The application of risk management concepts was born thousands of years ago; in Chapter 8, we noted how references to insurance and derivatives could be found in texts that are thousands of years old. However, only since the 1970s has risk management really evolved as a business discipline, thanks to a combination of factors—economic liberalization, the rise of shareholder power, regulatory pressures, and the increase in computational power among them.
There are three major business applications of risk management. The first is loss reduction, the second is uncertainty management, and the third is performance optimization. The combination of all three is enterprise risk management. This order is both the order in which the applications were developed historically, and also the order in which a particular institution will typically develop its risk management capabilities. Let's consider these in turn.
STAGE I: MINIMIZING THE DOWNSIDE
The first stage in risk management, which emerged during the 1970s and 1980s, focuses on protection against downside risks. Risk management practices mainly involved establishing credit controls, investment and liquidity policies, audit procedures, and insurance coverage. The objective of these defensive risk management practices was to minimize losses: