Upload
asad-mazhar
View
215
Download
0
Embed Size (px)
Citation preview
8/6/2019 Risk Management - For Print
1/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
INSTITUTE OF BUSINESS AND TECHNOLOGY
RISK MANAGEMENT FOR COMMERCIALBANKS & DFIs.
Prepared By
XXXXX
Course Code : MKT-606
MBA (Banking and Finance)
FACULTY OFMANAGEMENT AND SOCIAL SCIENCES
FALL - 2010
_________________________________________________________________________________________________
Institute of Business and Technology1
8/6/2019 Risk Management - For Print
2/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CONTENTSPage No.
ACKNOWLEDGEMENT..... 3ABSTRACT....4
CHAPTER NO: 1. INTRODUCTION
1.1 Introduction .. 61.2 Purpose of study ..71.3 Research objectives 81.4 Research methodology ...9
CHAPTER NO: 2. RISK MANAGEMENT
2.1 Defining Risk ................. 102.2 Risk Management ......... .112.3 Risk Management Framework ...122.4 Business Line Accountability ..142.5 Risk Evaluation / Measurement .14
CHAPTER NO: 3. CONTINGENCY PLANNING
3.1 Managing Credit Risk....163.2 Components of Credit Risk Management..173.3 Organization Structure .173.4 Systems and Procedures ....183.5 Credit origination ...193.6 Limit setting ....193.7 Credit Administration .. . 203.8 Measuring Credit Risk ...213.9 Credit Risk Monitoring & Control ..22
CHAPTER NO:4. MANAGING PROBLEM CREDITS
4.1 Managing Market Risk ..244.2 Interest Rate Risk ..264.3 Foreign Exchange Risk .264.4 Equity / commodity price Risk ..274.5 Element of Market Risk Management 274.6 Risk Management Committee ..274.7 Middle Office...28
_________________________________________________________________________________________________
Institute of Business and Technology2
8/6/2019 Risk Management - For Print
3/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER NO: 5. RISK MEASUREMENT
5.1 Repricing Gap Models ...31
5.2 Earning at Risk &Economic Value of Equity Models.335.3 Value at Risk ...345.4 Risk Monitoring . 345.5 Risk Controls .....34
CHAPTER NO :6 . RISK AUDIT
6.1 Risk limits ...376.2 Managing Liquidity Risk...386.3 Early Warning Indicators..396.4 Liquidity Risk Strategy and Policy .396.5 ALCO/ Investment Committee ...416.6 Contingency Funding Plan ..416.7 Cash Flow Projections... .426.8 Liquidity Ratios & Limits...436.9 Internal Controls ...44
CHAPTER NO: 7. RISK MONITORING AND CONTROL
7.1 Risk Management Plan467.2 Risk Register.46
7.3 Work Performance Information..477.4 Risk Reassessment ....477.5 Variance and Trend Analysis ....487.6 Technical Performance Measurement..497.7 Reserve Analysis..49
CHAPTER NO: 8. CONCLUSION AND RECOMMENDATIONS
8.1 Conclusion ...538.2 Recommendations .....54
BIBLOGRAPHY ..................................................................... 56
_________________________________________________________________________________________________
Institute of Business and Technology3
8/6/2019 Risk Management - For Print
4/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
ACKNOWLEDGEMENT
I would like to express my heartfelt gratitude towards all those people who have
supported me for the fair compilation of this research report. Firstly, I would like
to thank my teacher Dr. Noor Ahmed Memon, whose guidance and
encouragement motivated me to undergo this grueling exercise, secondly all
those people whose help and support made this work possible. I hope that this
report rightly serves its purpose of providing an in domain knowledge for risk
management analysis of Growing financial market of Pakistan. Where all efforts
have been made to ensure objectivity and accuracy in the information provided,
any errors whatsoever may kindly be excused.
ThanksImran Ahmed (BEM/969)
_________________________________________________________________________________________________
Institute of Business and Technology4
8/6/2019 Risk Management - For Print
5/58
8/6/2019 Risk Management - For Print
6/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER 1: INTRODUCTION
1.1 Introduction
1.2 Purpose of study
1.3 Research objectives
1.4 Research methodology
_________________________________________________________________________________________________
Institute of Business and Technology6
8/6/2019 Risk Management - For Print
7/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
1. INTRODUTION
1.1 Introduction
The past decade has seen dramatic losses in the banking industry. Firms that
had been performing well suddenly announced large losses due to credit
exposures that turned sour, interest rate positions taken, or derivative exposures
that may or may not have been assumed to hedge balance sheet risk. In
response to this, commercial banks have almost universally embarked upon an
upgrading of their risk management and control systems.
Coincidental to this activity, and in part because of our recognition of the
industry's vulnerability to financial risk, through the past year, on-site visits were
conducted to review and evaluate the risk management systems and the process
of risk evaluation that is implemented in the local market. In the banking sector,
system evaluation was conducted covering many commercial banks and DFI.
These results were then presented to a much wider array of banking firms for
reaction and verification.
The purpose of the present paper is to outline the findings of this investigation. It
reports the state of risk management techniques in the industry -- questions
asked, questions answered and questions left unaddressed by respondents.
This report can not recite a litany of the approaches used within the industry,
Nor can it offer an evaluation of each and every approach. Rather, it reports the
standard of practice and evaluates how and why it is conducted in the particular
way chosen. But, even the best practice employed within the industry is not
good enough in some areas. Accordingly, critiques also will be offered where
appropriate. The paper concludes with a list of questions that are currently
unanswered, or answered imprecisely in the current practice employed by this
group of relatively sophisticated banks. Here, we discuss the problems which the
industry finds most difficult to address, shortcomings of the current methodology
_________________________________________________________________________________________________
Institute of Business and Technology7
8/6/2019 Risk Management - For Print
8/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
used to analyze risk and the elements that are missing in the current procedures
of risk management and risk control
1.2Purpose of Study
All decisions have an element of risk. Financial professionals must be able to
anticipate and balance the risks vs. returns of any financial choice.
The Risk Management interest area offers an understanding of risk management
strategies to improve the performance of financial decisions.
1.3 Research Objectives
Development and application of an integral model to incorporate technical,
human and organizational factors in risk control and disaster response in order to
give a transparent picture of what factors influence which risk scenarios and to
quantify priorities where appropriate and possible. For this, extensive use has to
be made of systematically acquired expert judgment for risk management.
Following are the objectives of my study:
To conduct In-depth analysis of risk management of financial market in
Pakistan and strategy.
To analyze the result of portfolio returns on the basis of strong risk
management in financial market.
To apply the strategy of Portfolio management through managing risk
parameters.
1.4 Research Methodology
The nature of this study is Quantitative and Descriptive. I have done the analysis
of impact of fund attributes on the return of each individual Pakistani financial
market. The data is obtained through both primary and secondary sources. The
_________________________________________________________________________________________________
Institute of Business and Technology8
8/6/2019 Risk Management - For Print
9/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
data for fund attributes is collected using quarterly and annual reports. In this
study, the correlation is determined by using the Multi-variable regression model.
In order to run the regression on different variables, E-Views software has been
used. Put risk management strategy has been implemented in year 2008 against
the actual returns of the Pakistani financial market in order to see the impact of
manage risk in market volatility.
