“The first principle is that you must not fool yourself — and you are the easiest person to fool. So you have to be very careful about that. After you’ve not fooled yourself, it’s easy not to fool other scientists. You just have to be honest in a conventional way after that.” Richard P. Feynman — On scientific integrity. 14 June 1974, Caltech, California, USA

Introduction

In the first part of this three-part series, we covered the stablecoin universe, defined decentralized risk management and outlined the governance structure around the risk function. In this article, the second part of the series, we will take a more in-depth look at the risks underlying the system — Describing how parameters in the MakerDAO system encapsulate those risks. Then finally outline the models that are most appropriate for measuring and managing those risks. To start, we go straight to the heart of the system, the CDP, and discover the dangers we face in supplying Dai.

The Inherent Risks Of Supplying Dai Using CDPs

Traditionally, loans are made with sufficient collateral in place to minimize the exposure at the time of default. The question is, what makes that collateral sufficient? Collateral is adequate when there is enough of it to cover all of a loan if ever that loan is placed into default. Which seems simple enough, if I pledge $100 worth of gold, would you lend me $100? Immediately you would say ‘no’ — because the price of gold fluctuates and at any point in time you could have less gold than the amount you lent out. If a default occurred at such a precarious time, you would not be able to recover the full loan. The obvious solution is to ask the borrower to pledge more gold to cover the volatility of gold’s value. So the first risk factor we need to consider would be the volatility in the value of the collateral.

Gold is purposefully used as an example, as it holds a lot of assumptions that most of us take for granted. The first assumption is that gold will remain, well, ‘gold’. What is meant by that? It is possible to replace gold in its industrial use and as a store of value — if that happened the value of gold would become quite volatile and possibly drop — it’s just not probable that it would occur any time soon, but we need to be cognizant of gold’s fundamental qualities. The second assumption about gold is that given the primary attributes of gold, there is a liquid marketplace where we could turn gold into fiat currency. Without sufficient liquidity, the price of gold will not reflect its real value. Think of it this way, the price is an advertisement, but the value is what you will get for it. That creates two more risk factors for us to consider, the first is the risk of change in the qualitative characteristics of the token, and the second is the risk of change in the liquidity of the token.

There is another feature of gold we take for granted that is indirectly related to liquidity. The value of all the gold ever mined is roughly $7.5 trillion. So, from any one person’s perspective, it’s highly improbable to own a majority stake in gold or even a significant amount of gold relative to the total supply. Unlike gold, the MakerDAO system could find itself with a concentrated position in a particular token if the majority of its owners used it as collateral. For example, if a crypto token with an available supply of $100m in the market had a substantial portion of the owners use this token as collateral, MakerDAO would have real exposure to this token. If, say, $40m of this token is collateral, and the collateral value started dropping rapidly, it should be clear that trying to get rid of 40% of the available supply (even in a liquid market) would directly impact the price and cause a downward price spiral. Thus the fourth risk factor to include is the risk of a concentrated exposure.

We now understand the risk of taking on too much exposure to one collateral type. Another is taking exposure to only ONE collateral type, which is where diversification is needed. We know that many volatile assets held in a portfolio create a diversification benefit. Simply put, the lower the correlation between tokens the more significant the diversification benefit. Multi-collateral Dai will use different tokens, so the fifth risk factor to include is correlation risk, or in other words the risk of change in the diversification benefit.

The final risk and something that is especially relevant to the crypto space, is price feeds. The US market has a fragmented securities exchange structure. There are multiple venues where one could complete a transaction in stock, resulting in the need for a ‘Securities Information Processor’ or SIP in the US. The purpose of this entity is to aggregate the best bids and offers from all the exchanges and disseminate the best bid and offers to the appropriately licensed data vendors. In turn, regulating information distributed to the public. The crypto space is itself fragmented, but at the moment there is no SIP in place to authenticate and monitor the data sent to the public — requiring the need to self-regulate prices. Till then, the quality of the feed dictates the value of the collateral underlying the loan. If we can’t depend on the feed, we can’t depend on the prices, and we thus have no confidence in the value of the collateral.

To summarize, the risks inherent in supplying Dai are as follows:

Volatility risk: the higher the volatility of the collateral value, the less likely we are to recover the full loan in the event of default.

Qualitative risk: the less stable the fundamentals of the organization, the less confident holders will be, and the more volatile the price will become.

Liquidity risk: the less liquidity available in the market, the more likely the price impact will work against realizable value.

Exposure risk: the higher the aggregate relative exposure to total supply, the more risk in trying to realize its value.

Correlation risk: the higher the correlation, the less the diversification benefit.

Price feed risk: low quality feeds create low confidence in value.

It probably has become apparent that the risks stated above are interrelated. If you start with one risk you could easily deduce the effect it could have on the others.

We need to understand how to identify, measure, and manage the above mentioned risks so that Maker token holders understand the exposures they face and the information available to make decisions. The sections that follow will outline each of these risks, the suggested risk management model and to what extent the risk parameters encapsulate these risks. Furthermore, we will outline the duties required from both the internal risk team and Maker token holders.

