There is no official risk typology. The current FRM syllabus (2018-19) assigns Crouhy's Essentials of Risk Management which contains a Typology of Risk Exposures in Appendix 1.1 but it is incomplete and somewhat informed by early Basel regulations; e.g., financial risks consists of market risk (itself parsed into equity price, interest rates, forex, and commodity price risk) and credit risk, but not operational risk.
Below the video we show two perspectives; two typologies, if you will. The first is my modification of Crouhy's; the second builds on Jorion's classic framework that is rooted in the FRM. From merely an exam-type perspective, here are some key ideas:
Our two visual typologies:
1. Typology modifies Crouhy
2. The classic typology (based on Jorion)
Below the video we show two perspectives; two typologies, if you will. The first is my modification of Crouhy's; the second builds on Jorion's classic framework that is rooted in the FRM. From merely an exam-type perspective, here are some key ideas:
- While Crouhy's original typology excludes Operational Risk (and even some authors in the curriculum also exclude operational risk), we do not. (see discussion here https://trtl.bz/2ykYFM4). As you can see from the second typology below, the firm's risks are either business or non-business (this is the first distinction because a non-financial business does not seek to avoid business risks). Non-business risks are either financial or non-financial. Classically, the domain of Financial Risk Management is non-business financial risks. At the high-level, this includes credit, market, liquidity, operational (including legal), and investment risk. Notice how this maps to Topics 5 to 8 of the FRM Part 2.
- While in practice they may not be excluded, from a academic (test) perspective we have excluded strategy and reputation risk. However, this seems to be changing. In particular, reputation risk seems to increasing fall under the included domain.
- Some of the most practical, realistic, compelling risks are obviously on the business side. Specifically, technology represents a growing factor on any risk manager's radar. This includes obvious topics like cyber-security and privacy (e.g., GDPR) but also the threats of digital disruption. A good risk manager cannot ignore these evolving forces because the business leaders cannot; if you want a "seat at the table," you need to be able to talk about these threats.
Our two visual typologies:
1. Typology modifies Crouhy
2. The classic typology (based on Jorion)
Last edited:
