The Building Blocks of Risk Management

50 vocabulary-style flashcards covering key risk management concepts from the notes.

Risk

The possibility that bad things might happen.

Risk management

The process of identifying, evaluating, measuring, and controlling risk to create value and reduce uncertainty.

Enterprise Risk Management (ERM)

A holistic, firm‑wide approach that coordinates across risk types and aligns risk-taking with strategy.

Expected loss (EL)

Average loss a position or portfolio might incur; EL = EAD × LGD × PD.

Unexpected loss

Loss that exceeds the expected loss, reflecting variability and concentration risk.

Tail loss

Extreme losses in the tail of the loss distribution beyond the VaR threshold.

Risk factor

A driver of risk (e.g., PD, LGD, EAD) that can have sub-factors.

PD (Probability of Default)

The likelihood that a borrower or obligor will default.

EAD (Exposure at Default)

The amount at risk at the time of default.

LGD (Loss Given Default)

Severity of loss if default occurs; portion not recovered.

Credit risk

Risk arising from the possibility that a borrower or counterparty fails to meet obligations.

Market risk

Risk from changes in market prices or rates that affect asset values.

Liquidity risk

Risk that funding or asset liquidity constraints prevent meeting obligations.

Funding liquidity risk

Risk that a firm cannot access enough liquid cash and assets to meet obligations.

Market liquidity risk

Risk that markets seize up, forcing sales at unfavorable prices.

Operational risk

Risk of loss from failed internal processes, people, systems, or external events; includes cyber and legal risk; excludes business, strategic, and reputational risk.

Reputational risk

Danger that a firm’s market standing or brand could decline, harming stakeholders.

Business risk

Risks related to demand, pricing, competition, and operations impacting a firm’s performance.

Strategic risk

Risk from large, long‑term decisions about the firm’s direction.

Conflict of interest

When self‑interest can distort risk management and transparency.

Risk aggregation

Combining risks to see the big picture; challenging and potentially misleading if not done carefully.

Value-at-Risk (VaR)

The worst expected loss over a horizon under normal market conditions at a given confidence level.

Expected Shortfall (ES) / CVaR

The average loss in the tail beyond the VaR threshold.

Basel Accords

International banking standards (Basel I–III) regulating capital and risk management.

Economic capital

Capital a firm estimates is needed to absorb unexpected losses (not regulatory capital).

Regulatory capital

Capital required by regulators to ensure solvency.

RAROC (Risk-Adjusted Return on Capital)

Reward divided by risk; a framework to balance risk and return across activities.

Hedging

Transferring or reducing risk through derivatives, insurance, or other instruments.

Basis risk

Risk that a hedge does not perfectly offset exposure due to imperfect correlations or timing.

Notional value

Face amount of a derivative; not by itself a direct risk measure.

Delta

Sensitivity of an option’s value to changes in the underlying asset price.

Gamma

Sensitivity of Delta to changes in the underlying asset price.

Theta

Time decay of an option’s value as expiration approaches.

Greeks

The set of risk measures for options, including Delta, Gamma, and Theta.

Extreme Value Theory (EVT)

Tail‑risk statistical methods to model and quantify extreme losses.

Knightian uncertainty

Uncertainty that cannot be quantified; irreducible.

Known knowns / known unknowns / unknown unknowns

Classifications of risk knowledge: risks you know, risks you know you don’t know, and risks you don’t know you don’t know.

Moonwalking bears

Bank of England metaphor for hidden risks that are overlooked when prices look favorable.

Underwater icebergs

Hidden risks such as rising leverage that are hard to detect but dangerous.

Three lines of defense

Governance framework: 1) business line; 2) risk management; 3) internal audit.

First line of defense

Business line that generates, owns, and manages risk.

Second line of defense

Risk management function that specializes in risk oversight.

Third line of defense

Independent oversight and assurance, such as internal audit.

Scenario analysis

Analytical process to assess the impact of plausible worst‑case events.

Stress testing

Analysis of portfolio resilience under severe but plausible conditions.

Reverse stress testing

Starting from a tail loss scenario and working backward to identify drivers.

Data science in risk management

Use of big data, AI, and ML to identify risk variables and relationships.

Unsupervised machine learning

ML that identifies clusters/correlations without predefining the area of interest.

Risk appetite

The level of risk a firm is willing to accept in pursuit of its objectives.

Risk culture

The norms and behaviors that shape how risk is understood and managed within an organization.