_________________________________________________________________________________________________
Institute of Business and Technology9
8/6/2019 Risk Management - For Print
10/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER 2: RISK MANAGEMENT
2.1 Defining Risk2.2 Risk Management2.3 Risk Management Framework
2.4 Integration of Risk2.5 Business Line Accountability2.6 Risk Evaluation / Measurement
_________________________________________________________________________________________________
Institute of Business and Technology10
8/6/2019 Risk Management - For Print
11/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
2. RISK MANAGEMENT
2.1 Defining Risk
For the purpose of these guidelines financial risk in banking organization is
Possibility that the outcome of an action or event could bring up adverse
Impacts such outcomes could either result in a direct loss of earnings / capital
or may result in imposition of constraints on banks ability to meet its business
objectives. Such constraints pose a risk as these could hinder a bank's ability to
Conduct its ongoing business or to take benefit of opportunities to enhance its
Business.
Regardless of the sophistication of the measures, banks often distinguishbetween expected and unexpected losses.
Expected losses are those that the bank knows with reasonable certainty will
occur (e.g., the expected default rate of corporate loan portfolio or credit card
portfolio) and are typically reserved for in some manner.
Unexpected losses are those associated with unforeseen events (e.g. losses
experienced by banks in the aftermath of nuclear tests, losses due to a sudden
down turn in economy or falling interest rates). Banks rely on their capital as a
buffer to absorb such losses.
Risks are usually defined by the adverse impact on profitability of several distinct
sources of uncertainty. While the types and degree of risks an organization may
be exposed to depend upon a number of factors such as its size, complexity
business activities, volume etc, it is believed that generally the banks face Credit,
Market, Liquidity, Operational, Compliance / legal / regulatory and reputation
risks. Before overarching these risk categories, given below are some basics
about risk Management and some guiding principles to manage risks in banking
organization.
_________________________________________________________________________________________________
Institute of Business and Technology11
8/6/2019 Risk Management - For Print
12/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
2.2 Risk Management
It is a discipline at the core of every financial institution and encompasses all the
activities that affect its risk profile. It involves identification, measurement,
monitoring and controlling risks to ensure that
a) The individuals who take or manage risks clearly understand it.
b) The organizations risk exposure is within the limits established by Board
of Directors.
c) Risk taking Decisions are in line with the business strategy and objectives
set by BOD.
d) The expected payoffs compensate for the risks taken
e) Risk taking decisions are explicit and clear.
f) Sufficient capital as a buffer is available to take risk
The acceptance and management of financial risk is inherent to the business of
banking and banks roles as financial intermediaries. Risk management as
commonly perceived does not mean minimizing risk; rather the goal of risk
management is to optimize risk-reward trade-off. Notwithstanding the fact that
banks are in the business of taking risk, it should be recognized that an institutionneed not engage in business in a manner that unnecessarily imposes risk upon
it: nor it should absorb risk that can be transferred to other participants. Rather it
should accept those risks that are uniquely part of the array of banks services.
In every financial institution, risk management activities broadly take place
simultaneously at following different hierarchy levels..
Strategic level:
It encompasses risk management functions performed by senior management
and BOD. For instance definition of risks, ascertaining institutions risk appetite,
formulating strategy and policies for managing risks and establish adequate
_________________________________________________________________________________________________
Institute of Business and Technology12
8/6/2019 Risk Management - For Print
13/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
systems and controls to ensure that overall risk remain within acceptable level
and the reward compensate for the risk taken.
Macro Level
It encompasses risk management within a business area or across business
lines. Generally the risk management activities performed by middle
management or units devoted to risk reviews fall into this category.
Micro Level
It involves On-the-line risk management where risks are actually created. This is
the risk management activities performed by individuals who take risk on
organizations behalf such as front office and loan origination functions. The risk
management in those areas is confined to following operational procedures and
guidelines set by management.
2.3 Risk Management framework.
A risk management framework encompasses the scope of risks to be managed,
the process/systems and procedures to manage risk and the roles and
responsibilities of individuals involved in risk management. The framework
should be comprehensive enough to capture all risks a bank is exposed to and
have flexibility to accommodate any change in business activities. An effective
risk management framework includes
a) Clearly defined risk management policies and procedures covering risk
identification, acceptance, measurement, monitoring, reporting and
control.
b) A well constituted organizational structure defining clearly roles and
responsibilities of individuals involved in risk taking as well as managing it.
c) Banks, in addition to risk management functions for various risk categories
may institute a setup that supervises overall risk management at the bank.
_________________________________________________________________________________________________
Institute of Business and Technology13
8/6/2019 Risk Management - For Print
14/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
d) Such a setup could be in the form of a separate department or banks Risk
Management Committee (RMC) could perform such function. The
structure should be such that ensures effective monitoring and control
over risks being taken. The individuals responsible for review function
(Risk review, internal audit, compliance etc) should be independent from
risk taking units and report directly to board or senior management who
are also not involved in risk taking.
e) There should be an effective management information system that
ensures flow of information from operational level to top management and
a system to address any exceptions observed. There should be an explicit
procedure regarding measures to be taken to address such deviations.
f) The framework should have a mechanism to ensure an ongoing review of
systems, policies and procedures for risk management and procedure to
adopt changes Integration of Risk Management
Risks must not be viewed and assessed in isolation, not only because a single
transaction might have a number of risks but also one type of risk can trigger
other risks. Since interaction of various risks could result in diminution or
increase in risk, the risk management process should recognize and reflect riskinteractions in all business activities as appropriate. While assessing and
managing risk the management should have an overall view of risks the A recent
concept in this regard is Enterprise Risk Management (ERM) Institution is
exposed to. This requires having a structure in place to look at risk
interrelationships across the organization.
_________________________________________________________________________________________________
Institute of Business and Technology14
8/6/2019 Risk Management - For Print
15/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
2.4 Business Line Accountability
In every banking organization there are people who are dedicated to risk
management activities, such as risk review, internal audit etc. It must not be
construed that risk management is something to be performed by a fewindividuals or a department. Business lines are equally responsible for the risks
they are taking. Because line personnel, more than anyone else, understand the
risks of the business, such a lack of accountability can lead to problems.
2.5 Risk Evaluation/Measurement
Until and unless risks are not assessed and measured it will not be possible to
control risks. Further a true assessment of risk gives management a clear view of
institutions standing and helps in deciding future action plan. To adequately
capture institutions risk exposure, risk measurement should represent aggregate
exposure of institution both risk type and business line and encompass short run
as well as long run impact on institution. To the maximum possible extent
institutions should establish systems / models that quantify their risk profile,
however, in some risk categories such as operational risk, quantification is quite
difficult and complex. Wherever it is not possible to quantify risks, qualitative
measures should be adopted to capture those risks.Whilst quantitative measurement systems support effective decision-making,
better measurement does not obviate the need for well-informed, qualitative
judgment. Consequently the importance of staff having relevant knowledge and
expertise cannot be undermined. Finally any risk measurement framework,
especially those which employ quantitative techniques/model, is only as good as
its underlying assumptions, the rigor and robustness of its analytical
methodologies, the controls surrounding data inputs and its appropriate
application Independent review.
