Newsletter #168 Home Newsletter Contributors
Previous Issues BARRA Home 
Developing andImplementing Risk Management Systems
![[ Case Study ]](../images/NLCaseStudy168.gif){kind=small}
Fortis Group
Case Study
![[ Equity Analytics ]](../images/NLEquityAn.gif){kind=small}
American Depository
Receipts in The
Global Equity Model
![[ Equity Analytics ]](../images/NLTransCosts.gif){kind=small}
Analyzing the
Performance of
Crossing Networks
The Market
Impact Model™ — Part 4
The BARRA Brainteaser
for Fall 1998
Solution
to the Summer
1998 Brainteaser
Developing and Implementing Risk Management Systems
By Charles Jones, Sabri
Oncu and Aamir Sheikh
BARRA Enterprise Risk Management Services
Portions of this article will appear in an upcoming issue of the Journal of Investing.
Long a focal point for the sell side, risk management has recently become a central topic of discussion in the investment management community. This shift is only natural considering the substantial financial losses sustained by both financial and non-financial firms. In a very important sense, however, this transition is forcing the buy side to revisit an issue it has dealt with for many years. Quantitative portfolio managers have utilized risk management techniques for over twenty years now. For example, the construction of index portfolios minimizes the risk of the difference between the return of a portfolio and that of a broad based index of assets. Similarly, managing to a benchmark requires one to focus on the risk of the difference between the return of the managed portfolio and the benchmark portfolio. Likewise, plan sponsors often make their asset allocation decisions with the risk of the difference in fund returns and fund liabilities in mind.
What is novel about this renewed focus on risk is the attention being paid to integrated or aggregated risk. Plan sponsors are showing greater interest in the risks they bear across all of their investments. Similarly, investment management firms are interested in the aggregate risks borne across all products. In both cases, this interest stands to reason. The overall funding risk of a pension plan does not lie with a single portfolio, but results from risks aggregated across all portfolios that the fund holds. Similarly, the profitability of an investment management firm is rarely determined by the fate of a single product, but rather by the entire suite of products that the firm offers.1 Moreover, both the number of asset classes that pension funds can choose from and the number of products offered by investment managers has increased. We are now in a truly global investment marketplace. Thus, the aggregate set of risks borne by the investment management community is now much larger and more complex than it was twenty years ago.
Happily, technology has evolved at the same time, making it possible to aggregate and analyze this multitude of risks. The sell side has invested considerable resources in developing tools that allow an aggregation of the positions of a global organization. Similarly, quantitative models for the pricing of securities and for the sources of risk in security prices have gained popularity, and we now have the ability to integrate the sources of risk across multiple asset classes. Although there are considerable differences in the types of risks and risk measures that are relevant for the buy side versus the sell side, the same underlying set of tools applies. For example, a typical portfolio manager will have a holding period and horizon that is much longer than that of a securities trading firm. Both firms, however, will need to aggregate their security holdings in order to understand the risks they are bearing. Moreover, the factors that drive security values over monthly horizons may differ from those that affect security values over daily horizons. Nevertheless, an understanding of firm-wide risk requires an understanding of the volatilities and correlations among the factors affecting security values at the relevant horizon.
This article describes the tools that are available for risk management, with the objective of developing and implementing a good risk management system. Risk management is dealt with from an investment management perspective, beginning with a discussion of the reasons for risk management. This is followed by a discussion of the requirements for a good risk management system. Risk management is a data driven process, requiring the aggregation of holdings, the ability to drill down and slice and dice aggregate holdings along interesting dimensions, and a process for updating the risk and valuation models underlying risk computations. Risk management also requires an understanding of the sources of risk, and hence risk modeling is a necessary ingredient of risk management. We discuss technological advances that aid in the aggregation and disaggregation of a firm's positions, as well as advances in risk modeling, and explore the strengths and weaknesses of alternative risk modeling approaches, emphasizing the accuracy and dynamic nature of risk models based on firm fundamentals. We conclude that the combination of recent technological advances and fundamental risk models provides a dynamic and accurate risk management system.
