7 Core risk in banking

7 Core risk in banking

Managing Core Risk in Banking: Investment Risk Management Guidelines.           

     

INTRODUCTION : Banking Industry is vulnerable to risks of diverse dimension due to: 

-          Banks direct exposure to many sectors of the economy

-          Cross border implication inherent in its activities.

     There are numerous risks in banking activities. The key risks areas in banking industry   

     are broadly categorized:

1.      Credit Risk/ Investment Risk

2.      Market Risk

                              - Liquidity Risk

                               - Price Risk

      3. Operational Risk

1.      Credit Risk/ Investment Risk arises when transactions are made with other parties/Banks. The financial position of the counterparts is the considering point whether they are capable to settle the Exchange transaction on agreed date i.e value date

2.      Market Risk : Bank earns generally in two ways:

(1)    Net Revenue from Funds (NRFF)

-    Difference between interest/profit earned on assets and interest paid on      

     Liabilities.

                  (2) Non Funds Revenue (NFR)

                            -    Earning from trading income and fees.

Market risk includes liquidity and price risk.

(i)                 Liquidity risks arise from an organization’s inability to meet its obligations. When due i.e. invalidity to make payment of any financial obligation to customers or counterparties in any currency.

(ii)               Price risk arises from changes in the value of trading positions in the interest rate, foreign exchange, equity and commodities markets. This arises due to changes in the various market rates and/or market factors.

3.      Operational Risk is the risk of financial and reputational losses due to failure or    inadequacy of internal controls and procedure or information systems.

Present Banking Industries expects that Bank’s equity holders will receive value along with profit of their shares; depositor’s money will remain safe and organization as a whole with confirm strength and transparency in all respect. To archive these objectives Core Risks Management guidelines are the prime issue in the present day banking activities. Identification, measurement and mitigation of risks and acquiring strength to cover these risks are the mandatory issues to be maintained in the banking organization.  

As per Bangladesh Bank guidelines there are seven core risks in banking   sector. These are: 

(i)                 Credit Risk/ Investment Risk

(ii)               Asset-Liability /Balance Sheet Risk

(iii)             Foreign Exchange Risks

(iv)             Internal Control and Compliance Risks

(v)               Money Laundering Risk

(vi)             IT Security Risks  &

(vii)           Environmental Risks

  CORE RISKS MANAGEMENT GUIDLINES :

1.      Credit Risk/ Investment Risk Management –

Credit / Investment Risks are associated with Credit activities of the bank. Credit risk arises from the potential that a banks borrower will fail to meet its obligations in accordance with agreed terms. Credit risk also refers the risk of negative effects on the financial result and capital of the bank caused by borrower’s default on its obligations to the bank.

The assessment of credit risk involves evaluating both the probability of default by the borrower and exposure or financial impact on the bank in the even the default. To manage the credit/investment risks the following guidelines are recommended:

1.      Policy Guidelines

i.                    Investment should include industry and business segment focus investment limits, caps, discourage business types, investment facility parameters, cross boarder risks etc.

ii.           Investment assessment should consider related borrower, industry, supplier, financial ability, past performance, accoual conduct, regulatory as well as organizational guidelines, risk mitigating capacity etc

iii.Risk Grading conducted to measure the intensity of risk rating in eight categories- Superior, Good, Acceptable, Marginal, SMA, Substandard and Doubtful & Bad&Loss.

iv.Segregation of duties should be separated among approval authority, relationship manager and investment administration.

v.         Internal Audit of different tiers should perform their duties as per guidelines.

2. Organizational Structure & Responsibilities-

  Organizational Structure & Responsibilities should be so designed that avoids conflicting interest. Investment approval and investment disbursement authority should be separate. Accordingly Investment Risk Management and Investment Administration Division should perform separate duties and responsibilities.

3.  Procedural Guidelines –Implementation of investment policy through the self                                              

       organizational structure should follow the following guidelines;

i.                    Approval process should be done with in business discretionary power.

ii.                  Investment Administration should be ensure proper and complete documentation and compliance of sanction letter.

iii.                Investment disbursement after proper documentation and fulfillment of regularatory requirement.

iv.                Should activate continuous monitoring system for smooth operation of the accounts.

v.                  Identification of probable weakness and risk and taking corrective measures by the relationship manager. Report to authority within 7 days from detection of weakness.

vi.                Special Asset Management Division should be strengthened for recovery of NPI. Bank should maintain provision against non performing investments should take measures for write off NPI where 100% provision has been retained. Incentive programs for better performance be ensured.

2. ASSET AND LIABILITY / BALANCE SHEET RISKS :

Asset and liability management is the most important function of Bank management. Asset Liability Management ensures balanced fund mobilization and their deployment with respect to their maturity profile, cost, yield as well as risk exposure.

