Risks are broadly categorized into financial risks and non-financial risks. Even though most risk results in monetary consequences, financial risks refer to risks arising from events in financial markets.
Financial risks
There are three types of risks commonly categorized as financial risks: market risk, credit risk, and liquidity risk.
Market risk
Market risk is the risk that arises from movements in interest rates, stock prices, exchange rates, and commodity prices. Due to the market risk being among the most obvious and visible risks, knowledge in risk management is probably greatest in the area of market risk.
Credit risk
Credit risk (also called default risk or counterparty risk) is the risk of loss if one party fails to pay an amount owed on an obligation, such as a bond, loan, or derivative, to another party. In some cases, only one of the parties faces a credit risk, but in many contracts, both parties are exposed to it. Credit risk differs from market risk in that although market prices can go down and bounce back up, defaults and bankruptcies have extremely long-term implications for borrowers.
Liquidity risk
While market risk and credit risk are equally relevant for institutions and individuals, the third risk, liquidity risk, is more common in case of institutions. Liquidity risk is the risk that in certain market conditions, a seller must make a significant price concession to sell its financial asset. The existence of liquidity risk does not necessarily imply a poorly functioning market. The adjustment might just be due to greater supply as compared to demand. Liquidity risk results from the uncertainty of bid-ask spread, hence it may also be called transaction cost risk.
Liquidity risk arises from market forces and the size of the investment position. It is often part of the investor’s assessment of fundamental value. It must not be confused with valuation denial, a situation in which investors believe that their valuation is correct but that the market has not yet reached the fair value. While liquidity risk allows some investors to buy assets at attractive prices, it is generally considered to be a negative factor.
Non-financial risks
Non-financial risks may arise from internal or external sources. They may have monetary consequences. Examples include
Settlement risk
Settlement risk is the risk that the counterparty would fail to make a payment just before default. Even though this is related to default risk, it is more concerned with the payment process.
Legal risk
Legal risk is the risk of being sued or the risk of a contract clause not being upheld by the courts.
Compliance risk
Compliance risk, a combination of regulatory risk, accounting risk, and tax risk, stems from the matter of conforming to policies, laws, rules, and regulations. Since often there is a significant lag between financial market changes and associated regulatory changes, there might be significant unexpected costs, back taxes, financial restatements, and penalties.
Model risk
Model risk is the risk of valuation error arising from using a model.
Tail risk
Tail risk is a risk related to market risk, which arises from writing off extreme events as very unlikely. This risk is particularly severe for the normal distribution, which tends to be overused in modeling. Many models relying on variance and covariance analysis ignore the existence of fat tails, which is an oversimplification.
Operational risk
Operational risk arises due to the failure of failed people, systems, policies, etc. It is a combination of most of the internal risks. Employees may make mistakes or commit fraud or can go rogue by taking extremely speculative positions. Events such as floods, earthquakes, or hurricanes can cause significant damage and disruption. Cyber risk is a major operational risk arising from insufficient IT safeguards which can result in loss of money or data breach and consequent loss of reputation and regulatory action. Terrorism is also a major operational risk. While many operational risks can be insured, companies must take proactive steps toward prevention.
Solvency risk
Solvency risk is the risk that an organization may fail for the want of cash, even though it has an otherwise good financial position. It is one of the most important risks in the wake of the most recent financial crisis because it forced many firms, such as Lehman Brothers, and others into bankruptcy. Solvency risk can be mitigated by using less leverage, obtaining more stable sources of financing, taking an enterprise-level view of solvency, and holding more cash equivalents and liquid assets (even if it means earning a lower return).
Risks relevant for an individual investor
Risks relevant to an individual include health risk (the additional cost and loss of earnings due to poor health), operational risk (mainly identity theft risk), mortality risk (the risk of dying young), longevity risk (the risk of outliving one’s financial resources). Other relevant risks include property and casualty risks, etc. Many of these can be insured.
Interactions between risks
Many risks are interrelated. Particularly, during unexpected market moves, risks work like a chain reaction. For example, market risk impacts credit risk, credit risk gives rise to settlement risk, and so on. Similarly, legal risk often arises from market or credit risk when the losing parties look for loopholes in contracts. Counterparty risk is another such risk that depends on other risks. For example, the credit risk of the losing party in an option contract may vary directly with the loss on the position increases. The risk may be low when the loss is low, but as soon as the position turns negative, the risk would increase. Failure to consider this eventuality in the expected value of a position can wreak havoc on a party to the contract. Such a risk is referred to as “wrong-way risk.”
Similarly, devastating interaction of risk can occur between market risk and liquidity and solvency risks. It is because when it comes to risk interactions, there is a compounding effect, i.e. the combined risk compounds the individual risks in a non-linear manner. Further, since most risk models and systems do not account for risk interactions directly, the ultimate risk volume may not be visible.