Partner RSD Solutions Inc.
Introduction
(Note to Reader: This Introduction is a repeat of the Introduction to part 1 of this four part blog. If you have already read this introduction, skip to the exam question below)
I teach a course in Enterprise Risk Management (ERM) in the MBA program at Dalhousie University in Halifax Canada. Although I am a big fan of ERM, I also believe that it is a bit of a weird course to teach at a Business School.
The reasons why I think that ERM is a bit of an out-of-place course in an MBA program are many. To begin, ERM as a subject area is really quite trivial and probably not worthy of a Masters Level degree (of course that same criticism could be leveled against 90% of a typical MBA curriculum). While there are many aspects and techniques to learn about ERM, each one of them is quite trivial, or based on obvious common sense (yes – I know that there is nothing common about common sense!) What is NOT trivial about ERM are the implementation issues. Implementing ERM is hard and requires great creativity, business insight and a PORTFOLIO of skills and techniques that few mangers or management teams possess. The difficulty of teaching ERM to MBA students is that while they may have learned a diverse portfolio of techniques, that is a far cry from having a portfolio of SKILLS and also a far cry from having sufficient business insight.
A second issue that arises when teaching ERM in the context of an MBA program is the issue of whether or not ERM is a separate subject from strategy. In a way it is analogous to the humorous Shreddies commercial when they talk about the “new” diagonal shaped Shreddies as opposed to the “old” square shaped Shreddies. In a lot of ways ERM class looks like a business strategy class. Perhaps that is not a bad thing as it reflects my bias that ERM should be critically tied to and inseparable from the strategy function within a firm.
A third issue is that ERM is still a young field academically. That is, there is not a lot of academic research of note that has produced testable theories about good and bad practices of ERM. Perhaps that is just as well, as I am not sure that business academic research is all that valuable. (How much time do you think practitioners spend reading and digesting academic business journals?)
A final issue (there are many more, but I want to get to the real purpose of this blog) is that ERM studies do not have a natural home within the traditional silos of business schools. Is ERM a quantitative subject or a qualitative subject? Is ERM Finance, Statistics, Operations, Strategy, Organizational Behaviour, Accounting, or some other field? In my mind, ERM has components of all of the above. This bias of mine about ERM was the basis of my earlier comment that ERM requires a portfolio of skills and techniques. However, business schools, in their striving for academic respectability are taking specialization to the extremes. This of course implies that there simply is no time – nor is there any respect - for any subject matter that is not “pure” in an academic sense.
Despite all of these shortcomings, I – in my stupidity and naïveté – attempt to teach ERM to MBA students. To make up for the shortcomings I try to teach it as much as possible as a seminar class. That is, students are given a weekly set of readings, as well as an open ended set of questions or issues, and then we discuss the questions and issues in the following class. The class is taught by the Socratic method, and I attempt to get as much debate as possible generated. Students are challenged to be creative, and perhaps most importantly to peel back the “layers of the onion” to see the issues behind the issues and the issues behind implementation. As stated earlier, my belief is that ERM as a subject (taken at its face level) is trivial. It is only when you think about the consequences of techniques and the implementation issues that it becomes interesting and a challenge.
Thus we get to the purpose of this blog – namely, how should I structure an exam for this class? In this, and the following three blogs I am going to put forth my exam questions, and why I asked each exam question. I welcome reader’s comments and thoughts on my questions. Each of the questions has been designed with my biases (as stated above) in mind. In the very first meeting with the students I outline my biases and give them plenty of time to find a “real” class that they can take in place of ERM for the semester. For some strange reason most of the students do not drop the class. (I wish they would – it would mean less marking for me.)
In any case, I hope you enjoy this set of blogs – and I truly would like to hear not only your comments about my questions, but also what you might suggest as answers.
Question 2: What do you believe are the three main SOLVABLE problems of risk management that might be cracked in the next 5 to 10 years? Indicate (or speculate on) how each of these problems might be solved. In other words, describe three areas or ideas or concepts where we might make significant progress in the development of the practice of ERM.