We will cover the risks in the order that is in line with how tokens are on-boarded as collateral. First, we start with the qualitative risk, then the exposure risk, liquidity and volatility risks together, correlation risk, and finally, the price feed risk.

Exploring The Inherent Risks And How To Manage Them

Qualitative Risk

Outline

To evaluate if the token will continue to operate with the same character as it has before (think of gold), we need to understand and assess the organization behind it. Doing a full evaluation for an investment is to combine due diligence of the organization with a financial analysis. The purpose of the financial analysis is to deduce a fair value for the token — the goal of the due diligence is to understand the potential volatility around that fair price due to operational and business risks. For MakerDAO, we are more interested in the inherent instability due to operational and business risk. We will leave the price opinion and price formation for the market to decide. To ascertain the business risks of the organization we need to abstract all the features of the organization — then distill them until we can understand a clear picture of the risks surrounding the token.

Risk Management Function

The necessary function here is to facilitate and contribute to the compilation of information to assess the qualitative features of the organization behind the token used as collateral. The process to compile data through due diligence has three parts and is conducted sequentially to use resources as efficiently as possible.

The three parts are:

The Initial Collateral Onboarding Process: this covers the trade support structure, distribution of token holdings and available data series.

The Operational Assessment Process: this covers the functionality behind the token, from the organization itself, through to the governance mechanisms and rights of the token owner.

The Technological Assessment Process: this covers the robustness and security of the underlying technology.

The information compiled from the due diligence will be used to rate the features of the potential collateral token. The features of the organization to assign a rating to are:

Team — Core team and advisors.

Community — Sentiment analysis.

Technology — Security and completeness review.

Market and Competitiveness — SWOT analysis.

Business Models — Structural and legal analysis.

Assigning a rating to each feature will result in an overall rating. A score below a prerequisite value will place the token to the back of the queue, and a passing score is an adjustment factor to the risk parameters of the system. We will elaborate on the features and rating system in a forthcoming document. For now, the point is to communicate the process.

Maker token holder (MTH) and Maker internal risk team (MRT) duties

MRT will create a qualitative risk template and assign ratings on this template. The model and information will be made available for MTH and other teams to use for themselves. Ultimately the risk function, made up of many groups, will collectively produce a weighted group rating for the token.

MTH will use the available information, along with the collective rating to decide whether to include the token into the collateral portfolio. As mentioned a rejected token will go to the back of the queue; otherwise, collateral will be included in the portfolio or assigned to be ‘reviewed.’ On ‘review’ means no decision made because of an impasse, or not enough information was available to make the decision.

Exposure Risk — Debt Ceiling

Outline

How much exposure of one collateral type are we willing to take? When is too much? What does ‘too much’ mean?

This concept of ‘too much’ represents the level of exposure relative to the available supply. If we breach that level, then we have an untenable concentration in exposure to one collateral type. It is unsustainable for if we attempted to liquidate it, it would impact the market so much (even a liquid market) that it would likely drop the value of the token to the extent that would not allow us to realize the full amount of the loans collateralized by that token.

This level of collateral exposure is called the Maximum Exposure Level, and given the Liquidation Ratio (explained in next section), we can calculate the Dai exposure level as the Debt Ceiling, which is the maximum amount of Dai that should be lent out given this collateral type. This level is not absolute, and it is related to the available supply.

To take it one step further, we need to consider the relationship between liquidity and free float. Free float is the readily traded portion of the available supply of tokens — the amount not held over the long term by founders and large institutions. Therefore any real liquidity presented in the market is a result of the free float.

There is a top-down and bottom-up approach to calculating the Debt Ceiling. The top-down starts with the free float and asks, ‘What is the maximum proportion we are willing to hold?’ The bottom-up starts with price impact and asks, ‘What is the maximum impact you think the market could sustain on a daily basis over a given period?’

Generally, the top down and bottom up approach don’t meet ‘in the middle,’ in fact, the top down should be seen as a constraint on the bottom up. If the bottom-up approach suggests the market is liquid enough to absorb a large number of tokens, but that amount is substantially more than the relative exposure to supply you are willing to hold — then stick with the top-down approach.

Risk Management Function

The calculation of the debt ceiling for a single token considers three practical issues. The first is the calculation of the highest debt ceiling given the assumption that the token has the liquidity for it. A calculated value based on the top-down approach that we have just discussed and we call it the Theoretical Debt Ceiling. The second issue is to consider what the current trading environment and portfolio permit the maximum level to be — this is related to the bottom-up approach — and known as the Practical Debt Ceiling. It considers the current trading environment as well as the current collateral portfolio risk profile. The last issue involves considering the rate at which the current Debt Ceiling increases. If the Debt Ceiling rises too quickly, it may be due to increased speculative activity or even an aggressive attack vector. In short, the rapid rate of increase could be indicative of an attack vector or an abnormal rise in volatility. Both of which would present problems to the system. Therefore the rate at which the debt ceiling may increase will be constrained by the Defensive Debt Ceiling, as an example, we could perform the calculation as follows: