Risk-based Supervision for
Credit Unions
CREDIT UNION SUPERVISION
WORKSHOP
KINGSTOWN, ST. VINCENT
COURTNEY CHRISTIE-VEITCH
FINANCIAL SECTOR SUPERVISOR, CARTAC
AUGUST 20 - 22, 2014
Presentation Outline
 Background
 Significant Activities
 Materiality
 Inherent risks
 Quality of Risk Management
 Residual Risk
Presentation Outline
 Direction of Risk
 Capital Assessment
 Earnings Assessment
 Liquidity Assessment
 Composite Rating
Background: Role of Prudential Supervision
To protect
shareholders/depositors
To enhance the integrity of the
financial system
To help maintain competitive
markets and promote effective
competition in the interests of
consumers
Background:
How Supervisors Carry Out Their Role
A judgmentbased
approach
A forwardlooking
approach
A risk-focused
approach
• The use of judgment in determining whether financial firms are
safe and sound;
• provide appropriate protection for policyholders, depositors or
investors
• Assess whether firms continue to meet prudential requirements.
• The assessment of firms not just against current risks, but also
against those risks that could plausibly arise in the future.
• Use of Stress Testing and Scenario Analysis to assess risks
• Focus on those issues and those firms that pose the greatest risk
to the stability of the financial system, depositors, investors and
policyholders
• Allocate scarce resources to greatest areas of need.
The Essence of Risk Taking
“Experience taught me a few
things. One is to listen to your
gut, no matter how good
something sounds on paper.
The second is that you're
generally better off sticking
with what you know. And the
third is that sometimes your
best investments are the ones
you don't make.” Donald
Trump
Rationale for Risk-based Approach
 Resources are not infinite / allocation of scarce




resources
Mechanism to prioritize work/on-sites – focus
efforts on greatest risks
Focus on risks to institution's aims and objectives
Basis for justifying approach, action and decision
Documented and consistent approach to risk
management
Risk Management Stages
Decision
to be Riskbased
Set Risk
Context
Set Risk
Appetite
Risk
Identification
Risk Monitoring
and Reporting
Risk
Measurement
Risk Control
Risk Mitigation
Step I: Identifying Significant Activities
 Line of business
 Business units
 Enterprise wide process e.g. information technology
 Activities can be identified from:
 Organization structure
 Strategic plans
 Operational and Business plans
 Capital allocations,
 Financial reporting (internal/external)
Step II: Determining Materiality
 Assets generated by the activity relative to total asset





size
Revenue generated by activity in relation to total
revenue
Net income before tax/total net income before tax
Risk weighted assets generated by activity / total
RWA
Capital allocation / total capital
Strategic importance
Group Exercise # 1
 Using the Annual Reports and
Audited Financial Statements
provided for the five Credit Unions,
Identify the significant activities
Determine materiality of the
significant activity identified
Step III: Assess Inherent Risks
Inherent risk is risk which cannot be
segregated from the activity. It is intrinsic to
an activity and arises from exposure to and
uncertainty from potential future events.
Inherent risks are evaluated by considering
the degree of probability and the potential
size of an adverse impact on an institution’s
capital, liquidity or earnings.
Inherent Risk Assessment
High
Current Risk Levels
Medium High
I
m
p
a
c
t
Mitigation
Moderate
Medium Low
Target Risk Levels
Low
Low
Medium Low
Moderate
Probability
Medium High
High
Inherent Risk Framework - Traditional
B
u
s
i
n
e
s
s
.
E
n
v
i
r
o
n
O
p
e
r
a
ti
n
g
.
E
n
v
i
r
o
n
Inherent Risk Framework - Revised
B
u
s
i
n
e
s
s
.
E
n
v
i
r
o
n
O
p
e
r
a
ti
n
g
.
E
n
v
i
r
o
n
Inherent Risk Rating
Low
Medium
Low
• Low probability of a material adverse impact on an
institution’s capital or earnings due to exposure and
uncertainty from potential future events.
• Lower than average probability of a material adverse
impact on an institution’s capital or earnings due to
exposure and uncertainty from potential future events.
• Average probability of a material adverse impact on an
institution’s capital or earnings due to exposure and
Moderate
uncertainty from potential future events.
Inherent Risk Rating
Medium
High
• Higher than average probability of a
material adverse impact on an institution’s
capital or earnings due to exposure and
uncertainty from potential events.
High
• Higher than above average probability of a
material adverse impact on an institution’s
capital or earnings due to exposure and
uncertainty from potential future events.
Assessing Inherent Risk
The CAMELS Rating System
 Uniform Financial Institutions Rating System (UFIRS)
 Adopted by Federal Financial Institutions Examination





Council (FFIEC) in 1979
Assesses six components of a deposit taking financial
institution’s performance.
Driven by both component and composite ratings
Takes into consideration financial, managerial and
compliance factors common to all financial institutions.
Licensees evaluated in a uniformed and comprehensive
manner
Supervision attention appropriately focused on the
financial institutions exhibiting financial and operational
weaknesses or adverse trends.
Assessing Inherent Risk
The CAMELS Rating System
 References to the CAMELS Rating System in
this Presentation are based on the Office of
the Comptroller of the Currency (OCC) Onsite Process Handbook, updated September
2012.
 The CAMELS Rating System is:



Used to assess credit unions in the USA
Used by the majority of Financial Institution Regulators in the
Caribbean
A risk assessment tool / not just a management or reporting
tool as the PEARLS system
Objectives of the
CAMELS Framework
Review and assess the credit union’s capital adequacy
framework
Review and assess the quality of the credit union’s assets
(with emphasis on investments and loans).
Review and assess Governance/Board and Management
Oversight
Review and assess adequacy of earnings and the credit
union’s profitability
Review and assess the credit union’s liquidity status and
adequacy of liquidity
Review and assess the credit union’s sensitivity to
market risks
Additional Risks Not Explicitly Considered
by CAMELS
Review and assess the credit union’s
Operational risk management framework
Review and assess concentration risks in the
credit union’s operations (with emphasis on
concentration risks in loans, share/savings
and investments ).
Review and assess reputation risk in the
credit union
Review and assess business strategy risk in
the credit union
CAMELS
Asset Quality Assessment
 Soundness of risk identification
practices, credit underwriting
standards and credit administration
practices
 Level, distribution, severity and trend
of problem, classified, non accrual,
restructured, delinquent and
nonperforming assets (on and off
balance sheet)
CAMELS
Asset Quality Assessment
 Adequacy of allowances for loans and
lease losses and other valuation
reserves
 Credit risks arising from or induced by
off-balance sheet transactions, e.g.
unfunded commitments, credit
derivatives, commercial and standby
letters of credit and lines of credit.
CAMELS
Asset Quality Assessment
 Diversification and quality of the loan
and investment portfolio
 Extent of securities underwriting
activities and exposures to
counterparties in trading activities
 Existence of asset concentration
CAMELS
Asset Quality Assessment
 Ability of management to properly
administer its assets, including timely
identification and collection of problem
assets
 Adequacy of internal controls and
management information systems
 Volume and nature of credit
documentation exception.
Asset Quality Rating
1
• Strong asset quality and credit administration
practices. Identified weaknesses are minor in nature
and risk exposure is modest in relation to the capital
protection and management’s abilities.
• Asset quality is of minimum supervisory concern
2
• Satisfactory asset quality and credit administration
practices.
• The level and severity of classifications and other
weaknesses warrant a limited level of supervisory
attention.
• Risk exposure is commensurate with capital
protection and management's abilities.
Asset Quality Rating
3
• Asset quality or credit administration practices are less
than satisfactory. Trends may be stable or indicate
deterioration in asset quality or increased risk exposure
• Level and severity of classified assets, other weaknesses
and risks require an elevated level of supervisory concern.
• A general need to improve credit administration and risk
management practices.
4
• Deficient asset quality or credit administration practices.
The levels of risk and problem assets are significant, and
inadequately controlled, and they subject the financial
institution to potential losses that, if left unchecked, may
threaten its viability.
5
• Critically deficient asset quality or credit administration
practices that present an imminent threat to the
institution’s viability.
CAMELS
Sensitivity to Market Risk Assessment
 Sensitivity of earnings or the economic value
of capital to adverse changes in interest rate,
foreign exchange rates, commodity prices or
equity prices
 The ability of management to identify,
measure, monitor and control exposure to
market risk given the size, complexity and
risk profile of the FI
CAMELS
Sensitivity to Market Risk Assessment
 The nature and complexity of interest rate
risk exposure arising from non trading
positions
 The nature and complexity of market risk
exposure arising from trading, asset
management activities and foreign exchange
operations
CAMELS
Sensitivity to Market Risk Rating
1
• Market risk sensitivity is well controlled
• Minimal potential that earnings performance
or capital position will be adversely affected
• Risk management practices are strong for the
size, sophistication and market risk accepted
by the institution
• Level of earnings and capital provide
substantial support for the amount of market
risk taken by the institution
CAMELS
Sensitivity to Market Risk Rating
2
• Market risk sensitivity is adequately controlled
• Moderate potential that earnings performance
or capital position will be adversely affected
• Risk management practices are satisfactory for
the size, sophistication and market risk
accepted by the institution
• Level of earnings and capital provide adequate
support for the amount of market risk taken by
the institution
CAMELS
Sensitivity to Market Risk Rating
3
• Control of Market risk sensitivity needs
improvement
• Significant potential that earnings performance
or capital position will be adversely affected
• Risk management practices need to be
improved based on the size, sophistication and
market risk accepted by the institution
• Level of earnings and capital may not
adequately provide support for the amount of
market risk taken by the institution
CAMELS
Sensitivity to Market Risk Rating
4
• Control of market risk sensitivity is
unacceptable
• Significant potential that earnings performance
or capital position will be adversely affected
• Risk management practices are deficient for
the size, sophistication and market risk
accepted by the institution
• Level of earnings and capital provide
inadequate support for the amount of market
risk taken by the institution
CAMELS
Sensitivity to Market Risk Rating
5
• Control of market risk sensitivity is
wholly unacceptable
• Level of market risks assumed by
institution is an imminent threat to its
viability
• Risk management practices are wholly
inadequate for the size, sophistication
and market risk accepted by the
institution
Reputational Risk Assessment
 Corporate Governance
 Management integrity
 Staff competence / support
 Corporate culture
 Risk management and control
environment
Reputational Risk Assessment
 Financial Soundness / Business
viability
 Business practices
 Customer satisfaction
 Legal / regulatory compliance
 Contagion risk / rumors
 Crisis management
 Disclosure and transparency
Reputational Risk Rating
1
• Strong reputational risk management in all respects
• Effective procedures to protect institution from
potential threats to reputation and mitigate effects of
reputation events
• No negative publicity regarding the institution’s
business practices noted, franchise value only minimally
exposed to reputational risk
• Fully effective internal controls and audit
• Management fosters sound corporate culture /
embedded in the organization
• Management anticipates and responds well to changes
of a market or regulatory nature
• Low losses from fiduciary activities
• Excellent track record on regulatory compliance /
limited experience of litigation and customer complaints
Reputational Risk Rating
2
• Adequate reputational risk management in most cases
• Effective procedures to protect institution from potential threats to
reputation and mitigate effects of reputation events
• No negative publicity regarding the institution’s business practices
noted, franchise value only minimally exposed to reputational risk
• Fully effective internal controls and audit
• Management fosters sound corporate culture / embedded in the
organization
• Management anticipates but may responds less frequently to changes
of a market or regulatory nature
• May experience few losses from fiduciary activities
• Good track record on regulatory compliance / limited experience of
litigation and customer complaints
• Safe and sound performance
• Financial condition of service provider is acceptable
• While internal control weaknesses may exist, there are no significant
supervisory concerns.
• As a result, supervisory action is informal and limited.
Reputational Risk Rating
3
• Negative publicity regarding business practices is not serious
• Levels of litigation, losses and customer complaints are manageable
and commensurate with volume of business
• No significant cases of regulatory non-compliance noted and exposure
to reputation risk is not expected to increase in the foreseeable future
• Management adequately responds to changes in market, business and
regulatory environment.
• Internal controls and audits are generally effective
• Self assessment practices are weak and are generally reactive to audit
and regulatory exception.
• Repeat concerns / customer complaints may exist indicating that
management may lack the ability or willingness to resolve concerns.
• Financial condition of service provider may be weak and/negative
trends may be evident.
• While financial and operational failure is unlikely, increased
supervision is necessary
• Formal or informal action may be necessary to secure correction
action.
Reputational Risk Rating
4
• Negative publicity regarding business practices is increasing and
franchise value is substantially exposed by reputation risk.
• Poor administration, conflicts of interest or other legal or control
breaches may exist.
• Risk management processes inadequately identify and monitor risk
and are not appropriate for the size, complexity and risk profile of the
institution
• Unsatisfactory regulatory compliance, poor record of corrective action
and potential exposure from reputation risk is increased by complex
products and structures
• Significant weaknesses in management information
• Management does not perform self assessments and demonstrate an
inability or unwillingness to correct audit and regulatory concerns.
• Financial condition of service provider is severely impaired and/or
deteriorating.
• Failure of the financial institution or service provider may be likely
unless reputation issues are remedied.
• Close supervisory attention is necessary and, in most cases, formal
enforcement action is warranted.
Reputational Risk Rating
5
• Financial institutions and service providers operation / performance is
critically deficient and in need of immediate remedial action.
• Negative publicity regarding business practices is increasing and
franchise value is substantially exposed by reputation risk.
• Problems and serious weaknesses may exist in one or more of the
critical operational, administrative, loans or investment activities
• Regulatory compliance is critically deficient, no significant
improvement noted
• Risk management processes are severely deficient and provide
management little or no perception of risk relative to the size,
complexity and risk profile of the institution
• Management does not perform self assessments and demonstrate an
inability or unwillingness to correct audit and regulatory concerns.
• Failure of the financial institution or service provider may be likely
unless reputation issues are remedied.
• Close supervisory attention is necessary and, in most cases, formal
enforcement action is warranted.
• Ongoing supervisory attention is necessary.
Concentration Risk Assessment
 Geographic concentration
 Single name
 Related party
 Balance sheet
 Business / Product line
Operational Risk Assessment
 Operational risk is "the risk of a
change in value caused by the fact that
actual losses, incurred for inadequate
or failed internal processes, people and
systems, or from external events
(including legal risk), differ from the
expected losses". Basel Definition
Operational Risk Assessment
 Internal Fraud - misappropriation of assets, tax evasion, intentional






mismarking of positions, bribery
External Fraud- theft of information, hacking damage, third-party theft
and forgery
Employment Practices and Workplace Safety - discrimination, workers
compensation, employee health and safety
Clients, Products, & Business Practice- market manipulation, antitrust,
improper trade, product defects, fiduciary breaches, account churning
Damage to Physical Assets - natural disasters, terrorism, vandalism
Business Disruption & Systems Failures - utility disruptions, software
failures, hardware failures
Execution, Delivery, & Process Management - data entry errors,
accounting errors, failed mandatory reporting, negligent loss of client
assets
Strategic Risk Assessment
 Strategic Risk is the risk of current or
prospective impact on the financial
institution’s earnings, capital,
reputation or standing arising from
change in the environment and from
adverse strategic decisions, improper
implementation of decisions or lack of
responsiveness to industry, economic
or technological changes.
Strategic Risk Assessment
 Four Key Elements:
Strategic
Planning
Alignment and change management
Implementation and monitoring
Performance evaluation and feedback
Strategic Risk Assessment
 Compatibility or suitability of the
institution’s goals and objectives
(consistent with - corporate vision,
values, culture, business direction, risk
tolerance)
 Financial objectives consistent with
strategic goals
 Strategic decisions are prudent relative
to size and complexity
Strategic Risk Assessment
 Responsiveness to changes in
environment
 Adequacy of resources in carrying out
strategic decisions
 Implementation of strategic decisions
 Impact of strategic decisions
CORBASCEL
Proposed Risk Assessment System – Inherent Risks
Concentration
Risk
Operational
Risk
Reputational
Risk
Business
Strategy Risk
Asset Quality
Sensitivity to
Market Risk
Capital
Earnings
Liquidity
Group Exercise # 2
1. Using a scale of 1 – 5 (1 = Strong and 5 = Critically
Deficient), develop a risk scoring (definition)
matrix for the following inherent risks:
 Strategic Risk
 Operational Risk
 Concentration Risk
2. Identify the inherent risks in each of the
significant activities and score on the scale of 1 – 5
for each of the five credit unions provided for the
case studies.
Quality of Risk Management and Oversight
 Operational Management
 Compliance Function
 Internal Audit / Supervisory Committee Function
 External Audit Function
 Risk Management Function
 Senior Management
 Board Oversight
Quality of Risk Management Assessment
 Operational management
Day to day management of significant activities
 Adequate and appropriate for nature, size and complexity
of the financial institution
 Sufficient and effective in managing and mitigating key
risks
 Policies
 processes
 Control systems
 Staff levels and experience

Quality of Risk Management Assessment
 Board Oversight
 Vary based on size, structure and complexity of institutions
 Institutions required to have in place an effective board of
directors and senior management
 Board agree risk appetite e.g. aggressive or conservative
 Board of directors ultimately accountable for management and
oversight of the institution
 Depending on size, board may delegate some oversight
responsibilities to board sub-committees e.g.. audit, risk
management and human resource
Quality of Risk Management Assessment
 Senior Management Oversight
 Depending
on size, senior management may
delegate some oversight responsibilities to other
oversight functions:
Risk management
Supervisory Committee/Internal Audit
Compliance
Quality of Risk Management Assessment
 Level and quality of oversight and
support of all institution activities by
the board of directors and management
 The ability of the board of directors and
management, in their respective roles
to plan for, and respond to risks that
may arise from changing business
conditions or the initiation of new
activities or products
Quality of Risk Management Assessment
 Adequacy of, and compliance with
appropriate internal policies and
controls addressing operations and
risks of significant activities
 Accuracy, timeliness and effectiveness
of management information and risk
monitoring systems appropriate for the
FI’s size, complexity and risk profile.
Quality of Risk Management Assessment
(Audit and Internal Controls)
 Compliance with laws and regulations
 Responsiveness to recommendations
from auditors and supervisory
authorities
 Management depth and succession
 Extent that board of directors or
management is affected by, or
susceptible to, dominant influence or
concentration of authority.
Quality of Risk Management Assessment
(Audit and Internal Controls)
 Reasonableness of compensation
policies and avoidance of self dealing
 Demonstrated willingness to serve the
legitimate FI needs of the community
 The overall performance of the
institution and its risk profile
Quality of Risk Management Rating
1
• Strong performance by management and the board of directors
• Strong risk management practices relative to the institution's size, complexity and
risk profile.
• All significant risks are consistently and effectively indentified, measured,
monitored and controlled.
• Management and the board have demonstrated the ability to promptly and
successfully address existing and potential problems and risks.
2
• Satisfactory management and board performance and risk management practices
relative t of he institution's size, complexity, and risk profile
• Minor weaknesses may exist, but not material to the safety and soundness of the
institution and are being addressed.
• Significant risks and problems are effectively identified, measured, monitored and
control.
3
• Management and board performance needs improvement or risk management
practices less than satisfactory given the nature of the institution’s activities.
• Capabilities of management or the board of directors may not be sufficient for the
type, size, or condition of the institution.
• Problems and significant risks may be inadequately indentified, measured,
monitored or controlled.
Quality of Risk Management Rating
4
• Weak performance by management and the board of directors
• Weak risk management practices relative to the institution's
size, complexity and risk profile.
• All significant risks are not consistently and effectively
indentified, measured, monitored and controlled.
• Management and the board have not demonstrated the ability to
promptly and successfully address existing and potential
problems and risks.
5
• Very weak management and board performance and risk
management practices relative t of he institution's size,
complexity, and risk profile
• Major weaknesses exist, that are material to the safety and
soundness of the institution and are not being addressed.
• Significant risks and problems are not effectively identified,
measured, monitored and control.
