From Wikipedia, the free encyclopedia  View original article
In financial mathematics and financial risk management, value at risk (VaR) is a widely used risk measure of the risk of loss on a specific portfolio of financial assets. For a given portfolio, probability and time horizon, VaR is defined as a threshold value such that the probability that the marktomarket loss on the portfolio over the given time horizon exceeds this value (assuming normal markets and no trading in the portfolio) is the given probability level.^{[1]}^{[clarification needed]}
For example, if a portfolio of stocks has a oneday 5% VaR of $1 million, there is a 0.05 probability that the portfolio will fall in value by more than $1 million over a one day period if there is no trading. Informally, a loss of $1 million or more on this portfolio is expected on 1 day out of 20 days (because of 5% probability). A loss which exceeds the VaR threshold is termed a "VaR break."^{[2]}
VaR has four main uses in finance: risk management, financial control, financial reporting and computing regulatory capital. VaR is sometimes used in nonfinancial applications as well.^{[3]}
Important related ideas are economic capital, backtesting, stress testing, expected shortfall, and tail conditional expectation.^{[4]}
Common parameters for VaR are 1% and 5% probabilities and one day and two week horizons, although other combinations are in use.^{[5]}
The reason for assuming normal markets and no trading, and to restricting loss to things measured in daily accounts, is to make the loss observable. In some extreme financial events it can be impossible to determine losses, either because market prices are unavailable or because the lossbearing institution breaks up. Some longerterm consequences of disasters, such as lawsuits, loss of market confidence and employee morale and impairment of brand names can take a long time to play out, and may be hard to allocate among specific prior decisions. VaR marks the boundary between normal days and extreme events. Institutions can lose far more than the VaR amount; all that can be said is that they will not do so very often.^{[6]}
The probability level is about equally often specified as one minus the probability of a VaR break, so that the VaR in the example above would be called a oneday 95% VaR instead of oneday 5% VaR. This generally does not lead to confusion because the probability of VaR breaks is almost always small, certainly less than 0.5.^{[1]}
Although it virtually always represents a loss, VaR is conventionally reported as a positive number. A negative VaR would imply the portfolio has a high probability of making a profit, for example a oneday 5% VaR of negative $1 million implies the portfolio has a 95% chance of making more than $1 million over the next day.^{[7]}
Another inconsistency is that VaR is sometimes taken to refer to profitandloss at the end of the period, and sometimes as the maximum loss at any point during the period. The original definition was the latter, but in the early 1990s when VaR was aggregated across trading desks and time zones, endofday valuation was the only reliable number so the former became the de facto definition. As people began using multiday VaRs in the second half of the 1990s, they almost always estimated the distribution at the end of the period only. It is also easier theoretically to deal with a pointintime estimate versus a maximum over an interval. Therefore the endofperiod definition is the most common both in theory and practice today.^{[8]}
The definition of VaR is nonconstructive; it specifies a property VaR must have, but not how to compute VaR. Moreover, there is wide scope for interpretation in the definition.^{[9]} This has led to two broad types of VaR, one used primarily in risk management and the other primarily for risk measurement. The distinction is not sharp, however, and hybrid versions are typically used in financial control, financial reporting and computing regulatory capital.^{[10]}
To a risk manager, VaR is a system, not a number. The system is run periodically (usually daily) and the published number is compared to the computed price movement in opening positions over the time horizon. There is never any subsequent adjustment to the published VaR, and there is no distinction between VaR breaks caused by input errors (including Information Technology breakdowns, fraud and rogue trading), computation errors (including failure to produce a VaR on time) and market movements.^{[11]}
A frequentist claim is made, that the longterm frequency of VaR breaks will equal the specified probability, within the limits of sampling error, and that the VaR breaks will be independent in time and independent of the level of VaR. This claim is validated by a backtest, a comparison of published VaRs to actual price movements. In this interpretation, many different systems could produce VaRs with equally good backtests, but wide disagreements on daily VaR values.^{[1]}
