Effective Credit Risk Management

advertisement
Best Practices in Strategic
Credit Risk Management
October 2004
Sponsored by
Contents
Contents ............................................................................................................................................2
Introduction.......................................................................................................................................3
Management Summary...................................................................................................................4
Effective Credit Risk Management ................................................................................................6
Enterprise View of Credit Risk..................................................................................................... 11
Strategy, Policy and Business Processes Alignment ............................................................... 19
Active Management of Credit Risk.............................................................................................. 23
Conclusion....................................................................................................................................... 26
12/10/04
2
Introduction
Effective credit risk management has gained an increased focus in recent years, largely
due to the fact that inadequate credit risk policies are still the main source of serious
problems within the banking industry. For example, according to ZNet, the consequences
of the Parmalat collapse were severe, with major institutions suffering heavy losses. Bank
of America lost a total of $274 million, Citigroup $242 million and UBS €420 million.
Managing credit risk thus remains an essential and challenging corporate function. The
chief goal of an effective credit risk management policy must be to maximize a bank’s
risk-adjusted rate of return by maintaining credit exposure within acceptable limits.
Moreover, banks need to manage credit risk in the entire portfolio as well as the risk in
individual credits or transactions.
This executive summary seeks to investigate how much progress banks are making in the
development and deployment of a successful credit risk management strategy. The
specific areas to be looked at are as follows:
•
Effective Credit Risk Management
•
Enterprise View of Credit Risk
•
Strategy, Policy and Business Processes Alignment
•
Active Management of Credit Risk
The infor mation presented in this paper has been compiled from interviews with eight
senior risk managers at leading global banks and from Lepus’ extensive industry
experience.
12/10/04
3
Management Summary
Effective credit risk management
Key components of effective Credit Risk management - Robust technology, defined
business processes, detailed policies, and sophisticated analytics are the main
ingredients of effective credit risk management.
Role of technology in credit risk management – Technology plays a significant role in
enabling active portfolio management, data transparency, growth in the organization,
elimination of manual processes and efficient management of information.
Drivers of effective credit risk management – Basel II is the key driver in shaping the
banks’ approach to credit risk management. Other drivers include centralization,
standardization, consolidation and timeliness of credit risk management along with active
portfolio management and efficient tools.
Effective credit risk management as a value enhancing activity - Consolidating credit
lines for customers along with efficient use of capital risk adjusted return through Basel II
implementation and ISDA’s Credit Support Annex (CSA) contribute to a value enhancing
activity.
Enterprise View of Credit Risk
Achieving enterprise-wide credit risk management - Banks achieve enterprise credit
risk management through deploying a global credit risk management system, regular
meetings of Risk Oversight Committees and efficient use of technology.
Challenges of achieving enterprise view of risk – The major challenges faced by
banks include reporting, analytics and data quality issues.
Integration and standardization - Many banks have yet to integrate the disparate
components of their credit risk systems, for a consistent framework. The key solution is to
implement a centralized reporting system.
Methodologies used for credit risk – Banks are using current and potential exposure
calculations, KMV’s Portfolio Management, credit VaR, expected and unexpected losses
and survival analysis to measure credit risk.
Technology used for enterprise credit risk: buy versus build – Banks manage their
enterprise credit risk using only in-house solutions (25%) or a combination of both third
party vendor/consulting and home-gr o w n solutions (62%). The remaining banks refrained
from comment.
Early warning systems - Examples include Moody’s credit ratings, periodic surveillance
program, and stress testing.
12/10/04
4
Strategy, Policy and Business Processes Alignment
Current state of alignment - Aligning strategic vision, policy objectives and business
processes is apparent in 50% of the interviewed banks, whilst 38% of the banks are still in
the process of achieving this goal.
Existing gaps in alignment – Some of the existing problems with alignment include
transparency in technology, conflicting ideas, the need to migrate from a volume-based to
a value-based business, and setting common procedures and policies.
Adherence to Credit Policy - Banks use a variety of methods to design and monitor
adherence to credit policy, which include limit checking, credit inspection, pre- deal
checking, global system, education and training.
Active Management of Credit Risk
Risk concentrations and credit portfolio management – Banks monitor risk
concentration and credit portfolio management by using a global reporting system,
economic capital model and exposure risk systems.
Credit hedging - Credit hedging decisions are exercised using value on default, potential
and current exposure methodologies, and ad hoc case by case analysis.
Conclusion
Currently, the focus for many banks is to adopt an enterprise-wide credit risk management
approach, since it gives an integrated view of risk. The findings of the research suggested
that best practice in credit risk management should demonstrate centralization,
standardization and timeliness of risk management.
12/10/04
5
Effective Credit Risk
Management
Key components of effective Credit Risk management
Effective credit risk management is a critical component of a bank’s overall risk
management strategy and is essential to the long-term success of any banking
organization.
Overall, the components of effective credit risk comprise active Board and Senior
Management oversight; sufficient policies, procedures and limits; adequate risk
measurement, monitoring and management information systems; and comprehensive
internal controls. Lepus sought the opinions of industry participants on the key
components of effective Credit Risk management. The responses of the eight banks
interviewed are summarized in the graph below:
Figure 1: Key components of effective Credit Risk management
Robust technology
38%
Business
processes
25%
Policies
25%
Exposures
25%
Robust analytics
13%
0%
5%
10%
15%
20%
25%
30%
35%
40%
Source: Lepus
•
Robust technology and business processes
Robust technology w as mentioned as a critical component of effective credit risk
management by 38% of the interviewees. It is thought to help banks identify,
measure, manage and validate counterparty risk, although it is of little value without
effective credit risk policies and business processes in place.
•
Policies
In 25% of the banks, having a comprehensive and strategic vision for credit policy is
vital as it sets guidelines for businesses, giving rise to effective credit risk
management. These guidelines include a set of general principles that apply to all
12/10/04
6
credit risk situations, as well as specific principles applicable to some countries and
types of counterparties and/or transactions.
•
Exposures
In 25% of the interviewed banks, the ability to measure, monitor and forecast potential
credit risk exposures across the entire firm on both counterparty level and portfolio
level is vital.
•
Robust analytics
A key component of an effective credit risk management strategy suggested by 13%
of the banks is having robust risk analytics. Efficient and accurate credit analytics
enable risk managers in banks to make better and more informed decisions. The
availability of better information, combined with timeliness in its delivery, leads to
more effective balancing of risk and reward, and the possibility of higher long-term
profitability.
•
Other
The other ingredients of effective credit risk management were thought to include
credit risk transparency, defined credit decision process, sophistic ated risk
measurement methodologies , stress testing, timeliness and accuracy of risk
calculations as well as efficient credit risk reporting.
Role of technology in credit risk management
As mentioned, technology is widely acknowledged to be a key component of effective
credit risk management. Lepus thus sought industry opinions on how important IT is for
achieving best practice in credit risk management. 38% of the interviewees stated that
technology plays a significant role in enabling active portfolio management and
assessment. This is followed by data transparency (25%) and facilitation of global credit
risk function (25%). Subsequently, technology facilitates elimination of manual processes
and allows information to be managed in an efficient and effective way.
Figure 2: Role of technology in credit risk management
Active portfolio management
38%
Facilitates global credit risk function
25%
Data transparency
25%
Eliminates manual process
13%
Manages information efficiently and effectively
13%
13%
Just a tool
0%
12/10/04
5% 10% 15% 20% 25% 30% 35% 40%
7
Source: Lepus
Furthermore, one bank stated that while technology can help banks to facilitate innovative
credit risk management procedures, it is simply a tool and is useless if misused. Another
opinion expressed by one of the interviewees is that technology plays a bigger role in the
trading book than in the lending book as it enables key questions to be answered such as
the cost of credit risk.
Drivers of effective credit risk management
Regulatory requirements
Basel II was highlighted as one of the main drivers in shaping the banks’ approach to
credit risk management. This is primarily because it imposes disciplinary capital charges
for procedural errors, limit violations and other operational risks. It also creates new
pressures to ensure that effective credit risk management controls are in place.
A leading investment bank, for example, commented that regulations drive their credit risk
management procedures. The bank is forced to provide more detailed disclosures in their
annual reports. These may include information on its strategies, nature of credit risk in its
activities and how credit risk arises in those activities as well as information on how they
manage credit risk.
Basel II will affect a number of key elements in another European bank, including a more
rigorous assessment of the bank’s credit risk appetite, more technical approach towards
their counterparties and better portfolio risk management. Another bank mentioned that
the impact of Basel II is largely dependent on the environment they are regulated under,
as it is different for each region.
In one US bank regulatory pressure has raised the status of the Risk Group, whilst in
another it is viewed as distracting from the bank’s strategic business projects.
Best practices in credit risk management
While regulatory compliance is indeed a significant driver, most banks’ credit risk
management aspirations span beyond this. Key players also seek to gain competitive
advantage through effective credit risk management.
The objective of best practices in credit risk management is to provide comprehensive
guidance to better address credit risk management. The findings from Lepus’s survey
illustrate that credit risk management practices differ among banks, as it is dependent
upon the nature and complexity of individual bank’s credit activities. Sound practices
should generally address the following areas: (i) establishing an appropriate credit risk
environment (ii) operating under a sound credit-granting process (iii) maintaining an
appropriate credit administration, measurement and monitoring process; and (iv) ensuring
adequate controls over credit risk.
The feedback from banks demonstrates that centralization, standardization, consolidation,
timeliness, active portfolio management and efficient tools for exposures are the key best
practice in credit risk management. A tier - 1 American bank is considering having more
efficient tools for “what if” analysis and tools to provide transparency to the business. This
is particularly important for counterparty exposure at a firm-wide level. Another US
institution is focusing on stress testing, concentration risk, macro-hedges and capital
12/10/04
8
markets risk management. Moreover, the firm has consolidated market risk and credit
risk.
In 25% of the interviewed banks, achieving best practice involves having an active
portfolio management in the lending book along with real- time credit risk management. A
leading investment bank identifies best practice as having good quality data, for example,
identifying processes that induce data errors. Timeliness is another contributing factor.
Real time pre- deal checking, effective credit limits management and country risk
management are key to good credit risk practice in another bank. However, this is largely
dependent on the market the bank is targeting.
Effective credit risk
enhancing activity
management
as
a
value
If deployed correctly and effectively, credit risk management can be a value enhancing
activity that goes beyond regulatory compliance and can provide a competitive advantage
to institutions that execute it appropriately. Some of the examples demonstrating the
statement above include consolidating credit lines for customers in order to achieve
greater business activity, efficient use of capital risk adjusted return through Basel II
implementation and International Swap Derivatives Association’s (ISDA) Credit Support
Annex (CSA) allowing banks to deal with lower rated entities.
