Add to collection(s) Add to saved
  1. Business
  2. Finance
  3. Financial Markets

Developments in risk management and corporate governance

advertisement 
Developments in risk
management and corporate
governance
Mario Mallia
CRO, BANK OF VALLETTA GROUP
Cavalieri Hotel, St Julians, MALTA – 16th April 2012
My definition of “banking”
“Banking is the art
of taking on
calculated financial
risks, and managing
those risks to
ensure that the
rewards of risk
exceed the costs of
risk.”
What is the difference between “Risk” and “uncertainty”?
RISK IS QUANTIFIABLE, UNCERTAINTY IS NOT
“The practical difference between the two categories, risk
and uncertainty, is that in the former the distribution of the
outcome in a group of instances is known (either through
calculation a priori or from statistics of past experience),
while in the case of uncertainty this is not true, the reason
being in general that it is impossible to form a group of
instances, because the situation dealt with is in a high
degree unique.”
Frank Knight, Risk, Uncertainty and Profit (1921)
What is the difference between “Risk” and “uncertainty”?
RISK IS QUANTIFIABLE, UNCERTAINTY IS NOT
In his Treatise on Probability, Keynes similarly distinguished between
Cardinal probability
Quantifiable: the probability of heads in a coin toss is 50%
Ordinal probability
Qualitative: for example, a particular team more likely to win the
premiership next year than another team. How much more likely
they are to win, I couldn’t tell you exactly.
Model-based risk management handles cardinal probability a lot
better than ordinal probability.
Guy Debelle, On risk and uncertainty (August 2010)
The Great Financial Crisis 2007-09
“(During the crisis) risk was mis-assessed by financial
institutions, risk managers, investors and regulators. There
was a false comfort taken from a misplaced belief that risk
was being accurately and appropriately measured. To some
extent, the technology provided risk managers with a false
sense of security. Risk may well have been accurately
measured for the particular regime that the economy and
financial markets were operating in. But the risk assessment
was not robust to a regime change that took the models out
of their historical comfort zone. Not enough account was
taken of uncertainty.”
Guy Debelle, On risk and uncertainty (August 2010)
From the Turner Report: Imbalances created excess savings …
… which led to an excess of liquidity …
… driving down interest rates …
… leading to a search for yield and lowering credit standards
Banks ended up fuelling a speculative asset boom
The trigger of the
2007-2009 financial
crisis was simple …
… Banks lost money on
fuelling a speculative asset
boom.
Financial innovation sought to satisfy the demand for yield uplift …
… and spread risk around …
“Securitisation was lauded by many industry
commentators as a means to reduce banking system
risks and to cut the total costs of credit intermediation,
with credit risk passed through to end investors,
reducing the need for unnecessary and expensive
bank capital … (securitisation) allowed loans to be
packaged up and sold to a diversified set of end
investors. Securitised credit intermediation would
reduce risks for the whole banking system. Credit
losses would be less likely to produce banking
system failure.”
Turner Review, p. 15
… but did this work?
“Credit securitised and taken off one bank’s balance sheet,
was not simply sold through to an end investor, but:
 bought by the proprietary trading desk of another bank; and
/or
 sold by the first bank but with part of the risk retained via the
use of credit derivatives; and/or
 ‘resecuritised’ into increasingly
instruments (e.g. CDOs); and/or
complex
 used as collateral to raise short-term liquidity.”
Turner Review, p. 16
and
opaque
Risk was not spread around, but simply concealed
“In total, this created a complex chain of multiple
relationships between multiple institutions each
performing a different small slice of the credit
intermediation and maturity transformation process,
and each with a leveraged balance sheet requiring a
small slice of capital … the new model left most of the
risk still somewhere on the balance sheets of banks
and bank-like institutions but in a much more complex
and less transparent fashion.”
Turner Review, p. 16
From financial crisis to economic
crisis to sovereign crisis …
Government support – start of a vicious circle?
COLLAPSING ASSET PRICES
PRESSURE ON CAPITAL AND LIQUIDITY
BANK FAILURE
GOVERNMENT BAIL OUT
DETERIORATING DEFICIT AND DEBT
WIDENING SOVEREIGN SPREADS
SOVEREIGN DEBT SUSTAINABILITY CRISIS
“Never waste a good crisis.”
Rahm Emanuel, President Obama’s Chief of Staff,
after Machiavelli
“The five
lessons
bankers must
relearn”
Purcell, Philip, The five
lessons bankers must relearn
(published: August 10 2008
19:29 FT.com)
Lesson no. 1
First, profits matter more than revenues. This was well
understood on Wall Street back when investment
banks were partnerships. Profits were critical for a
return on the partners’ capital. But when banks
became owned by shareholders, this discipline faded.
Instead, the emphasis shifted to the pursuit of shortterm revenues, eventually in the form of proprietary
bets on the market. As Henry Kaufman has written:
“Not surprisingly the rain-makers within those firms
garnered greater and greater prestige, influence and
monetary rewards.”
Lesson No. 1
RISK-ADJUSTED RETURN