1. Why Manage Aggregate Risks?
Quantitative portfolio management aims at providing the best risk/return tradeoff. This objective applies at the aggregate level as much as it does at the individual portfolio or fund level. A portfolio manager selects securities and constructs a portfolio so that a security's contribution to portfolio risk is proportional to its contribution to the portfolio expected return. Similarly, a manager of managers or a plan sponsor should allocate resources so that the contribution of a particular portfolio to aggregate risk is commensurate with its contribution to aggregate return. As a portfolio manager tries to keep tracking error relative to a benchmark within tolerable limits, so a plan sponsor targets keeping the aggregate tracking error relative to the aggregate benchmark within tolerable limits. As an individual portfolio manager's success is tied to his or her performance, so the long-term success of a portfolio management firm is tied to the performance of the aggregate of all the portfolios managed by the firm. Indeed, short term profits may be directly tied to aggregate performance via performance based fees at the portfolio level, just as manager compensation may be tied to portfolio performance.
Failure to manage aggregate risks can lead to large costs. In a global marketplace, a single source of risk can impact all of our portfolios, constituting a grave impact on our overall portfolio. Recent events in global financial markets have shown clearly that volatility spills over, and that events in a single market can have a global impact. For example, an announcement by the Federal Reserve Board that it may cut interest rates can lead to a global rally in both equity and fixed income securities. Alternatively, a global decline in equity values may be accompanied by an increase in the value of fixed income securities in the US, representing a flight to quality as in October of 1987. Without aggregating our holdings and examining the sensitivity of our aggregate holdings to particular risk factors, we cannot identify the bets we are making, and as a result, we cannot manage those bets, nor can we be certain that those bets are compensated for by returns that justify the risks.
At least three undesirable consequences can arise from a failure to view bets in aggregate. First, a series of small bets can compound into a single large bet. For example, our global equity and fixed income managers may choose to overweight the same emerging market, resulting in an aggregate portfolio with a relatively large exposure to that market. The consequences of an adverse economic change in that market are then compounded in an aggregate portfolio. A series of intentional small bets is thus compounded into an unintentional large bet. Second, a single large bet can result from intentional bets combined with similar unintentional bets. For example, a domestic large cap manager's security selection process may, in a particular period, lead to a large proportion of undervalued stocks being small cap stocks. Without intending to, this large cap manager becomes overweight in small cap stock, while small cap managers still manage to their mandate. The unintentional overweighting of small cap stocks by the large cap manager, when combined with the normal small cap weight produces an unintentionally large bet on small cap stocks. Third, the converse of compounding bets is the elimination of all bets. This is the sponsor's curse - an index fund in aggregate that still requires active management fees. Unless an investment firm specializes in indexing, this is an undesirable outcome because it contains no likelihood of superior performance in the aggregate, and hence no justification for management fees.
Eliminating all bets is undesirable: we are not trying to avoid risks, but rather to avoid uncompensated risks. More generally, our objective is to obtain the best risk/ return tradeoff at the aggregate level, just as each portfolio manager tries to obtain the best risk return tradeoff at the portfolio level. Managers of individual portfolios face constraints on risk exposures and on allocations to particular securities, sectors, or industries. Similarly, managers of aggregate portfolios face constraints, such as the inability or lack of interest to micro-manage each portfolio, or the desire to avoid large transaction costs by liquidating a particular portfolio. Within these constraints, however, the aggregate manager seeks to allocate resources so as to obtain the best risk/return tradeoff. For a pension fund, for example, this may translate into an allocation of active risk across asset classes or portfolio managers. For an investment management firm, on the other hand, this may affect the size of funds managed by a particular manager, or the number of skilled managers allowed to further deviate from their benchmarks.
2. The Inputs Required for Accurate Risk Measurement
Accurate risk measurement requires an aggregation of a firm's holdings, a description or model of how each position is affected by key factors such as interest rates or shocks to a particular industry, and a catalog of possible values for key variables in the associated scenarios. The aggregate risk of a pension fund is a function of its assets and liabilities, the values of those assets and liabilities under various market conditions, and the probability of those market conditions prevailing. Similarly, the overall performance of an investment management firm will depend on its aggregate holdings relative to portfolio benchmarks, and the behavior of both the managed funds and the benchmarks under different market scenarios. Equity security returns, for example, may be driven by industry factors as well as factors related to firm size or whether a firm is a growth firm or a value firm. For the values of fixed income securities and for pension fund liabilities, on the other hand, interest rates may be the dominant factors. Knowing the risks of a firm means understanding how liabilities and asset values are related to interest rates, industry returns, and returns to size and growth factors, and understanding also the volatilities and correlations of these rates and returns.
It is simpler to use the realized historical returns of portfolios than to base aggregate risk analysis on the current holdings of individual portfolios, but this can be very misleading. Historical returns reflect the interaction of historical holdings with the history of changes in market conditions. Current holdings might not reflect historical holdings, and historical changes in market conditions may not be representative of the current range of possible market conditions. The potentially misleading nature of historical returns at the fund level is illustrated by the case of Orange County. Orange County's treasury fund had long been a significant outperformer, and appeared to be low risk when evaluated simply on the basis of its historical record. Nevertheless, the fund lost $1.7 billion when interest rates increased. The fund's historical record was the product of a series of bets on declining interest rates and an environment of declining rates, but the bet on declining rates was disastrous when interest rates rose. Moreover, the holdings of the fund clearly showed the bet on declining rates and the riskiness of this bet, contrary to the fund's record.
In general, risk management cannot rely simply on historical portfolio returns. Accurate risk measurement must consider the current holdings of portfolios and employ a dynamic model of the risks of those holdings.
3. The Role of Data in Risk Management
Aggregation of an investment management firm's or a pension fund's assets and liabilities may require the integration of holdings data from multiple sources. For example, a pension fund may have both internal and external managers with multiple custodians providing holdings data. The data itself may rest in different legacy systems. Accessing this data and identifying each asset as a security type recognized by a risk management system is a necessary first step in doing a holdings-based risk analysis. A good risk management system will leverage an organization's investment in legacy systems rather than replacing them, because the ability to read directly from existing databases instead of extracting the data to accessible intermediate files greatly reduces the integration effort and minimizes problems with data integrity. Security mapping tools can also be useful in associating each asset with a security type that is recognized by the risk management system.
Risk measurement also requires the identification of the determinants of security prices, which include the characteristics of the security and the factors that interact with those characteristics to affect the price of the security. For example, a Treasury bond's price will depend on the coupon and face value of the bond, and on relevant interest rates. Similarly, the return to an equity security will depend on the industry characteristics and style (large cap vs. small cap, value vs. growth) characteristics of the security, and on industry and style factor returns. So, risk management requires the relevant security data: the terms and conditions of fixed income and derivative securities, and the style and industry characteristics of equities. Moreover, these characteristics need to be updated each time they change. An easy-to-implement risk management system will include both a database covering a large set of publicly traded securities and a facility for updating their characteristics in a timely manner. The inclusion of both these elements can eliminate a large portion of the task of adding the security characteristics to the risk management system, and thereby reduce the time required to get it up and running. It is also essential that a risk management system have the ability to readily import security characteristics for securities that are not in the system's database. This information may come from legacy systems or from alternative providers of these characteristics.
