风险管理dissertation

风险管理研究dissertation

许多实证性研究都试图着找出团体经济风险管理的不同理论的支撑证据。然而，大多数的尝试都未能决定哪些理论是以平衡交易的经验观测值支持而哪些不是，从而以失败告终。经过一段时间如火如荼的该领域的新研究，在二十世纪九十年代末期，出现了为数不多的几个研究，补充了我们对于对冲交易的理解。偶然的是，近些年来那些最有价值的dissertation研究都集中于方法论问题，比如说内生变量问题（金，乔瑞，2006），包括无派生对冲交易（戴维斯等，2006；贾其，2006），以及有关派生物的研究目的假设（福克纳，2005）这种对于方法论问题的专注，表明了在对冲交易这一领域的研究人员仍然需要有说服力的实验性证据。（贝克曼，1996）

众所周知，沃尔玛在在2005年缴税超过了三千亿美元，是美国主要的私人企业，并且拥有超过一千三百万的附属部门。沃尔玛的市场覆盖了近10亿的顾客群。

Many empirical studies have attempted to find support for different theories of corporate financial risk management. However, most of them have failed to determine which theories are supported by empirical observation of corporate hedging and which are not. After a spate of new research in this field in the late 1990s there have been few studies that have added to our understanding of corporate hedging behavior. Incidentally, most valuable papers in recent years concentrated on methodological issues such as the endogeneity problem (Jin and Jorion, 2006), the inclusion of non-derivative hedging (Davies et al., 2006; Judge, 2006), and assumptions about the purpose of derivative use (Faulkender, 2005). This focus on methodological issues indicates that researchers in the field of hedging still need strong empirical evidence. (Berkman, 1996)

It has been known that Wal-Mart, having revenue of over $300 billion in 2005, is chief private employer in the United States with an associate strength of 1.3 million. It has the market range of customer close to 100 million customers .


It focuses its operations mainly in delivering customer value through low-prices backed by efficient processes. The company is in a rapid growth phase with a 15% planned increase in its worldwide store strength during 2006.

The scale of Wal-Mart’s successful operations has attracted increasing public attention. Out of 300 media articles per day on company, several are being authored by critics who repeatedly level allegations against Wal-Mart. Their primary areas of concern are Wal-Mart’s environment footprint; associate wages and benefits; and the effect of Wal-Mart’s rapid expansion on small local businesses.

Business Objectives

Improve overall brand perception by positively impacting social reputation measures

Increase overall sales

Overall Campaign Objectives:#p#分页标题#e#

Acknowledge the importance of Hispanics to Walmart as a customer, employee and as a vital component in the future of the U.S.

Increase awareness of Walmart’s long-term commitment to the Hispanic community.

Deliver a relevant program by shifting the focus from previous product-centric initiatives to truly consumer-centric initiatives.

In process of designing a better risk management, Wal-Mart took up some basic questions such as:

What are the risks?

What are we going to do about these risks?

How will we measure whether we are having a positive or negative impact on the risks?

How will we demonstrate shareholder value?

The Five-Step of ERM Process

Step One – Risk Identification:

It can be defined as the risk mapping which undertakes evaluative risks on a XY – axis, where in X axis duly represents the probability and y- axis represents the impact. This helps to prioritize what are seen as Wal-Mart’s biggest risks. It took up a schedule of four- to- five-hour risk identification workshop, which helps to get senior leadership thinking about what risks may keep them from meeting their business objectives. These can be enabled through the information systems audit and enterprise risk management. This process majorly starts up at an early month period and make up workshop. Wal-Mart framework is based on seven risk categories that are subcategorized into either external risks or internal risks. The external risk categories are: legal/regulatory, political and business environment. The internal risks are: financial, strategic, sand operational and integrity.

Step Two – Risk Mitigation

This step involves another facilitated workshop, where the three to five most important risks are further defined. During improvement workshop, people who will be imping acted most by a specific risk will be invited to participate. Examples for employee risk include people from the operations, human resources, training and legal departments. At Wal-Mart Once the risk is identified and quantified, the participants create project teams, in areas such as recruiting, training and retention. One goal of the mitigation workshops is to reduce the workload for the managers involved.

Step Three – Action Planning

In this phase, the project teams meet and create simple project plans that identify who will do what by when. The teams then spend several months implementing their project plans.

Step Four – Performance Metrics:

The metrics must first measure results, not activity. The team does not measure the number of training days. Instead it measures the results of the training, such as the ability to increase productivity at the store level. Metrics must also show target performance versus the actual performance and demonstrate trends over time.#p#分页标题#e#

Step Five – Shareholder Value/Return on Investment

In order to make sure that the action plans and results end up increasing shareholder value and return on investment, the main goal of this step is to evaluate whether the project was able to increase sales or lower expenses.

