Showing posts with label VaR. Show all posts
Showing posts with label VaR. Show all posts

Feb 6, 2010

Why VaR fails and actuaries can do better

Perhaps the most important challenge of an actuary is to develop and train the capability to explain complex matters in a simple way.

One of the best examples of practicing this 'complexity reduction ability' has been given by David Einhorn, president of Greenlight Capital. In a nutshell David explains with a simple example why VaR models fail. Take a look at the next excerpt of David's interesting article in Point-Counterpoint.

Why Var fails
A risk manager’s job is to worry about whether the bank is putting itself at risk in the unusual times - or, in statistical terms, in the tails of distribution. Yet, VaR ignores what happens in the tails. It specifically cuts them off. A 99% VaR calculation does not evaluate what happens in the last1%.

This, in my view, makes VaR relatively useless as a riskmanagement tool and potentially catastrophic when its usec reates a false sense of security among senior managers and watchdogs.

VaR is like an airbag that works all the time,except when you have a car accident

By ignoring the tails, VaR creates an incentive to take excessive but remote risks.

Consider an investment in a coin-flip. If you bet $100 on tails at even money, your VaR to a 99% threshold is $100, as you will lose that amount 50% of the time, which obviously is within the threshold. In this case, the VaR will equal the maximum loss.

Compare that to a bet where you offer 127 to 1 odds on $100 that heads won’t come up seven times in a row. You will win more than 99.2% of the time, which exceeds the 99% threshold. As a result, your 99% VaR is zero, even though you are exposed to a possible $12,700 loss.

In other words, an investment bank wouldn’t have to put up any capital to make this bet.

The math whizzes will say it is more complicated than that, but this is idea. Now we understand why investment banks held enormous portfolios of “super-senior triple A-rated” whatever. These securities had very small returns.

However, the risk models said they had trivial VaR, because the possibility of credit loss was calculated to be beyond the VaR threshold. This meant that holding them required only a trivial amount of capital, and a small return over a trivial capital can generate an almost infinite revenue-to-equity ratio.

VaR-driven risk management encouraged accepting a lot of bets that amounted to accepting the risk that heads wouldn’t come up seven times in a row. In the current crisis, it has turned out that the unlucky outcome was far more likely than the backtested models predicted.

What is worse, the various supposedly remote risks that required trivial capital are highly correlated; you don’t just lose on one bad bet in this environment, you lose on many of them for the same reason. This is why in recent periods the investment banks had quarterly write-downs that were many times the firm wide modelled VaR.

The Real Risk Issues
What. besides the 'art of simple communication', can we - actuaries - learn from David Einhorn?

What David essentially tries to tell us, is that we should focus on the real Risk Management issues that are in the x% tail and not on the other (100-x)% .

Of course we're inclined to agree with David. But are we actuaries truly focusing on the 'right' risks in the tail?

I'm afraid the answer to this question is most often : No!
Let's look at a simple example that illustrates the way we are (biased) focusing on the wrong side of the VaR curve.

Example Longevity
For years (decades) now, longevity risk has been structurally underestimated.

Yes, undoubtedly we have learned some of our lessons.

Todays longevity calculations are not (anymore) just based on simple straight on mortality observations of the past.

Nevertheless, in our search to grasp, analyze and explain the continuous life span increase, we've got caught in a interesting but dangerous habit of examining more and more interesting details that might explain the variance of future developments in mor(t)ality rates.

As 'smart' longevity actuaries and experts, we consider a lot of sophisticated additional elements in our projections or calculations.

Just a small inventory of actuarial longevity refinement:
  • Difference in mortality rates: Gender, Marital or Social status, Income or Health related mortality rates
  • Size: Standard deviation, Group-, Portfolio-size
  • Selection effects, Enhanced annuities
  • Extrapolation: Generation tables, longitudinal effects, Autocorrelation, 'Heat Maps'


In our increasing enthusiasm to capture the longevity monster, we got engrossed in our work. As experienced actuaries we know the devil is always in the De-Tails, however the question is: In which details?