For risk measurement a number is needed, not a system. A Bayesian probability claim is made, that given the information and beliefs at the time, the subjective probability of a VaR break was the specified level. VaR is adjusted after the fact to correct errors in inputs and computation, but not to incorporate information unavailable at the time of computation.^{[7]} In this context, "backtest" has a different meaning. Rather than comparing published VaRs to actual market movements over the period of time the system has been in operation, VaR is retroactively computed on scrubbed data over as long a period as data are available and deemed relevant. The same position data and pricing models are used for computing the VaR as determining the price movements.^{[2]}
Although some of the sources listed here treat only one kind of VaR as legitimate, most of the recent ones seem to agree that risk management VaR is superior for making shortterm and tactical decisions today, while risk measurement VaR should be used for understanding the past, and making medium term and strategic decisions for the future. When VaR is used for financial control or financial reporting it should incorporate elements of both. For example, if a trading desk is held to a VaR limit, that is both a riskmanagement rule for deciding what risks to allow today, and an input into the risk measurement computation of the desk's riskadjusted return at the end of the reporting period.^{[4]}
VaR can also be applied to governance of endowments, trusts, and pension plans. Essentially trustees adopt portfolio ValuesatRisk metrics for the entire pooled account and the diversified parts individually managed. Instead of probability estimates they simply define maximum levels of acceptable loss for each. Doing so provides an easy metric for oversight and adds accountability as managers are then directed to manage, but with the additional constraint to avoid losses within a defined risk parameter. VaR utilized in this manner adds relevance as well as an easy way to monitor risk measurement control far more intuitive than Standard Deviation of Return. Use of VaR in this context, as well as a worthwhile critique on board governance practices as it relates to investment management oversight in general can be found in Best Practices in Governance.^{[12]}
Given a confidence level , the VaR of the portfolio at the confidence level is given by the smallest number such that the probability that the loss exceeds is at most .^{[3]} Mathematically, if is the loss of a portfolio, then is the level quantile, i.e.
The left equality is a definition of VaR. The right equality assumes an underlying probability distribution, which makes it true only for parametric VaR. Risk managers typically assume that some fraction of the bad events will have undefined losses, either because markets are closed or illiquid, or because the entity bearing the loss breaks apart or loses the ability to compute accounts. Therefore, they do not accept results based on the assumption of a welldefined probability distribution.^{[6]} Nassim Taleb has labeled this assumption, "charlatanism."^{[14]} On the other hand, many academics prefer to assume a welldefined distribution, albeit usually one with fat tails.^{[1]} This point has probably caused more contention among VaR theorists than any other.^{[9]}
Value of Risks can also be written as a distortion risk measure given by the distortion function ^{[15]}^{[16]}
The term "VaR" is used both for a risk measure and a risk metric. This sometimes leads to confusion. Sources earlier than 1995 usually emphasize the risk measure, later sources are more likely to emphasize the metric.
The VaR risk measure defines risk as marktomarket loss on a fixed portfolio over a fixed time horizon, assuming normal markets. There are many alternative risk measures in finance. Instead of marktomarket, which uses market prices to define loss, loss is often defined as change in fundamental value. For example, if an institution holds a loan that declines in market price because interest rates go up, but has no change in cash flows or credit quality, some systems do not recognize a loss. Or we could try to incorporate the economic cost of things not measured in daily financial statements, such as loss of market confidence or employee morale, impairment of brand names or lawsuits.^{[4]}
Rather than assuming a fixed portfolio over a fixed time horizon, some risk measures incorporate the effect of expected trading (such as a stop loss order) and consider the expected holding period of positions. Finally, some risk measures adjust for the possible effects of abnormal markets, rather than excluding them from the computation.^{[4]}
The VaR risk metric summarizes the distribution of possible losses by a quantile, a point with a specified probability of greater losses. Common alternative metrics are standard deviation, mean absolute deviation, expected shortfall and downside risk.^{[1]}
Supporters of VaRbased risk management claim the first and possibly greatest benefit of VaR is the improvement in systems and modeling it forces on an institution. In 1997, Philippe Jorion wrote:^{[17]}
[T]he greatest benefit of VAR lies in the imposition of a structured methodology for critically thinking about risk. Institutions that go through the process of computing their VAR are forced to confront their exposure to financial risks and to set up a proper risk management function. Thus the process of getting to VAR may be as important as the number itself.
