In 1949, Benjamin Graham described risk appetite as an integral component of any investment’s risk profile. Specifically, he said there are three ways to look at a risk profile:
- How much risk they are able to take (risk tolerance)
- How much risk they need to take (required rate of return to reach goals)
- How much risk they are willing to take (risk appetite)
The fundamental, textbook, definition of risk appetite has not changed much since 1949, however firms have used and abused the meaning of risk appetite to the point where there is no uniform definition across business units within the same organization, let alone across the financial industry.
Risk appetite is perfunctorily discussed day in and day out from board rooms and c-suites to trading floors and risk desks. However, for most financial institutions, risk appetite is rarely used in any business decision making process beyond regulatory compliance and symbolic committee minutes.
In a world where the risk universe is expanding every day and black swan events are becoming commonplace events, this is no longer acceptable. Firms must evolve their risk appetite methodology, use risk appetite output as a central component of the overall enterprise risk framework, and optimize its application to all levels of the firm.
In this report, Opimas discusses how firms should pivot their risk appetite to make it commensurate with today’s market risks. We devise a risk appetite framework that can be customized by firms, and highlight the various applications of a risk appetite framework as depicted in figure 1.
Figure 1. Risk Appetite Application
Source: Opimas Analysis
The generic, and regulatory correct, definition of risk appetite states it is a qualitative statement where a firm articulates its appetite for risk taking – that is how much risk it is willing to take, in order to accomplish its strategic objectives.
When we survey the risk appetite practices of most financial institutions today, we see that they use the same term with widely different interpretations and applications. There is no uniformity to the metrics they use, and little or no direct relationship between risk appetite and the firm’s overall strategic objectives and actual risk taking.
There have also been a lot of consultations amongst regulators over how to use risk appetite, and subsequent conversations with boards and c-suites about the importance of a firm’s risk appetite, which has made it a compliance exercise.
To date, the regulatory consensus is: firms must come up with metrics using various risk metrics. Then take those numbers to senior management and the board for review and an approval rubberstamp.
At Opimas, we do not subscribe to that generic definition; in fact, we believe it is counterproductive. We believe that firms should be running their business using their risk appetite framework, essentially using it as a speedometer for risk monitoring, a steering wheel in directing business unit activities, and gas and brake pedals to take on more or less risk as needed.
Figure 2. Risk Appetite Blueprint
Source: Opimas Analysis