This was a truly nasty question to ask. (As a former PhD student in physics I considered it to be only fair payback / passing on of the torture I endured as a graduate student.)
In financial risk management we are currently in a world where it is considered very enlightened and new age to state “risk management is broken!” as you sip whatever the drink du jour is at the society cocktail party. In Enterprise Risk Management however we seem to believe that the “nut” has been cracked and it is only a matter of more forceful and patient implementation that solves all issues. However as alluded to in question 1, not all is rosy or straightforward in ERM land.
My belief is that the main potentially solvable issue in ERM is integration or correlation. There is a lot of promising work being done in this area, but just when we get close to the answer(s) we find the business / economic world presents us with a phase shift or paradigm shift. (I trust the readers of this blog spot the intended irony here.)
In my PhD days I studied volatility and diffusion – topical issues at the time. Today if I was to do a PhD (highly unlikely given where Finance PhD research is going) I would like to study correlation. Development of correlation models is one of those high risk, high reward PhD thesis topics. High risk as there is a very high probability that you never get something developed that is considered PhD worthy. High reward in that if you do crack the nut, then the risk and finance worlds will be your oyster. (As an aside, if I was to redo a PhD in business I would do it either on the marketing of churches, or on the marketing practices of street vendors. I find both topics to be fascinating.)
In the early 90’s we all wanted better models of volatility. Of course everyone remembers Salomon Brother’s GIFT model – a GARCH related model that was supposed to give meaningful volatility predictions. Not sure what happened to it – maybe it is still in use – but I have not heard much about it lately. Now the topic du jour is correlation. I suspect that each of the major banks, as well as several hedge funds are developing proprietary correlation models that promise to capitalize and profit from correlation analysis. (For the record I did one of the early PhDs based on ARCH Models. Basically I showed that it you simply took into account the number of times the specialists changed their quotes intraday that the ARCH effects went away. It was considered a good thesis on account of my methodology, but no one was interested in the results – too boring to consider that a bunch of “uneducated” floor traders who made their livelihood off of trading on the floor of the exchange would know anything about the markets.)
At this point I have to confess that I am not really sure what another potentially solvable problem is for ERM. I know that there are lots of problems – but are they solvable? Every problem I can come up with seems to have an immediately obvious roadblock. One such issue is that of adjusting each individual’s risk tolerance. With the exception of Andy Lo’s (and others) work on “neurobehaviouralfinancechemistry” I am not sure this is an area for academic development. My own academic ethics department I am sure would have trouble if I suggested doing work in this area.
Perhaps another potentially solvable problem of ERM is that of believing that we have to know everything in order for a field to be acceptable. In my mind ERM is a field by which we cannot know everything – but try telling that to a risk manager that has been trained in the field of mathematics. Knowing everything is only a matter of being smarter to know better the mind of God – or whatever deity that sets the whims of business risk.
The above point brings to mind something that I just read in the book “Shop Class as Soulcraft” by Matthew Crawford (The Penguin Press, 2009). He states “The mechanic and the doctor deal with failure everyday, even if they are expert, whereas the builder does not. This is because the things they fix are not of their own making, and are therefore never known in a comprehensive absolute way.” In my opinion, Matthew Crawford could have also been talking about risk engineers, as the things they try to fix (risks) are not of their own making – they are the making of the very complex socio-economic business world that we live in. I intend to write a blog in the near future on this specific theme.
The bottom line is that ERM as a field has to overcome the problem of believing that it has to be able to solve or prevent (or mitigate, or properly embrace) every risk that is known and even unknown. This is a fool’s errand. However I am not sure it is a solvable problem in our world that only listens to all-knowing, omnipotent experts.
There are of course a host of other problems that ERM experts and academics (notice I did not lump the two together) are working on, including:
- quantification of operational, strategic, legal, human, reputation etc. risks
- a common quantification scale for all of the above
- Black-Swan quantification / tail modeling
- systematic and comprehensive risk identification schemes
- accreditation programs (not sure why this is a problem, but I suspect that someone sees a solution ($$$$) in accreditation despite the lack of a problem)
- training for Boards of Directors