You don't want to get this one wrong

Risk management has become one of the most important business processes across the buy side, providing investors and buy-side organisations with timely, detailed and accurate reports into the firm's well-being.

But not all buy-side systems were created equally, which makes selecting and matching the most appropriate system to your organisation's needs one of the most important decisions a buy-side firm can make. John Lewis explains why

Risk management is no longer a topic just for big banks; hedge funds are using risk management techniques within their investment and marketing. Limited partners are becoming more sophisticated and interested in the metrics funds are using to control risk, and pension funds and endowments are bringing the same control and reporting requirements they have for traditional large fund management firms to their hedge fund allocations.

With pressure from limited partners and hints of regulation from government agencies, hedge funds will have to find a risk management solution that satisfies these requirements and works with their mix of trading instruments and technology infrastructure. For the less complex strategies, using simple cash instruments, there are many solutions available on the market, which might already be available as options in existing portfolio accounting packages. However, complex instruments from draw-down loans to structured products require sophisticated software and data to perform risk calculations.

Some of the features suitable for a hedge fund which should be provided by a risk management solution will be reviewed. Hedge funds are often on the cutting edge of financial engineering and therefore have more sophisticated risk requirements than a long-only cash instrument fund.

Typically, market and credit risk are the ones that are monitored and adjusted. Market risk can be defined as those that affect all instruments. These include interest rate and exchange rate risks. Credit risk is that the issuer of the instrument will default. It is increasingly becoming the practice to compute the two together, as opposed to operating separate computations and systems for each. Operational risk is the third generally recognised risk type, although it has not yet been fully defined nor is it easily quantified.

Risk computation is a data intensive task. Not only do you need the data for each instrument in your portfolio, but a number of supporting data sets must be furnished. These include spread data, constituent pools for such instruments such as CDOs or the computed statistical characteristics of these instruments, FX rates, interest rates, forecasts, credit ratings and others. This data must be assembled and formatted for use by the risk models. It is much easier to have a risk management system that provides these data sets. At the least, the vendor-provided data can provide a baseline computation.

The data sets should also be clearly defined and the data model made available. This will permit the fund to use slightly different data if it has different assumptions about the market risks. The statistical data should be a clear representation of the current market state. However, there may be circumstances where the fund has an informed view and would like to run the risk models with slightly different data as well as the baseline data sets.

An open data model will also permit the fund to purchase data from more than one vendor and see the differences in the final risk figures computed. For those funds that anticipate or have regulatory review, they can show the results using different data sources to the relevant groups. Stress test functions can take the place of additional data sets.

Driving efficiencies

The risk management system should be able to look at the risks either firm-wide, or by group or portfolio. There should be a way to identify the different groups in the same manner as the portfolio accounting system, and it is more efficient if the risk system uses the same designations as the accounting package. These groups should be used to control access and the ability to modify the risk computation settings using the roles of each person logging into the system. As with the groups, the roles should use the firm's existing single sign-on system. This will permit the risk management system to interact with existing systems and have access controlled by the existing security structures.

Two important factors within the risk system are the computation of Value-at-Risk (VaR) and the pricing of complex instruments. It is important to have a method to independently price complex instruments. It may not be wise to leave the computation of pricing and cash waterfalls to the group that trades the instrument. They might have the most optimistic view of the pricing direction while, for computing risk, you are looking for the most realistic view. This can be provided through an external source or the use of a pricing algorithm within the risk management tool. This pricing algorithm within the risk system will be consistent and impartial. This will also provide a baseline value to compare to the value computed by the trading group.

The VaR and marginal VaR (MVaR) are made using a number of assumptions. One of the most important is the selection of distribution. The losses do not have a Gaussian distribution as many risk systems assume. To compute a true MVaR – the contribution to VaR of an individual portfolio holding – the true distribution must be computed. As the distribution is not Gaussian, computational short-cuts should not be used by assuming it is.

As there are assumptions in the VaR calculation, there are also assumptions in the treatment of instruments. Something as simple as a drawdown loan would seem simple to model. However, it is very complex to model the behaviour as each period must be tested for default and then the treatment of the available drawdown. If a company were facing default, it would most likely draw down the remaining facility before going into default. This is even more complex if there are a number of covenants in the loan in venture capital-type deals that hedge funds are completing. In the case of structured products, many systems use a loan equivalency instead of modelling the full instrument and all its parts. A loan equivalency does not provide a path to default within the structure. There is a single transition and pricing path for the entire structure instead of one for each part of the structure.

A final example for instrument assumptions that can lead to inaccurate risk numbers is a CDO. The most accurate method is to model the entire constituent as a portfolio behind the CDO. It is not always possible to have the full list. Therefore a detailed statistical analysis of the pool must be performed and then the statistical characteristics can be used. Shortcuts in creating a pool will provide inaccurate results.

Accuracy is important for the firm-wide risk numbers and for the risk budgeting figures. The risk-return ratios for a group can be inaccurate in either a positive or negative direction. This will have the result of over rewarding desks that are taking on more risk than computed and will hold back groups that have prudent high return strategies. With a large number of assumptions and equivalencies you will never know the true situation. This does not need to be the case as there are systems that do not use equivalencies and make efficient computations to create a true picture of the risks in your portfolios.