Effective Transactional Risk Management
November 2007
International companies assume a variety of
forms of risk with every sale, lease, purchase, loan, or investment they make.
These risks are not simply commercial, financial, or political in nature, but
include a plethora of other inherent risks that encompass the technical, environmental,
developmental, and socio-cultural realms.
by Daniel
Wagner*
Every international transaction is unique, carrying its own blend of risks.
Addressing "transactional risk" is therefore an essential part of the risk management
process.
How Transactional Risk Differs from Country Risk
Transactional risk is distinct from "political," "sovereign," and "country"
risk. Although the term "country risk" is widely and generically used to refer
to the risks assumed by operating in another country, country risk is really
a misnomer in this context. Even the term "political" risk does not fully encompass
the scope of risks a company encounters when operating in a foreign arena.
Political risk may be differentiated
from a number of other forms of risk that are often used in tandem. Political
risk refers to arbitrary or discriminatory actions taken by governments, political
groups, or individuals that have an adverse impact on trade or investment transactions.
Political risk may be differentiated
from country risk, which is the risk that
a country will be unable to honor its financial commitments, and sovereign risk, which is the risk that a
foreign central bank will alter its foreign-exchange regulations and significantly
reduce the value of foreign-exchange contracts.
In spite of these clear differences, it is common for business practitioners
to use the three terms interchangeably. Transactional risk, by contrast, is the country, sovereign, political, economic, financial,
technical, environmental, developmental, and socio-cultural risk that an organization
assumes in every international action it engages in.
How Banks Approach Transactional Risk Management
Much can be learned from the experience of international banks in managing
transactional risk. Nearly all banks have developed formal programs to manage
transactional risk, and most of these are centralized so as to establish and
maintain control over an entire network of operations. More often than not,
a board of directors will approve the risk management policy, but the nature
of a risk management reporting system will vary by organization. Transactional
risk management is usually integrated with the credit risk management function,
but larger banks tend to integrate transactional risk management into their
overall risk management process.
Responsibility for transactional risk management generally resides with a
high-level risk management committee at headquarters or the senior country officer
(in the case of foreign operations). Although there is general inconsistency
about who within an organization actually takes responsibility for determining
transactional risk, common approaches include a formal "country" risk committee,
a credit department, or country managers.
No bank relies entirely on external sources of information, but smaller banks
are more inclined to rely more heavily on such sources due to lack of resources.
A number of regional and multinational banks have established procedures to
deal with risk tolerances and deteriorating conditions in a country. The most
common approach simply relies on informal lines of communication among experienced
managers in times of crisis.
Almost all banks assign formal country ratings, most of which cover a broad
definition of risk. Ratings are typically assigned to all types of credit and
investment risk, including local currency lending. Transactional risk ratings
establish a ceiling that also applies to credit risk ratings. Most banks do
not generally have formal regional limits, but some banks monitor exposures
for a given region informally, and most have specific country limits.
Most banks take a comprehensive view of risk, but tend to differ in terms
of how specific risks affect their risk rating system. Many banks apply a single
country rating to all types of exposure, while distinguishing between foreign
and local currency funding. Formal exposure limits tend to be set annually and
managed through the use of aggregate country exposures. Risk tolerances are
recommended primarily by line management and approved by a high level committee.
The maximum level of exposure for a given country is generally determined by
the assigned risk rating.
The Lessons of the Asia Crisis1
Although most banks indicate that existing macroeconomic data needed to assess
country risk is generally adequate, there are gaps in the data necessary to
evaluate country vulnerability to payment shocks. Most banks use a system of
country risk ratings that rely on monitoring of real and financial macroeconomic
indicators. This has, at times, failed to give them adequate warning to arrange
to exit a market in a timely fashion. Better information on foreign currency
reserves and short-term debt would have been useful in that regard.
One of the lessons learned from the Asia Crisis was the relevance of measuring
available official foreign exchange resources and short-term public sector obligations
denominated in foreign currencies that constitute a drain on resources. There
is a need for timely and transparent reporting of official foreign exchange
reserves and other information needed to assess the short-term liquidity positions
of the official sector. Another area of generally insufficient data is the outstanding
short-term foreign currency exposures of nonfinancial corporations in emerging
markets. Means must be found to address these shortfalls, which serve to highlight
the importance of obtaining a variety of types of data to measure the same variable.