ALM policy statement through ALCO paper Indicates as follows:

        i.            Investment Deposit Ratio

      ii.            Whole   sale Borrowing Guidelines

    iii.            Commitments

    iv.            Medium Term Funding Ratio

      v.            Maximum Cumulative Out- flow

    vi.            Liquidity Contingency Plan

  vii.            Investment Regulatory Complian

                         ALM also discusses the following issues:

              i)   Balance sheet Risk

                                  ii)  Liquidity Risk

                                   iii)  Interest Rate Risk and

            iv)  Capital Adequacy Risk

            3. FOREIGN EXCHANGE RISK MANAGEMENT :

             ►  Foreign Exchange Risk Management in Banks has become inevitable because:

   -Change in regulatory policies in 1993 where Taka was declared   

convertible in the current account.

-      Commercial Banks were given responsibility to ascertain genuineness of  the transactions following withdrawal of Central Bank's prior approval requirements.

-       The responsibility of exchange rate quotation has been left to the commercial Banks under floating exchange rate.

-       To adapt to the changed environment many banks established dealing rooms.

         

                 Burdened with non-performing assets and shortfall in capital adequacy banks are now exploring the possibilities of earning from off balance sheet activities. This led to the emergence of new profit centre Treasury Dealing Room. This is not   also free from risk. So, risk management becomes inevitable.

► FOREIGN EXCHANGE RISK MANAGEMENET REQUIRES THREE AREAS TO ADDRESS :

                    

                                             -   Policy

-   Organizational Structure

-   Process.

► POLOCY :    Areas to Develop

-   Dealing Limit

-   Mandatory Leave

-   Position Reconciliation

-   Nostro Account Reconciliation

-   After hours dealing

-   Off-premises Dealing

-   Stop Loss Limit

-   Mark to Market

-   Valuations

-   Model Control Policy

-   Internal Audit

►   ORGANISATINAL STRUCTURE :

In  performing  all  the  above  listed functions  in an appropriate  manner  the Organizational Structure requires :

-      A  clear  demarcation  between  different  dealing  and  all  settlement  and  support functions.

-         Treasury Front Office  be  involved in dealing activities     and  the  Back Office  be responsible for support functions.

-          To monitor and manage balance Sheet Risk there should have an additional unit, "Treasury Mid Office".

►   Centralized Foreign Exchange and Money Market Activates:

Foreign Exchange and Money Market are required to be housed in the same area.

Foreign  Exchange  and  money  market  activities  are  to  be  unified  in  the  same department/control.

►   Separate Trading and Risk Management Units:

-   Traders Risk-taking Units should be separated from Market Risk    

    Management Unit.

-   Major Responsibilities of Traders/Risk Taking Units

-   Remain within the approved independent Market Risk Unit     

    Framework.

-   Ensure no limit breaches.

-   Inform the Market Risk Management Unit of any shift in strategy or   

     product mix.

-   Major Responsibilities of Market Management Unit :

-   Review policy at least annually and update as require.

-   Independently identify all relevant market risk factors.

-   Ensure that limits/triggers are appropriately established.

-   Review and approve any temporary limit requirements.

-   Recommend corrective actions for any limit excesses.

►   PROCESS :

►   In a Proper Treasury set-up, a Dealer -

-   Strikers a deal in the market.

-   Maintains his own record for monitoring the exchange position.

-   Passes on detailed information of the deal to the back-office in time.

►  The Back Office –

-                             arranges for deal confirmation with counter party.

-                             arranges settlement.

-                             reconciles exchange positions.

-                             advises to the treasury.

-                             runs the valuation on a periodic basis.

 ►  Rate Appror[privation :

                    This exercise is carried out by the treasury back-office to   

                    check for whether all deals have been dealt at market rates.

 ►   Deals Outstanding Limit :

Treasury back-office requires to check against any unusual volumes of activity. The management may decide to set a limit for all outstanding FX contracts at any given

point of time.

►   Deals Treasury Risk Report

The back-office is required to summarize all daily positions on a report. Report should contain :

-         Outstanding open position against limit.

-      different currency-wise outstanding exchange position. - Outstanding FX forward gaps in different tenors.

-       interest rate exposure of balance sheet.

-       counter party credit limit usage.

-         day's P & L against trigger and stop loss limit, etc.

►   Code of conduct :

Dealers are expected to act in a professional and ethical manner :

They must  keep  dealing activities within the responsibilities authorized by the management and observe the instruction given by the management or supervisors in each dealing section.

►   Conversation language

All dealing related conversations taking place in the Treasury must be in an acceptable language for operational clarity.

-          All conversations on Reuters Dealing System must be in English.

-         All conversation over telephone must be restricted to either in Bengali or in English.

  4.  INTERNAL CONTROL & COMPLIANCE RISKS MANAGEMENT:

            Definition:

According to IMF publication, Internal Control refers to the Mechanism in place on a permanent basis to control the activities in an organization, both at a central and at a departmental/divisional level.