Risk-adjusted performance measurement
Risk-adjusted Performance Measures
(RAPM) measures return against risk taken:
Economic Value Added
Risk capital
Risk-adjusted performance measurement
INTEREST RECEIVED
5%
less
less
COST OF FUNDS
3%
=
=
ACCOUNTING MARGIN
2%
less
less
EXPECTED LOSS
1.5%
less
less
COST OF CAPITAL
1.0%
=
=
ECONOMIC VALUE ADDED
(0.5%)
Risk
Management
must ensure
that return
covers the
total cost of
risk –
otherwise,
long-term
insolvency
Expected loss – Typical Loss or Mean Loss?
Typical Loss: Reoccurring losses that are expected in the normal course of
business. In some risk types the Typical Loss may be close to the mathematical
mean, e.g. credit card fraud. Other risk types will have very little Typical Loss.
Mean Loss: The mathematical mean derived from the loss distribution over a one
year period. Mean Loss can be used as the upper cap for the level of EL that can
be offset for Regulatory Capital purposes.
Unexpected loss
Unexpected loss is the estimated volatility of potential loss
in value of the asset
Expected loss
EL
=
EXPOSURE AT DEFAULT (EAD)
x
PROBABILITY OF DEFAULT (PD)
x
LOSS GIVEN DEFAULT (LGD)
 Covered by loan loss reserves or (if accounting standards
do not allow) by capital
 Pricing issues – expected losses to be factored into price
Expected loss covered by price – P&L neutrality
INCOME:
Credit risk premium receivable as part of
loan pricing
EXPENSE:
Loan loss reserve for expected loss
If expected losses are covered by
pricing, only unexpected losses
(volatility around expected loss) are
covered by CAPITAL.
Sufficient good-quality capital is
therefore critical to business continuity
under conditions of UNCERTAINTY.
Lesson no. 2
Second, compensation should be based on profits, margins
and return on equity over time, not current year revenues. As
the “rainmakers”, or bankers and traders, have gained power,
current year revenues have driven compensation. As a result,
the rainmakers have pushed for control of more assets and
more leverage, and have been willing to undertake greater risk
to generate greater current year revenues (and larger pay
cheques). It is not surprising that, as investment banks
increased leverage and took on outsized risks, compensation
for bankers and traders increased dramatically.
But when reckless risk-taking led to big losses, it was the
shareholders, not bankers and traders, who suffered the
consequences. There is a straightforward way to remedy this.
Pay traders based only on returns and establish a vesting
period of several years to make sure that the profits are not
illusory.
Lesson No. 2
REMUNERATION
Bankers’ bonuses
Remuneration
FSF Principles for Sound
Compensation Practices
April 2009
“Compensation practices at large financial institutions are one
factor among many that contributed to the financial crisis that
began in 2007. High short-term profits led to generous bonus
payments to employees without adequate regard to the
longer-term risks they imposed on their firms. These perverse
incentives amplified the excessive risk-taking that severely
threatened the global financial system and left firms with fewer
resources to absorb losses as risks materialised. The lack of
attention to risk also contributed to the large, in some cases
extreme absolute level of compensation in the industry.”
EBA Guidelines on
Internal
Governance –
September 2011
Remuneration governance
1.
An institution’s remuneration policy and practices shall be
consistent with its risk profile and promote sound and
effective risk management.
2. An institution’s overall remuneration policy should be in line
with its values, business strategy, risk tolerance/appetite
and long-term interests. It should not encourage excessive
risk-taking. Guaranteed variable remuneration or
severance payments that end up rewarding failure are not
consistent with sound risk management or the pay-forperformance principle and should, as a general rule, be
prohibited.
Remuneration governance
3. For staff whose professional activities have a material
impact on the risk profile of an institution (e.g. management
body members, senior management, risk-takers in
business units, staff responsible for internal control and any
employee receiving total remuneration that takes them into
the same remuneration bracket as senior management and
risk takers), the remuneration policy should set up specific
arrangements to ensure their remuneration is aligned with
sound and effective risk management.
4. Control functions staff should be adequately compensated
in accordance with their objectives and performance and
not in relation to the performance of the business units they
control.
Remuneration governance
5. Where the pay award is performance related, the
remuneration should be based on a combination of
individual and collective performance. When defining
individual performance, factors other than financial
performance should be considered. The measurement of
performance for bonus awards should include adjustments
for all types of risk and the cost of capital and liquidity.
6. There should be a proportionate ratio between basic pay
and bonus. A significant bonus should not just be an upfront cash payment but should contain a flexible and
deferred risk-adjusted component. The timing of the bonus
payment should take into account the underlying risk
performance.
Lesson no. 3
Third, leverage works not just on the upside but on the
downside as well. Excessive debt can turbo-charge
profits during a boom, but can result in crippling
losses when the bubbles burst. Because of excessive
leverage in the recent cycle, investment banks found
they did not have enough capital to sustain
themselves in the downdraft. They have had to raise
new capital, diluting the investments of existing
shareholders, or sell valuable assets. Leverage must
be reduced.
Lesson No. 3
LEVERAGE
Leverage
Equity
Debt
Debt
Leverage = ratio
of debt to equity
2:1 = Low leverage
Leverage
Equity
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
30:1 = high leverage
Leverage
Equity
Debt
Debt
Buy assets for €150 million
Debt = € 100 million
Equity = € 50 million
Increase in value = 20% net
= € 30 million
Return on capital = € 30 million
on € 50 million invested = 60%
Leverage
Equity
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Buy assets for € 150
million
Debt = € 145 million
Equity = € 5 million
Increase in value = 20%
net = € 30 million
Return on capital = € 30
million on € 5 million
invested = 600%
Leverage
Equity
Debt
Debt
Buy assets for € 150 million
Debt = € 100 million
Equity = € 50 million
decrease in value = 20% net
= € 30 million
Remaining equity after loss =
€ 20 million
Leverage
Equity
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Debt
Buy assets for € 150
million
Debt = € 145 million
Equity = € 5 million
decrease in value =
20% net = € 30 million
Remaining capital after
loss = minus € 25 million
Lesson no. 4
Fourth, diversified and recurring revenue streams not
based on trading or principal investing have immense
value in a down cycle. The banks most jeopardised in
the recent crisis, Bear Stearns and Lehman, had
revenue streams less diversified and recurring than
their competitors. Even firms that are better on this
score are now being forced to sell their most stable
and highest-return businesses in order to make up for
the massive capital losses from their highly leveraged
fixed income businesses. Morgan Stanley has sold
MSCI, Merrill Lynch has announced the sale of
Bloomberg, and other valuable businesses will be
sold.
Lesson No. 4
CONCENTRATION RISK
Concentration risk
A risk concentration is any single exposure or group of
exposures with the potential to produce losses large
enough (relative to a bank’s capital, total assets, or overall
risk level) to threaten a bank’s health or ability to maintain
its core operations. Risk concentrations are arguably the
single most important cause of major problems in banks.
BIS, Basel II: International Convergence of Capital Measurement and
Capital Standards: A Revised Framework (June 2006), para 770
Concentration risk in Malta
Concentration Risk in Malta: BoV's main risk is
credit-related. The book mainly comprises
corporate lending. Industry and single-name
concentrations are constant features of the
bank's loan book, given the small size and
concentrated nature of the Maltese economy
and BoV's dominant market position.
Concentration risk
In many instances, due to a bank’s trade area, geographic location or lack of
access to economically diverse borrowers or counterparties, avoiding or
reducing concentrations may be extremely difficult. In addition, banks may
want to capitalise on their expertise in a particular industry or economic
sector. A bank may also determine that it is being adequately compensated
for incurring certain concentrations of risk. Consequently, banks should not
necessarily forego booking sound credits solely on the basis of concentration.
Banks may need to make use of alternatives to reduce or mitigate
concentrations. Such measures can include pricing for the additional risk,
increased holdings of capital to compensate for the additional risks and
making use of loan participations in order to reduce dependency on a
particular sector of the economy or group of related borrowers. Banks must
be careful not to enter into transactions with borrowers or counterparties they
do not know or engage in credit activities they do not fully understand simply
for the sake of diversification.
BIS, Principles for the Management of Credit Risk (Sep 2000), para 67
Concentration risk
NAME
CONCENTRATION
SECTOR
CONCENTRATION
Name concentration
1. Micro-management of credit risk – the
CAMPARI model
2. Correct pricing
3. Good governance
Micro-management of credit risk
CAMPARI model
 CHARACTER
 ABILITY TO REPAY
 MARGIN OF FINANCE
 PURPOSE
 AMOUNT
 REPAYMENT TERMS
 INSURANCE
Sector concentration
 Economic research – quality of internal and
external statistical data
 Identifying and promoting the “New
Economy”
 Sector caps
Sector concentration - BOV
Lesson no. 5
Finally, risk management should become a boardlevel responsibility, with appropriate committees
meeting regularly with management. In the old
partnerships, the partners paid close attention to their
firm’s risk for a simple reason: it was their money.
Today, the capital provider (shareholders) is separated
from the risk-takers, who are rewarded by
compensation and not strictly by shareholder returns.
Since boards are elected to represent shareholders,
directors must become more informed, sophisticated
and involved in the risk-taking, capital allocation and
risk-management function.
Lesson No. 5
GOVERNANCE
The 3 lines of defence
RISK
INTERNAL
AUDIT
RISK
RISK
BUSINESS
UNIT
RISK
RISK
Independent
Assurance
Oversight
Mitigation
EBA Guidelines on
Internal
Governance –
September 2011
Risk Control function

A comprehensive and independent risk control
function (RCF).

The RCF should provide relevant independent
information, analyses and expert judgement on risk
exposures, and advice on proposals and risk
decisions made by the management body and
business or support units as to whether they are
consistent
with
the
institution's
risk
tolerance/appetite.

The RCF should be independent of the business
and support units whose risks it controls but not be
isolated from them.
Role of the RCF

The RCF shall be actively involved at an early stage
in elaborating an institution’s risk strategy and in all
material risk management decisions.

The RCF should provide the management body with
all relevant risk related information (e.g. through
technical analysis on risk exposure) to enable it to
set the institution's risk tolerance/appetite level.

The RCF should also assess the risk strategy,
including targets proposed by the business units,
and advise the management body before a decision
is made. Targets, which include credit ratings and
rates of return on equity, should be plausible and
consistent.
The CRO

An institution shall appoint a person, the Chief Risk Officer
(“CRO‟), with exclusive responsibility for the RCF and for
monitoring the institution's risk management framework
across the entire organisation.

The CRO shall be responsible for providing comprehensive
and understandable information on risks, enabling the
management body to understand the institution's overall risk
profile.

The CRO should have sufficient expertise, operating
experience, independence and seniority to challenge
decisions that affect an institution's exposure to risk.

If the CRO is replaced it should be done with the prior
approval of the management body in its supervisory function.
The removal or appointment of a CRO should be disclosed
and the supervisory authority informed about the reasons.
The Risk Management function

Institutions should ensure that the risk management
function is independent from the operational units
whose activities they review. Their position in the
organisation should allow them to interact with these
units in order to have access to the information
necessary for the accomplishment of their mission.
However, the risk management function should in all
cases be carried out at arm's length from the
decision-making function. (para 24)