We all know perfectly well that probably the most essential triggers for longevity risk in the future, can not be found in our data.
These triggers depend on the effect of new developments like :

It's clear that investigating and modeling the soft risk indicators of extreme longevity is no longer a luxury, as also an exploding increase of lifespan of 10-20% in the coming decades seems not unlikely.
By stretching our actuarial research to the the medical arena, we would be able to develop new (more) future- and shock-proof longevity models and stress tests. Regrettably, we don't like to skate on thin ice.....

Ostrich Management

If we - actuaries - would take longevity and our profession as 'Risk Manager' more serious, we would warn the world about the global estimated (financial) impact of these medical developments on Pension- and Health topics. We would advice on which measures to take, in order to absorb and manage this future risk.

Instead of taking appropriate actions, we hide in the dark, maintaining our believe in Fairy-Tails. As unworldly savants we joyfully keep our eyes on the research of relative small variances in longevity, while neglecting the serious mega risks ahead of us.

This way of Ostrich Management is a worrying threat to the actuarial profession. As we are aware of these kind of (medical) future risks, not including or disclaiming them in our models and advice, could even have a major liability impact.

In order to be able to prevent serious global loss, society expects actuaries to estimate and advice on risk, instead of explaining afterwards what, why and how things went wrong, what we 'have learned' and what we 'could or should' have done.

This way of denying reality reminds me of an amusing Jewish story of the Lost Key...

The lost Key
One early morning, just before dawn, as the folks were on their way to the synagogue for the Shaharit (early morning payer) they notice Herscheleh under the lamp post, circling the post scanning the ground.

“Herschel” said the rabbi “What on earth are you doing here this time of the morning?”

“I lost my key” replied Herscheleh

“Where did you lose it?” inquired the rabbi

“There” said Herscheleh, pointing into the darkness away from the light of the lamp post.

“So why are looking for you key in here if you lost it there”? persisted the puzzled rabbi.

“Because the light is here Rabbi, not there” replied Herschel with a smug.

Let's conclude with a quote, that - just as this blog- probably didn't help either:

Risk is not always apparent,
but its invisibility is no longer an excuse for ignoring it.

-- Bankers Trust on risk management, 1995 --

Interesting additional links:

Feb 1, 2010

Soft-Risk Management

Never heard of of Soft-Risk Management? After this blog you'll never forget!

This month Google's world class co-founders Page and Brin announced (SEC filing) they'll sell 17% of their shares (at today’s prices valued at $5.5 billion) in the next five years.

As a consequence their voting rights will be reduced to 48%, implicating they will no longer have a majority control. They are both as committed as ever to Google..., Google said in an e-mailed statement.
Why this statement? Was there anyone who doubted this?

Of course Google is still and will hopefully stay a strong company and a strong brand. Nevertheless - without jumping the conclusions - it's clear that this low-key announcement, although it doesn't seem to have any direct financial consequences, might turn out to be the straw that breaks the camel's back in Google's life cycle development. This kind of company press release is in fact a 'disguised risk indicator', or in other words a :

Soft-Risk Indicator (SRI)

A SRI may be defined as 'knowable' information about a company, that could influence the company's value now or in the future , but doesn't seem to have enough (financial) power to do so now or on its own

Although just one ignored SRI could already be fatal, a combination of two or more SRIs could become a severe risk. A bunch of SRIs could create a chain reaction and lead to a kind of supernova explosion.
It's just like a grain dust explosion. A few grains are no risk, they don't explode. However in an accumulation of grains, one innocent 'hot' grain or a small environmental change in dust concentration, is enough to create a mega explosion. Just like grain dust, SRIs can become a severe risk when the environment (suddenly) changes.
Consequently, an out of the blue 'change of environment' is also a Soft-Ris Indicator on its own.

Don't mix up Soft-Risk with Systemic Risk. Dust particles don't directly 'participate' in one another, in fact they build up to a certain critical density. Soft Risk Loss
SRL = E( SRIi=1,2..n )
It's just the composition of SRIs in combination with the special SRI of 'the change in environment' that creates a major accumulated (explosion) Soft-Risk that may eventually result in a Soft Risk Loss (SRL). However, once the SRL has occurred and has been measured, the corresponding SRI becomes a 'normal' Risk parameter.

