I have been thinking about Risk and Uncertainty Management for quite some time now, and I decided to start a blog so I can share my thoughts and ideas with friends, colleagues, students and everybody who might be interested in discussing this.  In my opinion, this is one of the most fascinating topics in management and academia nowadays, and, not only its importance is increasing by the day, but it is going to increase quite fast in the near future (it has already been heating up considerably so far…).

I decided to write this blog in English even if a considerable number of my students come from Latin American countries, and are native Spanish speakers, but I choose to do so in order to broaden the scope of the blog (most of my students are comfortable reading in English anyway).  My apologies for people that might feel uncomfortable with this choice…  Having said this, I might, sometimes, link some articles in Spanish, especially if they have been already published in some other source.  Comments and discussions are welcome in either English or Spanish.

In this first post I will address two issues: (i) how I got interested in Risk Management, and (ii) why I think the topic is interesting, important, and… yes, fascinating!

A few years ago, more specifically, around October 2003, I was about to come back to Argentina after my PhD, and I got a call from the department chair at IAE (the Business School I work for), saying that I was going to teach Risk Management to MBAs and EMBAs next Fall. At that time, and without any previous involvement in the topic, this didn’t look like my favorite plan for the following year… I started looking into books and course syllabus and, to my dismay, I found that they were mostly related to Risk Management for Financial Institutions, and our students at IAE come mostly from the non-financial sector. I tried to see what I could find on Risk Management for non-financial firms.  There was pretty much nothing on that topic. At that time, I was lucky enough that a few large corporate collapses created a large turmoil in the business world (Enron, Parmalat, etc…).  So, at about the same time I was trying to understand how to talk about Risk Management for non-financial firms with my students at IAE, most of the corporate landscape was trying to figure out how to deal with it.  After a few years, and with the help of the recent financial crisis, we learned that both Financial and Non-Financial firms have to consider Risk Management in a similar way.  I suppose I can say that I was pretty lucky, I got completely fascinated by the topic, and the timing was about perfect.

Let me explain why Risk Management is so important for firms, and why it is so interesting to me. I will sketch a very short and simplified rationale for this point, and ultimately the most important considerations are going to be discussed in future posts and discussions.  Let me start by saying that the ability to take risks is the rationale for which firms are “allowed”, by a competitive market, to make a profit higher than the risk free rate.  The risk premium, i.e. the profit above the risk free rate, is the compensation that the company obtains for taking a certain portfolio of risks. This is obtained when the volatility affects the company in a positive way, i.e. the volatility moves in favor of the firm.  The other side of the coin, obviously, is that when the volatility goes the wrong way, and in this case the firm will suffer a loss.  This is way one of the mottos of Risk Management is “profit from the upside controlling the downside”.

Unfortunately, most companies do not really consider risk in their strategic planning process, but they are still facing risks.  Risks are all over the place, inside and outside the firm.  There are several types of risks affecting firms; I will use a four-chapters classification to organize them: Strategic Risks, Operational Risks, Financial Risks, and Political Risks.  Each chapter has a wide variety of risks to consider.  In this introductory note I will not dig into them, but they will eventually pop up in later posts.

Only a handful of companies identify, classify, and measure all the risks that might affect them (this is done through a tool called Risk Mapping), fortunately this number has been increasing steeply in the last few years, and is supposed to keep growing in the future.  After having identified and measured the risks, firms need to decide which risks are going to be taken (in order to make profit from them), and which risks are going to be transferred to third parties that are better equipped to hold (and make a profit from) them. Unfortunately, most firms have not decided which are the risks they want to make a profit on.  Failing to do this leaves the company mostly obliged to a reactive, instead of a proactive attitude toward risk.  The only way of having this proactive attitude toward risk is by including Risk Management in Strategic Planning.