This preliminary attempt to define a standard evaluation framework for the quality of risk management disclosure is based on a functional approach and is grounded on five general propositions. The data requirements are limited to mandatory, widely disseminated and standardised data, i.e. the risk management information found in the annual report. Obviously, this information does not satisfy the timeliness principle. Yet, we are willing to compromise on timeliness since the framework's main objective is to provide a comparison, both across firms and over time, of the quality of public risk management disclosure. This standard evaluation framework for risk management disclosure is flexible. It can be implemented despite differences in valuation methods, in holding periods and in mandatory trading and non-trading information. To allow comparability across firms and to limit our attention to well-defined and measurable risk factors, the current framework considers the quality of disclosure only for market and credit risk factors. This choice is motivated by the need for comparability of qualitative and quantitative information, since most firms have a well-defined policy for the management of those two risk exposures.

The framework is preliminary and should be extended to other important risk factors such as liquidity and operational risks, as the measurement methods are well defined and broadly used. Further, the functional approach to the evaluation of risk management disclosure should be extended to financial conglomerates. Finally, risk management is still a new and evolving field that is far from offering structured and unified solutions to problems such as financial and non-financial risks monitoring, risk aggregation, and risk-based capital allocation. The professional community is still struggling with the definition of a sound 'global' risk management policy, including its underlying principles, its evaluation and its value-added to market participants.

As mentioned in section II, there are several concrete limitations and challenges to the full risk management disclosure. First, there have been negative market responses to enhanced disclosure. Such responses occur in particular if market participants do not know how to analyse and interpret risk management information meaningfully. This, in turn, leads to a negative perception of marked-to-market values and to a perception of greater volatility of on- and off-balance sheet assets. Thus, education of market participants plays a crucial role in enhancing the demand for and the rational responses to enhanced transparency. Second, disclosure enhancement has one fundamental pre-requisite: a sound definition of the economic value of the assets of the firm. Economic valuation is far from being settled in the finance literature (and in the accounting community) especially for illiquid assets, structured complex strategies, proprietary intangible assets and growth opportunities. Third, though standardisation of risk management disclosure in the annual report may enhance its quality, firms with more specialised and less quantifiable profit sources may find meaningful risk management disclosure more difficult. This is particularly true in the absence of valuation definitions that reveal their effective risk-adjusted performance. Fourth, the willingness of a firm to disclose is a management issue and is thus closely related to the incentive mechanisms adopted within the firm. Senior management may not have the proper incentives to enforce risk management disclosure when it communicates to shareholders, financial analysts and other market participants. They may thus use risk management disclosure as an entrenching mechanism to disguise or delay the reporting of past errors in trading and investment activities to maintain their status, bonuses and job security.

Finally, let us recall the primary objective of sound risk management disclosure: to enhance the confidence of market participants in the firm's ability to identify, measure and manage its risks appropriately. Unfortunately, this primary goal is too often lost or distorted by the conflict between the objectives of the shareholders and the governments for risk management. The shareholders may wish to take risks which, due to measurement problems or externalities, the government may wish to limit. This may cause managers to adopt strategies that shift risk to less quantifiable categories and thus manage risk less efficiently. We hope that our proposed framework stimulates further consideration of these issues.