Are there more Google SRIs?
Yes! One of the best Soft-Risk Indicator blogs of 2009 is written by Googles leaving lead visual designer Doug Bowman, it's called:

Please read the next extract of Bowman's blog from a risk management perspective, as he explains his decision to leave Google after three years.
- 20 Mar 2009 -
Goodbye, Google
Without a person at (or near) the helm who thoroughly understands the principles and elements of Design, a company eventually runs out of reasons for design decisions. With every new design decision, critics cry foul. Without conviction, doubt creeps in. Instincts fail. “Is this the right move?” When a company is filled with engineers, it turns to engineering to solve problems. Reduce each decision to a simple logic problem. Remove all subjectivity and just look at the data. Data in your favor? Ok, launch it. Data shows negative effects? Back to the drawing board. And that data eventually becomes a crutch for every decision, paralyzing the company and preventing it from making any daring design decisions.

Yes, it’s true that a team at Google couldn’t decide between two blues, so they’re testing 41 shades between each blue to see which one performs better. I had a recent debate over whether a border should be 3, 4 or 5 pixels wide, and was asked to prove my case. I can’t operate in an environment like that. I’ve grown tired of debating such minuscule design decisions. There are more exciting design problems in this world to tackle.

I can’t fault Google for this reliance on data. And I can’t exactly point to financial failure or a shrinking number of users to prove it has done anything wrong. Billions of shareholder dollars are at stake. The company has millions of users around the world to please. That’s no easy task. Google has momentum, and its leadership found a path that works very well. When I joined, I thought there was potential to help the company change course in its design direction. But I learned that Google had set its course long before I arrived. Google was a massive aircraft carrier, and I was just a small dinghy trying to push it a few degrees North.

I’m thankful for the opportunity I had to work at Google. I learned more than I thought I would. I’ll miss the free food. I’ll miss the occasional massage. I’ll miss the authors, politicians, and celebrities that come to speak or perform. I’ll miss early chances to play with cool toys before they’re released to the public. Most of all, I’ll miss working with the incredibly smart and talented people I got to know there. But I won’t miss a design philosophy that lives or dies strictly by the sword of data.

The resemblance between Google and the financial sector is striking.
Can you see it?

Simply replace the next words in the above 'Google, Goodbye' article:
Google => X-Bank, Engineer => Accountant, blue => risk strategy
Design => Risk, border => uncertainty, pixels wide => promille
To help you, just press the next 'replace button' to change the text in the article and read the text again. This looks astonishing familiar, doesn't it?


More Soft-Risk Indicators
Bowman's blog makes clear that there's another Soft-Risk Indicator, called:

Data Decision Tunnel Vision
  • Every decision in only based on data and models.
  • Intuition and Fingerspitzengefühl are banned.
  • Craftsmanship is not respected, but must be proved in detail with evidence based on facts and data.
  • Possible events that can't be translated into (financial) data are not recognized as risk and are ignored.
  • Events that don't fit into the data model are reformed until they do fit in
  • Micro management confines the development of a helicopter view on the main risks

Although the list of Soft-Risk Indicators is endless, I'll try to list some common examples (mail me if you have more SRIs examples).

Examples of SRIs
  • Frequent or unexpected change of CEO or other board members
  • Unexplainable or untimely Actuary or Accountant change
  • Intentions of board members not in line with policy
  • Too good to be true revenues, profits, reporting or communication
  • Delay in reporting or publishing
  • Lack of transparency
  • Conflicting statements or publications
  • Main (unexplainable) shareholder changes
  • Over-explaining by board members
  • Unexpected main reallocation of assets
  • Vacancy or Recruitment stop; Reorganizations
  • A company takes extremely more risk after a HQ-Risk Analysis
  • Increasing customer dissatisfaction

Soft-Risk or Risk?
Most of the SRIs are not present or recognized as Risk in our models. Why? Simply because SRI losses are not in the data we analyze. This could be (1) because of the very low occurrence probability of a SRI loss (the loss simply didn't occur yet), or (2) because most of the SRIs aren't identified as SRI or Risk at all, as they simply do not exist yet. Just like a sleeping virus, they might come into Risk Existence on basis of (unknown) future (environmental) changes.