Objectives of Internal Control and Compliance (ICC):

The primary objective of internal control system in a bank is to help the bank perform better through the use of its resources. Through internal control system, bank identifies its weaknesses and takes appropriate measures to overcome the same. The major objectives of internal control are as follows:

1. Efficiency and effectiveness of activities : Performance objective

2. Reliability, Completeness and timelines of financial and management information: Information Objective.

3. Compliance with applicable laws and regulations : Compliance Objective

Structure of the ICCD.

Organizational structure plays a vital role in establishing effective internal control system. The essence of the ideal organizational structure that will facilitate effectiveness of the internal control and compliance system is the segregation of duties. The bank should, depending on the structure, size, location of its branches and strength of its manpower, try to establish an organizational structure which allows segregation of duties among its key functions such as marketing, operations,  audit,  financial administrations etc. Extent of this segregation will depend on an individual bank; that is small or big branch operations.

The Head of Internal Control and Compliance Department (ICCD) should have a reporting line with the bank's Board while the Audit Committee (AC) of the board will be the "Contact Point" for this deptt. This deptt. also has a reporting line with the MD/CEO of the Bank.

Functions of ICCD

The head of the internal control will be responsible for the both compliance and control related tasks which include compliance with laws and regulation, audits and inspection, monitoring activities and risk assessment. The head of internal control will report directly to the MD and also have an indirect reporting line to the Audit Committee of the Board.

Monitoring Unit:

-  Monitor the operational performance of branches/deptt.

-  Collect relevant data and analyze these to assess the risks of individual   units.

                                           -  Recommend the Head of ICC for sending audit and     

                                                inspection tea   in case of major deviation.

                                          -   Prepare an annual health report of the bank.

          Audit and Inspection Unit:

- Conduct Risk Based Annual Audit

- Conduct special audit

- Surprise audit

- Prepare a summary report on audit findings

-Make sure that prompt action is taken in    

  rectification of deficiencies pointed out in the DCFCL

        Compliance Unit:

                - Ensure that bank complies with all regulatory    

                   Requirements while conducting its business.

                   -  Maintain liaison with the regulatory bodies.

                  -  Maintain liaison with the regulators at all level and  

                      notify the other  units about  regulatory changes.

5.      MONEY  LAUNDERING  RISK  MANAGEMENT: 

 Money laundering risk is the risk of loss of reputation of the Bank.  It is the process by which proceeds from a criminal activity are dis-guised to conceal their illicit origins. Basically, money laundering involves the proceeds of criminally derived property rather than the  property itself. Money launderers send illicit funds through legal channels in order to conceal their criminal origins.

Laundering is not a single act but a process accomplished in 3 basic

stages, which may comprise numerous transactions, by the launderers that could alert a financial institution to criminal activity-

Placement- the physical disposal of the initial proceeds derived from illegal activity.

Layering- separating illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the audit trail and provide anonymity.

Integration- the provision of apparent legitimacy to wealth derived

criminally. If the layering process has succeeded, integration schemes place the laundered proceeds back into the economy in such a way that they re-enter the financial system appearing as normal business funds.

The three basic steps may occur as separate and distinct phases. They may also occur simultaneously or, more commonly, may overlap.

                      The Money Laundering Prevention activities in banking include:

                      •    Obtention of KYC, TP forms & maintenance

                      •     Record keeping

                      •     Reporting STR, CTR, Quarterly report etc.

                     •    Staff training regarding AML activities

                   •     Communication with regulatory Authority

                     •     Compliance of AML guidelines by Bank Authority

                   •      Bank BOD commitment towards AML guideline

6. IT RISK MANAGEMENT 

Information technology (IT) plays a critical role in many businesses. IT risks include hardware and software failure, human error, spam, viruses and malicious attacks, as well as natural disasters such as fires, cyclones or floods.

If our business uses information technology (IT), it's important to understand the key steps that we can take to minimize IT risk. Risks include hardware and software failure, human error, spam, viruses and malicious attacks, as well as natural disasters.

A code of conduct can provide staff and customers with clear direction and define acceptable behaviors in relation to key IT issues, such as protection of privacy and ethical conduct.

  7. ENVIROMENT RISK MANAGEMENT

     Why add environmentally derived risks:

-          Every business activity has some inherent environmental, health & safety risks.

-          If clients don’t properly manage those inherent environmental health & safety risk, they can create environmentally derived financial, legal and reputational risks and liabilities for our clients.

      Environmentally Derived Risks for the Bank:

-          Inability of the client to make payments due to unexpected environmental costs.

-          Over valuation of assets offered for security

-          Decrease in the value of security due to environmental impairment during the term of the investment.

-          Legal liability for clean-up.

     Environment Risk Management Procedures

-          Identify Environmentally derived , potential liabilities for the bank in transaction

-          Assess the awareness, commitment and resources of the client manage the environmental risk creating those potential liabilities.

-          Manage & control the bank’s exposure to environmentally derived liabilities