The management of risks should not be confined to
the risk management function. It should be a
responsibility of management and staff in all
business lines, and they should be aware of their
accountability in this respect (para 25)
BOV Risk Management structure
RISK MANAGEMENT FUNCTION AT BOV
BOARD OF
DIRECTORS
BOARD
CHAIRMAN
AUDIT
COMMITTEE
ALCO
CHIEF
EXECUTIVE
OFFICER
CREDIT
COMMITTEE
RISK
MANAGEMENT
AND
COMPLIANCE
COMMITTEE
CHIEF OFFICER
RISK
MANAGEMENT
INTERNAL AUDIT
EXECUTIVE
HEAD RISK
MANAGEMENT
MARKET
INTELLIGENCE
UNIT
MARKET RISK
ASSET AND
LIABILITY
MANAGEMENT
UNIT
RISK RESEARCH
CREDIT RISK
MANAGEMENT
UNIT
OPERATIONAL
RISK
OPERATIONAL
RISK
MANAGEMENT
UNIT
RISK MITIGATION
INFORMATION
SECURITY RISK
A 6th lesson? The “Golden Rule” of banking
“For the activity of the banks as
negotiators of credit the golden rule
holds, that an organic connection
must be created between the credit
transactions
and
the
debit
transactions. The credit that the
bank grants must correspond
quantitatively and qualitatively to
the credit that it takes up. More
exactly expressed, ‘The date on
which the bank's obligations fall
due must not precede the date on
which its corresponding claims can
be realized.’ Only thus can the
danger of insolvency be avoided.”
Von Mises, 1912
Risk Appetite and the rise of ERM
Enterprise Risk Management (ERM)
“Enterprise risk management is a process,
effected by an entity’s board of directors,
management and other personnel, applied in
strategy setting and across the enterprise,
designed to identify potential events that may
affect the entity, and manage risk to be within its
risk appetite, to provide reasonable assurance
regarding the achievement of entity objectives.”
The Committee of Sponsoring Organizations of the Treadway Commission
(COSO), Enterprise Risk Management — Integrated Framework (Sep 2004)
ERM – articulation of the Risk Appetite
Firms that had made the most progress
in establishing a risk appetite framework
report that there is a close and
indissoluble link between risk appetite
and culture. Risk appetite is about the
organization being clear, and making
clear to others its desired level of
risk. This in turn informs the
planning and risk taking decisions of
the business units. Decision-makers,
while continuing to be bound by policies
and limits, have a clearer understanding
of why the policies and limits are as
they are.
Institute of International Finance, June 2011
ERM - Risk Appetite & Risk Tolerance
RISK
RISKTOLERANCE
UNIVERSE
APPETITE
Integrating Risk Management and Strategy
LONG-TERM SHAREHOLDER VALUE
STRATEGIC OBJECTIVES
RISK APPETITE
Risk, strategy and value creation (Source: PwC)
The response of the Regulator
Basel III building blocks
Basel III builds upon Basel II Architecture
Basel III strengthens the three Basel II pillars, especially Pillar 1,
with enhanced minimum capital and liquidity requirements.
Basel III in one picture
Source: Causal Capital, 2011
Regulation and small states
Not only do (small states) have to provide accountable and
effective administration for the population at home, but they
must do so in the context of the increasingly globalised 21st
century world. Many areas of policy-making and regulation,
particularly in the financial realm, are now answerable to an
international audience. Unless it is prepared to risk
international isolation and economic decay, no small country
can afford to ignore or neglect the ever more complex
framework of rules and conventions within which the global
community operates. For developing nations, hugely
dependent on foreign aid, investment and cooperation, such
norms are a reality they cannot avoid.
Melly, Paul, Big Issues for Small Countries
(http://siteresources.worldbank.org/INTOPCS/Resources/3808311286398698992/SCFMarticle-cropped.pdf)
But could heavy regulation be beneficial for small states?
Will the Basel III regime
benefit small banks (and
banks in small states) by
forcing the big players to
lower their risk profiles?
The question of Government support
Government support
Government support
Government support
“As would be expected in emerging markets, the sovereign's
willingness and ability to support banks vary significantly. In
the Gulf region there has been a history of almost