The key difference between 'Risk as we now it' and a SRI is that a SRI is by definition 'not measurable'. SRIs manifest themselves directly in practice as a (non-directly traceable) loss occurrence.

VaR Models fail
This also implicates that our traditional VaR models are definitely wrong, because they only include 'risks of the past' en no 'future risks', e.g. Soft-Risks. These VaR-models significantly underestimate the risk in the tail.
Problem is that as VaR-probabilities are getting smaller and smaller (0.5% or less) it also gets increasingly more difficult to prove the models are right. Consequently the VaR-model loses his power.
Backtesting and recent studies show that we ought to be able to identify most bad VaR models, but the worrying issue is that we can't find any good models, moreover because SRIs are not in the model.

Denying Soft-Risk Indicators: The Meltdown
You might think 'Who cares about SRIs if you can't measure them?". Well, let's see what happens if we deny Soft Risk Indicators.

The most likely dead-end meltdown scenario of denying Soft-Risk Indicators goes something like this:
  • The first years of a company's life is a race for revenues. Risk Management is on the second plan, as there's little to lose.
  • After a few years revenues and profits grow, but become vulnerable and volatile. A new Board is appointed and a Risk Management Plan (RMP) comes in place to stabilize and improve results and to guarantee continuity.
  • After the RMP has shown fantastic results for some years, some strange unexpected serials of events (SRIs) happen. The Board consciously discusses the effects of these events and concludes their company's results are not infected by the events. Moreover, company results are better than ever and the company's RMP has proven to be (Titanic) watertight.
  • To be sure and transparent the Board checks its conclusions by ordering an external risk audit. The external auditor is just as biased as the Board and confirms the Board's conclusions: RMP is O.K.!
  • Suddenly there's a totally unexpected big accident, a substantial one of loss. At first things still look under control, but soon the situation takes over. The board is no more in control. The company is lost.
  • Soon all stakeholders are flabbergasted. How could this happen?!
Well it's clear, what happened is that the Board misinterpreted and neglected early warning signs and SRIs, resulting in a company meltdown.

How to prevent a melt down?
To prevent a situation like the one above, the board should
  1. Set up a SRI-Register
  2. Order the RM-Department to include SRIs in their risk model
  3. Discuss the integral SRI-register monthly in the Board meeting
  4. Interprete the SRIs, and take proactive actions to prevent the SRIs from becoming critical. This is Board's Craftsmanship!
As continuity is a company's main goal, managing uncertainty is the Board's main responsibility.

Redefining Risk
Once we realize that Soft-Risks are crucial in Risk Management, how can we include them in our Integral Risk Model (IRM)?
First we'll have to redefine Integral Risk as follows:

(1) I-Risk = Integral Risk = Measurable Risk + Unmeasurable Risk
(2) I-Risk = Integral Risk = Hard Risk + Soft Risk
(3) I-Risk =( Threatj x Vulnerabilityj x Costj ) + E(SRIi=1,2..n)

Keep in mind that the Integral Risk is not a number, as the SRL is not measurable. If you can't force your brain to 'quantum think' this way, just imagine the Integral Risk as the total company value (at stake).

Cleaning up
First 'cleaning up' action we can do is to investigate the relationship (correlation, covariance matrix, etc.) between each past assumed Soft-Risk event and the Vulnerability of each Hard Risk event. This tells us probably something of the influence (correlation) of certain (combination of) SRIs on the traditional Hard Risk parameters.

Probably this research will show that some of the SRIs could even be defined as Hard Risk variables. Unfortunately this investigation - as explained -won't tell us anything about the real unmeasurable Soft-Risks. The problem remains.....