_________________________________________________________________________________________________
Institute of Business and Technology15
8/6/2019 Risk Management - For Print
16/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER 3: CONTINGENCY PLANNING
3.1 Managing Credit Risk3.2 Components of Credit RiskManagement3.3 Organization Structure
3.4 Systems and Procedures3.5 Credit origination3.6 Limit setting3.7 Credit Administration3.8 Measuring Credit Risk3.9 Credit Risk Monitoring & Control
_________________________________________________________________________________________________
Institute of Business and Technology16
8/6/2019 Risk Management - For Print
17/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
3. Contingency planning
Contingency planning
Activity undertaken to ensure that proper and immediate follow up steps will be
taken by a management and employees in an emergency Its major objectives
are to ensure (1) containment of damage or injury to, or loss of, personnel and
property, and (2) continuity of the key operations of the organization.
3.1 Managing credit risk
Credit risk arises from the potential that an obligor is either unwilling to perform
on an obligation or its ability to perform such obligation is impaired resulting in
economic loss to the bank
In addition to direct accounting loss, credit risk should be viewed in the context of
economic exposures. This encompasses opportunity costs, transaction costs and
expenses associated with a non -performing asset over and above the
accounting loss.
Credit risk can be further sub-categorized on the basis of reasons of default.
For instance the default could be due to country in which there is exposure or
problems in settlement of a transaction.
Credit risk not necessarily occurs in isolation. The same source that endangers
credit risk for the institution may also expose it to other risk. For instance a bad
portfolio may attract liquidity problem.
Components of credit risk management
The very first purpose of banks credit strategy is to determine the risk appetite of
the bank. Once it is determined the bank could develop a plan to optimize return
while keeping credit risk within predetermined limits. The banks credit risk
_________________________________________________________________________________________________
Institute of Business and Technology17
8/6/2019 Risk Management - For Print
18/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
3.2 Components of Credit Risk Management
It is essential that banks give due consideration to their target market while
devising credit risk strategy. The credit procedures should aim to obtain an in-
depth understanding of the banks clients, their credentials & their businesses in
order to fully know their customers.
The strategy should provide continuity in approach and take into account cyclic
aspect of countrys economy and the resulting shifts in composition and quality of
overall credit portfolio. While the strategy would be reviewed periodically and
amended, as deemed necessary, it should be viable in long term and through
various economic cycles.
In order to be effective these policies must be clear and communicated down the
line. Further any significant deviation/exception to these policies must be
communicated to the top management/board and corrective measures should be
taken. It is the responsibility of senior management to ensure effective
implementation of these policies.
3.3 Organizational Structure.
To maintain banks overall credit risk exposure within the parameters set by the
board of directors, the importance of a sound risk management structure is
second to none. While the banks may choose different structures, it is important
that such structure should be commensurate with institutions size, complexity
and diversification of its activities. It must facilitate effective management
oversight and proper execution of credit risk management and control processes.
Each bank, depending upon its size, should constitute a Credit Risk
Management Committee (CRMC), ideally comprising of head of credit risk
management Department, credit department and treasury. This committee
reporting to banks risk management committee should be empowered to
oversee credit risk taking activities and overall credi t risk management function.
_________________________________________________________________________________________________
Institute of Business and Technology18
8/6/2019 Risk Management - For Print
19/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
The CRMC should be mainly responsible for
The implementation of the credit risk policy / strategy approved by the Board.
Monitor credit risk on a bank-wide basis and ensure compliance with limits
approved by the Board.
Recommend to the Board, for its approval, clear policies on standards for
presentation of credit proposals, financial covenants, rating standards and
benchmarks.
Decide delegation of credit approving powers, prudential limits on large credit
exposures, standards for loan collateral, portfolio management, loan review
mechanism, risk concentrations, risk monitoring and evaluation, pricing of
loans, provisioning, regulatory/legal compliance, etc.
3.4 Systems and Procedures
Further, to maintain credit discipline and to enunciate credit risk management
and control process there should be a separate function independent of loan
origination function. Credit policy formulation, credit limit setting, monitoring of
credit exceptions / exposures and review /monitoring of documentation are
functions that should be performed independently of the loan origination function.
For small banks where it might not be feasible to establish such structural
hierarchy, there should be adequate compensating measures to maintain credit
discipline introduce adequate checks and balances and standards to address
potential conflicts of interest. Ideally, the banks should institute a Credit Risk
Management Department (CRMD). Typical functions of CRMD include:
To follow a holistic approach in management of risks inherent in banks portfolio
and ensure the risks remain within the boundaries established by the Board or
Credit Risk Management Committee.
The department also ensures that business lines comply with risk parameters
and prudential limits established by the Board or CRMC.
Establish systems and procedures relating to risk identification, Management
Information System, monitoring of loan / investment portfolio quality and early
_________________________________________________________________________________________________
Institute of Business and Technology19
8/6/2019 Risk Management - For Print
20/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
warning. The department would work out remedial measure when
deficiencies/problems are identified.
Managing credit risk
The Department should undertake portfolio evaluations and conduct
comprehensive studies on the environment to test the resilience of the loan
portfolio.
Notwithstanding the need for a separate or independent oversight, the front office
or loan origination function should be cognizant of credit risk, and maintain high
level of credit discipline and standards in pursuit of business opportunities
3.4 Credit Origination
Banks must operate within a sound and well-defined criteria for new credits as
well as the expansion of existing credits. Credits should be extended within the
target markets and lending strategy of the institution. Before allowing a credit
facility, the bank must make an assessment of risk profile of the
customer/transaction. This may include
a) Credit assessment of the borrowers industry, and macro economic factors.
b) The purpose of credit and source of repayment.
c) The track record / repayment history of borrower.
d) Assess/evaluate the repayment capacity of the borrower.
e) The Proposed terms and conditions and covenants.
f) Adequacy and enforceability of collaterals.
g) Approval from appropriate authority
3.5 Limit setting
An important element of credit risk management is to establish exposure limits
for single obligors and group of connected obligors. Institutions are expected to
develop their own limit structure while remaining within the exposure limits set by
State Bank of Pakistan. The size of the limits should be based on the credit
_________________________________________________________________________________________________
Institute of Business and Technology20
8/6/2019 Risk Management - For Print
21/58
8/6/2019 Risk Management - For Print
22/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________Loan Repayment
The obligors should be communicated ahead of time as and when the
principal/markup installment becomes due. Any exceptions such as non-payment
or late payment should be tagged and communicated to the management.
Proper records and updates should also be made after receipt.
Maintenance of Credit Files
Institutions should devise procedural guidelines and standards for maintenance
of credit files. The credit files not only include all correspondence with the
borrower but should also contain sufficient information necessary to assess
financial health of the borrower and its repayment performance. It need not
mention that information should be filed in organized way so that external /internal auditors or SBP inspector could review it easily.
Collateral and Security Documents
Institutions should ensure that all security documents are kept in a fireproof safe
under dual control. Registers for documents should be maintained to keep track
of their movement.
3.8 Measuring Credit Risk
The measurement of credit risk is of vital importance in credit risk management.
A number of qualitative and quantitative techniques to measure risk inherent in
credit portfolio are evolving. To start with, banks should establish a credit risk-
rating framework across all type of credit activities. Among other things, the
rating framework may, incorporate:
The rating process in relation to credit approval and review ratings are generallyassigned /reaffirmed at the time of origination of a loan or its renewal
/enhancement. The analysis supporting the ratings is inseparable from that
required for credit appraisal. In addition the rating and loan analysis process
while being separate are intertwined. The process of assigning a rating and its
_________________________________________________________________________________________________
Institute of Business and Technology22
8/6/2019 Risk Management - For Print
23/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
approval / confirmation goes along with the initiation of a credit proposal and its
approval. Generally loan origination function (whether a relationship
The credit risk exposure involves both the probability of Default (PD) and loss in
the event of default or loss given default (LGD).
