Event Monitoring VS. Location Risk Monitoring: A Critical Analysis

Event Monitoring vs. Location Risk Monitoring: A Critical Analysis

In a recent conversation with a market analyst from a prominent technological research and consulting firm regarding location risk, I was asked, “What’s the difference between location risk monitoring and event monitoring?” I was a bit taken aback. “Surely this experienced analyst from a renowned research house must know the difference between these two terms,” I said to myself. But it got me thinking. In finance, we love to use jargon to baffle people and show how smart we are. But as the saying goes, “If you can’t explain it to your kids, you probably don’t understand it.”

Without intending to, this analyst raised an important issue, and one well worth exploring if for no other reason than contextualizing the unprecedented news feed associated with geopolitical risk events over the past few months. So, let’s unpack the question by introducing some themes that have an empirical basis in risk management (e.g. operational risk loss history) and for which we can apply tangible examples.

First, location-related risk is comprised of a comprehensive taxonomy or family of risks. This includes natural hazard risks like earthquakes, volcanoes, or severe weather events, risk of industrial accidents such as the Deepwater Horizon explosion in 2010, geopolitical risks up to and including armed conflict, and financial risks such as sovereign default. To add complexity, there is an overlay of transnational risks such as criminality, terrorism, involuntary migration, and cyberattacks that can frequently transcend national borders but often negatively affect the locations where those activities occur. The President of Ecuador’s unprecedented declaration of war last week against the country’s criminal organizations, most of which are based in Peru and Columbia I an excellent example of this.

Second, when a risk materializes, it is said to have crystallized. This means that the anticipated event or problem has occurred, and the organization is now dealing with the real and immediate consequences. Location risks almost always interact and generate cascading effects. One very tangible example is the Great East Japan earthquake in Mar. 2011, which generated a nearly 10m high tsunami that caused catastrophic damage to the Fukushima Daiichi nuclear facility. We are still seeing the consequences as Japan has begun releasing treated radioactive water from the Fukushima plant into the Pacific Ocean - 12 years after the nuclear meltdown, amidst widespread protest.

Third, risk exposure is important. Risk exposure refers to the potential financial loss, negative impact, or harm that an individual, organization, or system faces due to uncertainties and risks. Here, the case of credit risk is illustrative and can be best typified by the following formula:

Credit Risk = PD X LGD where PD is Probability of Default, and LGD is Loss Given Default.

When assessing the credit risk of an individual or a counterparty firm, a lender will look at a potential borrower’s credit history amongst other factors, and manage the amount that they lend based on the probability of a default event.  The key is this – when a credit event occurs, it’s too late to manage the risk exposure. The same principle applies to a given location, even if there is potential exposure to a number of risks. Monitoring change in the risk profile of a given location is critical to taking action before the risk crystallizes.

One important point here that is particularly important to managing supply chain risk, otherwise known as third-party risk. In the case of Fukushima, Japanese automobile manufacturers had a concentration of suppliers in the area affected by the nuclear disaster. They repeated their error by relocating collectively to the same region of Thailand, just in time for the epic floods of Sep. 2011. This effect is called geographic concentration risk.

Fourth, a comprehensive and systematic approach to risk management is required to understand and dynamically manage risk exposure. One of the most important, and often one of the most often overlooked elements of this is monitoring changing risk exposures, identifying and responding to exposures that are outside of your firm’s risk appetite or risk tolerance.  I often hear the question, “So what?” or “What do I do about it?” The answer, not surprisingly, is “quite a lot.” I have seen many excellent examples of firms avoiding risks, diversifying out of risk exposures that are in excess of risk appetite, mitigating physical security risks or even epidemiolocal risks, and transferring cybersecurity risks through the innovative use of credit products. Managing risks in this way, prior to hazard onset, is the very definition of organizational resilience.

Lastly, not every risk exposure can be identified and managed. This is particularly true of location risk. No matter how comprehensive the risk management framework and how imaginative the scenarios are, there will always be surprises. The better the risk management framework at identifying risk indicators and trends, the rarer the occasion where the last line of defense, consequence management, is invoked.

Location risk is one of the most challenging risks to manage which is why it is not well understood even amongst well-informed individuals like my analyst friend. Hopefully, you have a better understanding of the critical differences between location risk monitoring and event monitoring and the benefits of proactive risk monitoring and dynamic risk management.