Managing Soft-Risk
The real main problem is : If you can't measure Soft-Risk, how can you be sure your 'Soft-Risk Management' (SRM) is successful, as you can't measure the effects of your actions either?

This seems to be an insolvable problem. Insolvable because of what Bowman in fact calls our 'mono data mind set'. We are not trained in taking decisions without data. As we are not trained, we become unsure. Unsure about the risk of the impact of our decision, that is unmeasurable as well. Full circle, we're back where we started.

However, there's a way out of this paradox, it's called

Principle Based Risk Management

Before we dive deep, let's first take a step back and have a look at two important actual developments, (1) the Global Warming Problem and (2) Solvency II.

(1) Global Warming Problem
During recent decades scientists have developed different global warming models that contradict each other. The real climate is far too complex to be modelled. We could spend millions of dollars on research to find the ideal model, we will never succeed!

Step by step the leaders of this world recognize that they'll have to manage the global warming in a different way. It's no longer important whether or not there exists a provable global warming problem. The main question is whether we are willing to live up to the principle: "You don't foul your own nest"

This way of principle-based thinking requires reflection on the level of 'spaceship earth', on a 'global' level. However, simultaneously, it urges for acting in line on a 'local' level.

Although related with The Precautionary Principle, Principle Based Risk Management is much more fundamental. It's an adequate tool for fighting Soft-Risks.

(2) Solvency II
In our aim to strengthen the insurance industry solvency, implementation of Solvency II bears the a risk of an overshoot. Instead of managing risks first and in a better way, we translate every risk into capital requirements, consequently increasing the cost of doing business and insurance premiums. It's the perfect example of putting the cart before the horse. Although we expect Solvency II measures to work out in a better solvency, in reality we don't know, as this 'capital-increase scenario' hasn't been tested before and can't be tested. The presumed positive effect could just as well be adverse.

In our aim to avoid risk, we've created another additional risk. A risk we can't measure (yet). Yes, unfortunately, Solvency II is a SRI as well.

Instead of making Solvency II obligatory, a far more effective Principle Based response from the Regulator would have been:

"Prove us that you manage your own risks"

Back to Soft-Risk Management
It's not that difficult managing Soft Risks Principle Based. In fact we all have experience with Soft Risk Principle Based decisions when we decided to have friendship, marry, or to have a child. Or did you calculate the 'lifetime present value' of your child?

Try to apply the above principles in your own company or in your own department. Just start by investigating your Soft-Risk Indicators and start managing soft and hard risks Principle Based.

What principles can we formulate to manage Soft-Risk?

Well actuarial folks.... that's food for another blog as this blog is getting far too long..... O.K. .... I wont keep you waiting, just one Principle Based one-liner that tackles a whole bunch of SRIs at once

Bonuses are only paid in case of
High Customer Satisfaction

Related (additional) Sources:

- Unmeasurable measures: The lawlessness of great numbers
- The Risk Equation
- An Additional Way of Thinking... :The Quantum Perspective
- From Principle Based Risk Management to Solvency Requirements
- Measuring the unmeasurable
- Managing Extraordinary Risk (2009, Towers Perrin)
- Measuring the Unmeasurable: Balanced Scorecard
- NYT: Risk Mismanagement
- Backtesting Value-at-Risk Models (2009)
- Quality control of risk measures: backtesting VAR models
- Metrics: Overmeasuring Our Way to Management

Feb 3, 2009

Coastline Fair Value

Close your eyes and take a guess at the Australian coast length? Answer : 'Exactly' 25,760 km.
  1. Right, according to Wikipedia
  2. Wrong! Because the exact coast length depends on the length of your ruler!
If you would measure the Australian coastline with a 1-mm ruler, you would get a length of more than 100 .000 km!

This leads to the question:

Does a 'coastline fair value' exist?

After all, as the ruler gets diminishingly small, the coastline's length gets infinitely large.
This phenomenon is also known as the Richardson Effect (or the coastline paradox).

