Financial Integrity, Oversight and Broadened Capital Markets

Risk Management Review
May 1, 2007

Outline for today’s discussion
Introductions Review of objectives of risk management subcomponent and specific tasks Overview of Risk Management
Definitions and terminology Credit Risk Operational Risk

Discussion of your ideas and objectives Next steps

Sarah (“Sally”) W. Hargrove
Native of North Carolina Wharton MBA, CFA Thirty years of experience in investment and commercial banking in NY, NC and PA Top bank regulator in Commonwealth of PA for banks, savings institutions, licensed lenders Consulting for past 12 years in primarily emerging markets (technical assistance and training in bank appraisals, risk management and corporate governance) Worked with CBJ on risk management, early warning system, and corporate governance

General objectives of risk management sub-component
Address practical issues for implementation of risk management systems for BIS II compliance Build risk management capacity in Jordanian banks by providing useful tools and solutions to practical problems Provide roadmap for evolution to IRB (Foundation) in 2012

Objectives for first phase of risk management sub-component
Conduct kick-off session to identify practical problems in implementing risk management and BIS II Follow up with private interviews Work with interested banks to develop methodology for standardized risk rating system Conduct risk management diagnostics

Today is a kick-off
Provide general overview of risk and risk management Establish a baseline of risk knowledge, common terminology and understanding of BIS requirements Provide overview of different credit rating/risk measurement approaches Hear from you

Follow-up individual or group meetings as requested
Develop methodology for creating a standardized internal risk rating system Conduct individual bank diagnostics
Gap analysis Focus on policies and procedures Reports for monitoring Organizational structure

Certain principles rule financial intermediation in free markets
Supply and demand
Interest rate as the “clearing price” Opportunity cost of consumption/investment

Rational investors
Risk averse Maximize return/Minimize risk

Efficient markets
Allocation of resources Information impounded in prices Competition

Perceived risk is based on historical or expected volatility
160 140 120 100 80 60 40 20 0 1 2 3 4 5 6 7 8 9 10 Series1 Series2

Universally risk is defined by volatility
Features Features Normal distribution Skewed distribution Range Variance Standard deviation

Tail Probability = 2.5%

0

Distribution of actual or expected occurrences

The higher the risk, the higher the required rate of return
Required rate of return determines the price
Current income stream Capital appreciation

Perceived risk determines the required return
The greater the historical volatility the greater the risk The greater the uncertainty the greater the risk The longer the horizon the greater the risk

Risk is priced by the discount rate: absolute and relative
MV=PV = Σ Rate of Return C + TV t=0-n (1+r)t (1+r)t CCC B Risk Premium BBB A AA AAA BB Conv. Preferred Preferred Stock Income Bonds Subordinated Debentures 2nd Mortgage Bonds Common Stock

First Mortgage Bonds Treasury Bonds

Risk Free Rate Level of Risk

Risk measurement allows us to make a trade-off with return
C
Expected Return

B A

Risk/Standard Deviation

There is risk-reward trade-off inherent in financial intermediation
Short-term vs longer-term Liquidity Floating vs fixed rates Credit Leverage Risk is defined as volatility in earnings and/or capital

Capital needs to support major risks in financial institutions
Credit Risk
On and off balance sheet credit exposures

Market Risk

Interest rate and equity risk in trading book; FX and commodity risks in banking and trading books

Operational risk

Primarily failed processes or event risk (not strategic or reputational risk)

So how much capital does a financial institution need?

“Enough…but not too much.”

What is enough capital?
Capital protects depositors and creditors
Safety and soundness Supports growth Is a buffer against losses Can be in the form of non-equity

Equity capital represents owners’ interests
Last creditors to be paid in liquidation Requires a return in cash income and appreciation Retained earnings are a good source of capital

What is too much capital?
Capital is a non-interest bearing source of funds
Equity capital is the most expensive source of funds Must earn a required rate of return (ROE) Is a scarce resource

Management’s goal is to maximize risk-adjusted returns
Competes with risk-free rate and alternative investments Affects pricing and competitive position if too much