unquestioned willingness to support most banks and this had
led to relatively high Support Rating Floors even by developed
market standards … However, for much weaker sovereigns,
notwithstanding their sometimes strong willingness to support,
their ability to do so as reflected in the sovereign's Issuer
Default rating, means that Support Rating Floors in emerging
markets are much lower.”
Mark Young, Managing Director in the Financial Institutions team at Fitch.
Government support
 Size of host state pressures IDR (glass
ceiling?)
 High capital buffers
Ratings vicious cycle?
Lower IDR
Higher
funding
costs
Difficulty to
raise capital
Lower ROE
Capital buffers
 The vulnerability associated with small
states with limited markets tends to promote
conservative and stable banking models
“Smallness has not constrained the banks in
the region from being world ranked,
however, with respect to soundness (Tier 1
ratio)”
Birchwood, Anthony, Banking in Small States: The Case of
Caribbean Commercial Banks
Global Competitiveness
Report – 2010/11
– Soundness of Banks
3 parting thoughts on the future of
Risk Management in a volatile,
globalised world
The future of Risk Management – the rise of ALM
“The new Basel III framework hinges upon the integrated
management of assets, capital, and funding. In a Basel III
world banks can no longer afford to optimize assets and
liabilities independently. The new interdependencies are
such that, in practice, each asset has an impact on the
bank’s capital and leverage position and each asset and
liability affects the bank’s short-term liquidity position as part
of its assets. Nor is this just a technical issue; in light of the
increasing attention given by rating agencies and financial
investors to banks’ balance sheets, it is a question of
strategy.”
McKinsey and Company, Basel III and European banking (November
2010)
The future of Risk Management – Stress-testing
“The fact that extraordinary events occurred with
greater frequency over the last two years highlights
the need for more robust scenario analysis and
stress testing in financial risk management ...
understanding and modeling so-called tail risk
events has become more important than ever.”
Swimming Naked: Rethinking Risk Management After the Crisis
(http://knowledge.wpcarey.asu.edu/article.cfm?articleid=1798)
The future of Risk Management – “a healthy dose of judgment”
“Mis-assessment of risk has been a key element of the financial
crisis. One of the contributing factors to this misassessment was
an over-reliance on a model-based approach to risk management,
which focused too much on measurable risk without taking full
enough account of unmeasurable uncertainty.
Taking account of uncertainty is not easy, after all, it is uncertain!
But at least a focus on ordinal as well as cardinal probabilities, in
part by stress testing with scenarios that fall outside the model’s
history, would surely be beneficial. But stress testing and the
assessment of uncertainty is still constrained by the difficult
decision as to what is the relevant set of stresses that the
framework should be subjected and what is the relevant history. A
healthy dose of judgment needs to be brought to bear on these
decisions ...”
Guy Debelle, On risk and uncertainty (August 2010)
Developments in risk
management and corporate
governance
Mario Mallia
CRO, BANK OF VALLETTA GROUP
Cavalieri Hotel, St Julians, MALTA – 16th April 2012
Related documents
R B EVERSE
R B EVERSE
XYZ's receivables turnover is 10x.  The accounts receivable at year­end are $600,000.  The average  collection period is 90 days (3 months).  What was the sales figure for the year?
XYZ's receivables turnover is 10x.  The accounts receivable at year­end are $600,000.  The average  collection period is 90 days (3 months).  What was the sales figure for the year?
Cost of Capital Problem
Cost of Capital Problem
Average US credit card debt - e
Average US credit card debt - e
M E ONTHLY
M E ONTHLY
POWERPOINT JEOPARDY - Economics & Personal Finance
POWERPOINT JEOPARDY - Economics & Personal Finance
CREDIT CONTROL & DEBT COLLECTION
CREDIT CONTROL & DEBT COLLECTION
D&B Collect Pricing Schedule.
D&B Collect Pricing Schedule.
Download
advertisement