•
Consolidating credit lines
Consolidating credit line allows one bank to manage capital adequacy more efficiently.
For instance, all of the bank’s global customers such as Ford Motor Company , have
consolidated global credit lines across multiple countries such as the UK, Germany
and Singapore. By deploying global credit lines, total credit is reduced thus allowing
for more business activity.
•
Efficient use of economic and regulatory capital
Having consistent, comprehensive risk architecture will make it easier for banks to
calculate and manage capital. Banks mainly in the USA and Europe use economic
capital for the following reasons:
§
to ensure that the bank has a safe level of capital to guard against risks
and to meet regulatory requirements.
§
to price loans to earn attractive risk adjusted profits.
§
to apply economic capital’s trio of core decision making criteria (risk,
capital requirements and returns) in strategic business planning and to
measure Return on Equity (ROE) by line of business, product or
customer to ensure that capital is effectively allocated among different
activities in a bank to maximize shareholders’ value.
Once the economic capital is computed across the bank, the bank’s actual equity
capital is allocated to individual business units on the basis of risks so that
shareholders’ wealth can be maximized. There are two ways to ensure that the
amount of capital is appropriate to the risks it faces. The first is to ensure that the risks
are not excessive, given the capital. The second is to ensure that capital is adequate,
given the risks . If the economic capital exceeds the regulatory capital, there is no
12/10/04
9
problem. If the regulatory capital exceeds economic capital, the excess can be treated
as a cost (regulatory overhead), leading to increase in the hurdle rate of the bank.
This cost can be allocated on a pro-rata basis to all elements of economic capital so
that every unit of the bank is equally sharing the burden of regulatory requirements.
•
CSA
ISDA‘s CSAs are used extensively in several of the interviewed banks (with mos t of
their counterparties) as they add significant value to the firms. These banks have
signed CSAs with a large majority of their counterparties in order to call for daily cash
collateral cover of all outstanding positions. The major benefits gained from daily
collateralization are the reduction in risk amounts and capital usage, and the
significant shortening of the potential future exposure risk window. Many of the banks
monitor the number of overdue master agreements and overdue trade confirmations,
as they could affect the banks’ ability to net collateral against the gross exposure. Late
payments or disputed calls are other potential indicators of operational problems,
which could impact on the effectiveness of credit management.
•
Use of derivatives to reshape credit profile
Credit portfolio management is a value enhancing activity as some of the interviewed
banks use credit derivatives to reshape their credit profiles. The use of credit
derivatives, in one tier-1 bank has significantly reduced its financial markets’ credit risk
from between 70% and 75% to between 40% and 45%.
Credit derivatives create new possibilities for risk transformation through innovative
structures such as credit default swaps, basket swaps and debt obligations. Further
derivative structures may involve the indexing or reinsuring of illiquid middle market
and the creation of short positions in credit risk. This will greatly increase the power
and flexibility of portfolio strategies. Hedging decisions are largely made by banks’
separate portfolio management groups and senior management teams.
Some of the interviewed banks use credit derivatives for active portfolio management,
to offset exposures such as inventory and loans, to examine the industry’s portfolio
and concentration portfolio across the institutions, and to mitigate exposures. The
benef its gained from using this activity typically lead to reduced regulatory capital,
freeing up credit lines and allowing firms to effectively manage credit exposures.
•
Technology
Along with credit derivatives, technology can also contribute to reshaping banks’ credit
profile by allowing banks to know the type of exposures and price transactions they
are dealing with. These elements are required to hedge exposures.
12/10/04
10
Enterprise View of Credit Risk
Achieving enterprise -wide credit risk management
Many leading banks have abandoned the traditional approach of managing risk by silos .
Instead, banks are adopting an enterprise credit risk management approach that gives an
integrated view of the risks faced by the organization. A tier-1 investment bank regards
enter prise cr edit risk management as the entire banking infrastructure that excludes IT.
This includes credit risk, market risk, financial control, telecommunications and data
centers in the corporate bank. Technology is excluded, as it is cons idered to be an
external entity.
Implementing a scalable and consistent enterprise risk management framework is a
challenging task for many banks. To measure price and manage credit risk effectively at
the enterprise level, banks have to integrate a variety of disparate systems. These
systems should be able to collect substantial quantities of data on credit ratings, credit
transitions, loss experiences, rating and default histories in addition to a variety of other
relevant credit information.
Banks achieve enterprise credit risk management through various strategies . One
American bank mentioned that their global credit risk management is mainly facilitated by
technology, whereas, another leading American bank has a risk officer to manage all the
risk groups within the firm. One of the banks mentioned that their Risk Oversight
Committee including the Head of Credit Policy meet on a regular basis to discuss the
bank’s risk appetite. A third investment bank uses a technology solution to achieve
enterprise-wide credit risk management. This system provides accurate global limits and
credit exposure information in real-time for increased transparency across the bank and
greater operational efficiency.
Challenges of achieving enterprise view of risk
Issues with data management
Consistent, accurate and reliable data is the foundation of effective credit risk
management. Inaccurate or inconsistent data may hinder the banks’ ability to understand
its current and future business problems. All the banks interviewed clarified that there are
always some problems with data management.
Some of the major issues experienced by banks with regard to data management include
data quality and standardization, assembling accurate data sets with minimum
reconsolidation and back-testing of ratings. A tier - 2 American bank approaches data
problems by having monthly and quarterly reviews to discuss and provide solutions to
these problems. For example, the bank constantly strives to enhance their exposure
numbers at an enterprise level by making them more accurate and delivering them in a
timely manner.
A European bank explained that Basel II encourages the firm to adopt a standardized
format for all their information, so that data issues can be mitigated. One investment bank
is constantly refining the coverage and accuracy of their new technology or products as
there are always some gaps. Furthermore, to reduce credit exposure, the bank is
migrating to a cross netting environment.
12/10/04
11
A tier-2 bank has similarly recognized the need for a centralized customer database. They
are also currently in the middle of several large-scale projects aiming to rational ize their
multiple credit risk systems. This is driven by their belief that multiple systems produce
multiple data sources, which inevitably causes data management problems.
Issues with analytics
Issues with analytics are a concern for many banks, with 74% of the interviewees
indicating that they have some problems in this area. In comparison, only 13% of banks
do not have any problems with analytics.
Figure 3: Are there any issues with analytics?
13%
13%
Yes
No
No comment
74%
Source: Lepus
Some of the issues raised by the banks include analytics for portfolio analysis and for
complex derivatives, back testing of these analytics, adopting a standard approach to
analytics and the ability to keep up with new products.
Adopting a standardized approach for analytics is deemed quite challenging in one
European bank. Some of the obstacles the bank has to overcome include dissimilar
systems, decentralized model approval process, challenges associated with the global
scale of their operations and different levels of maturity and size of individual businesses.
While the bank has admitted that at the enterprise level there should be a standardized
approach, it is challenging to roll it out in individual areas, where individual requirements
are far too specific . The bank gave an example of the lending book, saying that it is
virtually impossible to summar ize decisions for the whole of the lending book.
Furthermore, the bank stated that it is hard to categor ize things in a wider context. They
are currently doing some analysis of broad economic capital implications, however they
still believe that a single credit measure will never give them a full picture.
One tier-2 bank has some home grown credit risk management solutions to address some
of the problems stated above. Another bank resolves their issues with analytics by
applying more potential exposure simulations to their products.
A leading investment bank’s main challenge with analytics is the ability to efficiently
manage the products, accurately measure credit risk and achieve good quality data.
Consequently, the bank has a team of mathematicians and programmers to enhance
these areas.
12/10/04
12
Issues with reporting
Figure 4: Are banks experiencing any issues with reporting?
25%
38%
Yes
No
Do not know
38%
Source: Lepus
* Note: the figures do not total to 100% as they have been rounded up to the nearest
whole number .
It is important to ensure accurate and transparent reporting. However, many banks find
this to be challenging. 38% of the interviewed banks, all of which were tier -2 institutions,
are experiencing some problems with reporting, mainly relating to timeliness and
consistency of terminology across the board. One of the banks has too many reports ,
which results in pr oblems with identifying common trends. The bank is overcoming this
issue by consolidating their existing reporting systems so that an enterprise-wide reporting
tool can be obtained.
A further bank stated that if there were any existing issues with data, it would ultimately
have a knock on effect on the coverage of the report. For that reason, the bank constantly
tries to address this problem by enhancing their current reporting tools.
In contrast, according to our interviewees 38% of the banks generally do not experience
major problems with their reporting. This is mainly due to banks having good reporting
infrastructure and global reporting systems in place. This said, one needs to keep in mind
that from our extensive industry experience, no bank has so far achieved adequate ability
to report aggregate credit exposures across the whole enterprise.
Integration and standardization
Ensuring credit risk reporting and modeling consistency
As banks are becoming increasingly aware of the heightened importance of effective
credit risk management throughout their organizations, they are increasingly focusing on
consistency in credit risk reporting and modeling. This is achieved in a number of different
ways. The key for half of the banks is to set up a centralized reporting system. One of the
banks, for instance, has a global Credit Risk system that covers most regions with the
exception of Latin America and East Asia, which are still in the process of moving onto
this firm-wide system.
12/10/04
13
In 38% of the interviewed banks, a special ized risk group has been set up to ensure
consistency between reporting and modeling. One bank, for example, has a central model
approval group that focuses mainly on market risk.
A second bank has a risk review process, which is undertaken by the risk group. A
number of people within this group collate the required information and analyze the data
to see if it is consistent with the method. The source from this bank further added that the
process of ensuring modeling consistency is not yet up to standard.
A further bank stated that from a capital markets perspective, the bank does try to ensure
consistency across all lines of business and there are many ways of achieving this. There
is always some inconsistency between finance and risk reports. However, the bank has a
steering committee that validates the models to make sure they are consistent.
Integrating market and credit risk
The integration of market and credit risk measurement requires the ability to interweave
the concept of VaR with a cr edit risk model. Basel II, for instance prompts banks to
consider the correlation between the different risk types and the most appropriate way to
mitigate the banks’ exposure. Essentially the risk types inter-relate, for example market
volatility impacts the value of collateral, which has an impact on banks’ credit risk.
Managing the relation between these risks and mitigating exposure to them through a
single, highly integrated risk management technology framework ensures banks meet the
demands of the accord.
Furthermore, integrating market and credit risk into a single risk management system will
ultimately be cheaper and more productive than maintaining separate market and credit
risk systems. It also enhances the decision- making process and allows banks to better
adhere to current “best practice” guidelines and emerging regulations thus making
regulatory reporting a far simpler task. Banks’ perspectives on the value of integrating
market and credit risk were varied, remaining mainly positive.
A tier-2 investment bank explained that by integrating credit and market risk, the
components of trade prices could be distilled as well as improving market trading
measurements and pricing reserves. Another tier - 1 bank mentioned that from a risk
appetite point of view, duplication of data would be reduced or eliminated altogether. From
an infrastructure point of view, aligning the information required to manage market and
credit risk would result in cost savings and consistent data. A third bank commented that
the insight of the overall risk return decisions would be gained instead of individual risk
silos.
Having acknowledged all the benefits of integrating credit and market risk outlined above,
some of the banks have already launched IT projects in this area. By w ay of example, one
tier 2 bank has integrated their market, credit, operations and liquidity risk systems into
one data architecture and one risk engine. This draws information from across the bank’s
activities and feeds it into a network of unified engines. It powers the front, middle and
back offices, providing decision support to trading desks, risk control, the back office and
senior management. The main purpose for this integration was for the bank to move away
from silo model because it creates an ex cessive strain on the bank’s systems. Fewer
systems, and the simplification of a bank’s overall technology infrastructure, will reduce IT
costs.
12/10/04
14
Another bank gave two examples illustrating that integrating market and credit risk can
enhance the ability to manage credit risk more efficiently. The first example is pricing
corporate bonds for which time series properties of credit spreads are looked at. The
second example is capital calculations , where stress- testing, a traditionally market risk
measurement methodology, is increasingly more often used for credit risk in the form of
Credit VaR.
Similarly, in a third bank the techniques used to evaluate market risk are also applied to
credit risk. Consequently, the distinction between traded (market) risk and non-traded
(counterparty) risk is now becoming blurred.
A fourth bank explained that there would be serious organizational hurdles to overcome if
they were to integrate market and credit risk. These two areas have traditionally been
separate, due to the fact that 90% of the bank’s credit risk is concentrated in the banking
book and only 10% in the trading book. Thus, the focus of the risk group on the
investment banking side has been on market risk, with most credit risk done on the
commercial banking side. However, with the arrival of credit derivatives, these two types
of risk have become a lot closer, leading to a greater scope for integration.
An investment bank believes that although credit and market risk measure different
things, they are similar , since they look at the same data but from two different
perspectives. It is due to this sharing of data that some aspects of credit and market risk
can be integrated.
In contrast, another two banks stated that there is limited value in integrating market and
credit risk. One of them claimed that although adopting a single framework in the form of
an overall economic capital model is an attractive idea, it would only show the bank’s
overall risk exposure and is not going to provide the necessary level of de tail.
Integrating disparate parts of the system
Disparate systems produce inconsistent data that often gets re-conditioned into other
calculations. Many banks have yet to integrate the disparate components of their credit
risk systems, for a consistent framework to manage all sources of credit risk. Some of the
benefits of integrating disparate systems include easy comparison, aggregation and
analysis of information across many different business areas. The findings indicate that
only 38% of banks surveyed have actually integrated the disparate parts of their systems.
One of the banks has an application framework that brings together all the risk
management functions types (such as reporting, limits, real time snapshots and what-if
scenario analysis). Consistent information is required so that the bank’s workflow tool can
provide a bridge between these components. The most challenging element for the bank
when integrating the disparate parts was to have a unified communication so that
everyone can understand it.
Another bank stated that they integrated all their disparate parts (such as OTC
derivatives, security trading and repo trading components) of their credit risk system using
a web-based technology. Whilst incorporating the risk systems the bank encountered
some barriers such as getting the systems to have a common ground so that they can
communicate with each other.
A further tier- 1 bank uses client –server technology to integrate their disparate parts.
Currently, the bank is in the process of replacing their retired systems with a global
centralized system. The bank experienced many obstacles with this integration, such as
12/10/04
15
meeting performance requirements in third-world countries as well as overcoming
reluctance to retire and replace legacy systems.
Figure 5: Integrating disparate parts of the systems
Integrated disparate
systems
38%
Looking into integrating
50%
Separate systems
13%
Source: Lepus
* Note: the figures do not total to 100% as they have been rounded up to the nearest
whole number .
Although the percentage of integrating disparate systems is currently relatively small, it is
believed that this percentile will increase in years to come. At present, one leading bank
mentioned that there are already consultants in the US working towards achieving this
goal. The disparate parts that need to be integrated include fixed income risk, foreign
exchange and rates risk as well as integrating issuer/counterparty risk and market risk.
Some of the key issues that are delaying/preventing the disparate components to be
integrated are timing, different reporting requirements/procedures and costs.
Methodologies used for credit risk
Calculating counterparty credit risk enhances credit risk management capabilities but
poses a variety of challenges. Current practice in credit risk management consists of
expected and unexpected loss measures, and portfolio management measures, which
require current and potential exposure calculations. Each type of measure serves a
different purpose in credit risk management.
Figure 6: Methods used to measure credit risk
Current and potential
exposure
63%
KMV's Portfolio
Management
50%
Credit VaR
63%
Expected and
unexpected losses
13%
Survival analysis
13%
0%
10%
20%
30%
40%
50%
60%
70%
Source: Lepus
12/10/04
16
The majority of banks (63%) use current and potential future exposure calculations to
measure credit risk. The purpose of exposure calculation is to support the assessment of
portfolio and firm compliance with policies and guidelines, and to assess credit
concentrations. To measure the current and potential future exposure of portfolio
positions, banks need appropriate valuations of positions, as well as the ability to
aggregate positions by counterparty, simulate future market values, net exposure where
netting agreements allow and incorporate collateral to mitigate exposures.
Subsequently, 63% of the interviewed banks employed Monte Carlo VaR and Moody’s
KMV model. The other methods used to measure credit risk include survival analysis, and
expected and unexpected loss. The benefit of calculating expected credit loss is to
establish expected net returns to the portfolio. Unexpected credit losses are used to
determine extreme potential credit losses to the portfolio.
With regard to future plans, most of the interviewed banks are planning to either
implement or further improve their Monte Carlo VaR. Other methodologies that banks
want to implement in the future are daily stress- testing and migrating from single factor
analysis to multi-factor analysis. 25% of the banks anticipate adopting Credit VaR.
Additionally, one bank would like to employ more sophisticated exposures across
margining and netting. One bank will focus its efforts purely on enhancing and extending
their existing methodologies such as their capital model, Credit VaR, probability of default
and stress testing.
Technology used for enterprise credit risk: buy
versus build
Figure 7: Vendor versus in- house
13%
25%
All in-house
Both in-house and vendor
No comment
62%
Source: Lepus
Only a quarter of the banks interviewed managed their enterprise credit risk entirely inhouse. The banks who have adopted this approach believe that home grown solutions are
customizable to meet specific requirements. In contrast, 62% of the banks used some
form of third party vendor/consulting coupled with their own home grown solutions for
enterprise credit risk management. Three of the interviewed banks further clarified the
ratio of their in-house versus vendor technology.
Figure 8: In-house versus vendor technology split
% of in- house technology
12/10/04
% of vendor technology
Bank 1
20%
80%
Bank 2
40%
60%
Bank 3
70%
30%
17
Source: Lepus
As seen from the table above, in two of the banks vendor technology prevails and only a
smaller share of in-house technology is used for enterprise-wide credit risk. The benefits
of using vendor solutions include vendor expertise, variable costs and superior
technology. A European bank, for instance explained that the firm uses more vendor
solutions than in- house. This is primarily due to lack of internal capacity required to carry
out regulatory projects in the risk IT space.
One of the banks interviewed uses a comprehensive vendor credit risk management
solution for measuring, controlling and managing global credit exposures, as well as for
economic regulatory capital. Another tier - 2 bank also uses a vendor solution (delivered via
an application service provider (ASP) framework coupled with some home-grown
systems. The vendor software enables the bank to control their risk exposures through
the implementation of global risk policies and to manage their risks through the adoption
of modern portfolio risk management practices. A further tier-2 investment bank has
outsourced their website front- end reporting to an Indian vendor. The bank also uses a
vendor solution to integrate their data.
Early warning systems
Some of the interviewed banks have adopted early warning systems in order to
strengthen the process of proactive risk management. The type of early warning systems
to monitor asset quality and risk exposures varies amongst banks. One type would be
daily warning reports on credit that illustrate unmatched credit lines, trends, incorrect
areas and solutions to address the problems. However, the bank using this warning
report is considering migrating to an intra-day solution for monitoring risk exposures.
Another type of early warning system w ould be reports such as Moody’s credit ratings to
monitor asset quality and risk exposures.
An active periodic surveillance program is evident in one bank. This program examines
trends and price movements. Nevertheless, the bank anticipates moving towards a more
proactive market approach. Daily stress testing is exercised in one leading investment
bank. It has seven historical scenarios to monitor asset quality and risk exposures. The
skill sets, experience and judgement of employees are also exploited to raise key issues.
A further bank has a prototype system called “Early Warning” to monitor their risk
exposures and asset quality. This system, which is currently in development, examines
share prices, market movements, credit default spread and ratings.
12/10/04
18
Strategy, Policy and Business
Processes Alignment
Current state of alignment
Figure 9: Alignment of strategic vision, policy objectives and business processes
within the banks
Yes
38%
No comment
50%
Working towards
alignment
13%
Source: Lepus
* Note: the figures do not total to 100% as they have been rounded up to the nearest
whole number .
Aligning strategic vision, policy objectives and business processes is apparent in 50% of
the interviewed banks. This requires close interaction between team members from IT
divisions and user-groups. According to one bank, it took them three years to achieve this
alignment.
As it is such a long process, 38% of the interviewed banks are still in the process of
achieving this goal. Some banks have revealed that they have encounter ed some
problems with communication, changing culture and legacy set- up on the way to aligning
their strategies, policies and business processes. In terms of cultural change, a
substantial amount of time is required for people to get used to the newidea.
Existing gaps in alignment
•
Technology issues
The opinions of the interviewed banks w ere equally split between those who believe that
technology helps to facilitate alignment of strategy, policies and business processes and
those who feel that technology is an enabler of this alignment driven by business
management. The latter half stated that technology supports and empowers businesses
to align to the business strategy. One tier - 2 bank clarified that the “Credit Risk Group”
manage all credit systems and projects. Consequently, banks are driven by business and
supported by technology.
In terms of technology gaps, transparency is a key issue in one leading American bank. If
the bank has more transparency in their technology, alignment can be optimized.
12/10/04
19
•
Business issues
Half of the banks are currently experiencing some business issues with the alignment of
their strategies, policies and business processes. These include conflicting ideas, the
need to migrate from a volume- based to a value-based business, setting common
procedures and policies and achieving comprehensive methodologies.
Figure 10 : Business gaps
25%
Yes
50%
No
Do not know
25%
Source: Lepus
Some conflicting ideas between risk management and the front office are evident in one
tier-2 bank. The bank explained that this is a natur al process driven by the different nature
of the two functions. While the front office are aiming to achieve financial expertise and a
high level of specialization in order to generate higher profits, the credit risk function are
striving to achieve a balanced portfolio which mitigates the possibility of losses. For
instance, this bank gave an example of their front office wanting to specialize in certain
areas of financing but credit risk staff are not equally supportive of this idea as this may
cause concentration risk. The strategy of the front office in this case is to move away from
volume to value through specialising in certain products, which makes their credit risk
function weary of potential risk concentration implications.
This conflict of interests can be resolved with the help of good credit risk technology as
well as astute risk management strategies. The latter can help banks to find a perfect
balance between risk and reward, and stop front office from being too precarious and
credit risk from being too conservative. Sophisticated credit risk management technology,
on the other hand, can allow banks to find the bridge between the two drivers using stateof-the-art scientific methods.
Only 25% of the interviewed banks are not experiencing any significant business issues
with regards to aligning processes and policies. However, one of the banks mentioned
that they have encountered some minor gaps with regulatory requirements.
Adherence to Credit Policy
Monitoring adherence to credit policies
Ban ks use a variety of methods to design and monitor adherence to credit policy. Some of
the methods mentioned by investment banks include limit checking, credit inspection, predeal checking, global system, education and training.
12/10/04
20
Figure 11 : Design and monitor adherence to Credit Policy
Limit checking
38%
Credit inspection
25%
Pre-deal checking
13%
Global system
13%
Education and
training
13%
0%
5%
10%
15%
20%
25%
30%
35%
40%
Source: Lepus
38% of the banks mentioned that credit limit checking was used to meet their credit policy
requirements. The credit risk limit specifies the maximum exposure a firm is willing to take
to a counterparty. Similarly, another bank use a combination of both automated (limit
checking) and manual controls checks to adhere to the credit policy.
In terms of credit inspection, one bank has an internal audit group that inspects the quality
of their credit. As for training to educate employees on credit policy, one American bank
has online training tests that help people to understand the requirements of credit policy.
Recently, the bank has adopted a “workflow” training application, which highlights more
effectiv ely the new changes made to the credit policy. As a result, it enables employees to
learn more about current policies.
Keeping policies up-to-date
Half of the interviewed banks have regular meetings to review their credit policy to ensure
that it is up to date. The review process typically takes place on an annual basis. This is
vital to ensure that policies are aligned with the economic climate. One of the banks is in
the process of revamping their hedge fund policies with particular focus on what peers are
doing and on staff turnovers.
The level at which credit policy is discussed varies from one bank to another, for example
it can range from a business level to group risk level to Board level. At the Board level, the
topics discussed tend to be about rating grades, set style and thresholds. At the business
level, topics discussed include what types of opportunities are available and policies are
written in alignment with these availabilities.
One leading American bank stated that their Credit policy manager writes all the policies
without IT involvement. This gives the bank more flexibility as modification can be made
without discussing this with the technology group.
Other elements to ensure that credit policy does not come out of date include
commissioning industry studies and constant liaison with the regulators. Peer pressure
was mentioned as a factor that encourages banks to be more efficient in managing risk
policies.
12/10/04
21
Only one of the eight banks expressed an opinion that their main driver is not to keep
credit risk policies up-to- date and in alignment with the current economic climate but to
ensure that their policies support their business strategies.
Anticipated developments
Banks have a variety of anticipated developments in the area of credit policy. Some of the
suggestions from banks include meeting regulatory requirements of International
A ccounting Standards , Sarbanes Oxley Act and Basel II, adopting an active portfolio
management approach, adherence to the written policies, and enhancing credit policy to
be more efficient, more frequently updated and accurate. Enhancing existing technologies
is also important, as its main purpose is to reflect and enforce risk policies.
12/10/04
22
Active Management of Credit
Risk
One of the hardest challenges faced by banks in the risk area is active credit risk
management. It requires banks to have consistent risk-based credit limits, rational riskbased capital allocations and consistent credit decisions. Active credit risk management
can also mitigate future crisis events thus bringing considerable financial benefits. As one
of the interviewed investment banks stated, active credit risk management is a
fundamental process of proactively measuring, monitoring and managing risk.
Furthermore, by utilising risk management technology, which has been transformed over
the last decade, the speed of information flow and the sophistication of the international
financial markets enables banks to identify, assess and manage risk in a way that was
just not possible ten years ago.
This section will highlight the two elements that contribute to an active management of
credit risk, namely risk concentrations/credit portfolio management and credit hedging .
Risk concentrations and credit portfolio management
Portfolio management has allowed significant growth in credit risk management
sophistication which has moved from an exposure limitation and loss avoidance process
to a process of active management and fine-tuning of credit risks taken in the portfolio.
Active portfolio management results in measuring and limiting credit risks taken as well as
optimising the return gained for a given level of credit risk. Hence, the main objectives of
active portfolio credit risk management are improving risk- adjusted returns, managing
concentration risk, meeting regulatory requirements and enhancing revenues. A ctive
portfolio management allows banks to be more profitable, specialized and risk- efficient
businesses. In addition, banks can also attend to their clients’ needs while reducing the
risk of concentration and continuously evaluating transactions and portfolios against
regulatory guidelines.
One tier- 2 bank has mov ed towards credit portfolio management in the European
marketplace. This practice has allowed the firm to enhance its risk/return ratio through
greater liquidity of its credit portfolio, while enabling it to provide additional support to its
clients. The “Portfolio Management Group” invests in and manages all assets and credit
exposures, originated for the bank’s book. Its key function is active management of credit
portfolio to optimize its performance against return on economic capital and value-added
profit targets. To achieve performance and concentration targets, the bank has adopted
many techniques, both individually and in combination, which are available to portfolio
managers, including credit derivatives, securitization and physical trading. The
sophisticated use of these instruments has enabled the organization to support its client
base to a far greater extent than would be possible using “traditional” credit management
practices. It has also allowed the bank greater flexibility in developing and executing
proprietary structured debt products.
In terms of monitoring risk concentrations and credit portfolio diversification, banks regard
these as important factors. One of the main tools that help banks to monitor risk
concentration and diversification is global reporting systems, which produce aggregated
12/10/04
23
credit risk reports and identify dangerous risk concentrations, which then can be
eliminated through portfolio modifications.
An economic capital model is used to monitor one tier-1 American bank’s risk
concentrations and credit portfolio risk profile. Risk equity is assigned on a regular basis,
which is the behavior driver for traders. In other words, economic capital provides an
incentive for traders not to put on large concentrations in a given area, as ultimately it will
be expensive due to the equity charges. Hence, large concentrations will drive down
bonuses for traders, as it will be more difficult for trading to be profitable. Decisions on risk
charges are made by senior management, namely the Head of Credit. The CEO is also
briefed on the current concentrations on a quarterly basis. Furthermore, technology also
plays a critical role in this process as it allows computing complex calculations providing
numbers on which credit decisions are made.
One tier- 2 bank suggested using exposure risk systems as a way to monitor both
concentrations and credit portfolio risk profile. They are currently in the process of
replacing the system in order to stay up to date. Another key methodology is stress tes ting
which gives visibility as to where the issues may lie.
In terms of monitoring risk concentration, one tier -2 bank reports the concentration by
ratings, sector and location to the Board on a quarterly basis. Another bank has a credit
reporting group that manages the system, generating reports on concentrations for senior
managers. These reports are formulated on a daily basis especially for top client lists.
Credit hedging
Credit risk hedging is a means by which banks control credit risks they have already
acquired and make acceptable the credit risks that they are about to acquire. Credit risk
hedging allows banks to reduce or remove credit risks by having offsetting positions, or by
selling or terminating risk contributing positions. The ultimate goal is to optimize the use of
banks’ capital, so that risk is minimized for a given return. Hedging is commonly viewed
as a risk mitigation mechanism. However, if used strategically, it can also enhance value,
which comes down to making good business decisions. These include the following:
•
expected losses – understand whether the deal will be profitable
•
reserve methodology – allows the bank to make better economic decisions
•
risk return – allows better trades to occur if the right decisions are made
Additionally, credit hedging can replace high counterparty risk weightings with low
counterparty risk weights. This can effectively optimize return on capital in a loan portfolio,
especially if the reduction in regulatory capital is greater than the cost of hedging using
derivatives.
Lepus asked the interviewed banks about how active and effective they are in hedging
their positions. In 38% of the banks interviewed, credit hedging decisions are exercised
using value on default and potential and current exposure methodologies. Moreover,
credit hedging is increasingly based on portfolio analysis, with one of the banks making
hedging decisions at the portfolio level. Sophisticated portfolio models usually support
hedging decisions. For instance, economic capital and expected loss modeling to identify
opportunities for loan trading, single- name/basket credit default swaps; and also
counterparty exposure and expected loss modeling to identify opportunities for single-
12/10/04
24
name credit default trades, risk-reducing trades, assignments, and optimal counterparty
selection. The hedging decisions are typically made by a combination of trading desk and
credit risk management. They act on this on a dynamic basis and not periodically as
exposures are involved. The bank defines portfolio parameters or guidelines based on
ratings, e.g. industry and country.
Another leading investment bank previously used ad hoc case by case analysis to make
credit hedging decisions. However, it is now moving forward, in the sense that if they are
not comfortable with the exposures, there is a requirement to have default protections.
Some of the firms have also adopted internal credit risk hedging via desks whose purpose
is to provide credit protection, at a transfer price, to other desks within the firm. Then they
have the ability to choose how much of the firm’s net exposure to each counterparty is to
be traded to outside counterparties. The more decentralized organizations have desk-bydesks hedging of credit risks. These developments will have an impact in the asset and
liability management of banks that deal in derivatives. A large part of the counterparty risk
of these banks will be transferred via dynamic hedging, hopefully increasing market
efficiency.
Alarmingly, the rest of the institutions mentioned that hedging is not their strong point.
This is an obvious indicator of the fact that “active risk management” remains a challenge
to a number of investment banks.
12/10/04
25
Conclusion
Today, the focus for many banks is to adopt an enterprise credit risk management
approach as it gives an integrated view of risk. Best practice in credit risk management
should demonstrate centralization, standardization, timeliness, active portfolio
management and efficient tools for managing exposures. This is encouraged by the
pressure from regulatory requirements such as Basel II. By constantly enhancing existing
tools and methods, banks are able to work towards achieving best practice. Furthermore,
consistent, accurate and reliable data is required in order to achieve best practicein credit
risk management.
The methodologies used to measure credit risk are typically current and potential future
exposure, KMV’s Portfolio Management and Monte Carlo VaR. The anticipated
developments in the credit risk management space include meeting regulatory
requirements, adopting an active portfolio management approach, and adhering to
detailed, frequently updated and accurate credit policies.
12/10/04
26
Download