Measurement of the risk profile of a security or a portfolio requires estimates of the volatilities and correlations of the factors that affect security prices. For example, for Treasury securities, we need estimated volatilities and correlations of interest rates for different maturities. Similarly, for equities, we need estimates of industry return correlations and volatilities, as well as the volatilities and correlations of style related factors. This requires historical data on these factors as well as a mechanism to update the volatility and correlation estimates as new data becomes available. Therefore, the update mechanism has to readily access new market data, translate it into the relevant factors, and create new estimates of the risk characteristics of the factors, and the risk management system has to access the updated estimates to produce risk forecasts based on the most current information. Accuracy is important in risk management, so it is essential to monitor the accuracy of a risk management system's forecasts. The history of risk forecasts for different portfolios as well as the history of realized returns for those portfolios must be archived so that forecast risk can be compared with realized risk. This enables us to identify and correct biases in risk models, and leads to improved risk forecasting.
The foregoing addresses the need to aggregate the assets and liabilities of a firm to measure risk in the aggregate. It is also important to be able to disaggregate risk along dimensions that allow for risk control. For example, a pension fund's ability to control risk in the aggregate depends on the ability to identify the risks that are being borne by individual portfolio managers and to enforce compliance with guidelines and policies. Similarly, a pension fund may be interested in its aggregate exposure to value stocks or to stocks in a particular industry. Both an investment management firm and a pension fund may want to identify their aggregate exposure to short term interest rates and to drill down to the sources of that exposure.
The ability to decompose aggregate risk along relevant dimensions is key to the identification and management of the sources of risk. This requires data at the security and portfolio level. For example, ensuring that a portfolio manager is adhering to the portfolio mandate requires the identification of each portfolio with a mandate. Likewise, measuring a portfolio's size bet requires a size measure for all securities in both the portfolio and its benchmark. This discussion clearly underscores the importance of data management in risk management. Without the relevant data, we cannot identify the risks we are bearing, or assess whether those risks are within tolerable limits and whether those risks are being compensated.
4. Risk Measurement
The sell side has focused much of its attention on Value at risk (VaR), i.e., the loss that can occur with some probability, as the single most important measure of risk. Although VaR is an intuitive measure of risk, it does not identify the bets that underlie an investment strategy, and so is of limited use when deciding whether risk is compensated or when devising the best way to manage (reduce or increase) risk. To manage risk, we have to uncover its sources, reduce our exposures to those sources which are least compensated (in terms of expected returns), and increase our exposure to those sources which are most compensated. By doing so, we can increase our overall expected return while reducing or maintaining our risk level.
Thus, we need multiple risk measures. In addition to VaR, standard deviations, and tracking error for the aggregate firm or pension fund, we need to which portfolios or asset classes are contributing most and least to risk. For example, how much does our risk change as we slightly alter our allocation to a particular asset class? What is the contribution to overall risk by a particular portfolio manager? What is our exposure, relative to our benchmark, to each style factor, such as value, growth or size? What is our relative exposure to interest rates? Are we relatively long or short in mortgage backed securities? The answers to these questions help to identify the bets we are making, whether those bets are intentional or the unintentional product of intentional bets. Pursuing these questions can reveal whether we have any bets, or if we have neutralized all bets in the aggregate. The latter is a desirable outcome for passive investors, but is clearly undesirable for active managers expected to outperform our aggregate benchmark.
In addition to identifying our bets, we must examine how our portfolio may behave under extreme conditions. This is achieved by stress testing, which involves revaluing the entire portfolio under extreme conditions. For example, how would our fixed income portfolio react if all interest rates were to go up 100 basis points? How would our overall portfolio behave if the crash of 1987 were to recur? Moreover, it is useful to identify those events that may induce extreme gains or losses. This may be done by using all historical interest rate changes and equity returns to revalue our current portfolio under all historical outcomes. This process is termed historical simulation. The simulated historical events that produce extreme returns provide insights into the set of circumstances under which we stand to gain or lose significantly.
By using multiple risk measures, including tracking error, VaR, relative VaR, sensitivities to risk sources, marginal contributions to risk from asset classes or risk sources, stress tests, and the results of historical simulation, we move from risk measurement to risk management.