Publishing a daily number, ontime and with specified statistical properties holds every part of a trading organization to a high objective standard. Robust backup systems and default assumptions must be implemented. Positions that are reported, modeled or priced incorrectly stand out, as do data feeds that are inaccurate or late and systems that are toofrequently down. Anything that affects profit and loss that is left out of other reports will show up either in inflated VaR or excessive VaR breaks. "A risktaking institution that does not compute VaR might escape disaster, but an institution that cannot compute VaR will not." ^{[18]}
The second claimed benefit of VaR is that it separates risk into two regimes. Inside the VaR limit, conventional statistical methods are reliable. Relatively shortterm and specific data can be used for analysis. Probability estimates are meaningful, because there are enough data to test them. In a sense, there is no true risk because you have a sum of many independent observations with a left bound on the outcome. A casino doesn't worry about whether red or black will come up on the next roulette spin. Risk managers encourage productive risktaking in this regime, because there is little true cost. People tend to worry too much about these risks, because they happen frequently, and not enough about what might happen on the worst days.^{[19]}
Outside the VaR limit, all bets are off. Risk should be analyzed with stress testing based on longterm and broad market data.^{[20]} Probability statements are no longer meaningful.^{[21]} Knowing the distribution of losses beyond the VaR point is both impossible and useless. The risk manager should concentrate instead on making sure good plans are in place to limit the loss if possible, and to survive the loss if not.^{[1]}
One specific system uses three regimes.^{[22]}
"A risk manager has two jobs: make people take more risk the 99% of the time it is safe to do so, and survive the other 1% of the time. VaR is the border."^{[18]}
The VaR risk measure is a popular way to aggregate risk across an institution. Individual business units have risk measures such as duration for a fixed income portfolio or beta for an equity business. These cannot be combined in a meaningful way.^{[1]} It is also difficult to aggregate results available at different times, such as positions marked in different time zones, or a highfrequency trading desk with a business holding relatively illiquid positions. But since every business contributes to profit and loss in an additive fashion, and many financial businesses marktomarket daily, it is natural to define firmwide risk using the distribution of possible losses at a fixed point in the future.^{[4]}
In risk measurement, VaR is usually reported alongside other risk metrics such as standard deviation, expected shortfall and "greeks" (partial derivatives of portfolio value with respect to market factors). VaR is a distributionfree metric, that is it does not depend on assumptions about the probability distribution of future gains and losses.^{[18]} The probability level is chosen deep enough in the left tail of the loss distribution to be relevant for risk decisions, but not so deep as to be difficult to estimate with accuracy.^{[23]}^{[24]}
VaR can be estimated either parametrically (for example, variancecovariance VaR or deltagamma VaR) or nonparametrically (for examples, historical simulation VaR or resampled VaR).^{[4]}^{[6]} Nonparametric methods of VaR estimation are discussed in Markovich ^{[25]} and Novak.^{[26]}
A McKinsey report^{[27]} published in May 2012 estimated that 85% of large banks were using historical simulation. The other 15% used Monte Carlo methods.
The problem of risk measurement is an old one in statistics, economics and finance. Financial risk management has been a concern of regulators and financial executives for a long time as well. Retrospective analysis has found some VaRlike concepts in this history. But VaR did not emerge as a distinct concept until the late 1980s. The triggering event was the stock market crash of 1987. This was the first major financial crisis in which a lot of academicallytrained quants were in high enough positions to worry about firmwide survival.^{[1]}
The crash was so unlikely given standard statistical models, that it called the entire basis of quant finance into question. A reconsideration of history led some quants to decide there were recurring crises, about one or two per decade, that overwhelmed the statistical assumptions embedded in models used for trading, investment management and derivative pricing. These affected many markets at once, including ones that were usually not correlated, and seldom had discernible economic cause or warning (although afterthefact explanations were plentiful).^{[21]} Much later, they were named "Black Swans" by Nassim Taleb and the concept extended far beyond finance.^{[28]}
If these events were included in quantitative analysis they dominated results and led to strategies that did not work day to day. If these events were excluded, the profits made in between "Black Swans" could be much smaller than the losses suffered in the crisis. Institutions could fail as a result.^{[18]}^{[21]}^{[28]}
VaR was developed as a systematic way to segregate extreme events, which are studied qualitatively over longterm history and broad market events, from everyday price movements, which are studied quantitatively using shortterm data in specific markets. It was hoped that "Black Swans" would be preceded by increases in estimated VaR or increased frequency of VaR breaks, in at least some markets. The extent to which this has proven to be true is controversial.^{[21]}
