I've been helping a company that wants to implement Value at Risk, (VaR). During this process, I've found myself reassessing how I think about risk. It has led me to reconsider what's important and that's what this post is about.

VaR is a method of quantitatively measuring market risk. Market risk comes from daily price changes. If you hold a trading portfolio and you re-price, it affects your P&L and presumably, you want some measure of what any loss could be.

About 30 years ago, JP Morgan came up with a single number: Value at Risk. VaR is supposed to tell you how much you can lose in one day for a given confidence level. You can think of it as an estimate, but it is not an absolute certainty. Losses can exceed all expectations.

You can already see that it's somewhat complex and subjective. That might surprise you, particularly if you thought that hard and fast numbers were supposed to give you the truth. Let's put that into perspective.

If you're running a trading book, how long can it take to exit a position? This has a bearing on the holding period - I mentioned one day, but it could be 10 days, 30 days, or 6 months.

One of the advantages of value at risk is that you can calculate it for any traded asset, so in theory, you can add numbers across asset classes. But this ignores any diversification benefits.

You will have days when some assets zig and others zag. This gives rise to two types of value at risk: an undiversified value and a diversified value. Which is more appropriate depends on your viewpoint.

The undiversified value tends to overstate the risk, whereas the diversified value understates it, (particularly when everything is sold at once in times of stress).

We also need to consider the confidence interval. Do you feel comfortable with 95 days out of 100, or 99 days out of 100?

Then there's tail risk.

You'll be aware that occasionally, everyone runs for the exit at once; it's a behavioural problem. Losses become much greater than anyone anticipated.

There are a lot of moving parts, so implementing this model or any model presents a whole series of questions before things can take shape and once you start to build, you get a whole slew of operational issues.

For example,

Where does the data come from?

How accurate is it?

How do you capture it?

How do you go about the value-at-risk model itself?

How do you show the results?

How do you determine whether the model works?

**It's why I've changed my opinion.**

I saw risk management as presenting risk so that you can see the exposures, whether they are market, credit, or operationally related.

Ideally, you had many different ways to do this and could collate the information to cross-reference and gain a picture of the exposures you faced.

It's like seeing a picture for the first time in black and white and then adding colour to give you more perception.

However, risk is about understanding how an uncertain future can affect your business. It's not just a number from a spreadsheet. Importantly, many risks cannot be modelled with precision.

The fact is you cannot rely on VaR when we need it most.

Once you realise this, you need to consider how to cater for the unexpected. Namely, do you have stress testing? And, how is it created from plausible scenarios?

Equally important, how do you build flexibility in your business so that you can alter things within an appropriate time frame?

There also needs to be some way in which you link risk to capital, profit, and expertise.

**The value of these discussions far outweighs the results from the models themselves. It's a great opportunity to explore the way risk influences your business.**

__If you liked this sign-up for ____regular posts__

## Komentar