Risk Management Framework in Banks

advertisement
Rizwan Chughtai


Risk exposure arising from business activities
Need to effectively manage because of




Potential business losses
Ensure business continuity
Wider and/or complex risk requires more
prudent management
Risk appetite determines risk exposure


Optimize risk-reward trade-off rather than
minimize/eliminate risk.
Risk taking is inherent activity but


neither engage in business with unnecessary risk nor
absorb risk that can be transferred
Regulatory Case vs Business Case

Strategic Level


Macro Level


Within a business area or across business lines
Micro Level


Encompasses senior management and BOD
‘On-the-line’ risk management
Need to have properly structured RM




Introduced in 2003 (BSD Circular 7 of 2003)
Issued to enable financial institutions to
establish their own RM procedures
Provide an overview of actions and not
intended to detail every control procedure
Flexible and adaptable with the size and
complexity of business

Areas covered
Credit Risk
 Market Risk
 Liquidity Risk
 Operational Risk


Certain basic principles for risk management
applicable to all institutions irrespective of size
and complexity

Board and senior Management oversight
“The overall responsibility of risk management vests in the
Board of Directors, which shall formulate policies in
various areas of operations of the bank. The senior
management is, interalia, responsible for devising risk
management strategy and well-defined policies and
procedures for mitigating/controlling risks, which should
be duly approved by the Board. The senior management
is also responsible for the dissemination, implementation,
and compliance of approved policies and procedures.”

Integration of Risk Management
“At operational level, risk assessment may be made on
portfolio or business line basis, however, at the top level
the management need to adopt a holistic approach in
assessing and managing risk profile of the bank.”

Business Line Accountability
“Irrespective of a separate risk review or management
function individuals heading various business lines or
units are also accountable for the risk they are taking.”

Risk Evaluation/Measurement
“Wherever possible risks should be quantitatively
measured, reported, and mitigated.”

Independent review
“The risk review function should be independent of those
who approve and take risk. The review should include,
interalia, stress tests exposing the portfolio to
unanticipated movements in key variables or major
systemic shocks.”

Contingency planning
“Banks should have contingency plans for any unexpected
or worst case scenarios.”
•
•
•
•
•
•
The individuals who take or manage risks clearly
understand it.
The organization’s Risk exposure is within the
limits established by Board of Directors.
Risk taking Decisions are in line with the business
strategy and objectives set by BOD.
The expected payoffs compensate for the risks
taken
Risk taking decisions are explicit and clear.
Sufficient capital as a buffer is available to take
risk.

Board and Senior Management Oversight




BoD to approve credit risk strategy and other
significant policies
SM to develop and establish credit risk policies &
credit administration procedures and guide staff
Setting up appropriate organization structure
and specify duties/responsibilities
Credit management discipline

Credit Origination





Assess risk profile before extending credit
Cash flows and repayment capacity
Appropriate utilization of credit
Limit Setting
Credit Administration

Documentation, Disbursement, Monitoring,
Repayment, Credit Files, Collateral Documents







Measuring Credit Risk
Internal Risk Rating
Rating Review
Credit Risk monitoring & Control
Risk Review
Delegation of Authority
Managing Problem Credits






Board and Senior Management Oversight
Organizational Structure
Risk Management Committee
Asset-Liability Committee
Middle Office
Risk Measurement

Interest Rate, Foreign Exchange, Equity

Risk Measurement




Repricing Gap Models
Measuring Risk to Economic Value
Value at Risk
Risk Limits


Gap Limits
Factor Sensitivity Limits



Board and Senior Management Oversight
Early warning indicators of liquidity risk
Liquidity Risk Strategy




Composition of Assets & Liabilities
Diversification and Stability of Liabilities
ALCO/Investment Committee
Liquidity Risk Management Process

Liquidity Risk Measurement & Monitoring





Contingency Funding Plans (CPF)
Use of CPF for Routine Liquidity Management
Use of CPF for Emergency & Distress Environment
Cash Flow Projections
Liquidity Ratios and Limits

Operational Risk Management Principles
Ultimate accountability with BoD
 BoD to ensure effective & integrated OpRisk
Management Framework
 BoD and SM to identify and define all categories of
Operational Risk
 Document and communicate OpRisk policies and
procedures
 Integrated business and support functions
 Diligence of business line




Risk Assessment and Quantification
Risk Management and Mitigation
Risk Monitoring




Key Risk Indicators (KRIs)
Risk Reporting
Establish Control Mechanism
Contingency Planning


Guidelines in 2004 (BSD Circular 7 of 2004)
Properly designed and strictly enforced
system of internal controls helps:




protect the organization’s assets and profitability
from operational losses and frauds and forgeries
produces reliable financial and management
reports
helps compliance with laws and regulations
creates value for the stakeholders
•
•
•
BSD Circular 13 of 2004
Need for comprehensive BCP arrangements
Key considerations
–
–
–
–
–
–
–
–
–
Responsibility
Components of BCP
Critical Business Line
Geographic Concentration
Centralization of Operations
Recovery Time Targets
Testing
Updation and Validation
Compliance
•
•
Need to have synchronized and adhesive policies
covering different areas
Consolidated instructions on policy framework
(BSD Circular 3 of 2007)
–
Minimum Areas
•
•
•
•
•
•
•
•
Risk Management Policy
Credit Policy
Treasury & Investment Policy
Internal Control System and Audit Policy
I.T. Security Policy
Human Resource Policy
Expenditure Policy
Accounting & Disclosure Policy
•
•
•
BSD Circular 17 of 2008
ICAAP
supplements
quantitative
risk
assessment in Pillar-1 of Basel II
ICAAP is set of policies, methodologies,
techniques, and procedures to assess the capital
adequacy requirements in relation to the bank’s
risk profile and effectiveness of its risk
management,
control
environment
and
strategic planning

Elements of ICAAP
Board and senior management oversight
 Sound capital assessment
 Comprehensive assessment of risks
 Monitoring and reporting
 Internal control review


Core for every angle of Risk Management
Download