ERM in Action

In May 2003, however, Wal-Mart hired Craig Faris to work with Tush on the ERM process and this is helping to navigate leadership teams through all five steps of the process. Prior to joining Wal-Mart, Faris, the company’s senior manager of enterprise risk management, worked at Chicago-based Amoco for 17 years, where he was involved in strategic planning, risk management, organizational change and process improvement. Faris described the work of this ERM program going a couple of years ago. There was a serious risk mitigation and make up issue to capture a relative work risk. Faris focuses his risk evaluation at three levels at Wal-Mart—high level consolidated corporate risk, focusing on the global risk portfolio, international risk and risk at the functional group level. In early stages of ERM initiative, internal audit worked closely with Wal-Mart’s risk management department to develop and refine its five-step process. Other members of the team that developed the ERM process included internal audit, loss prevention and corporate security and training.

Risk management framework

Depending on the nature of the organisation like of Wal Mart, risk management function may range from a part-time risk manager, to a single risk champion, to a full-scale risk management department. The role of internal audit function will also differ from one to another. In determining the most appropriate role for internal audit, the Wal Mart needs to ensure that the independence and objectivity of internal audit are not compromised. (Miller, 2005)

The range of risk management responsibilities that need to be allocated in the policy will be broad and extensive. Examples of risk management responsibilities can be allocated in a typical large organisation. The Board has responsibility for determining the strategic direction of the organisation and creating the context for risk management. There need to be arrangements in place to achieve continuous improvement in performance and this responsibility is likely to be allocated to the risk manager.

Risk management is not, and should not be, a stand-alone exercise or a separate administrative structure. Risk management might become a simple compliance exercise rather than an effective management tool if it is not integrated with the major processes of the organization. Integration would provide purpose in applying the risk management processes and relate risk back to the organization’s objectives and core activities; it would also ensure that the task of managing risk is not regarded as an additional responsibility or burden, but part and parcel of all processes. Integration should also include the harmonization of individual risk management practices under an overarching ERM framework in order to ensure consistency in approach and support more efficient use of resources. As a natural extension of integration, risk management should be mandatory and embedded into the performance management process. This would enhance accountability; help to create a risk aware culture and speed up implementation. (Chen, 2002)#p#分页标题#e#

ERM practice requires risk management in all areas, including ongoing operations and processes, as well as one-off initiatives, such as information technology projects, capital master plans, corporate strategies and policies and field projects. Risk assessment should be part of the decision-making process; one measure to promote this is to require risk assessments to be attached to all important policy, strategy and project proposals presented to the senior Management committee. (Anon, 2006)

The Risk Management process

The term Project Financing refers to a wide range of financing structures where the provision of funds is not primarily dependent upon the credit support of the sponsors or the value of the project’s physical assets but on project’s capacity to serve the debt and provide an equity return to the sponsors through its cash flows. Project finance involves the setting up of an “ad hoc” project company (called Special Purpose Vehicle - SPV) to carry out the venture. The SPV is capitalized through equity and debt funding which is used to cover project capital expenditures and pre-operational costs; once the project is completed, the SPV can start its commercial activities thus generating the necessary cash flows to repay the financing. (Miller, 2005)

Risk management is key to any operation of satellite project financing as it ensures the completion of the system on time, to budgeted cost and the delivery of service in line with expected standards. As cash flow generation depends on all these variables, financiers are closely concerned with the feasibility of the project on its whole and with the way to manage the impact of potentially adverse factors. A successful financing structure for satellite projects entails a balanced allocation of project risks among the various interested parties. These risks must be fully understood by all involved parties and must be properly mitigated. (Smith, 2005)

In satellite project financing, the nature and level of risks vary during the life cycle of the project and fall into three broad areas: regulatory, completion and market. Regulatory and completion risks may arise during investment phase, while market risk is associated with the operational one.

Self insurance

Captive insurance

Alternative Risk Transfer/Financing (ART)/ (ARF)

Derivatives

Enterprise wide risk management and the evolving role of the Risk Manager
Risk assessment involves the identification of risks followed by their evaluation or ranking. It is Important to have a template for recording appropriate information about each risk. It has been shown the range of information that may need to be recorded. The objective of a template is to enable the information to be recorded in a table, risk register, spreadsheet or a computer-based system. Although a simple description of a risk is sometimes sufficient, there are circumstances where a detailed risk description may be required in order to facilitate a comprehensive risk assessment process. (Smith, 2005)#p#分页标题#e#

Risk classification systems

An important part of analysing a risk is to determine the nature, source or type of impact of the risk. Evaluation of risks in this way may be enhanced by the use of a risk classification system. Risk classification systems are important because they enable an organisation to identify accumulations of similar risks. A risk classification system will also enable an organisation to identify which strategies, tactics and operations are most vulnerable. Risk classification systems are usually based on the division of risks into those related to financial control, operational efficiency, reputational exposure and commercial activities. However, there is no risk classification system that is universally applicable to all types of organizations. (Anon, 2006)

Figure Detailed risk description

Figure Risk architecture, strategy and protocols

According to ISO 31000, all the 4Ts of risk assessment are integrated and used in one phrase as ‘risk treatment’ and included under the heading of ‘risk response’. Recognition and ranking of risks are combined together and included in risk assessment activity. For hazard risks, the range of risk response include the alternatives of tolerate, transfer, treat, or termination of risk or activity. Sometimes, these alternatives of risk response are used together to act against risks. For opportunity risks, the range of risk response also includes exploiting the risk. While reaction planning to retort the risk includes both business continuity planning and disaster recovery planning. (Chen, 2002)

