The key point here is that regulators are concerned with total risks, not just systematic risks. Their goal is to make bankruptcy a highly unlikely event.
1.6 RISK MANAGEMENT BY FINANCIAL INSTITUTIONS
There are two broad risk management strategies open to a financial institution (or any other organization). One approach is to identify risks one by one and handle each one separately. This is sometimes referred to as risk decomposition. The other is to reduce risks by being well diversified. This is sometimes referred to as risk aggregation. Both approaches are typically used by financial institutions.
Consider, for example, the market risks incurred by the trading room of a bank. These risks depend on the future movements in a multitude of market variables (exchange rates, interest rates, stock prices, and so on). To implement the risk decomposition approach, the trading room is organized so that a trader is responsible for trades related to just one market variable (or perhaps a small group of market variables). For example, there could be one trader who is responsible for all trades involving the dollar-yen exchange rate. At the end of each day, the trader is required to ensure that certain risk measures are kept within limits specified by the bank. If the end of the day is approached and it looks as though one or more of the risk measures will be outside the specified limits, the trader must either get special permission to maintain the position or execute new hedging trades so that the limits are adhered to. (The risk measures and the way they are used are discussed in Chapter 8.)
The risk managers, working in what is termed the middle office of a bank, implement the risk aggregation approach for the market risks being taken. This involves calculating at the end of each day the total risk faced by the bank from movements in all market variables. Hopefully, the bank is well diversified so that its overall exposure to market movements is fairly small. If risks are unacceptably high, then the reasons must be determined and corrective action taken. The models used for the aggregation of market risks are given in Chapters 12, 13, and 14.
Risk aggregation is a key tool for insurance companies. Consider automobile insurance. The insurance company's payout on one particular automobile insurance policy is quite uncertain. However, the payout from 100,000 similar insurance policies can be predicted with reasonable accuracy.
Credit risks are also traditionally managed using risk aggregation. It is important for a financial institution to be well diversified. If, for example, a bank lends 40 % of its available funds to a single borrower, it is not well diversified and likely to be subject to unacceptable risks. If the borrower runs into financial difficulties and is unable to make interest and principal payments, the bank could become insolvent.
If the bank adopts a more diversified strategy of lending 0.01 % of its available funds to each of 10,000 different borrowers, it is in a much safer position. Suppose that the probability of any one borrower defaulting is 1 %. We can expect that close to 100 borrowers will default in the year and the losses on these borrowers will be more than offset by the profits earned on the 99 % of loans that perform well. To maximize the benefits of diversification, borrowers should be in different geographical regions and different industries. A large international bank with different types of borrowers all over the world is likely to be much better diversified than a small bank in Texas that lends entirely to oil companies.
But, however well diversified a bank is, it is still exposed to systematic risk, which creates variations in the probability of default for all borrowers from year to year. Suppose that the probability of default for borrowers in an average year is 1 %. When the economy is doing well, the probability of default is less than this and when there is an economic downturn it is liable to be considerably more than this. Models for capturing this exposure are discussed in later chapters.
Since the late 1990s, we have seen the emergence of an active market for credit derivatives. Credit derivatives allow banks to handle credit risks one by one (risk decomposition) rather than relying solely on risk diversification. They also allow banks to buy protection against the overall level of defaults in the economy. However, for every buyer of credit protection there must be a seller. Many sellers of credit protection, whether on individual companies or on portfolios of companies, took huge losses during the credit crisis that started in 2007. The credit crisis is discussed further in Chapter 6.
1.7 CREDIT RATINGS
Credit ratings provide information that is widely used by financial market participants for the management of credit risks. A credit rating is a measure of the credit quality of a debt instrument such as a bond. However, the rating of a corporate or sovereign bond is often assumed to be an attribute of the bond issuer rather than of the bond itself. Thus, if the bonds issued by a company have a rating of AAA, the company is often referred to as having a rating of AAA.
The three major credit rating agencies are Moody’s, S&P, and Fitch. The best rating assigned by Moody's is Aaa. Bonds with this rating are considered to have almost no chance of defaulting. The next best rating is Aa. Following that come A, Baa, Ba, B, Caa, Ca, and C. The S&P ratings corresponding to Moody's Aaa, Aa, A, Baa, Ba, B, Caa, Ca, and C are AAA, AA, A, BBB, BB, B, CCC, CC, and C, respectively. To create finer rating measures Moody's divides the Aa rating category into Aa1, Aa2, and Aa3; it divides A into A1, A2 and A3; and so on. Similarly S&P divides its AA rating category into AA+, AA, and AA−; it divides its A rating category into A+, A, and A−; and so on. Moody's Aaa rating category and S&P's AAA rating are not subdivided, nor usually are the two lowest rating categories. Fitch's rating categories are similar to those of S&P.
There is usually assumed to be an equivalence between the meanings of the ratings assigned by the different agencies. For example, a BBB+ rating from S&P is considered equivalent to a Baa1 rating from Moody’s. Instruments with ratings of BBB− (Baa3) or above are considered to be investment grade. Those with ratings below BBB− (Baa3) are termed noninvestment grade or speculative grade or junk bonds. (In August 2012, S&P created a stir by downgrading the debt of the U.S. government from AAA to AA+.)
We will learn a lot more about credit ratings in later chapters of this book. For example, Chapter 6 discusses the role of ratings in the credit crisis that started in 2007. Chapters 15 and 16 provide information on how ratings are used in regulation. Chapter 19 provides statistics on the default rates of companies with different credit ratings. Chapter 21 examines the extent to which the credit ratings of companies change through time.
SUMMARY
An important general principle in finance is that there is a trade-off between risk and return. Higher expected returns can usually be achieved only by taking higher risks. In theory, shareholders should not be concerned with risks they can diversify away. The expected return they require should reflect only the amount of systematic (i.e., non-diversifiable) risk they are bearing.
Companies, although sensitive to the risk-return trade-offs of their shareholders, are concerned about total risks when they do risk management. They do not ignore the unsystematic risk that their shareholders can diversify away. One valid reason for this is the existence of bankruptcy costs, which are the costs to shareholders resulting from the bankruptcy process itself.
For financial institutions such as banks and insurance companies there is another important reason: regulation. The regulators of financial institutions are primarily concerned with minimizing the probability that the institutions they regulate will fail. The probability of failure depends on the total risks being taken, not just the risks that cannot be diversified away by shareholders. As we will see later in this book, regulators aim to ensure that financial institutions keep enough capital for the total risks they are taking.
Two general approaches