Coastline Formula?
In 1967 a document called "How long is the coast of Britain?" was published by the great mathematician Mandelbrot

In 1967 he revived the original formula, earlier developed by Richardson :

L(G) = F . G(1-D)


L=length of the coastline as a function of G

G=Ruler length

F=positive constant factor,
D=constant (D>=1). D is a ‘‘characteristic’’ of a frontier, varying from D=1 for a straight frontier to D=1.25 for a very irregular coastline like Britain. It turns out that D = 1.13 for the Australian coast and D=1.02 for the very smooth South Africa coastline.

The constant D also stands for 'Dimension' and in 1975 Mandelbrot develops this Dimension- idea to what is called the Fractal Dimension.

Fractals turn out to be the perfect (math) language for describing all kind of natural phenomenas like leaves, trees , etc.

Fractals are even used to describe the stock market, the credit crisis or the coastline of the law.

Coastline Formula & Valuation
What can we learn from this fractal coastline measurement with regard to valuations?

  1. Stop changing the rules
    If accounting standards like IFRS , GAAP and IAS or legislation are constantly changing (e.g. amendments) and getting more and more specific, valuing a company becomes like measuring the coastline with different rulers.

    In this case management, supervisors, stake- and shareholders lack a sustainable view on their business. You can't justify the results and value of your company if you have to measure yourself with a dynamic ruler!

  2. Stop digging
    More and more deep going risk research will eventually lead to an substantial increase or even 'infinite' Value at Risk.

    Therefore it's important to define portfolio-, market- and product-risk- limits and structures first, right from the companies (risk) strategy.

    These instruments reduce the needed depth of risk research and therefore increase the control- and efficiency-level of the company.

Try to think scale free and have fun by applying fractals in actuarial science!

Jan 10, 2009

Wir haben es nicht gewusst

Let's be humble and take a look at home. The home of actuaries, accountants and last but not least 'quants'.

Gewußt oder nicht gewußt?
Actuaries and accountants have failed in foreseeing the credit crisis. Together, we have greatly underestimated the developments and put our head in the sand. We've also failed to bring the emerging crisis to a possible end through enhanced cooperation with each other or by sending out common strong signals. In short: "Wir haben es nicht gewußt!"

Without an adequate technical substantiation, we have trusted business plans promising ROEs of 15% and more. This, while we all know that the average risk-free rate is still about 10% below this level and that such high returns can certainly not be made without taking additional risk.

VaR Model
As an article in The Actuary shows, we got intimidated and overruled by the quants with their Value at Risk (VaR) models. The consequences of the advices of these magic mathematicians and their VaR models are well explained in an excellent article called 'Risk Mismanagement' in the New York Times.

In another article, Global Association of Risk Professionals Review, David Einhorn explains:

VaR ignores what happens in the tails.

It specifically cuts them off.
A 99% VaR calculation does not evaluate what happens in the last 1%.

This makes VaR relatively useless as a riskmanagement tool and potentially catastrophic when its use creates a false sense of security among senior managers and watchdogs. " Quote:

VaR is like an airbag that works all the time,
except when you have a car accident

Also, according to Bloomberg, the risk-taking VaR model is broken and everyone is coming to the realization that no formula or rating system can substitute for old-fashioned 'due diligence'.

Quantum mechanics
Because of the complexity of these new VaR-like models, experienced actuaries, accountants, managers and supervisors were all afraid to ask deeper questions or to admit that they didn't totally understood these complex models that were presented as 'simple manageable board instruments' with 'simple steering parameters'. Just like nobody is eager to admit that 'quantum mechanics' is hard to understand and therefor every amateur quantum guru can say what he wants, because nobody checks it.

This way, indirect and by our advice and our models, CEOs and CFOs of large companies and pension funds got the (wrong) impression that 'complex financial markets' were based on 'a sound statistical model', where (annual) deficit risks of 2.5%, 0.5% or 0.1% are exactly calculable and moreover also acceptable.

Whatever, lessons learned, new opportunities for actuaries to set a new benchmark for '21 century riskmanagement'.

However..., stay careful, to catch a tiger by the tail is risky!