5. Risk Management Technology
The data integration and processing required for risk management necessitates a move away from standard desktop portfolio management applications. First-generation risk management software systems addressed computational requirements by utilizing multiple CPUs in a UNIX environment, typically employing two-tiered architectures (many clients and one or more servers). A fairly standard configuration might have computation engines running on one server, such as a high-end Sun Ultraenterprise SMP, while the database runs on another, splitting the database load and the application calculation load across two multi-CPU servers. While this architecture works reasonably well for smaller organizations operating out of a single location, two-tier systems have trouble scaling when the number of users is large and distributed across a number of geographic sites, and the relational database often becomes a performance bottleneck for interactive client applications.2
Advances in distributed computing technology provide the means to vastly improve the performance and scalability of Enterprise Risk Management (ERM) systems. We can insert a tier between the application and the database to cache data in memory. Recent substantial declines in the price of computer memory make this approach very affordable.3 We can also add a computing service that manages the distribution of computation across multiple CPUs and multiple hosts, permitting scalability of ERM computation with the simple addition of more servers, CPUs and memory. The result is a four tier architecture: (See FIGURE 1) the client application sits on top of a distributed computing services tier, which sits on top of a distributed cached database tier, which sits on top of a relational database.
FIGURE 1: Four-tier architecture
5.1 Data Integration and Updates
A number of studies have revealed that a large percentage of the total cost of an ERM system implementation lies in the data integration effort. The high cost results from identifying, documenting and capturing data that may be stored in multiple systems of record within the organization.4
There are two general approaches to the data integration problem. The first is data warehousing. A single database repository is constructed to contain all of the data required from the various systems of record for the ERM system. This approach immediately generates a data integrity problem since data must be copied from one system to another. How will changes or corrections to the source data be propagated to the data warehouse, and when? The major database vendors as well as some tool vendors have developed products to facilitate the data warehousing approach (primarily database replication tools) but these offerings do not solve all the problems.
The second approach is virtual data warehousing. Rather than create a physical database warehouse, we connect a distributed cache object/relational database directly to the source system databases. This is achieved by using schema parsing tools to automate the process. Because the cache is directly connected to source systems, whenever data changes in a source system database the change is immediately reflected in the cache, which can then notify client applications of the change (for example, a new trade). This eliminates the data integrity problem. Moreover, the use of schema parsing tools reduces the time and cost required to achieve the data integration, and the ability to read the transaction log for the source system allows real time or near real time updates to the cache.
This approach can be combined with a dynamic, application client in-memory cache that maintains only the slice of data of interest to the program. This means that database access is done at very high speeds between application and client cache memory. Moreover, by replicating both in-memory datastores and the disk-based backing stores, we can provide a fault-tolerant, load-balanced data management capability, and a risk management system that continues to run smoothly in the face of failures and large-scale activity.
5.2 High Speed Performance via Distributed Computations
We can take better advantage of multi-CPU SMP servers and desktop computers by treating them as a pool of computing engines in order to run the calculations in parallel. Risk managers typically require an overnight time window for calculating security exposures to risk factors, running monte carlo or historical simulations and generating risk reports before the start of the next day's trading/investment activities. The only way to complete this computation-intensive processing in a timely fashion is to distribute the work across a number of computing engines.
First-generation risk management systems typically concentrate all the processing on one or two multi-CPU SMP servers. Customers scale up the server configuration by adding more CPUs and RAM to the limits of the platform. When capacity is reached, the only option is to upgrade server hardware to a faster platform at relatively high cost (lumpy scalability).
We, on the other hand, can distribute processing across a pool of available computing engines, some of which could even be desktop computers with single or multiple CPU configurations. A master computation process assigns a new task to each computing engine on the network as it completes its current task. The master process monitors the available servers and can recover from computing engine failure (software fault tolerance) by re-assigning the failed engines' tasks to the other computing engines still available on the network. Computing power can be increased at relatively low cost by incrementally adding multi-CPU servers and server RAM.
