It is not the intention of this paper to define all the risks faced by firms. However, it is necessary to provide some working definitions of the key risks to inform this paper and ensure common understanding amongst the readership. The definitions are given in italics followed by a commentary on the role of capital and controls.
Market Risk: The risk that a position will not be as profitable as an investor expected because of fluctuations in market prices or rates (e.g. equity prices, interest rates, currency rates or commodity prices). Internal management defences against this risk include continuous marking to market, monitoring against limits and active hedging. There will still be exposures and hence the possibility of the firm's net worth being eroded through unfavourable market moves impacting on the mark-to-market value of positions. Regulatory capital aims to provide an acceptable margin for this erosion to occur prior to the firm becoming insolvent.
Liquidity Risk: The risk that a position cannot be funded (funding risk) or unwound/hedged except at a loss compared to the mark-to-market valuation (market liquidity risk). In the latter case, the risk is related to a miscalculation in the assumption of market liquidity in a particular instrument or market segment. As far as funding risk is concerned, key internal management protections will include limiting maturity mismatches between cash inflows and outflows, securing funding lines, and maintaining a stock of highly liquid assets. This is primarily a matter for controls rather than a capital issue. Market liquidity risk, however, is an extreme form of market risk. Capital and controls will play similar roles as for 'normal' market risk.
Credit Risk: The risk that one of the parties to a contract will not perform on its obligations. Internal management defences include counterparty assessment and monitoring; limits on exposure concentrations; active risk transfer or hedging (e.g. through credit derivatives); and risk reduction through collateralisation or netting. Regulatory capital requirements are imposed to protect against the credit risk that remains (again, by establishing an acceptable margin for the erosion of net assets).
Operational Risk: The risk that loss will occur from a breakdown in systems and controls. It may also include losses from external events such as natural disasters. The Technical Committee recognises that the industry is devoting considerable resources to identifying and dealing with specific elements of operational risk. For the purposes of this paper, however, the term 'operational risk' is used in its broadest sense. Ensuring adequate systems and controls are in place and operating effectively is of major importance in relation to operational risk. Regulatory action in cases of perceived high risk firms is likely to take the form of requiring changes in staff / management / procedures or restricting the business of the firm. Capital is relevant, however, since requiring higher capital from higher risk firms is a way of adjusting incentives and helping ensure action in areas of weakness. And the more capital a firm has, the bigger the loss from operational failure that would be required to send it under.
Legal Risk: The risk that loss will arise from deficiencies in contracts and legal opinions, from extended legal proceedings or from conduct of business infractions. This risk can best be guarded against by internal systems of control including adequate legal and compliance resources. However, as with operational risk, a capital buffer will help a firm survive unexpected losses in this area.
Systemic Risk: The risk that failure in one firm / segment of the market will trigger failure in another firm / segment or throughout the entire financial market (the domino effect). Adequate risk management and controls across the system will reduce the risk in this area. Furthermore, the chance of a domino effect will be reduced by ensuring that securities firms individually are well capitalised in relation to the risks set out above.