RISK MANAGEMENT REGULATORY REQUIREMENTS Rizwan Chughtai Preamble Risk
RISK MANAGEMENT REGULATORY REQUIREMENTS Rizwan Chughtai
Preamble � � Risk exposure arising from business activities Need to effectively manage because of � Potential business losses � Ensure business continuity � � Wider and/or complex risk requires more prudent management Risk appetite determines risk exposure
Risk Management – “What is? ” � � Optimize risk-reward trade-off rather than minimize/eliminate risk. Risk taking is inherent activity but � neither engage in business with unnecessary risk nor absorb risk that can be transferred � Regulatory Case vs Business Case
RM – Hierarchy Levels � Strategic Level � Encompasses � Macro Level � Within � a business area or across business lines Micro Level � ‘On-the-line’ � senior management and BOD risk management Need to have properly structured RM
SBP’s Guidelines on RM � � Introduced in 2003 (BSD Circular 7 of 2003) Issued to enable financial institutions to establish their own RM procedures Provide an overview of actions and not intended to detail every control procedure Flexible and adaptable with the size and complexity of business
SBP’s Guidelines on RM � Areas covered � Credit Risk � Market Risk � Liquidity Risk � Operational Risk � Certain basic principles for risk management applicable to all institutions irrespective of size and complexity
Basic Principles for RM
Basic Principles for RM - 1 � Board and senior Management oversight “The overall responsibility of risk management vests in the Board of Directors, which shall formulate policies in various areas of operations of the bank. The senior management is, interalia, responsible for devising risk management strategy and well-defined policies and procedures for mitigating/controlling risks, which should be duly approved by the Board. The senior management is also responsible for the dissemination, implementation, and compliance of approved policies and procedures. ”
Basic Principles for RM - 2 � Integration of Risk Management “At operational level, risk assessment may be made on portfolio or business line basis, however, at the top level the management need to adopt a holistic approach in assessing and managing risk profile of the bank. ” � Business Line Accountability “Irrespective of a separate risk review or management function individuals heading various business lines or units are also accountable for the risk they are taking. ”
Basic Principles for RM - 3 � Risk Evaluation/Measurement “Wherever possible risks should be quantitatively measured, reported, and mitigated. ” � Independent review “The risk review function should be independent of those who approve and take risk. The review should include, interalia, stress tests exposing the portfolio to unanticipated movements in key variables or major systemic shocks. ” � Contingency planning “Banks should have contingency plans for any unexpected or worst case scenarios. ”
Risk Management Essentials • • • The individuals who take or manage risks clearly understand it. The organization’s Risk exposure is within the limits established by Board of Directors. Risk taking Decisions are in line with the business strategy and objectives set by BOD. The expected payoffs compensate for the risks taken Risk taking decisions are explicit and clear. Sufficient capital as a buffer is available to take risk.
Managing Credit Risk
Managing Credit Risk � Board and Senior Management Oversight � Bo. D to approve credit risk strategy and other significant policies � SM to develop and establish credit risk policies & credit administration procedures and guide staff � � Setting up appropriate organization structure and specify duties/responsibilities Credit management discipline
Managing Credit Risk � Credit Origination � Assess risk profile before extending credit � Cash flows and repayment capacity � Appropriate utilization of credit � � Limit Setting Credit Administration � Documentation, Disbursement, Monitoring, Repayment, Credit Files, Collateral Documents
Managing Credit Risk � � � � Measuring Credit Risk Internal Risk Rating Review Credit Risk monitoring & Control Risk Review Delegation of Authority Managing Problem Credits
Managing Market Risk
Managing Market Risk � � � Board and Senior Management Oversight Organizational Structure Risk Management Committee Asset-Liability Committee Middle Office Risk Measurement � Interest Rate, Foreign Exchange, Equity
Managing Market Risk � Risk Measurement � Repricing Gap Models � Measuring Risk to Economic Value � Value at Risk � Risk Limits � Gap Limits � Factor Sensitivity Limits
Managing Liquidity Risk
Managing Liquidity Risk � � � Board and Senior Management Oversight Early warning indicators of liquidity risk Liquidity Risk Strategy � Composition of Assets & Liabilities � Diversification and Stability of Liabilities � � ALCO/Investment Committee Liquidity Risk Management Process
Managing Liquidity Risk � Liquidity Risk Measurement & Monitoring � Contingency Funding Plans (CPF) � Use of CPF for Routine Liquidity Management � Use of CPF for Emergency & Distress Environment � � Cash Flow Projections Liquidity Ratios and Limits
Managing Operational Risk
Managing Operational Risk � Operational Risk Management Principles � Ultimate accountability with Bo. D � Bo. D to ensure effective & integrated Op. Risk Management Framework � Bo. D and SM to identify and define all categories of Operational Risk � Document and communicate Op. Risk policies and procedures � Integrated business and support functions � Diligence of business line
Managing Operational Risk � � � Risk Assessment and Quantification Risk Management and Mitigation Risk Monitoring � Key � � � Risk Indicators (KRIs) Risk Reporting Establish Control Mechanism Contingency Planning
Internal Controls � � Guidelines in 2004 (BSD Circular 7 of 2004) Properly designed and strictly enforced system of internal controls helps: � protect the organization’s assets and profitability from operational losses and frauds and forgeries � produces reliable financial and management reports � helps compliance with laws and regulations � creates value for the stakeholders
Business Continuity Plan • • • BSD Circular 13 of 2004 Need for comprehensive BCP arrangements Key considerations – – – – – Responsibility Components of BCP Critical Business Line Geographic Concentration Centralization of Operations Recovery Time Targets Testing Updation and Validation Compliance
Policy Framework in Banks/DFIs • • Need to have synchronized and adhesive policies covering different areas Consolidated instructions on policy framework (BSD Circular 3 of 2007) – Minimum Areas • • Risk Management Policy Credit Policy Treasury & Investment Policy Internal Control System and Audit Policy I. T. Security Policy Human Resource Policy Expenditure Policy Accounting & Disclosure Policy
ICAAP • • • BSD Circular 17 of 2008 ICAAP supplements quantitative risk assessment in Pillar-1 of Basel II ICAAP is set of policies, methodologies, techniques, and procedures to assess the capital adequacy requirements in relation to the bank’s risk profile and effectiveness of its risk management, control environment and strategic planning
ICAAP � Elements of ICAAP � Board and senior management oversight � Sound capital assessment � Comprehensive assessment of risks � Monitoring and reporting � Internal control review � Core for every angle of Risk Management
THANK YOU
- Slides: 30