6. Risk Models
Risk measurement requires estimates of both the volatilities of all of the assets and liabilities of the firm and the correlations between the assets and liabilities. For example, to obtain risk measures for a group of portfolios that cut across domestic equities, global equities, domestic fixed income, and global fixed income securities (a typical pension fund or investment management firm), we must estimate the volatilities and correlations between domestic and global equity and fixed income securities. Given these estimated volatilities and correlations, we can then compute VaR, tracking error relative to a benchmark, the sensitivity of both the aggregate portfolio and individual portfolios to changes in asset values, and contributions to risk from different factors, assets, and asset classes.
The lowest cost volatility and correlation estimates are simple historical volatilities and correlations. Simple historical volatility and correlation estimates at the security level, however, can be misleading, just as historical return based risk estimates can be misleading at the portfolio level. This is because security characteristics change over time, just as a portfolio's composition can change over time.
As a security's characteristics change, its volatility and its correlations with other securities change. This is obvious when dealing with fixed income assets: a default free bond that had one year to maturity 11 months ago would have been risky over a one month horizon 11 months ago. Today, however, it has one month to maturity, and hence virtually no risk over a one month horizon. The same argument applies to equities, albeit for different reasons. The firm's underlying equity securities change as their leverage, market capitalization, and industries change. For example, GE's participation in the finance sector has grown over time. As a consequence, its correlations with financial firms have grown.
Moreover, historical correlations suffer from sampling error: in any given period, General Motors and Weyerhauser may exhibit a stronger correlation than GM and Chrysler. Our intuition, however, strongly suggests that this is a statistical artifact that is unlikely to persist, and that the actual correlation between GM and Chrysler is larger than that between GM and Weyerhauser. This intuition implies that a robust approach to estimating asset volatilities and correlations should be based on the asset's fundamental characteristics. Assets with similar fundamentals, such as industry and size, are likely to be affected by similar factors, and hence are more strongly correlated and have more similar volatilities than assets that differ in their fundamentals. This approach is called a fundamental factor model of asset returns. As an asset's fundamentals change, its exposures to the common factors change, and therefore its volatility and correlations with other assets change. Thus, GE's volatility has changed as its financial component has changed, and so has GE's correlation with financial firms. Similarly, Chrysler and GM are exposed to the same industries, whereas GM and Weyerhauser are exposed to different industries, so Chrysler and GM are more highly correlated than GM and Weyerhauser (although GM and Weyerhauser may be correlated because the automobile industry is correlated with the forest and paper products industry).
Asset volatilities and correlations, then, are driven by their exposures to the fundamental factors and by the volatilities and correlations among the factors. Estimation of fundamental factor models, therefore, necessitates estimation of exposures to the fundamental factors, estimation of the factor volatilities and correlations, and estimation of the asset's non-factor or specific volatilities. Estimation of exposures to the factors requires fundamental data on equities, such as the capitalization of the firm (a size factor) and its sales, assets, and operating income from different industries. For fixed income securities, we need the terms and conditions of the securities as well as cash flow generators that map those terms and conditions into income streams.