The former is specific to borrower while the later corresponds to the facility. The
product of PD and LGD is the expected loss.
Point in time means to grade a borrower according to its current condition while
through the cycle approach grades a borrower under stress conditions
3.9 Credit Risk Monitoring and control
As part of portfolio monitoring, institutions should generate reports on credit
exposure by risk grade. Adequate trend and migration analysis should also be
conducted to identify any deterioration in credit quality. Institutions may establish
limits for risk grades to highlight concentration in particular rating bands. It is
important that the consistency and accuracy of ratings is examined periodically
by a function such as an independent credit review group
_________________________________________________________________________________________________
Institute of Business and Technology23
8/6/2019 Risk Management - For Print
24/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER NO:4. MANAGING PROBLEM
CREDITS
4.1 Managing Market Risk4.2 Interest Rate Risk4.3 Foreign Exchange Risk4.4 Equity / commodity price Risk4.5 Element of Market Risk
Management4.6 Risk Management Committee4.7 Middle Office
_________________________________________________________________________________________________
Institute of Business and Technology24
8/6/2019 Risk Management - For Print
25/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
4. MANAGING PROBLEM CREDITS
Having identified 'green' and 'red' risks you now need to look at what your
response will be to each of the red risks. There are a number of fairly standard
definitions of response types that can be summed up as follows:
Even from those very basic examples we can see that, in all cases, the risk
response costs money. This stage of the process can be quite iterative because
until you know how you are going to respond to a risk you can't be sure what it
will cost you in terms of time or money. For example you may decide 'Losing a
programmer won't lose us as much time as we thought. We don't need to take
three months to recruit another because we can use a recruitment agency with apool of programmers on their books if we are prepared to pay their 20% finders
fee.'
Risk response actions don't only occur when a risk happens - some of the above
responses are preventative measures that are taken as soon as you identify the
risk. At this point you may revisit your Risk Log to assess the status of a risk
once the preventative or mitigating actions are complete. This is sometimes
known as Residual Risk.
4.1 Managing Market Risk
Risk is a personal experience, because it is subjective, it is individuals who suffer
the consequences of risk. Although we may speak of companies taking risk, in
actuality, companies are merely conduits for risk. Ultimately, all risks which flow
through an organization accrue to individualsstockholders, creditors,
employees, customers, board members, etc.
Business activities entail a variety of risks. For convenience, we distinguish
between different categories of risk: market risk, credit risk, liquidity risk, etc.
Although such categorization is convenient, it is only informal. Usage and
definitions vary. Boundaries between categories are blurred. A loss due to
_________________________________________________________________________________________________
Institute of Business and Technology25
8/6/2019 Risk Management - For Print
26/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
widening credit spreads may reasonably be called a market loss or a credit loss,
so market risk and credit risk overlap. Liquidity risk compounds other risks, such
as market risk and credit risk. It cannot be divorced from the risks it compounds.
An important but somewhat ambiguous distinguish is that between market risk
and business risk. Market risk is exposure to the uncertain market value of a
portfolio. A trader holds a portfolio of commodity forwards. he knows what its
market value is today, but he is uncertain as to its market value a week from
today. he faces market risk. Business risk is exposure to uncertainty in economic
value that cannot be marked-to-market. The distinction between market risk and
business risk parallels the distinction between mark-to-market accounting and
book-value accounting. Suppose a New England electricity wholesaler is long a
forward contract for on-peak electricity delivered over the next 3 months. There is
an active forward market for such electricity, so the contract can be marked to
market daily. Daily profits and losses on the contract reflect market risk. Suppose
the firm also owns a power plant with an expected useful life of 30 years. Power
plants change hands infrequently, and electricity forward curves don't exist out to
30 years. The plant cannot be marked to market on a regular basis. In the
absence of market values, market risk is not a meaningful notion. Uncertainty in
the economic value of the power plant represents business risk. The distinctionbetween market risk and business risk is ambiguous because there is a vast
"gray zone" between the two. There are many instruments for which markets
exist, but the markets are illiquid. Mark-to-market values are not usually
available, but mark-to-model values provide a more-or-less accurate reflection of
fair value. Do these instruments pose business risk or market risk? The decision
is important because firms employ fundamentally different techniques for
managing the two risks.
_________________________________________________________________________________________________
Institute of Business and Technology26
8/6/2019 Risk Management - For Print
27/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
4.2 Interest Rate Risk
Business risk is managed with a long-term focus. Techniques include the careful
development of business plans and appropriate management oversight. book-
value accounting is generally used, so the issue of day-to-day performance is not
material. The focus is on achieving a good return on investment over an
extended horizon. Market risk is managed with a short-term focus. Long-term
losses are avoided by avoiding losses from one day to the next. On a tactical
level, traders and portfolio managers employ a variety of risk metrics duration
and convexity, the Greeks, beta, etc.to assess their exposures. These allow
them to identify and reduce any exposures they might consider excessive. On a
more strategic level, organizations manage market risk by applying risk limits to
traders' or portfolio managers' activities. Increasingly, value-at-risk is being used
to define and monitor these limits. Some organizations also apply stress testing
to their portfolios. Liquidity risk is financial risk due to uncertain liquidity. An
institution might lose liquidity if its credit rating falls, it experiences sudden
unexpected cash outflows, or some other event causes counterparties to avoid
trading with or lending to the institution. A firm is also exposed to liquidity risk if
markets on which it depends are subject to loss of liquidity.
4.3 Foreign Exchange Risk
Liquidity risk tends to compound other risks. If a trading organization has a
position in an illiquid asset, its limited ability to liquidate that position at short
notice will compound its market risk. Suppose a firm has offsetting cash flows
with two different counterparties on a given day. If the counterparty that owes it a
payment defaults, the firm will have to raise cash from other sources to make its
payment. Should it be unable to do so, it too we default.
Here, liquidity risk is compounding credit risk.
_________________________________________________________________________________________________
Institute of Business and Technology27
8/6/2019 Risk Management - For Print
28/58
8/6/2019 Risk Management - For Print
29/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
4.7 Middle Office
Defined as the change in a bank's portfolio value due to interest rate fluctuations.
Taking on IRR is a key part of what banks do; but taking on excessive IRR could
threaten a bank's earnings and its capital base, raising concerns for bank
supervisors. In practice, IRR management systems have been developed to
measure and control such risk exposures, both in the trading book (i.e., assets
that are relatively liquid and regularly traded) and in the banking book (i.e.,
assets, such as loans, that are much less actively traded).
IRR can be roughly decomposed into four categories: reprising risk, yield curve
risk, basis risk, and optionally ( Basel Committee on Banking Supervision (BCBS)
2003.)
Reprising risk refers to fluctuations in interest rate levels that have differing
impacts on bank assets and liabilities; for example, a portfolio of long-term, fixed-
rate loans funded with short-term deposits (i.e., a case of duration mismatch)
could significantly decrease in value when rates increase, since the loan
payments are fixed (and funding costs have increased).
Yield curve risk refers to changes in portfolio values caused by unanticipated
shifts in the slope and shape of the yield curve; for example, short-term rates
might rise faster than long-term rates, clearly affecting the profitability of fundinglong-term loans with short-term deposits.
