Value At Risk is a widely used risk management tool, popular especially with banks and big financial institutions. There are valid reasons for its popularity – using VAR has several advantages. But for using Value At Risk for effective risk management without unwillingly encouraging a future financial disaster, it is crucial to know the limitations of Value At Risk.
False sense of security
Looking at risk exposure in terms of Value At Risk can be very misleading. Many people think of VAR as "the most I can lose", especially when it is calculated with the confidence parameter set to 99%. Even when you understand the true meaning of VAR on a conscious level, subconsciously the 99% confidence may lull you into a false sense of security.
Unfortunately, in reality 99% is very far from 100% and here's where the limitations of VAR and their incomplete understanding can be fatal.
VAR does not measure worst case loss
99% percent VAR really means that in 1% of cases (that would be 2-3 trading days in a year with daily VAR) the loss is expected to be greater than the VAR amount. Value At Risk does not say anything about the size of losses within this 1% of trading days and by no means does it say anything about the maximum possible loss.
The worst case loss might be only a few percent higher than the VAR, but it could also be high enough to liquidate your company. Some of those "2-3 trading days per year" could be those with terrorist attacks, big bank bankruptcy, and similar extraordinary high impact events.
You simply don't know your maximum possible loss by looking only at VAR. It is the single most important and most frequently ignored limitation of Value At Risk.
Besides this false sense of security problem, there are other (perhaps less frequently discussed but still valid) limitations of Value At Risk.
Difficult to calculate for large portfolios
When you're calculating Value At Risk of a portfolio, you need to measure or estimate not only the return and volatility of individual assets, but also the correlations between them. With growing number and diversity of positions in the portfolio, the difficulty (and cost) of this task grows exponentially.
VAR is not additive
The fact that correlations between individual risk factors enter the VAR calculation is also the reason why Value At Risk is not simply additive. The VAR of a portfolio containing assets A and B does not equal the sum of VAR of asset A and VAR of asset B.
Only as good as the inputs and assumptions
As with other quantitative tools in finance, the result and the usefulness of VAR is only as good as your inputs. A common mistake with using the classical variance-covariance Value At Risk method is assuming normal distribution of returns for assets and portfolios with non-normal skewness or excess kurtosis. Using unrealistic return distributions as inputs can lead to underestimating the real risk with VAR.
Different VAR methods lead to different results
There are several alternative and very different approaches which all eventually lead to a number called Value At Risk: there is the classical variance-covariance parametric VAR, but also the Historical VAR method, or the Monte Carlo VAR approach (the latter two are more flexible with return distributions, but they have other limitations). Having a wide range of choices is useful, as different approaches are suitable for different types of situations. However, different approaches can also lead to very different results with the same portfolio, so the representativeness of VAR can be questioned.
So many problems... Should you still use VAR?
Having read about several serious limitations of Value At Risk and you might be thinking of never using VAR (again). However, Value At Risk can be useful, as long as you keep its weaknesses in mind and don't take VAR for something it isn't.
Value At Risk should be one little piece in the risk management process and it must be complemented with other tools, especially those taking care of that 1% worst case area, which VAR virtually ignores. As long as you don't let VAR become a false sense of security, it can be very helpful.