Managing risk is widely acknowledged as one of the key aspects of running any business. By definition, risk is something unknown, and managing risk requires a blend of both art—call it a combination of experience, sensitivity to circumstance and events, and, of course, intuition—and science, or experience (again) and hard facts and analysis. The first without the second could lead to disaster; the second without the first usually results in sub-optimal performance.
I have been in the business of advising companies on foreign exchange risk management for over 30 years, and find, remarkably, that, even today, a very, very small fraction of companies in India (and, I daresay, the world) have anything remotely resembling a sound FX risk management framework, which I would call the science of managing risk.
First off, the framework should have a policy, customised to the company’s business model and at-risk cash flows and balance sheet. While a huge number of companies do have a FX risk management policy documents—we have developed over 200 such documents ourselves—most of the policies we have seen are deficient in at least two ways.
The first is that their objectives do not state explicitly that in the effort to ensure that the company’s margins are never threatened by currency fluctuations, there will definitely be occasions when the company will suffer opportunity loss. This is critical to enable the operating team to actually follow the policy without fear of reprisals in the event the market moves against a hedge. If opportunity losses appear too high, the audit committee needs to reassess the policy—the art, mentioned earlier—to see how it could be tweaked to continue to protect margins and also enable lower opportunity losses.
The second major failing I have found in most policies is the inadvertent (in most cases) discretion provided to the operating team. While discretion is not unreasonable, provided it is, again, “artistically” designed, most audit committees are not aware of the extent to which hedge decisions are left to the discretion of the operating team. For instance, if a company has a policy to hedge, say, 50% of forecast exposures on a rolling 12-month basis, it is seldom made clear whether the hedge should be taken on the first working day of each month, or, say, averaged over the first five working days, or, as in one case I know, 25% is hedged on each Wednesday at 10 a.m.
While I am not recommending the straightjacket implied in the last definition, the point is that most audit committees don’t know how much discretion is left on the operating ground. Equally, they generally have no idea as to how much this inadvertent discretion is costing (or, indeed, from time to time, earning for) the company.
Now, the only way the audit committee can have the kind of analytic information it needs to enable it to make the necessary “artistic” decisions is to have an independent skilled team (or, at least, person) who monitors treasury activity in near-real-time to generate this data and convert it into usable knowledge. Large financial institutions, like banks and insurance companies, have well-staffed middle offices that render this function. While market risk is a key business risk for financial institutions, it also has huge significance to non-financial companies, in terms of the impact it can have on their businesses—there are myriad examples that crop up each time there is a dramatic jerk in FX rates.
However, none but the very largest non-financial companies in India have a fully functional middle office or risk officer. In most other cases, companies are not even aware of this need; in others, there is an awareness, but it may not appear commercially feasible to run and fully staff such a function. One alternative is to outsource the middle office, which, like any outsourcing operation, requires setting up a strong information exchange protocol with the vendor by, say, a daily email exchange. Of course, the best way is to fully automate the treasury to ensure that there is a complete audit trail to enable monitoring of all operations from timely dataflow to regulatory compliance to hedge strategy compliance to independent transaction confirmation to reporting to accounts.
Today, most companies—and this includes companies with sales of several billion dollars—are woefully behind the curve in this area, still using spreadsheets like Excel, to monitor their FX exposures and risk. These, while convenient and easy to use, have limited robustness but, more importantly, preclude having any audit trail, which, by definition, precludes sound risk management.
The good news is that, driven by IFC reporting guidelines, audit committees are increasingly recognising the importance of a structured approach to FX risk management, and many are now reaching out to secure the “science” of the process, which is a critical precursor to enable them to move up the curve to the art of risk management.
The author is CEO, Mecklai Financial