Quality of Risk Management Assessment
Strong
• Function consistently demonstrates highly
effective performance in the context of the
key risks inherent in the significant
Activity.
• Function demonstrates effective
performance in the context of the key risks
Satisfactory inherent in the Significant Activity.
Quality of Risk Management Assessment
Needs
Improvement
Deficient
Critically
Deficient
• Risk management function may generally demonstrate effective
performance, but there are some areas where effectiveness needs to
be improved in the context of the key risks inherent in the significant
Activity.
• Risk Management function demonstrates serious weaknesses in
effectiveness in the context of the key risks inherent in the
Significant Activity.
• Risk Management function demonstrates severe weaknesses in
effectiveness in the context of the key risks inherent in the
Significant Activity.
Residual Risk Assessment
 How key risks are managed in each
significant activity – operational
management
 Effectiveness of oversight functions



Governance / Board
Internal audit / Internal controls
Compliance
 Each key inherent risk is considered
separately for each significant activity
 Determine aggregate residual risk
Residual Risk Rating
Low
Medium
Low
• Low probability of a material adverse impact on an
institution’s capital or earnings due to exposure and
uncertainty from potential future events.
• Lower than average probability of a material adverse
impact on an institution’s capital or earnings due to
exposure and uncertainty from potential future events.
• Average probability of a material adverse impact on an
institution’s capital or earnings due to exposure and
Moderate
uncertainty from potential future events.
Residual Risk Rating
Medium
High
• Higher than average probability of a
material adverse impact on an institution’s
capital or earnings due to exposure and
uncertainty from potential events.
High
• Higher than above average probability of a
material adverse impact on an institution’s
capital or earnings due to exposure and
uncertainty from potential futur4e events.
Residual Risk Assessment
Level of Inherent Risk
Quality of Risk
Management
1
Low
2
Medium
Low
1
Strong
Low
Low
2
Satisfactory
Low
Low
3
Needs
Improvement
4
Deficient
5
Critically
Deficient
3
Moderate
Low
Medium
Low
Medium
Low
Low
Medium
Low
Moderate
Medium
Moderate
High
Moderate
Medium
High
High
4
Medium
High
Medium
Low
5
High
Moderate
Medium
Moderate
High
Medium
High
High
High
High
High
High
Direction of Risk
Decreasing
Stable
Increasing
Risk Impact
Capital Adequacy Assessment
 Level and quality of capital
 Overall financial condition
 Management’s ability to address
emerging capital needs
 Nature, trend and volume of problem
assets and adequacy of provision for
loans and investment losses and
adequacy of other reserves
Risk Impact
Capital Adequacy Assessment
 Off balance risk exposures
 Growth prospects and past experiences
in managing growth
 Balance sheet composition, nature
amount of intangible assets,
concentration risks, market risks, risks
in non traditional activities
 Access to capital
Capital Adequacy Rating
1
• Strong capital level relative to the
institution’s risk profile
2
• Satisfactory capital level relative
to the institution’s risk profile
3
• Less than satisfactory level of
capital that does not fully support
the institution’s risk profile.
• Need for improvement even if the
institution’s capital level exceeds
minimum regulatory and
statutory requirements
Capital Adequacy Rating
4
• Capital level is deficient based on
risk profile
• Viability of FI may be threatened
• Assistance from shareholders and
other external sources of financial
support may be required.
5
• Critical deficient level of capital
such that institution’s viability is
threatened
• Immediate assistance from
shareholders or other external
sources of financial support is
required.
Risk Impact
Earnings Risk Assessment
 Levels of earnings including trends and
stability
 Ability to provide for adequate capital
through retained earnings
 Quality and sources of earnings
 Level of expenses in relation to
operations
Risk Impact
Earnings Risk Assessment
 Adequacy of the budgeting systems,
forecasting processes, management
information systems
 Adequacy of provisions to maintain the
allowance for loan and lease losses and
other valuation allowance
 The earnings exposure to market risk,
such as interest rate, foreign exchange
and price risks
Earnings Risk Rating
1
• Strong earnings / more than sufficient to
support operations and maintain adequate
capital and allowance levels after considering
asset quality growth, and other factors
2
• Satisfactory earnings. Sufficient to support
operations and maintain adequate capital and
allowance levels after consideration is given to
asset quality growth and other factors affecting
the quality, quantity and trend of earnings
• Earnings that are relatively static, or evening
declining could be given a “2” rating provided
the FI level of earnings is adequate.