The Asia Crisis taught banks some important lessons about transactional risk
management. Among them, the need to more effectively incorporate several additional
sources of information in risk analyses to include the credit risk associated
with private sector counterparties, the potential loss of liquidity, and contagion
effects. An over-reliance on historical volatility
to measure risk contributed to an underestimation of risk.
Elements of an Effective Risk Management Process
A sound transactional risk management process will include certain basic
elements that result in the creation of an environment conducive to effectively
managing risk:2
- Effective oversight by a board of directors
- Adequate risk management policies and procedures
- An accurate system for reporting country exposures
- An effective process for analyzing country risk
- A country risk rating system
- Established country exposure limits
- Regular monitoring of country conditions
- Periodic stress testing of foreign exposures
- Adequate internal controls and an audit function
Within this context, it is important to establish clear tolerance limits,
delineate clear lines of responsibility and accountability for decisions made,
and identify in advance desirable and undesirable types of business. Policies,
standards, and practices should be clearly communicated, and enforced, with
affected staff and offices. Quarterly reporting should be imposed—more frequently
if foreign exchange exposure impacts a given investment.
It is naturally also important that analyses be adequately documented and
conclusions communicated in a way that gives decision makers an accurate basis
on which to gauge exposure levels, and that sufficient resources be devoted
to the task of assessing risk. Since the Crisis, some banks have centralized
the analytical process and engage in periodic assessments of risk on a more
regionalized basis (as opposed to strictly on a country-specific basis).
Best practices dictate that a number of actions should be taken to create
a transactional risk management program. Among them:
- The transactional risk management function should be centralized.
- Transactional risk guidelines should be established and widely disseminated.
- Country/sector limits should be established.
- A system to better delineate the severity of perceived risks should
be established.
- Quarterly transactional risk reporting should be implemented.
- A company should make maximal use of internal information capabilities
while incorporating a wide array of external information sources into analyses.
Much can be learned at a corporate level by the approach and experience of
international banks in addressing transactional risk. Nearly all banks have
developed formal programs to manage transactional risk, and most of these are
centralized so as to establish and maintain control over an entire network of
operations. Almost all banks assign formal country ratings, most of which cover
a broad definition of risk. Ratings are typically assigned to all types of credit
and investment risk, including local currency lending.
Transactional risk ratings establish a ceiling that also applies to credit
risk ratings. Most banks do not generally have formal regional limits to lending,
but some banks monitor exposures for a given region informally, and most have
specific country limits. Many banks apply a single country rating to all types
of exposure, while distinguishing between foreign and local currency funding.
Formal exposure limits tend to be set annually and managed through the use of
aggregate country exposures.
It is important to establish clear tolerance limits, delineate clear lines
of responsibility and accountability for decisions made, and identify in advance
desirable and undesirable types of business. Policies, standards, and practices
should be clearly communicated, and enforced, with affected staff and offices.
Quarterly reporting should be imposed—more frequently if foreign exchange exposure
impacts a given investment.
The ability to obtain primary knowledge through inputs from local offices,
as well as by regular visits on the part of country risk officers, cannot be
overemphasized. Best practice should encourage in-house assessments before relying
on external sources of information in order to build internal rating applications.
In most organizations, the country risk function operates autonomously, as
there tends to be diverging interests between the operating side of the business
and risk management. It is therefore important for senior management to effectively
oversee interaction between the two sides. The risk assessment decision chain
should be transparent and independent of compromise by business unit practices.
Even if there is a rating guide at one's disposal, it is best to utilize
information from a variety of sources, identify the central themes that keep
reappearing, and make a judgment about the nature of the risk. This should not
be done in a vacuum, however. The underwriting and pricing process should be
viewed as collaborative, seeking the affirmation of others in the decision-making
chain.
The addition of an effective transactional risk management program will enhance
existing risk management guidelines and provide valuable insights to better
understanding the international business arena.
*The views expressed herein are solely the author's.
1Bank of International Settlements, On the Use of Information and Risk Management
by International Banks, Basle, 1998.
2Comptroller of the Currency, Country Risk Management, Comptroller Handbook,
October 2001, p. 3.
Opinions expressed in Expert Commentary articles are those of the author and are
not necessarily held by the author's employer or IRMI. Expert Commentary articles
and other IRMI Online content do not purport to provide legal, accounting, or other
professional advice or opinion. If such advice is needed, consult with your attorney,
accountant, or other qualified adviser.