyone else to ignore risk.

  5. What frustrates me about ‘risk management’ is the focus of these risk managers on history and especially the forecasting forward of calculated probabilities of shock events or ‘black swans’ reoccurring in future. No model can effectively give any gauge of the likelihood of a ‘black swan’ occurring in the future, if this were possible the ‘black swan’ by virtue of its definition would not be a significant event. It is interesting to think that risk something that can not be modeled due to its dynamic nature and any attempt to do so will only end in disappointment. This is an area especially where considerations within the field of finance must diverge from theory and into a more pragmatic context. For those in the industry, CFO’s especially, this requires the application of creativity, focusing not on what we do know about risk and past shocks that have affected equity markets, rather what we don’t know. The subprime fall out is a perfect example of this, as mentioned in an earlier blog, where quant funds globally experienced a ‘once in 100 year event’ 3 days consecutively. Good risk management seems to be not the ability to try and model random historical events which have in the past disrupted markets, rather the ability to consider macro trends and limit exposures to assets which may indeed be innately riskier than the modeled pricing suggests. Keep up the good work Rick, your blog is a must read favorite of myself and my fellow students.

  6. Unfortunately risk managenment systems at large institutions suffer from 2 major problems, bith of which were highlighted by the current mortgage market blowup>

    !> garbage in garbage out _ if you don"t do your due diligence and don"t know what you own you can"t assess the risk with any model>
    @ the risk officer is not part of the decision making process at brokers and banks> hE IS A COST/LIABILITY NOT AN EQUAL PARTICIPANT.

    The result is that risk analysis is rarely taken seriously and since often the wrong or irrelevant data is used anyway (wrong correlations, valuations using the wrong prices etc.), risk managers have not demonstrated any real value added.


Note: Only a member of this blog may post a comment.