Basis risk refers to the imperfect correlation between index rates across different
interest rate markets for similar maturities; for example, a bank funding loans
whose payments are based on U.S. Treasury rates with deposits based on Libor
rates is exposed to the risk of unexpected changes in the spread between these
index rates.
The economic value approach takes a broader perspective on IRR management
by focusing on how interest rate changes affect total expected net cash flows
from all of a bank's operations. Thus, this approach examines expected cash
flows from assets minus expected payments on liabilities plus the expected net
cash flows from off-balance-sheet positions, such as fees charged for borrower
credit lines. This approach is more challenging to conduct since, at a minimum, it
_________________________________________________________________________________________________
Institute of Business and Technology29
8/6/2019 Risk Management - For Print
30/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
requires collecting and aggregating more data; at the same time, it provides
greater insight into a bank's aggregate IRR exposure.
In addition to such aggregate IRR management approaches, banks use more
focused IRR measurement techniques for derivatives and other instruments with
especially complex risk profiles, such as mortgage-backed securities. While the
aggregate approaches typically involve making judgmental adjustments to
interest rates and tracking their impact across the bank, the focused techniques
explicitly use mathematical models of interest rate dynamics for various index
rates and their yield curves. For example, many possible future interest rate
paths are generated and used to examine the potential effects of interest rate
changes on portfolio values, investment returns, and cash flows from different
assets. Since the models can examine the components of interest rate risk
separately, risk managers use them to gauge and control their portfolios'
exposures to a broader range of interest rate fluctuations. In theory, the more
sophisticated IRR management techniques could be applied to the bank as a
whole. Important developments in this direction have been made, but several
important challenges still remain, especially in aggregating IRR exposures across
business lines.
A key advantage of these mathematical IRR management techniques is that theyprovide a consistent framework for analyzing a wide variety of possible interest
rate scenarios.
_________________________________________________________________________________________________
Institute of Business and Technology30
8/6/2019 Risk Management - For Print
31/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER NO: 5. RISK MEASUREMENT
5.1 Repricing Gap Models5.2 EaR & Economic Value of Equity Models5.3 Value at Risk5.4 Risk Monitoring5.5 Risk Controls
_________________________________________________________________________________________________
Institute of Business and Technology31
8/6/2019 Risk Management - For Print
32/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER: 5. RISK MEASUREMENT
Accurate and timely measurement of market risk is necessary for proper risk
management and control. Market risk factors that affect the value of traded
portfolios and the income stream or value of non -traded portfolio and other
business activities should be identified and quantified using data that can be
directly observed in markets or implied from observation or history. While there is
a wide range of risk measurement techniques ranging from static measurement
techniques (Gap analysis) to highly sophisticated dynamic modeling (Monte
Carlo Simulation), the banks may employ any technique depending upon the
nature size and complexity of the business and most important the availability
and integrity of data. Banks may adopt multiple risk measurement methodologies
to capture market risk in various business activities; however management
should have an integrated view of overall market risk across products and
business lines. The measurement system ideally should
a) Assess all material risk factors associated with a bank's assets, liabilities, and
Off Balance sheet positions.
b) Utilize generally accepted financial concepts and risk measurement
techniques.c) Have well documented assumptions and parameters. It is important that the
assumptions underlying the system are clearly understood by risk managers and
top management.
5.1 Repricing Gap Models
At the most basic level banks may use repricing gap schedules to measure their
interest rate risk. A gap report is a static model wherein interest sensitive assets
(ISA), Interest Sensitive liabilities (ISL) and off-balance sheet items are stratified
into various time bands according to their maturity (if fixed rate) or time remaining
to their next re -pricing (if floating rate). The size of the gap for a given time band
- that is, assets minus liabilities plus OBS exposures that re-price or mature
within that time band gives an indication of the bank's re-pricing risk exposure. If
_________________________________________________________________________________________________
Institute of Business and Technology32
8/6/2019 Risk Management - For Print
33/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
ISA of a bank exceed ISL in a certain time band, the bank is said to have a
positive GAP for that particular period and vice versa. An interest sensitive gap
ratio is also a good indicator of banks interest rate risk exposure.
Relative IS GAP = IS GAP /Banks Total Asset
Also an ISA to ISL ratio of bank for particular time band could be a useful
estimation of a banks position.
Interest Sensitive Ratio = ISA/ISL
Measuring Risk to Net Interest Income (NII)
Gap schedules can provide an estimate of changes in banks net interest income
given changes in interest rates. The gap for particular time band could be
multiplied by a hypothetical change in interest rate to obtain an approximate
change in net interest income. The formula to translate gaps into the amount of
net interest income at risk, measuring exposure over several periods, is:
(Periodic gap) x (change in rate) x (time over which the periodic gap is in effect) =
change in NII
While such GAP measurement apparently seem perfect, practically there are
some problems such as interest paid on liabilities of a bank which are generallyshort term tend to move quickly compared with that being earned on assets
many of which are relatively longer term. This problem can be minimized by
assigning weights to various ISA and ISL that take into account the tendency of
the bank interest rates to vary in speed and magnitude relative to each other and
with the up and down business cycle.
Measure of risk to Economic Value
The stratification of Assets and liabilities into various time bands in a gap
analyses can also be extended to measure change in economic value of banks
assets due to change in interest rates. This can be accomplished by applying
sensitivity weights to each time band. Typically, such weights are based on
_________________________________________________________________________________________________
Institute of Business and Technology33
8/6/2019 Risk Management - For Print
34/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
estimates of the duration of the assets and liabilities that fall into each time-band,
where duration is a measure of the percent change in the economic value of a
position that will occur given a small change in the level of interest rates.
Duration-based weights can be used in combination with a maturity/ re-pricing
schedule to provide a rough approximation of the change in a bank's economic
value that could occur given a particular set of changes in market interest rates.
5.2 Earnings at Risk and Economic Value of Equity Models
Many bank, especially those using complex financial instruments or otherwise
having complex risk profiles, employ more sophisticated interest rate risk
measurement systems than those used on simple maturity/re-pricing schedules.
These simulation techniques attempt to overcome the limitation of Duration is the
weighted average term to maturity of a securitys cash flow. For instance a
Rs100 5 year 8% (semi Annual) coupon bond having yield of 8% will have a
duration of 4.217 years. This could be derived by following formula
Duration = t1 x PVCF 1 + t2 x PVCF2 ---------tn x PVCFn
K x PriceWhere PVCF = present value of cash flow n= Total number of payments
.
K = Number of payments per annum
Duration however works for small change in interest rate due to convexity of yield
curve. The estimation can be improved by introducing convexity measure of a
bond.
Static gap schedules and typically involve detailed assessments of the potential
effects of changes in interest rates on earnings or economic value by simulating
the future path of interest rates and their impact on cash flows. In static
simulations, the cash flows arising solely from the bank's current on- and off-
balance sheet positions are assessed. In a dynamic simulation approach, the
_________________________________________________________________________________________________
Institute of Business and Technology34
8/6/2019 Risk Management - For Print
35/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
simulation builds in more detailed assumptions about the future course of interest
rates and expected changes in a bank's business activity over that time.
These more sophisticated techniques allow for dynamic interaction of payments
streams and interest rates, and better capture the effect of embedded or explicit
options.
5.3 Value at Risk
Value at Risk (VAR) is generally accepted and widely used tool for measuring
market risk inherent in trading portfolios. It follows the concept that reasonable
expectation of loss can be deduced by evaluating market rates, prices observed
volatility and correlation. VAR summarizes the predicted maximum loss (or worst
loss) over a target horizon within a given confidence level. The well-known
proprietary models that use VAR approaches are JP Morgans Risk metrics,
Bankers trust Risk Adjusted Return on Capital, and Chases Value at risk.
Generally there are three ways of computing VAR
Parametric method or Variance covariance approach
Historical Simulation
5.4 Risk MonitoringRisk monitoring processes are established to evaluate the performance of banks
risk strategies/policies and procedures in achieving overall goals. Whether the
monitoring function is performed by middle-office or it is a part of banks internal
audit it is important that the monitoring function should be independent of units
taking risk and report directly to the top management/board.
5.5 Risk Control.
Banks internal control structure ensures the effectiveness of process relating to
market risk management. Establishing and maintaining an effective system of
controls including the enforcement of official lines of authority and appropriate
segregation of duties, is one of the managements most important
responsibilities. Persons responsible for risk monitoring and control procedures
_________________________________________________________________________________________________
Institute of Business and Technology35
8/6/2019 Risk Management - For Print
36/58
8/6/2019 Risk Management - For Print
37/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER NO:6. RISK AUDIT6.1 Risk limits6.2 Managing Liquidity Risk6.3 Early Warning Indicators6.4 Liquidity Risk Strategy and Policy6.5 ALCO/ Investment Committee
6.6 Contingency Funding Plan6.7 Cash Flow Projections6.8 Liquidity Ratios & Limits6.9 Internal Controls
_________________________________________________________________________________________________
Institute of Business and Technology37
8/6/2019 Risk Management - For Print
38/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER: 6. RISK AUDIT
Banks need to review and validate each step of market risk measurement
process. This review function can be performed by a number of units in the
organization including internal audit/control department or ALCO support staff.
In small banks, external auditors or consultants can perform the function. The
audit or review should take into account.
a) The appropriateness of banks risk measurement system given the nature,
scope and complexity of banks activities
b) The accuracy or integrity of data being used in risk models.
c) The reasonableness of scenarios and assumptions
d) The validity of risk measurement calculations.
6.1 Risk limits
As stated earlier it is the board that has to determine banks overall risk appetite
and exposure limit in relation to its market risk strategy.
Based on these tolerances the senior management should establish appropriate
risk limits. Risk limits for business units, should be compatible with the
institutions strategies, risk management systems and risk tolerance. The limitsshould be approved and periodically reviewed by the Board of Directors and/or
senior management, with changes in market Conditions or resources prompting
a reassessment of limits.
Institutions need to ensure consistency between the different types of limits.
a) Gap Limits
The gap limits expressed in terms of interest sensitive ratio for a given time band
aims at managing potential exposure to a banks earnings / capital due to
changes in interest rates. Setting such limits is useful way to limit the volume of
a banks repricing exposures and is an adequate and effective method of
communicating the risk profile of the bank to senior management.
Such gap limits can be set on a net notional basis (net of asset / liability amounts
for both on and off balance sheet items) or a duration-weighted basis, in each
_________________________________________________________________________________________________
Institute of Business and Technology38
8/6/2019 Risk Management - For Print
39/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
time band. (Duration is the weighted average term to maturity of a securitys cash
flow.
6.2 Managing Liquidity Risk
Liquidity risk is the potential for loss to an institution arising from either its inability
to meet its obligations or to fund increases in assets as they fall due without
incurring unacceptable cost or losses.
Liquidity risk is considered a major risk for banks. It arises when the cushion
provided by the liquid assets are not sufficient enough to meet its obligation. In
such a situation banks often meet their liquidity requirements from market.
However conditions of funding through market depend upon liquidity in the
market and borrowing institutions liquidity. Accordingly an institution short of
liquidity may have to undertake transaction at heavy cost resulting in a loss of
earning or in worst case scenario the liquidity risk could result in bankruptcy of
the institution if it is unable to undertake transaction even at current market
prices.
Banks with large off-balance sheet exposures or the banks, which rely heavily onlarge corporate deposit, have relatively high level of liquidity risk. Further the
banks experiencing a rapid growth in assets should have major concern for
liquidity.
Liquidity risk may not be seen in isolation, because financial risk are not mutually
exclusive and liquidity risk often triggered by consequence of these other
financial risks such as credit risk, market risk etc. For instance, a bank increasing
its credit risk through asset concentration etc may be increasing its liquidity risk
as well. Similarly a large loan default or changes in interest rate can adversely
impact a banks liquidity position. Further if management misjudges the impact
on liquidity of entering into a new business or product line, the banks strategic
risk would increase.
_________________________________________________________________________________________________
Institute of Business and Technology39
8/6/2019 Risk Management - For Print
40/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
6.3 Early Warning indicators of liquidity risk.
An incipient liquidity problem may initially reveal in the bank's financial monitoring
system as a downward trend with potential long-term consequences for earnings
or capital. Given below are some early warning indicators that not necessarily
always lead to liquidity problem for a bank; however these have potential to ignite
such a problem. Consequently management needs to watch carefully such
indicators and exercise further scrutiny/analysis wherever it deems appropriate.
Examples of such internal indicators are:
a) A negative trend or significantly increased risk in any area or product line.
b) Concentrations in either assets or liabilities.
c) Deterioration in quality of credit portfolio.
d) A decline in earnings performance or projections.
e) Rapid asset growth funded by volatile large deposit.
f) A large size of off-balance sheet exposure.
g) Deteriorating third party evaluation about the bank
6.4 Liquidity Risk Strategy
The liquidity risk strategy defined by board should enunciate specific policies onParticular aspects of liquidity risk management, such as:
a. Composition of Assets and Liabilities
. The strategy should outline the mix of assets and liabilities to maintain liquidity.
Liquidity risk management and asset/liability management should be integrated
to avoid steep costs associated with having to rapidly reconfigure the asset
liability profile from maximum profitability to increased liquidity.
b. Diversification and Stability of Liabilities
. A funding concentration exists when a single decision or a single factor has the
potential to result in a significant and sudden withdrawal of funds. Since such a
situation could lead to an increased risk, the Board of Directors and senior
management should specify guidance relating to funding sources and ensure
that the bank have a diversified sources of funding day-to-day liquidity
_________________________________________________________________________________________________
Institute of Business and Technology40
8/6/2019 Risk Management - For Print
41/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
requirements. An institution would be more resilient to tight market liquidity
conditions if its liabilities were derived from more stable sources.
To comprehensively analyze the stability of liabilities/funding sources the bank
need to identify:
Liabilities that would stay with the institution under any circumstances;
Liabilities that run-off gradually if problems arise; and That run-off immediately at
the first sign of problems.
c. Access to Inter-bank Market
. The inter-bank market can be important source of liquidity. However, the
strategies should take into account the fact that in crisis situations access to inter
bank market could be difficult as well as costly.
Contingency plan for handling liquidity crises
To be effective the liquidity policy must be communicated down the line
throughout in the organization. It is important that the Board and senior
management/ALCO review these policies at least annually and when there are
any material changes in the institutions current and prospective liquidity risk
profile. Such changes could stem from internal circumstances (e.g. changes in
business focus) or external circumstances (e.g. changes in economic conditions).
Reviews provide the opportunity to fine tune the institutions liquidity policies in
light of the institutions liquidity management experience and development of its
business. Any significant or frequent exception to the policy is an important
barometer to gauge its effectiveness and any potential impact on banks liquidity
risk profile.