Earnings Risk Rating
3
• Earnings need improvement. Earnings may not fully
support operations and provide for the accretion of
capital and allowance levels relative to the institutions
overall condition, growth and other factors.
4
• Earnings are deficient. Insufficient earnings to support
operations and maintain appropriate capital and
allowance levels. Erratic fluctuations in net income or
net interest margin, significant negative trends, nominal
or unsustainable earnings, intermittent losses, or
substantive drop in earnings from pervious years.
5
• Earnings critically deficient, institution experiencing
losses that represents a distinct threat to its viability
through the erosion of capital.
Risk Impact
Liquidity Risk Assessment
 Availability of assets readily convertible to
cash without undue loss
 Access to money markets and other sources
of funding
 Level of diversification of funding sources,
both on and off-balance sheet
 The degree of reliance on short-term,
volatile sources of funds, including
borrowings and brokered deposits, to fund
longer term assets
Risk Impact
Liquidity Risk Assessment
 The trend and stability of deposits
 The ability to securitize and sell certain
pools of assets
 The capability of management to properly
identify, measure, monitor and control
institution’s liquidity position, including the
effectiveness of funds management
strategies, liquidity policies, management
information systems, and contingency
funding plans
Liquidity Risk Rating
1
• Strong liquidity levels and well developed fund
management practices
• Reliable access to sufficient resources of funds on
favorable terms to meet present and anticipated needs.
2
• Satisfactory liquidity levels and fund management
practices
• Access to sufficient sources of funds on acceptable terms
to meet present and anticipated liquidity needs.
• Modest weaknesses may be evident in funds
management practices
3
• Liquidity levels and funds management practices in need
of improvement.
• Institution may lack ready access to funds or reasonable
terms or may evidence significant weaknesses in funds
management practices.
Liquidity Risk Rating
4
• Deficient liquidity levels or inadequate funds
management practices
• Institutions may not have or not able to obtain a
sufficient volume of funds on reasonable terms
to meet liquidity needs.
5
• Liquidity levels or funds management
practices so critically deficient that the
continued viability of the institution is
threatened.
• Institutions require immediate external
financial assistance to meet maturing
obligations or other liquidity needs.
Composite Risk Assessment
• Composite ratings based on careful evaluation of
managerial, operational, financial and compliance
performance.
• Six key components used to assess institution’s financial
condition and operations are capital adequacy asset
quality, management capability, earnings quantity and
quality , the adequacy of liquidity and sensitivity to
market risk
• Rating scale ranges from 1 – 5, with a rating of 1
indicating the strongest performance and risk
management practices relative to the institution’s size,
complexity and risk profile
• Ratings of 5 indicated the most critically deficient level
of performance, inadequate risk management practices
relative to size, complexity and risk profile the greatest
supervisory concerns.
Framework for Risk-based Supervision
CORBACELS
INHERENT RISKS
Concentration
Operational
Reputation
Business strategy
Asset quality (credit)
Sensitivity to Market
CORBASCELS
IMPACT
ASSESSMENT
Capital
Earnings and
profitability
Liquidity
QUALITY OF RISK
MANAGEMENT /
OVERISGHT
Operational Management
Compliance
Risk Management
Internal Audit
External Audit
Senior Management
Board Oversight
CAMELS
Framework for Risk-based Supervision
CORBASCEL
• Step I
Identification of
Significant
Activities
• Step III
Assess Inherent
Risks and impact
on capital,
liquidity and
earnings
• Step II
Determination of
Materiality
Step V
Residual Risk
Step VI
Direction of
Risk
Step VII
Overall
Assessment
Step VIII
Overall
Rating
• Step IV
Assess Risk
Mgn. Quality
• Operational
Mgn.
• Oversight
Thank you!
Any questions?