Given the associated large data requirements, equity risk models based on fundamentals are expensive to estimate and update. This cost, however, is easy to justify. Fundamental factor models provide us with an intuitive risk breakdown: as the sources of risk (the factors) are related to firm fundamentals such as industries, size, book-to-price, and growth, we can readily identify our exposures to different industries and to different style factors, such as size, value and growth. Moreover, as the firm fundamentals change, the firm's exposures to the factors change, and hence its volatilities and correlations change. This makes our risk forecasts dynamic. Furthermore, there is considerable evidence that fundamental factor models outperform alternatives such as statistical factor models (which simply use historical returns and statistical factor analysis) and macro-economic factor models (which use macro-economic factors), as well as models based on a single factor such as a market index.5
The factors that affect fixed income securities are default-free interest rates and spreads above those interest rates. Risk models for interest rates are commonly based on a number of stripped zero coupon yields from default free bonds, with deviations of realized yields from forward rates used as the factors. For example, data on government bonds with 3, 6, 12 months, 2 years, 3 years, etc., up to 99 years maturity can be used to compute a base set of zero coupon yields, and then deviations of these yields from forward rates are treated as the underlying factors. Yields for intermediate nodes are interpolated from the yields for the above nodes. This approach has the virtue of capturing almost all of the variation in sovereign bond returns. It has the cost, however, of a large number of factors when the number of countries under considerations is large. For example, with 20 countries and 15 nodes, we end up with 300 interest rate factors, to which we must add equity factors, spread factors, and currency risk. An alternative is based on the empirical observation that virtually all of the variation in sovereign interest rates is captured by only three factors per country. These factors are a shift factor that affects all default free rates in a given country in the same direction (although by different magnitudes), a twist factor that affects long rates in an opposite direction from short rates, and a butterfly factor that affects medium term rates in a different direction from short and long rates.6 This approach preserves the explanatory power of a large number of nodes with significantly fewer factors: with 20 countries and 3 sovereign interest rate factors per country, we have only 60 sovereign interest rate factors.
In addition to shift, twist and butterfly factors, non-sovereign fixed income securities are also affected by a spread that is relevant to their particular sector and rating. These spread factors are readily estimated by an algorithm that computes a common spread for each sector and rating bucket by minimizing the squared error between observed and fitted bond prices.
7. Estimation of the Cross-Model Covariance Matrix
Estimation of a Cross-Model Covariance Matrix is not a trivial task. Given a number of stand-alone risk models, such as Domestic Equity, Global Equity and Domestic Fixed Income, we want to achieve the following:
1. Whether we employ the Cross-Model Covariance Matrix or the Stand-Alone Model Covariance Matrices, any portfolio only exposed to one of these Stand-Alone Models should yield the same risk forecast. In technical terms, this amounts to the requirement that the diagonal blocks of the Cross-Model Covariance Matrix are the same as the covariance matrix for the corresponding Stand-Alone Model.2. The Cross-Model Covariance Matrix is positive semi-definite. This is necessary to ensure that portfolio variances are non-negative. Otherwise, portfolio volatilities are undefined.
Achieving these objectives is difficult because:
a. Different models may have different length of time series data. For example, one model may have data going back to January of 1973, whereas another model may have data going back to January of 1988. One option is to use only data after January of 1988, but this results in the loss of a large amount of valuable information. If we were to estimate the Cross-Model Covariance Matrix starting from January of 1973, we would be building it based on roughly 50% fabricated data. To gain accuracy, we might compromise and choose, say, January of 1980 as our starting point, and fill the missing data in an optimal manner (which will be described shortly). Whether we do the former or the latter, the resulting diagonal blocks of the Cross-Model Covariance Matrix will differ from the covariance matrices of the corresponding Stand-Alone Models.b. Suppose each model had the same length of history for its data series and there were no missing data. If some or all of these models' covariance matrices were estimated using exponential weighting, and the half-lives of these were different, as is often the case, the diagonal blocks of the Cross-Model Covariance Matrix would again differ from the covariance matrices of the corresponding Stand-Alone Models.
c. Almost all models have their own fine-tunings after initial calculation. Examples include GARCH scaling, off diagonal shrinking (for positive semi-definiteness) or removal of negative eigenvalues (for positive semi-definiteness). Given such post processing, the Cross-Model Covariance Matrix will differ along its diagonal blocks from those in the covariance matrix of the corresponding Stand-Alone Models.
BARRA uses the EM Algorithm to bring together the factor histories going into our Cross-Model Covariance Matrix. The EM Algorithm ensures that the missing data is eliminated or, more accurately, filled, in an optimal manner. Using a single half-life, we then estimate our initial Cross-Model Covariance Matrix. The off-diagonal blocks of this matrix are the "inter-model" factor covariances. Next, we replace the diagonal blocks with the corresponding Stand-Alone Model Covariance Matrices. This addresses our first objective: risk forecasts from the Cross-Model Covariance Matrix and the Stand-Alone Model Covariance Matrices are the same for any portfolio only exposed to the factors of oneof the Stand-Alone Models. Finally, we shrink the off-diagonals until positive semi-definiteness is achieved, addressing our second objective.