Institutions should establish appropriate procedures and processes to implement
their liquidity policies. The procedural manual should explicitly narrate the
necessary operational steps and processes to execute the relevant
_________________________________________________________________________________________________
Institute of Business and Technology41
8/6/2019 Risk Management - For Print
42/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
Liquidity risk controls. The manual should be periodically reviewed and updated
to take into account new activities, changes in risk management approaches and
systems.
6.5 ALCO/Investment Committee
The responsibility for managing the overall liquidity of the bank should be
delegated to a specific, identified group within the bank. This might be in the form
of an Asset Liability Committee (ALCO) comprised of senior management, the
treasury function or the risk management department. However, usually the
liquidity risk management is performed by an ALCO. Ideally, the ALCO should
comprise of senior management from each key area of the institution that
assumes and/or manages liquidity risk. It is important that these members have
clear authority over the units responsible for executing liquidity-related
transactions so that ALCO directives reach these line units unimpeded. The
ALCO should meet monthly, if not on a more frequent basis. Generally
responsibilities of ALCO include developing and maintaining appropriate risk
management policies and procedures, MIS reporting, limits, and oversight
programs. ALCO usually delegates day-to-day operating responsibilities to the
bank's treasury department. However, ALCO should establish specificprocedures and limits governing treasury operations before making such
delegation.
6.6 Contingency Funding Plans
In order to develop a comprehensive liquidity risk management framework,
institutions should have way out plans for stress scenarios. Such a plan
commonly known as Contingency Funding Plan (CFP) is a set of policies and
procedures that serves as a blue print for a bank to meet its funding needs in a
timely manner and at a reasonable cost. A CFP is a projection of future cash
flows and funding sources of a bank under market scenarios including
aggressive asset growth or rapid liability erosion. To be effective it is important
that a CFP should represent managements best estimate of balance sheet
_________________________________________________________________________________________________
Institute of Business and Technology42
8/6/2019 Risk Management - For Print
43/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
changes that may result from a liquidity or credit event. A CFP can provide a
useful framework for managing liquidity risk both short term and in the long term.
Further it helps ensure that a financial institution can prudently and efficiently
manage routine and extraordinary fluctuations in liquidity. The scope of the CFP
is discussed in more detail below.
Use of CFP for Routine Liquidity Management
For day-to-day liquidity risk management integration of liquidity scenario will
ensure that the bank is best prepared to respond to an unexpected problem. In
this sense, a CFP is an extension of ongoing liquidity management and
formalizes the objectives of liquidity management by ensuring:
a) A reasonable amount of liquid assets are maintained.
b) Measurement and projection of funding requirements during various
scenarios.
c) Management of access to funding sources.
Use of CFP for Emergency and Distress Environments
Not necessarily a liquidity crisis shows up gradually. In case of a sudden liquidity
stress it is important for a bank to seem organized, candid, and efficient to meet
its obligations to the stakeholders. Since such a situation requires a spontaneous
action, banks that already have plans to deal with such situation could address
the liquidity problem more efficiently and effectively. A CFP can help ensure that
bank management and key staffs are ready to respond to such situations. Bank
liquidity is very sensitive to negative trends in credit, capital, or reputation.
Deterioration in the company's financial condition (reflected in items such as
asset quality indicators, earnings, or capital), management composition, or other
relevant issues may result in reduced access to funding.
6.7 Cash Flow Projections
At the basic level banks may utilize flow measures to determine their cash
position. A cash flow projection estimates a banks inflows and outflows and thus
net deficit or surplus (GAP) over a time horizon. The contingency funding plan
_________________________________________________________________________________________________
Institute of Business and Technology43
8/6/2019 Risk Management - For Print
44/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
discussed previously is one example of a cash flow projection. Not to be
confused with the re-pricing gap report that measures interest rate risk, a
behavioral gap report takes into account banks funding requirement arising out
of distinct sources on different time frames. A maturity ladder is a useful device to
compare cash inflows and outflows both on a day-to-day basis and over a series
of specified time periods. The number of time frames in such maturity ladder is of
significant importance and up to some extent depends upon nature of banks
liability or sources of funds. Banks, which rely on short term funding, will
concentrate primarily on managing liquidity on very short term Whereas, other
banks might actively manage their net funding requirement over a slightly longer
period. In the short term, banks flow of funds could be estimated more
accurately and also such estimates are of more importance as these provide an
indication of actions to be taken immediately. Further, such an analysis for
distant periods will maximize the opportunity for the bank to manage the GAP
well in advance before it crystallizes. Consequently banks should use short time
frames to measure near term exposures and longer time frames thereafter. It is
suggested that banks calculate daily GAP for next one or two weeks, monthly
Gap for next six month or a year and quarterly thereafter. While making an
estimate of cash flows, following aspect needs attention
6.8 Liquidity Ratios and Limits
Banks may use a variety of ratios to quantify liquidity. These ratios can also be
used to create limits for liquidity management. However, such ratios would be
meaningless unless used regularly and interpreted taking into account qualitative
factors. Ratios should always be used in conjunction with more qualitative
information about borrowing capacity, such as the likelihood of increased
requests for early withdrawals, decreases in credit lines, decreases in transaction
size, or shortening of term funds available to the bank. To the extent that any
asset-liability management decisions are based on financial ratios, a bank's
asset-liability managers should understand how a ratio is constructed, the range
_________________________________________________________________________________________________
Institute of Business and Technology44
8/6/2019 Risk Management - For Print
45/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
of alternative information that can be placed in the numerator or denominator,
and the scope of conclusions that can be drawn from ratios.
Because ratio components as calculated by banks are sometimes inconsistent,
ratio-based comparisons of institutions or even comparisons of periods at a
single institution can be misleading.
6.9 Internal Controls
In order to have effective implementation of policies and procedures, banks
should institute review process that should ensure the compliance of various
procedures and limits prescribed by senior management. Persons independent
of the funding areas should perform such reviews regularly. T he bigger and
more complex the bank, the more thorough should be the review. Reviewers
should verify the level of liquidity risk and managements compliance with limits
and operating procedures. Any exception to that should be reported immediately
to senior management / board and necessary actions should be taken.
_________________________________________________________________________________________________
Institute of Business and Technology45
8/6/2019 Risk Management - For Print
46/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER:7. RISK MONITORING ANDCONTROL
7.1 Risk Management Plan7.2 Risk Register7.3 Work Performance Information7.4 Risk Reassessment7.5 Variance and Trend Analysis7.6 Technical Performance Measurement7.7 Reserve Analysis
_________________________________________________________________________________________________
Institute of Business and Technology46
8/6/2019 Risk Management - For Print
47/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
7. RISK MONITORING AND CONTROL
Risk monitoring and control is the process of identifying, analyzing, and planning
for newly discovered risks and managing identified risks. Throughout the
process, the risk owners track identified risks, reveal new risks, implement risk
response plans, and gage the risk response plans effectiveness. The key point is
throughout this phase constant monitoring and due diligence is key to the
success.
The inputs to Risk Monitoring and Control are:
7.1 Risk Management Plan
The Risk Management Plan is details how to approach and manage project risk.
The plan describes the how and when for monitoring risks. Additionally the Risk
Management Plan provides guidance around budgeting and timing for risk-
related activities, thresholds, reporting formats, and tracking.
