Scenario and stress testing for

proactive risk management

Support strategic decisions with a sustainable approach to stress testing

Written By:
Dr Marie-Paule Laurent
Olivier Salom
Tamar Joulia
Frdric Van Weyenbergh

Scenario and stress testing for proactive risk management

Written by
Dr Marie-Paule Laurent
Managing Partner
mplaurent@riskdynamics.eu
+32 495 268 771
Olivier Salom
Manager
osalome@riskdynamics.eu
+32 487 326 184
Tamar Joulia
Senior Expert
tjoulia@riskdynamics.eu
+32 495 590 101
Frdric Van Weyenbergh
Associate Partner
fvanweyenbergh@riskdynamics.eu
+32 473 995 147

Risk Dynamics
Belgium: +32 2 340 00 90
London: +44 7970 462213
Netherlands: +31 20 2402750

Info@riskdynamics.eu

Scenario and stress testing for proactive risk management

Introduction
Prior to the financial crisis that started in 2007, most financial institutions did not perform stress tests
from a comprehensive firm-wide perspective across all risk types and businesses. Instead, they
mainly relied only on individual risk models, assuming that historical trends constituted a good basis
for assessing the development of future risks. The crisis has revealed serious flaws in relying solely
on such an approach.
These models did not capture the possibility of severe shocks or how the combination of these
vulnerabilities behaves at a market level, amongst others due to their lack of interaction, which in
extreme conditions can drastically change the behaviour of fundamental economic risk factors. The
effects of this flaw were dramatically amplified as historical correlations proved to be unreliable.
Exposed by the market volatility, it became clear that most financial institutions had not paid sufficient
attention to these limitations of traditional risk models.
As market turbulences continue to affect financial institutions, stress testing has grown significantly in
scope and importance. Senior management have established comprehensive firm-wide risk
assessment processes in which stress and scenario testing play a material part, allowing better
informed and more timely decision-making. In particular, stress testing is considered as a key tool to
inform senior management about alignment of the institutions risk profile with the Boards risk
appetite, under various circumstances.
This white paper focuses on the use of stress testing for proactive risk management beyond
regulatory requirements.
This paper is divided into five sections:
Section 1 Types of Stress Testing: We outline the context for different types of stress tests,
including sensitivity analysis and scenario testing.
Section 2 Context for Stress Testing: We introduce context in which these tests may be used.
Section 3 Stress Test Process: We introduce an approach to conducting Stress Tests that brings
together these tests and provides a sustainable approach that enables organisations meet their
objectives
Section 4 - Creating value with Stress Testing: We demonstrate how the stress testing framework
can be integrated in to strategic business decisions
Section 5 In conclusion: Lessons learned and conclusions from Risk Dynamics experience.

| 3

Scenario and stress testing for proactive risk management

Types of stress test

The following types of stress tests can be distinguished:
Sensitivity analysis provides a narrow view of individual changes.
A single factor analysis consists in assessing the sensitivity to one economic driver (e.g. the
interest rate) or one risk parameter (e.g. the counterparty default probability), using different
degrees of severity and without any economic story in mind. It can be supplemented by simple
multi-factor sensitivity analyses where a combined occurrence is assumed.
Both analyses provide information about risk concentrations in one or several risk factors, which
can help prioritise improvements in model accuracy.
This approach is limited, as the likelihood of change in the parameter(s) are not considered in
sensitivity analysis, nor the potential interconnection between the various parameters.
Given that changes rarely take place in isolation, this approach should only be seen as a stepping
stone to, or as part of, more sophisticated approaches.
Scenario and stress testing understand not only the impact but also the likelihood of multiple,
interrelated changes
Scenario testing typically relates to adverse events that have a reasonable probability of
occurrence while stress testing refers to exceptional events, to which a very low likelihood of
occurrence is assigned.
Both aim at assessing the impacts of these possible events on the financial and business positions
of the institution. System-wide interactions and second-order feedback effects are incorporated
within scenario and stress testing.
While this approach provides a robust view of the risks, it is not able to understand the possible
combinations of events and risk concentrations that would threaten the viability of the institutions
business model.
Reverse stress testing consists in identifying a range of adverse circumstances which would
jointly cause the business plan of an institution to become unviable and in assessing the likelihood
that such events could crystallise.
Reverse stress testing also focuses on the institutions specific vulnerabilities (e.g. reputational
event). Reverse stress testing is commonly used to identify possible combinations of events that
might not be considered in regular stress testing. It also helps to assess how close to failure is the
institution in its current environment.
A combined approach is required to ensure that the organisation understands its risk profile in a
variety of circumstances, due to the limitations of each type of test on a standalone basis,