Abnormal markets and trading were excluded from the VaR estimate in order to make it observable.^{[19]} It is not always possible to define loss if, for example, markets are closed as after 9/11, or severely illiquid, as happened several times in 2008.^{[18]} Losses can also be hard to define if the riskbearing institution fails or breaks up.^{[19]} A measure that depends on traders taking certain actions, and avoiding other actions, can lead to self reference.^{[1]}
This is risk management VaR. It was well established in quantitative trading groups at several financial institutions, notably Bankers Trust, before 1990, although neither the name nor the definition had been standardized. There was no effort to aggregate VaRs across trading desks.^{[21]}
The financial events of the early 1990s found many firms in trouble because the same underlying bet had been made at many places in the firm, in nonobvious ways. Since many trading desks already computed risk management VaR, and it was the only common risk measure that could be both defined for all businesses and aggregated without strong assumptions, it was the natural choice for reporting firmwide risk. J. P. Morgan CEO Dennis Weatherstone famously called for a "4:15 report" that combined all firm risk on one page, available within 15 minutes of the market close.^{[9]}
Risk measurement VaR was developed for this purpose. Development was most extensive at J. P. Morgan, which published the methodology and gave free access to estimates of the necessary underlying parameters in 1994. This was the first time VaR had been exposed beyond a relatively small group of quants. Two years later, the methodology was spun off into an independent forprofit business now part of RiskMetrics Group.^{[9]}
In 1997, the U.S. Securities and Exchange Commission ruled that public corporations must disclose quantitative information about their derivatives activity. Major banks and dealers chose to implement the rule by including VaR information in the notes to their financial statements.^{[1]}
Worldwide adoption of the Basel II Accord, beginning in 1999 and nearing completion today, gave further impetus to the use of VaR. VaR is the preferred measure of market risk, and concepts similar to VaR are used in other parts of the accord.^{[1]}
VaR has been controversial since it moved from trading desks into the public eye in 1994. A famous 1997 debate between Nassim Taleb and Philippe Jorion set out some of the major points of contention. Taleb claimed VaR:^{[29]}
More recently David Einhorn and Aaron Brown debated VaR in Global Association of Risk Professionals Review^{[18]}^{[30]} Einhorn compared VaR to "an airbag that works all the time, except when you have a car accident." He further charged that VaR:
New York Times reporter Joe Nocera wrote an extensive piece Risk Mismanagement^{[31]} on January 4, 2009 discussing the role VaR played in the Financial crisis of 20072008. After interviewing risk managers (including several of the ones cited above) the article suggests that VaR was very useful to risk experts, but nevertheless exacerbated the crisis by giving false security to bank executives and regulators. A powerful tool for professional risk managers, VaR is portrayed as both easy to misunderstand, and dangerous when misunderstood.
Taleb, in 2009, testified in Congress asking for the banning of VaR on two arguments, the first that "tail risks are nonmeasurable" scientifically and the second is that for anchoring reasons VaR for leading to higher risk taking.^{[32]}
A common complaint among academics is that VaR is not subadditive.^{[4]} That means the VaR of a combined portfolio can be larger than the sum of the VaRs of its components. To a practising risk manager this makes sense. For example, the average bank branch in the United States is robbed about once every ten years. A singlebranch bank has about 0.0004% chance of being robbed on a specific day, so the risk of robbery would not figure into oneday 1% VaR. It would not even be within an order of magnitude of that, so it is in the range where the institution should not worry about it, it should insure against it and take advice from insurers on precautions. The whole point of insurance is to aggregate risks that are beyond individual VaR limits, and bring them into a large enough portfolio to get statistical predictability. It does not pay for a onebranch bank to have a security expert on staff.
As institutions get more branches, the risk of a robbery on a specific day rises to within an order of magnitude of VaR. At that point it makes sense for the institution to run internal stress tests and analyze the risk itself. It will spend less on insurance and more on inhouse expertise. For a very large banking institution, robberies are a routine daily occurrence. Losses are part of the daily VaR calculation, and tracked statistically rather than casebycase. A sizable inhouse security department is in charge of prevention and control, the general risk manager just tracks the loss like any other cost of doing business.
As portfolios or institutions get larger, specific risks change from lowprobability/lowpredictability/highimpact to statistically predictable losses of low individual impact. That means they move from the range of far outside VaR, to be insured, to near outside VaR, to be analyzed casebycase, to inside VaR, to be treated statistically.^{[18]}
Even VaR supporters generally agree there are common abuses of VaR:^{[6]}^{[9]}
The VaR is not a coherent risk measure since it violates the subadditivity property, which is
However, it can be bounded by coherent risk measures like Conditional ValueatRisk (CVaR) or entropic value at risk (EVaR). In fact, for (with the set of all Borel measurable functions whose momentgenerating function exists for all positive real values) we have
where
in which is the momentgenerating function of at . In the above equations the variable denotes the financial loss, rather than wealth as is typically the case.