7.2 Risk Register
The Risk Register contains the comprehensive risk listing for the project. Within
this listing the key inputs into risk monitoring and control are the bought into,
agreed to, realistic, and formal risk responses, the symptoms and warning signs
of risk, residual and secondary risks, time and cost contingency reserves, and a
watch list of low-priority risks.
Approved Change RequestsApproved change requests are the necessary adjustments to work methods,
contracts, project scope, and project schedule. Changes can impact existing risk
and give rise to new risk. Approved change requests are need to be reviews from
the perspective of whether they will affect risk ratings and responses of existing
risks, and or if new risks are a result.
_________________________________________________________________________________________________
Institute of Business and Technology47
8/6/2019 Risk Management - For Print
48/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
7.3 Work Performance Information
Work performance information is the status of the scheduled activities being
performed to accomplish the project work. When comparing the scheduled
activities to the baseline, it is easy to determine whether contingency plans need
to be put into place to bring the project back in line with the baseline budget and
schedule. By reviewing work performance information, one can identify if trigger
events have occurred, if new risk are appearing on the radar, or if identified risks
are dropping from the radar.
Performance Reports
Performance reports paint a picture of the project's performance with respect to
cost, scope, schedule, resources, quality, and risk. Comparing actual
performance against baseline plans may unveil risks which may cause problems
in the future. Performance reports use bar charts, S-curves, tables, and
histograms, to organize and summarize information such as earned value
analysis and project work progress.
All of these inputs help the banks and DFI manager to monitoring risks and
assure a successful risk management.
Once the Bank or DFI has gathered together all of the inputs, it is time to engage
in risk monitoring and controlling. The best practices for risk management are:
7.4 Risk Reassessment
It is normally addressed at the status meetings. Throughout the project, the risk
picture fluctuates: New risks arise, identified risks change, and some risks may
simply disappear. To assure team members remain aware of changes in the risk
picture, risks are reassessed on a regularly scheduled basis. Reassessing risks
enables risk owners and the project manager to evaluate whether risk probability,
impact, or urgency ratings are changing; new risks are coming into play; old risks
_________________________________________________________________________________________________
Institute of Business and Technology48
8/6/2019 Risk Management - For Print
49/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
have disappeared; and if risk responses remain adequate. If a risk's probability,
impact, or urgency ratings change, or if new risks are identified, the institution
may initiate iterations of risk identification or analysis to determine the risk's
effects on the process or deals.
Status MeetingsStatus meetings provide a forum for team members to share their experiences
and inform other team members of their progress and plans. A discussion of risk
should be an agenda item at every status meeting. Open collaborative
discussions allows risk owners to bring to light risks which are triggering events,
whether and how well the planned responses are working, and where help might
be needed. Most people find it difficult to talk about risk. However,
communication will become easier with practice. To assure this is the case, the
Institution must encourage open discussion with no room for negative
repercussions for discussing negative events.
Risk Audits
Risk audits examine and document the effectiveness of planned risk responses
and their impacts on the schedule and budget. Risk audits may be scheduled
activities, documented in the Project Management Plan, or they can be triggered
when thresholds are exceeded. Risk audits are often performed by risk auditors,
who have specialized expertise in risk assessment and auditing techniques. To
ensure objectivity, risk auditors are usually not members of the project team.
Some companies even bring in outside firms to perform audits.
7.5 Variance and Trend Analysis
Variance analysis examines the difference between the planned and the actual
budget or schedule in order to identify unacceptable risks to the schedule,
budget, quality, or scope of the project. Earned value analysis is a type of
variance analysis. Trend analysis involves observing project performance over
_________________________________________________________________________________________________
Institute of Business and Technology49
8/6/2019 Risk Management - For Print
50/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
time to determine if performance is getting better or worse using a mathematical
model to forecast future performance based on past results.
7.6 Technical Performance Measurement(TPM)
Technical performance measurement identifies deficiencies in meeting system
requirements, provide early warning of technical problems, and monitor technical
risks. The success of TPM depends upon identifying the correct key performance
parameters (KPPs) at the outset of the project. KPPs are factors that measure
something of importance to the project and are time/cost critical. Each KPP is
linked to the work breakdown structure (WBS), and a time/cost baseline may be
established for it. The project manager monitors the performance of KPPs over
time and identifies variances from the plan. Variances point to risks in the
project's schedule, budget, or scope.
7.7 Reserve Analysis - Reserve analysis makes a comparison of the
contingency reserves to the remaining amount of risk to ascertain if there is
enough reserve in the pool. Contingency reserves are buffers of time, funds, or
resources set aside to handle risks that arise as a project moves forward. These
risks can be anticipated, such as the risks on the Risk Register. They can beunanticipated, such as events that "come out of left field." Contingency reserves
are depleted over time, as risks trigger and reserves are spent to handle them.
With constraints as above monitoring the level of reserves to assure the level
remains adequate to cover remaining project risk, is a necessary task.
Outputs of the Risk Monitoring and Control process are produced continually, fed
into a variety of other processes. In addition, outputs of the process are used to
update project and organizational documents for the benefit of future project
managers. The outputs of Risk Monitoring and Control are:
Updates to the Risk Register An updated Risk Register has the outcomes from risk
assessments, audits, and risk reviews. In addition it is updated with the resulting_________________________________________________________________________________________________
Institute of Business and Technology50
8/6/2019 Risk Management - For Print
51/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
outcome of the project risk and risk response. Was it a good response, did the
response have the desired affect? The updated Risk Register is a key part of the
historical record of risk management for the project and will be added to the
historical archives.
Updates to Organizational Process Assets
Organizational process assets should be documented in light of the risk
management processes to be used in future projects. Documents as the
probability and impact matrix, risk databases, and lessons-learned information,
as well as all of the project files are archived for the benefit of future project
managers.
Updates to the Project Management Plan
Updates to the Project Management Plan occur if any approved changes have
an impact on the risk management process. In addition, these authorized
changes incur risks which are documented in the Risk Register.
Recommend Corrective Actions
Recommended corrective actions consist of two types: contingency plans and
workaround plans. A contingency plan is a provision in the Project Management
Plan that specifies how a risk will be handled if that risk occurs. The plan may be
linked with money or time reserves that can be used to implement the plan. A
workaround plan is a response to a negative risk that was passively accepted or
not previously identified.
Recommend Preventative Actions
Recommended preventative actions assure the project follows the guidelines of
the project management plan.
_________________________________________________________________________________________________
Institute of Business and Technology51
8/6/2019 Risk Management - For Print
52/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________Requested Changes
Requested Changes are any identified changes to the project management plan.
Change requests are completed and submitted to the Integrated Change Control
process. All requested changes must are documented, and that approvals at the
right management levels are sought and obtained.
_________________________________________________________________________________________________
Institute of Business and Technology52
8/6/2019 Risk Management - For Print
53/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
CHAPTER NO: 8. CONCLUSION ANDRECOMMENDATIONS
8.1 Conclusion8.2 Recommendations
_________________________________________________________________________________________________
Institute of Business and Technology53
8/6/2019 Risk Management - For Print
54/58
Risk Management for Commercial Banks & DFIs.
________________________________________________________________________
8. CONCLUSION AND RECOMMENDATIONS
8.1 CONCLUSIONS
Risk management is the most important sector of the banking industry with thekey success by attending directly the needs of the end Commercial banks and
DFI is having glorious future in coming years.
Risk management in financial sector as a whole is