Scenario and stress testing for proactive risk management

A stress test for every occasion

Regulatory (or supervisory) authorities and internal management perform stress tests for
different purposes, on a regular or an ad hoc basis:
Regulatory (or supervisory) authorities aim at controlling the resilience of each institution and the
financial system as a whole. Therefore, they prescribe severe scenarios, with a very low likelihood,
that institutions have to calculate. On that basis, they will decide on actions to enhance the
financial stability in the whole system (e.g. recapitalisation).
Financial institutions are required by the regulatory and / or supervisory authorities (FSA or EBA
and soon ECB) to perform stress tests at least once a year according to the capital rules.
The impacts of the scenarios are calculated per risk type, per portfolios and consolidated at
Group level. These are assessed over a period of at least two years, in order to take into account
the effects of some shocks.
Such exercises enable the authorities to evaluate the resilience of the institutions risk profile to
stressed situations, and to compare the consistency of the results for similar portfolios and/or
institutions.
However, these scenarios and the selected metrics (e.g. solvency capital ratio, balance sheet,
market losses) do not address some specific vulnerabilities of the institution nor other material
risks (e.g. liquidity).
Senior management aims to take actions that will optimise return on risks within shareholders risk
appetite. Therefore, it is interested in sensitivity analyses and more reasonable scenarios,
whatever their severity. On that basis, senior management will take actions to maintain or enhance
the institutions value in a going concern basis within the agreed risk appetite.
Internal uses of stress testing include, among others, to capital & budget planning and
management of portfolio sensitivities.
The scenarios usually cover shocks related to the economic environment, the specific activities of
the institution and its operation and image (e.g. fraud, reputation).
It is up to the institution to select the most appropriate metrics against which the scenario and
stress testing outcomes are assessed.

| 5

Scenario and stress testing for proactive risk management

Stress Test Process

The Stress Test is triggered by a request (imposed by the regulator or decided by the
institutions management), with the purpose of obtaining an impact assessment and deriving
actions, which are then implemented.

Stress Tests Process

Trigger
1

Activities

Origination
Specify:
Type and objectives of tests
Scope and perimeter
Characteristics of the
scenarios: likelihood/duration
Reference date
Time horizon of the impacts
Level of granularity
Measures / metrics
Stakeholders
Planning and milestones
Approval and reporting

3
Scenarios

Identify
The scenarios that are
relevant in light of the
origination, the external
environment and the
institutions business model
Select :
The scenarios from the
repository
The baseline
Or launch a request for:
Additional scenario

4
Impacts

Collect data
In line with the
specifications defined in the
origination
Select models and
methodologies
E.g. internal model
Statistical methodologies
and expert-based
techniques

Actions

Reporting

Analyse the outcomes

Alignment of the risk profile
with chosen risk appetite
Test the impacts of actions
Based on the tool(s) used
for the impact measure or
expert assessment
Optional
Propose actions

Communicate
Internal management (e.g.
Group Board, ALCO, FRC,
Divisions Board)
Disclose
Local regulator or other
bodies (EIOPA, etc.)
Market participants
Embed
ORSA report

Management Actions

Reporting Template

Implementation

FIGURE 1: The Stress Test Process

Apply the models and the

methodologies to the data

Origination Sheet

Tools

Repository
Narrative description
Categories
Systemic or idioscyncratic
Historical or hypothetical
Real of financial
Rapid chrystallisation or
protracted effect
Assessment
Likelihood and severity
Stressed risk factors
Contagion effects

Scenarios Life Cycle

Data
Fit for purpose database

Models
Methodologies
The stressed risk factors are
first translated into stressed
risk parameters. The latter
are then applied to the
portfolios and risk types
(with and without additional
risk mitigations). Impacts
are measured as deviatons
from the baseline. Results
are finally aggregated.

Categories
Actions directly under firm
control
Actions that require a
counterparty
Timeliness
Immediately
Early warnings
Materialization of risks

Risk Appetite

Risk Dynamics

Stage 1 - Origination: The key elements of the scenarios and stress tests are defined, e.g. the
type and objectives of the stress tests, their scope and perimeter, the characteristics of the
scenarios (likelihood, duration), the time horizon of the impacts, the level of granularity, and the
measures or metrics that will summarize the results (in absolute and relative terms).
Stage 2 Scenarios: Consists of first identifying all the scenarios that are relevant for the
institution. The set of scenarios that will be actually used is then selected from the institution own
repository of scenarios. The latter includes a narrative description of the scenarios, their likelihood,
and the type of shocks to which they relate (systemic, idiosyncratic, etc.).
Stage 3 Impacts: Running the tests demonstrates the impact of the scenarios on the selected
metrics. This three step activity begins with the translation of the stressed risk factors into internal
stressed risk parameters. The latter are then applied to the portfolios and risk types so that the
impacts can be measured. Finally, the results are aggregated at Group and entity levels.
Stage 4 - Actions: The outcomes of the exercise are analysed, including the extent to which the
risk profile under stressed circumstances is aligned with the chosen risk appetite. The impacts of

Scenario and stress testing for proactive risk management

actions can then be tested based on the tools used to assess the impacts of the scenarios or by
means of expert judgments. If needed, risk mitigating actions can be proposed to the senior
management.
Stage 5 Reporting: This phase aims at communicating the results to the internal senior
management of the institution (the Board or the relevant body depending on the type and purpose
of the stress tests). It might also be required to disclose the results to the local regulator or other
regulatory bodies (EIOPA) and market participants and to embed them in the ORSA report.

| 7

Scenario and stress testing for proactive risk management

Creating value with Stress Testing

An enterprise-wide approach to risk management starts to break down the traditional silo approach
per risk type.
It enables organisations to identify the potential connections or correlations across multiple business
lines or units and across risk categories.
Proactive management leads to the identification of early risk mitigation and combined contingency
plans aiming at improving the risk, capital and / or liquidity positions of the institution.
Linking Stress Testing to Risk Appetite
The stress testing process is a key element of the qualification and quantification of the institutions
risk profile, at corporate level and for key portfolios.
FIGURE 2: Usage Of Stress Testing In Risk Profile/Risk Capacity Assessment
Risk Capacity

Non Financial Resources

Financial Resources

Global Control Framework

(Quality level assessed through
review, validation & audit)

>

Risk Profile

Quantitative View

Capital Capacity
(actual / target)

Capital

Risk exposure
(actual / target)

Earnings Capacity
(actual / target)

Earnings

Risk exposure
(actual / target)

Liquidity Capacity
(actual / target)

Liquidity

Risk exposure
(actual / target)

Action Plans
Risk
Capacity

Qualitative View

Stress &
Scenario
Testing

Risk Assessment

Risk Dynamics

Risk Profile

Benchmarked against risk appetite, the assessment of significant losses (such as in earnings or in
value) associated with adverse events is used to identify where the institution should establish
contingency, continuity plans or take mitigating action.
This assumes an appropriate definition of risk appetite, reflecting the accepted variations in Earnings,
Capital and Liquidity positions as well as the types of risks an institution is willing to be exposed to.
Using Stress Testing to drive performance
Once established, the stressed positions of the institutions portfolios can be benchmarked against its
tolerance for risk, and specific actions taken when the risk profile evolves toward a green, orange or
red zone:

Scenario and stress testing for proactive risk management

FIGURE 3: Performance Levels

Target
level

Recommended
Action:

Tolerance for risk

Minimum
level

GREEN
ZONE

ORANGE
ZONE

RED
ZONE

Possible re-allocation
of excess financial
resources

Closer monitoring, early

mitigation, Capital
contingency plan

Execution of the
risk mitigation
plan

For each Key Risk Indicator (KRI), the institution determines two levels of performance:
The target or strategic level, reflecting the business strategy;
The minimum level of performance (or maximum level of risk) is based on the institutions
tolerance for changes in particular risk / performance indicators.
In the green area, the institution should consider reallocating excess resources to other business
initiatives.
Even in adverse scenarios, the indicators should not drop below the maximum level of acceptable
risk, but remain in the orange area.
Delivering Value
Calculated over an adequate time horizon, to reflect the cumulative and remote effect, scenario and
stress testing provide a range of forward-looking views on institutions risks, and thereby contribute to
a risk sensitive capital and budget planning
The budgeting exercise is based upon a range of scenarios, covering the appropriate time horizon
(typically 3 years) and material firm-wide risk sensitivities.
In practice, the institution investigates the variations between the baseline and the adverse (but
plausible) scenarios to help controlling adherence to the chosen risk appetite.
This contributes to:
A more efficient allocation of financial resources during the budgeting process.
The allocation can be conducted along two complementary dimensions:
Per business, in line with the institutions strategic priorities and relative value creation per
business line;
Per risk category (credit, market, liquidity, underwriting, operational risks...) in line with the
institutions tolerance in terms of losses and capital / liquidity requirements.
A proactive management of risk appetite, by integrating risk and finance planning into the same
yearly process, so that the budgets are aligned with the institutions risk.
A proactive management of portfolio sensitivities across and within risk types.

| 9

10

Scenario and stress testing for proactive risk management

In Conclusion
Tell what the story tells...
In many instances, the characteristics of the scenarios (e.g. story, likelihood, severity, duration of the
shocks, horizon of the impacts) and the internal metrics used for the assessment are not precisely
described, if at all.

Be involved, at all level of the institution...

All too often these exercises are considered as a constraint imposed by the regulator, and are not yet
embedded in strategic and business processes.
Once fully integrated in day-to-day management, stress testing becomes a more powerful tool
supporting Senior Management.

Integrated teams, integrated approach...

Scenario and stress testing requires close cooperation between the various business, finance and
risk units.
Yet, a silo approach is still observed in some institutions, with the unintended consequence that the
overall risks and contagion effects can be underestimated. Integrated stress testing, covering all risk
types across portfolios and entities, can overcome this limitation by focusing on the
interdependencies for effective risk diversification.

Using the right tool for the job...

In assessing the impacts of scenarios, institutions too often rely on ad hoc adjustments directly
applied on the risk parameters. Methodologies do exist however, be it simple translation engines
(such as satellite models) or more sophisticated econometric methods combined with expert
judgments (such as Bayesian Vector Auto Regression).

A combined approach is more than the sum of its parts

All types of stress tests are complementary exercises. It is precisely for that reason that market best
practice recommends using sensitivity analyses, scenarios combined with stress and reverse stress
tests to provide a forward looking view that compliments historical risk analysis.

Stress testing, as part of an integrated approach to risk management can add value and
speed to business decisions, as it provides strong evidence about the performance of the
business under different conditions.

Scenario and stress testing for proactive risk management

About Risk Dynamics

Risk Dynamics provides assessment services and strategic advice to banks, insurance companies, investment and asset management firms and
market infrastructures. We assess and benchmark risk / compliance management frameworks and risk models. We help financial institutions
optimize their frameworks and risk models for a more efficient use of financial and operational resources.
More than 700 groups of models validated in different types of risks and domains
A centralized and international team of risk management and compliance experts acting on a global scale
Unique frameworks in line with the latest regulatory requirements, rigorously enriched with market best practices and benchmarks
Regular contacts with regulators around the world
For more information please visit http://www.riskdynamics.eu

| 11

Europe
Middle East
Risk Dynamics
Boulevard du Rgent, 47/48
B-1000 Brussels
Belgium

North America
Risk Dynamics LLC
1220 N. Market Street
Suite 806
Wilmington, DE 19801
USA

UK & Ireland
Risk Dynamics LTD
125 Old Broad Street
London
EC2N 1AR

Netherlands
Risk Dynamics BV
Barbara Strozzilaan 201
1083 HN Amsterdam

Asia
Risk Dynamics Ltd
th
Room 1001, 10 Floor
Tai Yau Building
181 Johnston Road
Wanchai Hong Kong

Disclaimer
This publication contains general information, and none of Risk Dynamics is, by means of this publication, rendering compliance, business,
financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or
services, nor should it be used as a basis for any decision or action that may affect your finances or your business. Before making any decision
nor taking any action that may affect your finances or your business, you should consult a qualified professional adviser.
No entity within Risk Dynamics shall be responsible for any loss whatsoever sustained by any person who relies on this publication.
2013 Risk Dynamics - Designed and produced by Optimised ! at Risk Dynamics, Brussels.