Dissertation Main - Risk Management in Banks

8/7/2019 Dissertation Main - Risk Management in Banks

1/87

THE EF

MANAGEME

UNDER THE GUIDANCE OF:

Prof. CKT.Chandrashekara

Head of Department

CHRIST UNIVERSITY INSTITU

PRESE

Ramya

MBA FIN

CHRIST

OF MAN

ECTIVENESS O

T SYSTEMS IN

SCOPE & A

E OF MANAGEMENT

TED BY:

L

ANCE

NIVERSITY INSTITUTE

AGEMENT

RISK

ANKS

AYSIS


2/87

2

C HA P TER 1 :

IN TR OD U C TION

Risk is inherent in any walk of life in general and in financial sectors in particular. Till

recently, due to regulate environment, banks could not afford to take risks. But of late, banks

are exposed to same competition and hence are compelled to encounter various types of

financial and non-financial risks. Risks and uncertainties form an integral part of banking

which by nature entails taking risks. There are three main categories of risks; Credit Risk,

Market Risk & Operational Risk. Author has discussed. Main features of these risks as well

as some other categories of risks such as Regulatory Risk and Environmental Risk. Various

tools and techniques to manage Credit Risk, Market Risk and Operational Risk and its

various components, are also discussed in detail. Also mentioned relevant points of Basels

New Capital Accord and role of capital adequacy, Risk Aggregation & Capital Allocation

and Risk Based Supervision (RBS), in managing risks in banking sector.

The face of banking in India is changing rapidly. The enhanced role of the banking sector in

the Indian economy, the increasing levels of deregulation along with the increasing levels ofcompetition have facilitated globalisation of the India banking system and placed numerous

demands on banks. Operating in this demanding environment has exposed banks to various

challenges and risks.

TRADITIONAL RISK MANAGEMENT SYSTEMS

Commercial banks are in the risk business. In the process of providing financial services, theyassume various kinds of financial risks. So we need to determine an approach to examine

large-scale risk management systems. The management of the banking firm relies on a

sequence of steps to implement a risk management system. These can be seen as containing

the following four parts:

Standards and reports

Position limits or rules

Investment guidelines or strategies

Incentive contracts and compensation


3/87

3

In general, these tools are established to measure exposure, define procedures to manage

these exposures, limit individual positions to acceptable levels, and encourage decision

makers to manage risk in a manner that is consistent with the firm's goals and objectives.

TYPES OF RISK

The banking industry has long viewed the problem of risk management as the need to control

four of the above risks which make up most, if not all, of their risk exposure, viz., credit,

interest rate, foreign exchange and liquidity risk. While they recognize counterparty and legal

risks, they view them as less central to their concerns.

1. CREDIT RISK

Credit Risk is the potential that a bank borrower/counter party fails to meet the obligations on

agreed terms. There is always scope for the borrower to default from his commitments for

one or the other reason resulting in crystallisation of credit risk to the bank. These losses

could take the form outright default or alternatively, losses from changes in portfolio value

arising from actual or perceived deterioration in credit quality that is short of default. Credit

risk is inherent to the business of lending funds to the operations linked closely to market risk

variables. The objective of credit risk management is to minimize the risk and maximize

banks risk adjusted rate of return by assuming and maintaining credit exposure within the

acceptable parameters. Credit risk consists of primarily two components, viz Quantity of risk,

which is nothing but the outstanding loan balance as on the date of default and the quality of

risk, viz, the severity of loss defined by both Probability of Default as reduced by the

recoveries that could be made in the event of default. Thus credit risk is a combined outcome

of Default Risk and Exposure Risk.

2. MARKET RISK

Market Risk may be defined as the possibility of loss to bank caused by the changes in the

market variables. It is the risk that the value of on-/off-balance sheet positions will be

adversely affected by movements in equity and interest rate markets, currency exchange rates

and commodity prices. Market risk is the risk to the banks earnings and capital due to

changes in the market level of interest rates or prices of securities, foreign exchange andequities, as well as the volatilities, of those prices.


4/87

4

3.OPERATIONAL RISK

Operational risk, though defined as any risk that is not categorized as market or credit risk, is

the risk of loss arising from inadequate or failed internal processes, people and systems or

from external events. In order to mitigate this, internal control and internal audit systems are

used as the primary means.

VALUE BASED RISK MANAGEMENT SYSTEMS

Value-at-risk (VaR)

Value-at-risk (VaR) is a measure of the worst expected loss over a given time interval under

normal market conditions at a given confidence level. Value-at-risk is widely used by banks,

securities firms and other trading organizations. Such firms could track their portfolios'

market risk by using historical volatility as a risk metric.

Use of Derivatives

There has been a significant increase in the use of derivatives in the risk management.

Credit Default Swaps - Credit derivatives are being used by almost all the banks now. Out

of a total of $250 trillion of derivative contracts traded round the world, more than 50% are in

form of credit derivatives. Then banks are using swaps for match their asset - liability

mismatch.

Interest Rate Swaps - A bank having a fixed income and floating outflow can go in for aswap to get fixed outflow. Similarly, swaps can be arranged to hedge currency risks.

Universal banking system is now spreading fast. This is diversifying the bank's operational

risk.

Stress Testing

It is a modern risk management practice which has found wide acceptability in Indian

Banking System. Determining the required buffer size of capital is an important risk


5/87

5

management issue for banks, which the Basel Committee (2002) suggests should be

approached via stress testing.

Stress testing permits a forward-looking analysis and a uniform approach to identifying

potential risks to the banking system as a whole. Stress tests done on German banks found

that, "it is not only the capital and reserves base which is crucial for the long-term stability of

the banks, however. The institutions also have to make further progress in their efforts to

achieve a sustained improvement in their profitability and in limiting their credit and market

risks." All these dynamics are well captured by Stress Testing models.

RBI says that, "Banks should identify their major sources of risk and carry out stress tests

appropriate to them. Some of these tests may be run daily or weekly, some others may be run

at monthly or quarterly intervals. This stress testing would also form a part of Pillar 2 of the

Basel II framework."

Basel Committee

Basel I

In July 1988, the Basel Committee came out with a set of recommendations aimed at

introducing minimum levels of capital for internationally active banks. These norms required

the banks to maintain capital of at least 8 per cent of their risk-weighted loan exposures.

Different risk weights were specified by the committee for different categories of exposure.

For instance, government bonds carried risk-weight of 0 per cent, while the corporate loans

had a risk-weight of 100 per cent.

Basel II

To set right these aspects, the Basel Committee came up with a new set of guidelines in June

2004, popularly known as the Basel II norms. These new norms are far more complex and

comprehensive compared to the Basel I norms. Also, the Basel II norms are more risk-

sensitive and they rely heavily on data analysis for risk measurement and management. They

have given three pillars which act as guideline for implementation of Basel II.

1. Pillar 1

Basel II norms provide banks with guidelines to measure the various types of risks they face -

credit, market and operational risks and the capital required to cover these risks.


6/87

6

Market risk - Unchanged from existing Basel I Accord

Credit risk

Significant change from existing Basel Accord

Three different approaches to the calculation of minimum capital requirements

Capital incentives to move to more sophisticated credit risk management approaches

based on internal ratings

Sophisticated approaches have systems / controls and data collection requirements

Operational risk

Not covered in Basel I Accord

Three different approaches to the calculation of minimum capital requirements

Adoption of each approach subject to compliance with defined qualifying criteria

2. Pillar II (Supervisory Reviews)

It ensures that not only do the banks have adequate capital to cover their risks, but also that

they employ better risk management practices so as to minimise the risks.

Capital cannot be regarded as a substitute for inadequate risk management practices. This

pillar requires that if the banks use asset securitisation and credit derivatives and wish to

minimise their capital charge they need to comply with various standards and controls.

As a part of the supervisory process, the supervisors need to ensure that the regulations are

adhered to and the internal measurement systems are standardised and validated.

3. Pillar III (Market Discipline)

This market discipline is brought through greater transparency by asking banks to make

adequate disclosures. The potential audiences of these disclosures are supervisors, bank's

customers, rating agencies, depositors and investors. Market discipline has two important

components:

Market signaling in form of change in bank's share prices or change in bank's

borrowing rates

Responsiveness of the bank or the supervisor to market signals


7/87

7

C HA P TER 2 :

R ES EA R C H D ES IGN

TITLE OF THE PROJECT

The effectiveness of Risk management in Banks scope and analysis.

STATEMENT OF PROBLEM

The world of finance has always had an intuitive understanding of risk. The risks that emerge

from the increased variety and complexities of banking business, as well as from the various

new drivers of growth has pushed the contours of risk management in banks much beyond

what would probably have existed in the more traditional forms of banking activity of

accepting deposits and lending in relatively stable environments.

Thus its very important for banks to understand the nature and context of risk management

and also develop appropriate tools and mechanism to manage and mitigate risks.

SCOPE OF THE STUDY

This project intends to study the scope of risk management in banks and also the tools and

mechanism to manage and mitigate risks. Further the study also evaluates the soundness of

banks in the area of risk management.

OBJECTIVES OF THE STUDY

To study the various risks to which banks are exposed.

To study the risk management tools and techniques in banks.

To determine the effectiveness of Credit, Market, operational and liquidity

management in banks.


8/87

8

To compare the soundness of the banks in respect of risk management.

METHODOLOGY

This study is done in parts: First a theoretical study about risk management mechanism used

in banks. Secondly a questionnaire analysis of the actual implementation and effectiveness of

risk Management. Finally a comparative study on the soundness of banks based on risk

mechanisms adopted and implemented.

Type of research

An analytical and descriptive method is adopted to carry out the research. The project is an

in-depth study. The research is carried out in the form of a case study where the bank

employees in risk Management department were interviewed to understand the mechanism

and effectiveness of risk management.

Data collection method

The procedure of data collection started with an in depth study of the Risk management

mechanism. This was facilitated by reading journals, articles, e-journals and Bank reports.

This was the first and the quintessential step taken before proceeding with the project work.

The next step dealt was through questionnaire analysis, which was filled by bank officials.

This was aided by the discussions with the Bank officials as well as articles and online

publications. This step also involved gaining knowledge about Risk management tools and

techniques and its importance in decision making and risk mitigation.

Sampling details

The analysis of the primary data has been done on the basis of responses received in the

questionnaire. Sample size: 40. The sample whose responses have been tabulated consists of

the following Banks.


9/87

9

Allahabad Bank - 2 Kempe Gowda Road Bangalore 560009 Phone 22262064 /

22253402

Bank of Baroda - 72 Mahatma Gandhi Road Bangalore 560001 Phone 25587909

Bank of India - 49 St. Marks Road Bangalore 560001 Phone 22212795 Canara Bank- 112 J C Road Bangalore 560002 Phone 22221581

Central Bank of India - Kempe Gowda Road Bangalore 560009 Phone 22873096

Corporation Bank- 114 M.G.Road Bangalore 560001 Phone 25587940 / 25588435

State Bank of India - Local Head Office, 48, Church Street, Bangalore 560 025 Ph:

25587098

ING Vysya Bank- 72 St Marks Road Bangalore 560001 Phone 22212021

Tools for analysis

SPSS

EXCEL


10/87

10

C HA P TER 3 :

EVOLU TION OF R IS K M A N A GEM EN T

IN BA N KS

It was in October 1999, that the Reserve Bank issued guidelines on Risk Management in

banks setting out its expectations from banks; the guidelines adopted an integrated approach

to risk management. Even earlier, in February 1999, banks were advised to set up an asset

liability management framework to manage liquidity and interest rate risk. In this context, the

following observations were made:

The need to accelerate the speed at which banks have been moving towards

establishment of risk management systems .

The need to achieve convergence with regulatory and supervisory

expectations/requirements while deciding on the sophistication of methods to

be adopted.

Developing appropriate risk management architecture, MIS and skill

enhancement

The need to integrate risk management process with capital planning strategies

The current business environment, with its pointed emphasis on corporate governance, is

making it critical for banks to explain their risk profiles publicly with greater clarity and

detail than ever before. Risk is still a complex and technical subject, so achieving

transparency will not be easy. Internal constituents, analysts, ratings agencies, investors, and

regulators all have varying levels of understanding of advanced risk measurement techniques.

All will require continuing education before the market as a whole reaches a common

understanding of risk. In particulars, direct stakeholders in any transaction need to be aware

of the risks involved. For the third pillar of Basle II (Market Discipline) to be efficacious, it is

important that the stakeholders are aware of the risks involved in the banks transactions and

the systems in place to manage the risks. In this context, the importance of an appropriateness

policy for banks offering various products to the corporate clients can't be over-emphasised.


11/87

11

The risk management systems developed by banks would include a lot of attention of top

management to the suitability of IT structure including issues of connectivity, designing an

MIS format that is risk focused, setting up an organization to manage risk that ensures

segregation of risk assessment from operations, frequent review of risk management systems

to ensure there is no slippage and last but not the least, to develop appropriate skills within

the organization. In this context, it must be kept in view that risk management is not the sole

concern of the risk management department but rather a culture that pervades the whole

organization with specific support from the top management.

RECENT INITIATIVES IN RISK MANAGEMENT

In India, over the years various steps have been taken to strengthen the Risk Management

Architecture, both at the bank specific level as well as a broader systemic level.

ALM Guidelines: Most banks have put in place an ALM framework. However there is lot to

be done to internalize this framework as a part of the overall risk perceptions of the bank and

the capital planning strategy of the bank. Issues in data infirmity still remain to some extent.In many cases, the ALCOs role remains confined to deciding on interest rates of the bank.

This is partly due to lack of decision support system available to the ALCO. Availability of

impact and scenario analysis of changes in yield structures would be a significant enabling

factor.

The Reserve Bank has recently issued draft guidelines to banks with the objective of

graduating from the current maturity ladder approach prevalent in most banks to a duration

gap approach. The later approach makes it possible for banks to calculate the modified

duration of assets and liabilities, the duration gap and duration of equity. The concept of

duration of equity gives banks, subject to certain limitations, a single number indicating the

impact of a one per cent change of interest rate on its capital, captures the interest rate risk

and thereby helps move a step forward towards assessment of risk based capital/economic

capital.


12/87

12

Credit risk: Another important issue is that bank resources and supervisory resources have

concentrated on credit risk modeling of commercial and industrial portfolios, with relatively

fewer resources devoted to risk quantification in the retail credit area. The possible reasons

could be

(i) from a systemic perspective, it makes economic sense to devote more resources to

evaluating the risk factors of larger loans

(ii) there is a long history of ratings agency evaluations for publicly traded firms which ,

along with the extensive data available for publicly traded firms, provided an extremely

useful benchmark for the development of quantification methods for commercial portfolios.

However, despite this commercial side emphasis, retail credit is a substantial part of the risk

borne by the banking industry, and can not be ignored. Recognizing this, over the last decade

or so, the industry and academia have devoted significant resources to developing more

sophisticated credit-scoring models for measuring this risk. Like their counterparts on the

commercial side, these models also rely heavily on quantitative analysis.

Derivatives: There has been a spurt of derivatives exposures in the off balance sheetexposures. The composition of derivatives portfolio of the banking system has also

undergone a significant transformation. Forward foreign exchange contracts which accounted

for around 80% of total derivatives, declined steadily and stood at almost 43%. while the

share of interest rate contracts went up from 19% to 54% during the same period. Foreign

currency options have recorded noticeable increase during the last year.

The risks arising on account of OBS activities of banks are controlled through a combination

of both banks internal risk management and control policies and risk mitigation mechanism

imposed by the regulators. The board approved internal control policies covering various

aspects of management of risks arising both on and off balance sheet exposures constitute the

first line of defence to the bank. Holding of minimum defined regulatory capital for all OBS

exposures, collection of periodic supervisory data and incorporating transparency and

disclosure requirements in bank balance sheet are some of the major regulatory initiatives

undertaken to control and monitor OBS exposures of the banking system.


13/87

13

The rapid proliferation of derivatives exposures inevitably poses a challenge on account of

the downside risks associated with them, if not managed properly. There are issues relating to

use of structured products, valuation, counterparty related issues, risk management and

reporting issues and last but not the least, training and skill development. While derivatives

facilitate risk hedging and risk transfer to institutions more willing to bear the risks, the

tendency of participants to use derivatives to assume excessive leverage, and lack of

prudential accounting guidelines are matters of concern.

RBI has been stressing on the need to carry out due diligence regarding customer

appropriateness and suitability of products before offering derivative products to their

customers. There is need to use risk mitigation techniques such as collaterals and netting to

reduce systemic risks and evolve appropriate accounting guidelines.

Stress Testing: The need for banks to have robust stress testing process for assessment of

capital adequacy given various possible events like economic downturns, industrial

downturns, market risk events and sudden shifts in liquidity conditions. Similarly exposures

to sensitive sectors and high risk category of assets would have to be subjected to more

frequent stress tests based. Stress tests would enable banks to assess the risk more accuratelyand, thereby, facilitate planning for appropriate capital requirements.

Subsequently RBI has issued guidelines on stress testing. Banks are required to identify an

appropriate range of realistic adverse circumstances and events in which the identified risk

crystallizes and estimate the financial resources needed by it under each of the circumstances

to : a) meet the risk as it arises and for mitigating the impact of manifestation of that risk; b)

meet the liabilities as they fall due; and c) meet the minimum CRAR requirements. It may be

pertinent to note that the banks have been advised to apply stress tests at varying frequencies

dictated by their respective business requirements, relevance and cost.

Financial Conglomerates: The rapid expansion of financial services, both in terms of

volumes and variety have, as it is, posed a challenge for financial stability. This is made all

the more difficult by the organizational dimension which perhaps provides scope for

regulatory arbitrage. While this could appear beneficial to the organisation in the short run, itonly heightens systemic risk that in turn exposes the institution to externalities which have a


14/87

14

cost. There has been entry of some banks into other financial segments like merchant

banking, insurance and several new players have emerged who have a diversified presence

across major segments of financial sector. Some of the non-banking institutions in the

financial sector can acquire proportions large enough to have a systemic impact. It has,

therefore, become necessary not only for the supervisor to have a "conglomerate" approach to

regulation and supervision but also for banks themselves to put in place risk management

systems at global levels i.e for the whole organizational as a whole, rather than only the bank

level. The risks associated with conglomeration may include:

1. The moral hazard associated with the Too-Big-To-Fail position of many financial

conglomerates;

2. Contagion or reputation effects on account of the 'holding out' phenomenon;

3. Concerns about regulatory arbitrage, non-arms length dealings, etc. arising out of Intra-

group Transactions and Exposures (ITEs) both financial and non-financial

It is in this context that the issue of integrated risk management, at the enterprise wide as well

as group wide level, acquires significance. RBI has put in place a framework for oversight of

financial conglomerates, along with SEBI and IRDA. Half-yearly discussions have also been

initiated with the Chief Executive Officers of the designated entities of the conglomerates to

address outstanding issues/ supervisory concerns.


15/87

15

C HA P TER 4 :

F R A M EWOR K OF R IS K A N D R IS K

M A N A GEM EN T

DEFINING RISK:

Financial risk in a banking organization is possibility that the outcome of an action or event

could bring up adverse impacts. Such outcomes could either result in a direct loss of earnings

/ capital or may result in imposition of constraints on banks ability to meet its business

objectives. Such constraints pose a risk as these could hinder a bank's ability to conduct its

ongoing business or to take benefit of opportunities to enhance its business.

Regardless of the sophistication of the measures, banks often distinguish between expected

and unexpected losses. Expected losses are those that the bank knows with reasonable

certainty will occur (e.g., the expected default rate of corporate loan portfolio or credit card

portfolio) and are typically reserved for in some manner. Unexpected losses are those

associated with unforeseen events (e.g. losses experienced by banks in the aftermath of

nuclear tests, Losses due to a sudden down turn in economy or falling interest rates). Banks

rely on their capital as a buffer to absorb such losses.

Risks are usually defined by the adverse impact on profitability of several distinct sources of

uncertainty. While the types and degree of risks an organization may be exposed to depend

upon a number of factors such as its size, complexity business activities, volume etc, it is

believed that generally the banks face Credit, Market, Liquidity, Operational, Compliance /

legal /regulatory and reputation risks. Before overarching these risk categories, given below

are some basics about risk Management and some guiding principles to manage risks in

banking organization.

RISK MANAGEMENT

Risk Management is a discipline at the core of every financial institution and encompasses all

the activities that affect its risk profile. It involves identification, measurement, monitoring

and controlling risks to ensure that


16/87

16

a) The individuals who take or manage risks clearly understand it.

b) The organizations Risk exposure is within the limits established by Board of Directors.

c) Risk taking Decisions are in line with the business strategy and objectives set by BOD.

d) The expected payoffs compensate for the risks taken

e) Risk taking decisions are explicit and clear.

f) Sufficient capital as a buffer is available to take risk

The acceptance and management of financial risk is inherent to the business of banking and

banks roles as financial intermediaries. Risk management as commonly perceived does not

mean minimizing risk; rather the goal of risk management is to optimize risk-reward trade -

off. Notwithstanding the fact that banks are in the business of taking risk, it should be

recognized that an institution need not engage in business in a manner that unnecessarily

imposes risk upon it: nor it should absorb risk that can be transferred to other participants.

Rather it should accept those risks that are uniquely part of the array of banks services.

RISK MANAGEMENT AT DIFFERENT LEVELS:

In every financial institution, risk management activities broadly take place simultaneously at

following different hierarchy levels.

A) Strategic level: It encompasses risk management functions performed by senior

management and BOD. For instance definition of risks, ascertaining institutions risk appetite,

formulating strategy and policies for managing risks and establish adequate systems and

controls to ensure that overall risk remain within acceptable level and the reward compensate

for the risk taken.

B) Macro Level: It encompasses risk management within a business area or across business

lines. Generally the risk management activities performed by middle management or units

devoted to risk reviews fall into this category.

C)Micro Level: It involves On-the-line risk management where risks are actually created.

This is the risk management activities performed by individuals who take risk on

organizations behalf such as front office and loan origination functions. The risk


17/87

17

management in those areas is confined to following operational procedures and guidelines set

by management.

Expanding business arenas, deregulation and globalization of financial activities emergence

of new financial products and increased level of competition has necessitated a need for an

effective and structured risk management in financial institutions. A banks ability to

measure, monitor, and steer risks comprehensively is becoming a decisive parameter for its

strategic positioning. The risk management framework and sophistication of the process, and

internal controls, used to manage risks, depends on the nature, size and complexity of

institutions activities. Nevertheless, there are some basic principles that apply to all financial

institutions irrespective of their size and complexity of business and are reflective of the

strength of an individual bank's risk management practices.

RISK MANAGEMENT FRAMEWORK

A risk management framework encompasses the scope of risks to be managed, the

process/systems and procedures to manage risk and the roles and responsibilities of

individuals involved in risk management. The framework should be comprehensive enough

to capture all risks a bank is exposed to and have flexibility to accommodate any change in

business activities. An effective risk management framework includes

a) Clearly defined risk management policies and procedures covering risk identification,

acceptance, measurement, monitoring, reporting and control.

b) A well constituted organizational structure defining clearly roles and responsibilities of

individuals involved in risk taking as well as managing it. Banks, in addition to risk

management functions for various risk categories may institute a setup that supervises overall

risk management at the bank. Such a setup could be in the form of a separate department or

banks Risk Management Committee (RMC) could perform such function (A recent concept

in this regard is Enterprise Risk Management (ERM). The structure should be such that

ensures effective monitoring and control over risks being taken. The individuals responsible

for review function (Risk review, internal audit, compliance etc) should be independent fromrisk taking units and report directly to board or senior management who are also not involved


18/87

18

in risk taking.

c) There should be an effective management information system that ensures flow of

information from operational level to top management and a system to address any

exceptions observed. There should be an explicit procedure regarding measures to be taken to

address such deviations.

d) The framework should have a mechanism to ensure an ongoing review of systems, policies

and procedures for risk management and procedure to adopt changes.

INTEGRATION OF RISK MANAGEMENT

Risks must not be viewed and assessed in isolation, not only because a single transaction

might have a number of risks but also one type of risk can trigger other risks. Since

interaction of various risks could result in diminution or increase in risk, the risk management

process should recognize and reflect risk interactions in all business activities as appropriate.

While assessing and managing risk the management should have an overall view of risks the

institution is exposed to. This requires having a structure in place to look at risk

interrelationships across the organization.

BUSINESS LINE ACCOUNTABILITY.

In every banking organization there are people who are dedicated to risk management

activities, such as risk review, internal audit etc. It must not be construed that risk

management is something to be performed by a few individuals or a department. Business

lines are equally responsible for the risks they are taking. Because line personnel, more than

anyone else, understand the risks of the business, such a lack of accountability can lead to

problems.

RISK EVALUATION/MEASUREMENT.

Until and unless risks are not assessed and measured it will not be possible to control risks.

Further a true assessment of risk gives management a clear view of institutions standing and

helps in deciding future action plan. To adequately capture institutions risk exposure, risk


19/87

19

measurement should represent aggregate exposure of institution both risk type and business

line and encompass short run as well as long run impact on institution. To the maximum

possible extent institutions should establish systems / models that quantify their risk profile,

however, in some risk categories such as operational risk, quantification is quite difficult and

complex. Wherever it is not possible to quantify risks, qualitative measures should be

adopted to capture those risks. Whilst quantitative measurement systems support effective

decision-making, better measurement does not obviate the need for well-informed, qualitative

judgment. Consequently the importance of staff having relevant knowledge and expertise

cannot be undermined. Finally any risk measurement framework, especially those which

employ quantitative techniques/model, is only as good as its underlying assumptions, the

rigor and robustness of its analytical methodologies, the controls surrounding data inputs and

its appropriate application.

INDEPENDENT REVIEW.

One of the most important aspects in risk management philosophy is to make sure that those

who take or accept risk on behalf of the institution are not the ones who measure, monitor and

evaluate the risks. Again the managerial structure and hierarchy of risk review function may

vary across banks depending upon their size and nature of the business, the key is

independence. To be effective the review functions should have sufficient authority, expertise

and corporate stature so that the identification and reporting of their findings could be

accomplished without any hindrance. The findings of their reviews should be reported to

business units, Senior Management and, where appropriate, the Board.

CONTINGENCY PLANNING.

Institutions should have a mechanism to identify stress situations ahead of time and plans to

deal with such unusual situations in a timely and effective manner. Stress situations to which

this principle applies include all risks of all types. For instance contingency planning

activities include disaster recovery planning, public relations damage control, litigation

strategy, responding to regulatory criticism etc. Contingency plans should be reviewed

regularly to ensure they encompass reasonably probable events that could impact the

organization. Plans should be tested as to the appropriateness of responses, escalation and

communication channels and the impact on other parts of the institution.


20/87

20

C HA P TER 5 :

M A N A GIN G C R ED IT R IS K

Credit risk arises from the potential that an obligor is either unwilling to perform on an

obligation or its ability to perform such obligation is impaired resulting in economic loss to

the bank.

In a banks portfolio, losses stem from outright default due to inability or unwillingness of a

customer or counter party to meet commitments in relation to lending, trading, settlement and

other financial transactions. Alternatively losses may result from reduction in portfolio value

due to actual or perceived deterioration in credit quality. Credit risk emanates from a banks

dealing with individuals, corporate, financial institutions or a sovereign. For most banks,

loans are the largest and most obvious source of credit risk; however, credit risk could stem

from activities both on and off balance sheet. In addition to direct accounting loss, credit risk

should be viewed in the context of economic exposures. This encompasses opportunity costs,

transaction costs and expenses associated with a non-performing asset over and above the

accounting loss.

Credit risk can be further sub-categorized on the basis of reasons of default. For instance the

default could be due to country in which there is exposure or problems in settlement of a

transaction. Credit risk not necessarily occurs in isolation. The same source that endangers

credit risk for the institution may also expose it to other risk. For instance a bad portfolio may

attract liquidity problem.

COMPONENTS OF CREDIT RISK MANAGEMENT

A typical Credit risk management framework in a financial institution may be broadly

categorized into following main components.

a) Board and senior Managements Oversight

b) Organizational structure

c) Systems and procedures for identification, acceptance, measurement, monitoring andcontrol risks.


21/87

21

A) Board and Senior Managements Oversight

It is the overall responsibility of banks Board to approve banks credit risk strategy and

significant policies relating to credit risk and its management which should be based on the

banks overall business strategy. To keep it current, the overall strategy has to be reviewed by

the board, preferably annually. The responsibilities of the Board with regard to credit risk

management should include :

a) Delineate banks overall risk tolerance in relation to credit risk.

b) Ensure that banks overall credit risk exposure is maintained at prudent levels and

consistent with the available capital

c) Ensure that top management as well as individuals responsible for credit risk management

possess sound expertise and knowledge to accomplish the risk management function

d) Ensure that the bank implements sound fundamental principles that facilitate the

identification, measurement, monitoring and control of credit risk.

e) Ensure that appropriate plans and procedures for credit risk management are in place.

The very first purpose of banks credit strategy is to determine the risk appetite of the bank.

Once it is determined the bank could develop a plan to optimize return while keeping credit

risk within predetermined limits. The banks credit risk strategy thus should spell out

a) The institutions plan to grant credit based on various client segments and products,

economic sectors, geographical location, currency and maturity

b) Target market within each lending segment, preferred level of diversification/

concentration.

c) Pricing strategy.

It is essential that banks give due consideration to their target market while devising credit

risk strategy. The credit procedures should aim to obtain an in-depth understanding of the

banks clients, their credentials & their businesses in order to fully know their customers.

The strategy should provide continuity in approach and take into account cyclic aspect of

countrys economy and the resulting shifts in composition and quality of overall credit

portfolio. While the strategy would be reviewed periodically and amended, as deemed

necessary, it should be viable in long term and through various economic cycles.


22/87

22

The senior management of the bank should develop and establish credit policies and credit

administration procedures as a part of overall credit risk management framework and get

those approved from board. Such policies and procedures shall provide guidance to the staff

on various types of lending including corporate, SME, consumer, agriculture, etc. At

minimum the policy should include

Detailed and formalized credit evaluation/ appraisal process.

Credit approval authority at various hierarchy levels including authority for approving

exceptions.

Risk identification, measurement, monitoring and control

Risk acceptance criteria

Credit origination and credit administration and loan documentation procedures

Roles and responsibilities of units/staff involved in origination and management of

credit.

Guidelines on management of problem loans.

In order to be effective these policies must be clear and communicated down the line. Further

any significant deviation/exception to these policies must be communicated to the top

management/board and corrective measures should be taken. It is the responsibility of senior

management to ensure effective implementation of these policies.

B) Organizational Structure.

To maintain banks overall credit risk exposure within the parameters set by the board of

directors, the importance of a sound risk management structure is second to none. While the

banks may choose different structures, it is important that such structure should be

commensurate with institutions size, complexity and diversification of its activities. It must

facilitate effective management oversight and proper execution of credit risk management

and control processes.

Each bank, depending upon its size, should constitute a Credit Risk Management Committee

(CRMC), ideally comprising of head of credit risk management Department, credit

department and treasury. This committee reporting to banks risk management committee

should be empowered to oversee credit risk taking activities and overall credit risk

management function.


23/87


24/87

24

C) Systems and Procedures

Credit Origination.

Banks must operate within a sound and well-defined criteria for new credits as well as the

expansion of existing credits. Credits should be extended within the target markets and

lending strategy of the institution.

Before allowing a credit facility, the bank must make an assessment of risk profile of the

customer/transaction. This may include

a) Credit assessment of the borrowers industry, and macro economic factors.

b) The purpose of credit and source of repayment.

c) The track record / repayment history of borrower.

d) Assess/evaluate the repayment capacity of the borrower.

e) The Proposed terms and conditions and covenants.

f) Adequacy and enforceability of collaterals.

g) Approval from appropriate authority

In case of new relationships consideration should be given to the integrity and repute of the

borrowers or counter party as well as its legal capacity to assume the liability. Prior to

entering into any new credit relationship the banks must become familiar with the borrower

or counter party and be confident that they are dealing with individual or organization of

sound repute and credit worthiness. However, a bank must not grant credit simply on the

basis of the fact that the borrower is perceived to be highly reputable i.e. name lending should

be discouraged. While structuring credit facilities institutions should appraise the amount and

timing of the cash flows as well as the financial position of the borrower and intended

purpose of the funds. It is utmost important that due consideration should be given to the risk

reward trade off in granting a credit facility and credit should be priced to cover all

embedded costs. Relevant terms and conditions should be laid down to protect the

institutions interest.

Institutions have to make sure that the credit is used for the purpose it was borrowed. Where

the obligor has utilized funds for purposes not shown in the original proposal, institutions

should take steps to determine the implications on creditworthiness. In case of corporate

loans where borrower own group of companies such diligence becomes more important.

Institutions should classify such connected companies and conduct credit assessment on

consolidated/group basis.


25/87

25

In loan syndication, generally most of the credit assessment and analysis is done by the lead

institution. While such information is important, institutions should not over rely on that. All

syndicate participants should perform their own independent analysis and review of syndicate

terms. Institution should not over rely on collaterals / covenant. Although the importance of

collaterals held against loan is beyond any doubt, yet these should be considered as a buffer

providing protection in case of default, primary focus should be on obligors debt servicing

ability and reputation in the market.

Limit setting

An important element of credit risk management is to establish exposure limits for single

obligors and group of connected obligors. Institutions are expected to develop their own limit

structure while remaining within the exposure limits set by RBI. The size of the limits should

be based on the credit strength of the obligor, genuine requirement of credit, economic

conditions and the institutions risk tolerance. Appropriate limits should be set for respective

products and activities. Institutions may establish limits for a specific industry, economic

sector or geographic regions to avoid concentration risk.

Sometimes, the obligor may want to share its facility limits with its related companies.

Institutions should review such arrangements and impose necessary limits if the transactions

are frequent and significant

Credit limits should be reviewed regularly at least annually or more frequently if obligors

credit quality deteriorates. All requests of increase in credit limits should be substantiated.

Credit Administration.

Ongoing administration of the credit portfolio is an essential part of the credit process. Credit

administration function is basically a back office activity that support and control extension

and maintenance of credit. A typical credit administration unit performs following functions:

a. Documentation. It is the responsibility of credit administration to ensure completeness of

documentation (loan agreements, guarantees, transfer of title of collaterals etc) in accordance

with approved terms and conditions. Outstanding documents should be tracked and followed

up to ensure execution and receipt.

b. Credit Disbursement. The credit administration function should ensure that the loan

application has proper approval before entering facility limits into computer systems.


26/87


27/87

27

o Competitive Position (e.g. marketing/technological edge)

o Management

Financial Risk

o Financial condition

o Profitability

o Capital Structure

o Present and future Cash flows

Internal Risk Rating.

Credit risk rating is summary indicator of a banks individual credit exposure. An internal

rating system categorizes all credits into various classes on the basis of underlying credit

quality. A well-structured credit rating framework is an important tool for monitoring and

controlling risk inherent in individual credits as well as in credit portfolios of a bank or a

business line. The importance of internal credit rating framework becomes more eminent due

to the fact that historically major losses to banks stemmed from default in loan portfolios.

While a number of banks already have a system for rating individual credits in addition to the

risk categories prescribed by RBI, all banks are encouraged to devise an internal rating

framework. An internal rating framework would facilitate banks in a number of ways such as

a) Credit selection

b) Amount of exposure

c) Tenure and price of facility

d) Frequency or intensity of monitoring

e) Analysis of migration of deteriorating credits and more accurate computation of future

loan loss provision

f) Deciding the level of Approving authority of loan.

CREDIT RISK MONITORING & CONTROL

Credit risk monitoring refers to incessant monitoring of individual credits inclusive of Off-

Balance sheet exposures to obligors as well as overall credit portfolio of the bank. Banks

need to enunciate a system that enables them to monitor quality of the credit portfolio on day-


28/87

28

to-day basis and take remedial measures as and when any deterioration occurs. Such a system

would enable a bank to ascertain whether loans are being serviced as per facility terms, the

adequacy of provisions, the overall risk profile is within limits established by management

and compliance of regulatory limits. Establishing an efficient and effective credit monitoring

system would help senior management to monitor the overall quality of the total credit

portfolio and its trends. Consequently the management could fine tune or reassess its credit

strategy /policy accordingly before encountering any major setback. The banks credit policy

should explicitly provide procedural guideline relating to credit risk monitoring. At the

minimum it should lay down procedure relating to

The roles and responsibilities of individuals responsible for credit risk monitoring

The assessment procedures and analysis techniques (for individual loans & overall

portfolio)

The frequency of monitoring

The periodic examination of collaterals and loan covenants

The frequency of site visits

The identification of any deterioration in any loan

Given below are some key indicators that depict the credit quality of a loan:

a. Financial Position and Business Conditions. The most important aspect about an obligor

is its financial health, as it would determine its repayment capacity. Consequently institutions

need carefully watch financial standing of obligor. The Key financial performance indicators

on profitability, equity, leverage and liquidity should be analyzed. While making such

analysis due consideration should be given to business/industry risk, borrowers position

within the industry and external factors such as economic condition, government policies,

regulations. For companies whose financial position is dependent on key management

personnel and/or shareholders, for example, in small and medium enterprises, institutions

would need to pay particular attention to the assessment of the capability and capacity of the

Management/shareholder.

b. Conduct of Accounts. In case of existing obligor the operation in the account would give

a fair idea about the quality of credit facility. Institutions should monitor the obligors

account activity, repayment history and instances of excesses over credit limits. For trade


29/87

29

financing, institutions should monitor cases of repeat extensions of due dates for trust receipts

and bills.

c. Loan Covenants. The obligors ability to adhere to negative pledges and financial

covenants stated in the loan agreement should be assessed, and any breach detected should be

addressed promptly.

d. Collateral valuation. Since the value of collateral could deteriorate resulting in unsecured

lending, banks need to reassess value of collaterals on periodic basis. The frequency of such

valuation is very subjective and depends upon nature of collaterals. For instance loan granted

against shares need revaluation on almost daily basis whereas if there is mortgage of a

residential property the revaluation may not be necessary as frequently. In case of credit

facilities secured against inventory or goods at the obligors premises, appropriate inspection

should be conducted to verify the existence and valuation of the collateral.

RISK REVIEWThe institutions must establish a mechanism of independent, ongoing assessment of credit

risk management process. All facilities except those managed on a portfolio basis should be

subjected to individual risk review at least once in a year. The results of such review should

be properly documented and reported directly to board, or its subcommittee or senior

management without lending authority. The purpose of such reviews is to assess the credit

administration process, the accuracy of credit rating and overall quality of loan portfolio

independent of relationship with the obligor.

Institutions should conduct credit review with updated information on the obligors financial

and business conditions, as well as conduct of account. Exceptions noted in the credit

monitoring process should also be evaluated for impact on the obligors creditworthiness.

Credit review should also be conducted on a consolidated group basis to factor in the

business connections among entities in a borrowing group.


30/87


31/87

31

C HA P TER 6 :

M A N A GIN G M A R KET R IS K

Market riskis the risk that the value of on and off-balance sheet positions of a financial

institution which will be adversely affected by movements in market rates or prices such as

interest rates, foreign exchange rates, equity prices, credit spreads and/or commodity prices

resulting in a loss to earnings and capital.

Financial institutions may be exposed to Market Risk in variety of ways. Market risk

exposure may be explicit in portfolios of securities / equities and instruments that are actively

traded. Conversely it may be implicit such as interest rate risk due to mismatch of loans and

deposits. Besides, market risk may also arise from activities categorized as off-balance sheet

item. Therefore market risk is potential for loss resulting from adverse movement in market

risk factors such as interest rates, forex rates, equity and commodity prices.

INTEREST RATE RISK:

Interest rate risk arises when there is a mismatch between positions, which are subject to

interest rate adjustment within a specified period. The banks lending, funding and

investment activities give rise to interest rate risk. The immediate impact of variation in

interest rate is on banks net interest income, while a long term impact is on banks net worth

since the economic value of banks assets, liabilities and off-balance sheet exposures are

affected. Consequently there are two common perspectives for the assessment of interest rate

risk

a) Earning perspective: In earning perspective, the focus of analysis is the impact of

variation in interest rates on accrual or reported earnings. This is a traditional approach to

interest rate risk assessment and obtained by measuring the changes in the Net Interest

Income (NII) or Net Interest Margin (NIM) i.e. the difference between the total interest

income and the total interest expense.


32/87

32

b) Economic Value perspective: It reflects the impact of fluctuation in the interest rates on

economic value of a financial institution. Economic value of the bank can be viewed as the

present value of future cash flows. In this respect economic value is affected both by changes

in future cash flows and discount rate used for determining present value. Economic value

perspective considers the potential longer-term impact of interest rates on an institution.

Sources of interest rate risks:

Interest rate risk occurs due to (1) differences between the timing of rate changes and the

timing of cash flows (re-pricing risk); (2) changing rate relationships among different yield

curves effecting bank activities (basis risk); (3) changing rate relationships across the range

of maturities (yield curve risk); and (4) interest-related options embedded in bank products

(options risk).

FOREIGN EXCHANGE RISK:

It is the current or prospective risk to earnings and capital arising from adverse movements

in currency exchange rates. It refers to the impact of adverse movement in currency exchange

rates on the value of open foreign currency position. The banks are also exposed to interest

rate risk, which arises from the maturity mismatching of foreign currency positions. Even in

cases where spot and forward positions in individual currencies are balanced, the maturity

Pattern of forward transactions may produce mismatches. As a result, banks may suffer losses

due to changes in discounts of the currencies concerned. In the foreign exchange business,

banks also face the risk of default of the counter parties or settlement risk. While such type of

risk crystallization does not cause principal loss, banks may have to undertake fresh

transactions in the cash/spot market for replacing the failed transactions. Thus, banks may

incur replacement cost, which depends upon the currency rate movements. Banks also face

Another risk called time-zone risk, which arises out of time lags in settlement of one currency

in one center and the settlement of another currency in another time zone

EQUITY PRICE RISK:

It is risk to earnings or capital that results from adverse changes in the value of equity relatedportfolios of a financial institution. Price risk associated with equities could be systematic or


33/87

33

unsystematic. The former refers to sensitivity of portfolios value to changes in overall level

of equity prices, while the later is associated with price volatility that is determined by firm

specific characteristics.

ELEMENTS OF MARKET RISK MANAGEMENT

Board and senior Management Oversight.

Likewise other risks, the concern for management of Market risk must start from the top

management. Effective board and senior management oversight of the banks overall market

risk exposure is cornerstone of risk management process. For its part, the board of directors

has following responsibilities.

Delineate banks overall risk tolerance in relation to market risk.

Ensure that banks overall market risk exposure is maintained at prudent levels and

consistent with the available capital.

Ensure that top management as well as individuals responsible for market risk

management possess sound expertise and knowledge to accomplish the risk

management function.

Ensure that the bank implements sound fundamental principles that facilitate the

identification, measurement, monitoring and control of market risk.

Ensure that adequate resources (technical as well as human) are devoted to market

risk management.

The first element of risk strategy is to determine the level of market risk the institution is

prepared to assume. The risk appetite in relation to market risk should be assessed keeping in

view the capital of the institution as well as exposure to other risks. Once the market risk

appetite is determined, the institution should develop a strategy for market risk-taking in

order to maximize returns while keeping exposure to market risk at or below the pre-

determined level. While articulating market risk strategy the board needs to consider

economic and market conditions, and the resulting effects on market risk; expertise available

to profit in specific markets and their ability to identify, monitor and control the market risk

in those markets; the institutions portfolio mix and diversification.

Finally the market risk strategy should be periodically reviewed and effectively

communicated to the relevant staff. There should be a process to identify any shifts from the


34/87

34

approved market risk strategy and target markets, and to evaluate the resulting impact. The

Board of Directors should periodically review the financial results of the institution and,

based on these results, determine if changes need to be made to the strategy.

While the board gives a strategic direction and goals, it is the responsibility of top

management to transform those directions into procedural guidelines and policy document

and ensure proper implementation of those policies. Accordingly, senior management is

responsible to:

Develop and implement procedures that translate business policy and strategic

direction set by BOD into operating standards that are well understood by banks

personnel.

Ensure adherence to the lines of authority and responsibility that board has established

for measuring, managing, and reporting market risk.

Oversee the implementation and maintenance of Management Information System

that identify, measure, monitor, and control banks market risk.

Establish effective internal controls to monitor and control market risk.

The institutions should formulate market risk management polices which are approved by

board. The policy should clearly delineate the lines of authority and the responsibilities of the

Board of Directors, senior management and other personnel responsible for managing market

risk; set out the risk management structure and scope of activities; and identify risk

management issues, such as market risk control limits, delegation of approving authority for

market risk control limit setting and limit Excesses.

ORGANIZATIONAL STRUCTURE.

The organizational structure used to manage market risk vary depending upon the nature size

and scope of business activities of the institution, however, any structure does not absolve the

directors of their fiduciary responsibilities of ensuring safety and soundness of institution.

While the structure varies depending upon the size, scope and complexity of business, at a

minimum it should take into account following aspect.

a) The structure should conform to the overall strategy and risk policy set by the BOD.

b) Those who take risk (front office) must know the organizations risk profile, products that

they are allowed to trade, and the approved limits.


35/87

35

c) The risk management function should be independent, reporting directly to senior

management or BOD.

d) The structure should be reinforced by a strong MIS for controlling, monitoring and

reporting market risk, including transactions between an institution and its affiliates.

Besides the role of Board as discussed earlier a typical organization set up for Market Risk

Management should include: -

The Risk Management Committee

The Asset-Liability Management Committee (ALCO)

The Middle Office.

RISK MANAGEMENT COMMITTEE:

It is generally a board level subcommittee constituted to supervise overall risk management

functions of the bank. The structure of the committee may vary in banks depending upon the

size and volume of the business. Generally it could include heads of Credit, Market and

operational risk Management Committees. It will decide the policy and strategy for integrated

risk management containing various risk exposures of the bank including the market risk. The

responsibilities of Risk Management Committee with regard to market risk management

aspects include:

Devise policies and guidelines for identification, measurement, monitoring and

control for all major risk categories.

The committee also ensures that resources allocated for risk management are adequate

given the size nature and volume of the business and the managers and staff that take,

monitor and control risk possess sufficient knowledge and expertise.

The bank has clear, comprehensive and well-documented policies and procedural

guidelines relating to risk management and the relevant staff fully understands those

policies.

Reviewing and approving market risk limits, including triggers or stop losses for

traded and accrual portfolios.

Ensuring robustness of financial models, and the effectiveness of all systems used to

calculate market risk.

The bank has robust Management information system relating to risk reporting.


36/87

36

ASSET-LIABILITY COMMITTEE

Popularly known as ALCO, is senior management level committee responsible for

supervision / management of Market Risk (mainly interest rate and Liquidity risks). The

committee generally comprises of senior managers from treasury, Chief Financial Officer,

business heads generating and using the funds of the bank, credit, and individuals from the

departments having direct link with interest rate and liquidity risks. The CEO or some senior

person nominated by CEO should be head of the committee. The size as well as composition

of ALCO could depend on the size of each institution, business mix and organizational

complexity. To be effective ALCO should have members from each area of the bank that

significantly influences liquidity risk. In addition, the head of the Information system

Department (if any) may be an invitee for building up of MIS and related computerization.

Major responsibilities of the committee include:

To keep an eye on the structure /composition of banks assets and liabilities and

decide about product pricing for deposits and advances.

Decide on required maturity profile and mix of incremental assets and liabilities.

Articulate interest rate view of the bank and deciding on the future business strategy.

Review and articulate funding policy.

Decide the transfer pricing policy of the bank.

Evaluate market risk involved in launching of new products.

ALCO should ensure that risk management is not confined to collection of data. Rather, it

will ensure that detailed analysis of assets and liabilities is carried out so as to assess the

overall balance sheet structure and risk profile of the bank. The ALCO should cover the

entire balance sheet/business of the bank while carrying out the periodic analysis.

MIDDLE OFFICE.

The risk management functions relating to treasury operations are mainly performed by

middle office. The concept of middle office has recently been introduced so as to

independently monitor, measure and analyze risks inherent in treasury operations of banks.

Besides the unit also prepares reports for the information of senior management as well as

banks ALCO. Basically the middle office performs risk review function of day-to-day

activities. Being a highly specialized function, it should be staffed by people who have

relevant expertise and knowledge.

The methodology of analysis and reporting may vary from


37/87

37

bank to bank depending on their degree of sophistication and exposure to market risks. These

same criteria will govern the reporting requirements demanded of the Middle Office, which

may vary from simple gap analysis to computerized VaR modeling. Middle Office staff may

prepare forecasts (simulations) showing the effects of various possible changes in market

conditions related to risk exposures. Banks using VaR or modeling methodologies should

ensure that its ALCO is aware of and understand the nature of the output, how it is derived,

assumptions and variables used in generating the outcome and any shortcomings of the

methodology employed. Segregation of duties should be evident in the middle office, which

must report to ALCO independently of the treasury function. In respect of banks without a

formal Middle Office, it should be ensured that risk control and analysis should rest with a

department with clear reporting independence from Treasury or risk taking units, until normal

Middle Office framework is established.

RISK MEASUREMENT

Accurate and timely measurement of market risk is necessary for proper risk management

and control. Market risk factors that affect the value of traded portfolios and the income

stream or value of non-traded portfolio and other business activities should be identified and

quantified using data that can be directly observed in markets or implied from observation or

history. While there is a wide range of risk measurement techniques ranging from static

measurement techniques (Gap analysis) to highly sophisticated dynamic modeling (Monte

Carlo Simulation), the banks may employ any technique depending upon the nature size and

complexity of the business and most important the availability and integrity of data. Banks

may adopt multiple risk measurement methodologies to capture market risk in various

business activities; however management should have an integrated view of overall market

risk across products and business lines. The measurement system ideally should

a) Assess all material risk factors associated with a bank's assets, liabilities, and Off Balance

sheet positions.

b) Utilize generally accepted financial concepts and risk measurement techniques.

c) Have well documented assumptions and parameters. It is important that the assumptions

underlying the system are clearly understood by risk managers and top management.

REPRICING GAP MODELS.

At the most basic level banks may use repricing gap schedules to measure their interest rate

risk. A gap report is a static model wherein interest sensitive assets (ISA), Interest Sensitive


38/87

38

liabilities (ISL) and off-balance sheet items are stratified into various time bands according to

their maturity (if fixed rate) or time remaining to their next re-pricing (if floating rate). The

size of the gap for a given time band - that is, assets minus liabilities plus OBS exposures that

re-price or mature within that time band gives an indication of the bank's re-pricing risk

exposure. If ISA of a bank exceed ISL in a certain time band, the bank is said to have a

positive GAP for that particular period and vice versa. An interest sensitive gap ratio is also a

good indicator of banks interest rate risk exposure.

Relative IS GAP = IS GAP /Banks Total Asset

Also an ISA to ISL ratio of bank for particular time band could be a useful estimation of a

banks position.

Interest Sensitive Ratio = ISA/ISL

Measuring Risk to Net Interest Income (NII)

Gap schedules can provide an estimate of changes in banks net interest income given

changes in interest rates. The gap for particular time band could be multiplied by a

hypothetical change in interest rate to obtain an approximate change in net interest income.

The formula to translate gaps into the amount of net interest income at risk, measuring

exposure over several periods, is: (Periodic gap) x (change in rate) x (time over which the

periodic gap is in effect) = change in NII

While such GAP measurement apparently seem perfect, practically there are some problems

such as interest paid on liabilities of a bank which are generally short term tend to move

quickly compared with that being earned on assets many of which are relatively longer term.

This problem can be minimized by assigning weights to various ISA and ISL that take into

account the tendency of the bank interest rates to vary in speed and magnitude relative to

each other and with the up and down business cycle.

MEASURE OF RISK TO ECONOMIC VALUE

The stratification of Assets and liabilities into various time bands in a gap analyses can also

be extended to measure change in economic value of banks assets due to change in interest

rates. This can be accomplished by applying sensitivity weights to each time band. Typically,

such weights are based on estimates of the duration* of the assets and liabilities that fall into

each timeband, where duration is a measure of the percent change in the economic value

of a position that will occur given a small change in the level of interest rates. Duration-based

weights can be used in combination with a maturity/ re-pricing schedule to provide a rough


39/87

39

approximation of the change in a bank's economic value that could occur given a particular

set of changes in market interest rates. Earnings at Risk and Economic Value of Equity

Models.

Many bank, especially those using complex financial instruments or otherwise having

complex risk profiles, employ more sophisticated interest rate risk measurement systems than

those used on simple maturity/re-pricing schedules. These simulation techniques attempt to

overcome the limitation of static gap schedules and typically involve detailed assessments of

the potential effects of changes in interest rates on earnings or economic value by simulating

the future path of interest rates and their impact on cash flows. In static simulations, the cash

flows arising solely from the bank's current on- and off balance sheet positions are assessed.

In a dynamic simulation approach, the simulation builds in more detailed assumptions about

the future course of interest rates and expected changes in a bank's business activity over that

time. These more sophisticated techniques allow for dynamic interaction of payments streams

and interest rates, and better capture the effect of embedded or explicit options.

Banks may use present value scenario analysis to have a longer-term view of interest rate

risk. Economic Value of Equity models show how the interest rate risk profile of the bank

may impact its capital adequacy.

Regardless of the measurement system, the usefulness of each technique depends on the

validity of the underlying assumptions and the accuracy of the basic methodologies used to

model risk exposure. Further the integrity and timeliness of data relating to current positions

is key element of risk measurement system.

While measuring risk in traded portfolios banks should use a valuation approach. They

should develop risk measurement models that relate market risk factors to the value of the

traded portfolios or the estimated value of non-traded portfolios. The underlying liquidity of

markets for traded portfolios and the potential impact of changes in market liquidity should

be specifically addressed by market risk measures. There should be separate risk factors

corresponding to each of the equity markets in which the institution has positions. The

institutions measurement of equities risk should include both price movements in the overall

equity market (e.g. a market index) and specific sectors of the equity market (for instance,

industry sectors or cyclical and non-cyclical sectors), and individual equity issues.


40/87

40

In designing interest rate risk measurement systems, banks should ensure that the degree of

detail about the nature of their interest-sensitive positions commensurate with the complexity

and risk inherent in those positions. For instance, using gap analysis, the precision of interest

rate risk measurement depends in part on the number of time bands into which positions are

aggregated. Clearly, aggregation of positions/cash flows into broad time bands implies some

loss of precision. In practice, the bank must assess the significance of the potential loss of

precision in determining the extent of aggregation and simplification to be built into the

measurement approach

When measuring interest rate risk exposure, two further aspects call for more specific

comment: the treatment of those positions where behavioural maturity differs from

contractual maturity and the treatment of positions denominated in different currencies.

Positions such as savings and sight deposits may have contractual maturities or may be open-

ended, but in either case, depositors generally have the option to make withdrawals at any

time. In addition, banks often choose not to move rates paid on these deposits in line with

changes in market rates. These factors complicate the measurement of interest rate risk

exposure, since not only the value of the positions but also the timing of their cash flows can

change when interest rates vary. With respect to banks' assets, prepayment features of loans

also introduce uncertainty about the timing of cash flows on these positions.

VALUE AT RISK

Value at Risk (VAR) is generally accepted and widely used tool for measuring market risk

inherent in trading portfolios. It follows the concept that reasonable expectation of loss can be

deduced by evaluating market rates, prices observed volatility and correlation. VAR

summarizes the predicted maximum loss (or worst loss) over a target horizon within a given

confidence level. The well-known proprietary models that use VAR approaches are JP

Morgans Risk metrics, Bankers trust Risk Adjusted Return on Capital, and Chases Value at

risk. Generally there are three ways of computing VAR

Parametric method or Variance covariance approach

Historical Simulation

Monte Carlo method


41/87

41

Banks are encouraged to calculate their risk profile using VAR models. At the minimum

banks are expected to adopt relatively simple risk measurement methodologies such as

maturity mismatches, sensitivity analysis etc.

RISK MONITORING.

Risk monitoring processes are established to evaluate the performance of banks risk

strategies/policies and procedures in achieving overall goals. Whether the monitoring

function is performed by middle-office or it is a part of banks internal audit it is important

that the monitoring function should be independent of units taking risk and report directly to

the top management/board.

Banks should have an information system that is accurate, informative and timely to ensure

dissemination of information to management to support compliance with board policy.

Reporting of risk measures should be regular and should clearly compare current exposures

to policy limits. Further past forecast or risk estimates should be compared with actual results

to identify any shortcomings in risk measurement techniques. The board on regular basis

should review these reports. While the types of reports for board and senior management

could vary depending upon overall market risk profile of the bank, at a minimum following

reports should be prepared.

Summaries of banks aggregate market risk exposure

Reports demonstrating banks compliance with policies and limits

Summaries of finding of risk reviews of market risk policies, procedures and the

adequacy of risk measurement system including any findings of internal/external

auditors or consultants

RISK CONTROL.

Banks internal control structure ensures the effectiveness of process relating to market risk

management. Establishing and maintaining an effective system of controls including the

enforcement of official lines of authority and appropriate segregation of duties, is one of the

managements most important responsibilities. Persons responsible for risk monitoring and

control procedures should be independent of the functions they review. Key elements of

internal control process include internal audit and review and an effective risk limit structure.


42/87

42

Audit

Banks need to review and validate each step of market risk measurement process. This

review function can be performed by a number of units in the organization including internal

audit/control department or ALCO support staff. In small banks, external auditors or

consultants can perform the function. The audit or review should take into account.

a) The appropriateness of banks risk measurement system given the nature, scope and

complexity of banks activities

b) The accuracy or integrity of data being used in risk models.

c) The reasonableness of scenarios and assumptions

d) The validity of risk measurement calculations.

Risk limits

As stated earlier it is the board that has to determine banks overall risk appetite and exposure

limit in relation to its market risk strategy. Based on these tolerances the senior management

should establish appropriate risk limits. Risk limits for business units, should be compatible

with the institutions strategies, risk management systems and risk tolerance. The limits

should be approved and periodically reviewed by the Board of Directors and/or senior

management, with changes in market Conditions or resources prompting a reassessment of

limits. Institutions need to ensure consistency between the different types of limits.

a) Gap Limits: The gap limits expressed in terms of interest sensitive ratio for a given time

band aims at managing potential exposure to a banks earnings / capital due to changes in

interest rates. Setting such limits is useful way to limit the volume of a banks repricing

exposures and is an adequate and effective method of communicating the risk profile of the

bank to senior management. Such gap limits can be set on a net notional basis (net of asset /

liability amounts for both on and off balance sheet items) or a duration-weighted basis, in

each time band. (Duration is the weighted average term to maturity of a securitys cash flow.

For instance a Rs 100 5 year 8% (semi Annual) coupon bond having yield of 8% will have a

duration of 4.217 years as already explained in the footnotes).

b) Factor Sensitivity Limits: The factor sensitivity of interest rate position is calculated by

discounting the position using current market interest rate and then using the current market

interest rate increase or decrease by one basis point. The difference in the two values known

as factor sensitivity is the potential for loss given one basis point change in interest rate.


43/87

43

Banks may introduce such limits for each time band as well as total exposure across all time

bands. The factor sensitivity limit or PV01 limit measures the change in portfolio present

value given one basis point fluctuation in underlying interest rate.

Banks also need to set limits, including operational limits, for the different trading desks

and/or traders which may trade different products, instruments and in different markets, such

as different industries and regions. Limits need to be clearly understood, and any changes

clearly communicated to all relevant parties. Risk Taking Units must have procedures that

monitor activity to ensure that they remain within approved limits at all times.

Limit breaches or exceptions should be made known to appropriate senior management

without delay. There should be explicit policy as to how such breaches are to be reported to

top management and the actions to be taken.


44/87

44

C HA P TER 7 :

M A N A GIN G LIQU ID ITY R IS K

Liq

Documents

Dissertation Main - Risk Management in Banks