Risk assessment

Identification of risk is the first and foremost function of risk management process. Identification of risks should be done at appropriate time and appropriate place .Proper analysis of risks will lead to clear understanding of risks and uncertainties in an organization. There are certain requirements for risk identification. This includes all the basic knowledge about the Wal Mart, geographical units, marketing strategies, long-term goals, operational objectives along with legal, social, political, economic and cultural environment that correlate with an organization. This also includes knowledge of factors essential for achieving operational objectives such as critical to success along with associated threats and opportunities. For identifying and analyzing risks, a systematic method should be followed to ensure that all the related value adding activities in an organization should be evaluated with all the risks flowing from these activities and these should be well defined. This well defined analysis of risk is used to prepare a risk profile that ranks and rates the risk accordingly, providing an instrument to measure and prioritize the identified risk and also helps in preparing an action plan. (Anon, 2006)

Risk treatment

ISO 31000 described risk treatment measure as an activity of selecting and implementing appropriate methods to control and modify the risk. The major element of risk treatment is risk control (mitigation) but sometimes further focuses on elements like risk avoidance, risk transfer and risk financing. All the measures of risks treatment imparts in efficient and effective internal control of management. Effectiveness of an internal control is depended on the risk that needs to be eliminated or reduced by the proposed control measures. The internal control also works on the cost effectiveness with implementing cost control measures to achieve the risk reduction benefits. (Miller, 2005)#p#分页标题#e#

Feedback mechanisms

There are two mechanisms of feedback that are recognized by ISO 31000, first is performance review and monitoring and the other is communication and consultation. Performance review and monitoring mechanism will observe the risk performance in an organization and learn from past experience. In ISO 31000, communication and consultation are regarded as part of risk management process but this is also considered to be part of supporting framework. The monitoring and performance review feedback activities mentioned in ISO 31000 does not clearly state the tasks of monitoring risk performance and reviewing the risk management framework. Reporting and disclosure are concisely explained in ISO 31000 and they are not included in the process shown. (Faulkender, 2005)

Figure Risk management process (based on ISO 31000)

The risk management system follows the process of communication, monitoring, reporting as well as risk management protocols. These are all organized and controlled by their respective managers in their field of expertise. Risk management is one of the key responsibilities of an organization. It is made effective only when a proper practice is followed by risk management with coordination of duties and actions into performance reviews. It should be considered as an element of management performance at each stage. It is the duty of the management to evaluate the overall performance, efficiency, compliance and manage authority accordingly in categories like risk champion, risk manager and risk/senior management committees. The overall proficiency and efficacy of the risk management process is governed by the internal audit department and it will make an objective assessment on the risk management practice. Apart from these measures, there are other governing factors involved in proper functioning of risk management method that includes external audit, inspection, investigation, evaluation and policy review. Also, the objective assessment in risk analyzing also coincides with duty and expertise of the professionals. (Chen, 2002)

Risk Response Development

The risk response development should identify and execute appropriate action plan or measures to maintain risks within the acceptable level. Risk reduction should be continuously monitored, effective and verified. The techniques for reducing or controlling risks are discussed in the following categories:

Risk Avoidance: It should be noted that every risk cannot be wholly avoided and that any measure to avoid a risk sometimes simply transfer that risk to another area.

Risk Reduction: It can be executed in the following ways:

By decreasing the possibilities of the undesired event (Preventive measure)

By decreasing the importance of the undesired event (Mitigation measure)

Risk Transfer/Deflection: It can be in the form of a contract where the risk is deflected by transferring to another party entirely or partly (i.e. insurance, outsourcing, sub-contractors). For example, the insurance coverage for the satellite launch, contracting to other people or company and penalty schemes to subcontractors in case of delay in delivery of the components (or other protecting clauses in the relevant contracts). (Chen, 2002)#p#分页标题#e#

Results

Leadership at Wal-Mart has responded well to the opportunities that the company’s ERM process offers. Mario Pilozzi, the company’s country president in Canada has been very active with the process. A year ago, the steps taken up by him gave good results at the audit committee meeting. It has been reported by him that ERM helped Wal Mart to identify clear deliverables directly related to risk mitigation. It enabled team to remain focused on key risk areas, and ERM challenged us to tie our results from our action plans to bottom line and shareholder value.

Wal-Mart is now much more focused on what our major risks are and what can Wal-Mart do about them .In other words, ERM is not an enlightenment process, wherein Wal-Mart doesn’t go into any countries or business units and help them identify risks with which they are not already familiar. Rather, it help them identify and focus on the few that are the most important to address.

Future

The team has yet to arrive in all of the countries where Wal-Mart currently does business. But plans are being made to complete work in the four remaining territories—Argentina, Puerto Rico, Korea and Germany within the next year. It has been in visions of Wal Mart looking for ways to strengthen and automate capture and exposure of performance metrics. Wal-Mart wants to establish a Web-based application so we can better track our performance metrics.