8. Summary and Conclusion
The increase in the speed of information flow across international borders has made financial markets truly global. At the same time, financial innovation has increased the range of financial instruments and asset classes that can be held by even relatively small investors, and has created new instruments that span traditional asset classes. These developments necessitate managing risk aggregated across portfolios and asset classes and in a manner that integrates assets and liabilities. Aggregate risk management is necessary quality control. Ignoring aggregate risk can lead to inadvertent compounding of bets, exposing an investment management firm or a pension fund to a single large risk. Alternatively, all risks may be unnecessarily eliminated, along with the possibility of excess returns. Risk management is not aimed at reducing risk, but at obtaining the best overall risk/return tradeoff. This is achieved by measuring and adjusting our risks so that we carry the largest exposure to those risks that compensate us with the largest expected returns.
We have argued that the historical returns of a portfolio can be a poor source of data for estimating the volatility of the portfolio or its correlation with other portfolios. Historical returns are the product of historical holdings and the history of market conditions. Today's holdings can differ substantially from historical holdings, and a history of market conditions, particularly a short history, may be a poor representation of the set of possible market conditions. Good risk management, therefore, is based on an aggregation of current holdings, combined with a risk model that accurately captures the range of possible outcomes (volatilities) as well as the correlations between asset returns.
This requirement makes data integration and management a large part of a good risk management system. Not only do we need to aggregate the data on the holdings of an organization, we need data on the risk factors that affect asset and liability values, we need data on security characteristics, and we need to update the data frequently.
The same technological innovations that have led to increased global information flow also allow risk management systems to access and manipulate the necessary data at high speeds and low cost. The new generation of risk management systems uses multiple tiers to separate and speed up the data integration, data manipulation, computation, and reporting tasks. This exploits the lowered cost of both high speed processors and memory, distributing tasks across multiple processors and keeping necessary data in memory to increase processing and data access speeds. Moreover, the development of schema parsing and mapping tools has greatly reduced the cost of the initial data integration and mapping of holdings into security types recognized by a risk management system.
Effective risk measurement is accurate risk measurement, and accurate risk measurement can only be achieved with accurate, dynamic risk models. Fundamental equity factor models provide an intuitive, accurate, and dynamic characterization of equity returns, and outperform simple historical volatility and correlation estimates as well as single factor models and multiple factor models based on statistical or macro-economic factors. At the same time, the behavior of sovereign interest rates is captured completely by a three factor per country model, which allows us to economically capture the risk of interest rates across a large set of countries.
1 There is a danger that a single product or manager may lead to such a large exposure as to determine the fate of the firm as a whole. A risk management system should identify such large single bets.
The confluence of inexpensive high-speed processors and computer memory, intelligent multi-tiered software, and fundamental factors of asset returns makes accurate, effective aggregate risk management genuinely possible.
2 In the early 1990's one of the authors built a 2-tier interest rate swaps risk management system. The database backend couldn't provide adequate interactive performance.
3 64 and 256 MB memory modules are coming to market with similar price pressures.
4 The cost of this labor-intensive effort is reduced by having thorough documentation on data elements in the source systems.
5 See, for example "The Three Types of Factor Models: A Comparison of Their Explanatory Power," by Gregory Connor, Financial Analysts Journal, May-June 1995, or "BARRA Factor Models," BARRA Research Insights paper by Aamir Sheikh.
6 See "An Integrated Framework for Valuation and Risk Analysis of International Bonds," Roveen Bhansali and Lisa Goldberg, Chapter 12 of Advances in Fixed Income Valuation Modeling and Risk Management, Frank J. Fabozzi (Ed.), 1997.
