Risk Governance | CFA Level I Portfolio Management

We’re continuing our discussion on the risk management framework, delving into greater detail on risk governance, risk tolerance, and the risk budgeting process.

Risk Governance

Risk governance is the top-down process and guidance that directs risk management activities to support the goals of the organization. In a large company, risk governance is directed by the board of directors, who are responsible for:

• Determining the goals of the organization
• Establishing risk tolerance
• Guiding risk budgeting
• Ensuring consistency with top-level guidance

Key elements of good risk governance include setting up a risk management committee and appointing a chief risk officer responsible for building, implementing, and managing the risk framework and its activities.

Besides these, risk governance also entails compliance with regulatory requirements, as most financial institutions are bound by local regulators regarding the amount of risk they can take.

Risk Tolerance

Determining an organization’s risk tolerance involves setting the overall risk exposure the organization will take. Factors that determine an organization’s risk tolerance include:

• Expertise in its lines of business
• Skill at responding to negative outside events
• Regulatory environment
• Financial strength and ability to withstand losses

Risk tolerance identifies the extent to which the organization is willing to experience losses or opportunity costs and to fail in meeting its objectives.

Risk Budgeting

Risk budgeting is the process of allocating firm resources to investments by considering their various risk and return characteristics, and how they combine to meet the organization’s risk and return objectives. The goal is to allocate the overall amount of acceptable risk to the mix of investments, such that the risk budget is adhered to while maximizing the expected returns over time.

A risk budget can be based on simple or complex measures:

• One-dimensional risk measures (e.g., beta, value at risk, portfolio duration, or standard deviation of returns)
• Multiple dimensions of risk, evaluating risks by their underlying risk classes (e.g., equity, fixed income, commodity risk, etc.)
• Identifying specific risk factors that comprise the overall risk of the organization (e.g., equity market risk, interest rate risk, foreign exchange rate risk)

And that concludes this short lesson on risk governance. In our next lesson, we’ll learn to differentiate between financial and non-financial risks.