Capital adequacy is in the eyes of the beholder
Accounting capital
Focus is historical cost of Focus is historical cost of assets and recognition of assets and recognition of impairment (fair value) impairment (fair value) Focus is income, the Focus is income, the market’s expectations market’s expectations and required return and required return Focus is market value Focus is market value (PV of cash flows) of (PV of cash flows) of assets/liabilities assets/liabilities Focus is balance sheet Focus is balance sheet and income risk and and income risk and capital components capital components

Market capital

Economic capital

Regulatory capital

BIS II attempts a more precise calibration of economic and regulatory capital

In a perfect market the different capital values would be equal
Book values represent present values of future cash flows discounted at current required rates of return Market values of capital stock reflect net present values Economic capital is the same as net book value Regulatory capital would be a realizable value of assets in excess of liabilities

Capital requirements can be a competitive advantage
Japanese Bank Loan Net interest margin Income Capital USD 100 million .6% USD 600,000 2% USD 2 million ROE 30% US Bank USD 100 million 1.25% USD 1,250,000 6% USD 6 million 20.8%

BIS II permits banks to customize capital adequacy assessment
Align regulatory capital requirements more closely with underlying risk Emphasis is on banks’ risk management and economic capital allocations There is flexibility in assessing capital adequacy: standardized vs. IRB approaches

Capital must be allocated to support major banking risks
Credit Risk • Standardized Approach • IRB Approach
• Foundation • Advanced

Market Risk • Standardized Approach • Internal Models Approach

Minimum 8% of Capital to Risk-Weighted Assets

Operational Risk • Basic Indicator Approach • Standardized Approach • Internal Measurement Approach

Capital adequacy is a function of three pillars
Pillar 1: Minimum Capital • Internal capital assessment process and control environment • Capital f (how sound the process is)

Pillar 2: Supervisory Review • Review assessment process • Evaluate IRR in banking book Pillar 3: Market Discipline
• Formal disclosure policy • Describe risk profile, capital levels, risk management process and capital adequacy

Mutually reinforcing factors that determine capital adequacy

Ultimately the financial market is the harshest regulator
Quantitative Requirement Qualitative Requirement

Minimum Capital Requirement

Supervisory Review Process
•• •• Many players Many players Self interested, Self interested, rational rational Independent • • Independent Real time • • Real time

Market Discipline

Public Disclosure

Capital required is a function of the quality of information
The less the history, the less reliable the data The less certain or transparent, the greater the risk The more the risk, the more capital needed All the above implies higher capital levels for some institutions in less mature markets

Capital absorbs unexpected losses and supports growth

“Capital is not a substitute for inadequate control or for risk management processes.”
- Bank for International Settlements

Assumption of risk is the raison d’etre of banking

Banks make money by assuming risk Banks lose money by not managing risk or by not getting paid for the risk assumed Banks manage what they measure

A formalized risk management framework is best practice
Risk Management is the deliberate acceptance of risk for profit – making informed decisions on the trade-offs between risk and reward and using various financial and other tools to maximize risk-adjusted returns within pre-established limits.

A Risk Management facilitates informed decision-making
Identify Measure Manage Monitor

Risk Management is now basic to financial management
“The nature of Risk Management in banks is changing fundamentally. Until recently, it has been an exercise in damage limitation. Now it is becoming an important weapon in the competitive struggle between financial institutions. Those who can manage and control their risks best will be the most profitable, lowest priced producers. Those who misjudge or mis-price will be out on their ear.”
The Risk Game The Economist, Survey of International Banking (1996)

Risk management permits riskreward trade-offs

The primary objective is to minimize the volatility of earnings and capital (hence the risk as perceived by investors) and at the same time earn a ROE to maintain the value of the common equity.

Risk management permits better performance measurement
TRADITIONAL PERFORMANCE MEASURES • Asset volume/growth • Asset volume/growth • Revenues • Revenues • Contributions • Contributions • # New customers/clients • # New customers/clients RISK-ADJUSTED PERFORMANCE MEASURES • Contribution net of expected • Contribution net of expected losses losses • RAROC • RAROC • EVA or SVA • EVA or SVA

• Growth in poor quality loans • Growth in poor quality loans • “Adverse selection” • “Adverse selection” • Thin/insufficient margins • Thin/insufficient margins

• Booking of low grade assets • Booking of low grade assets only if compensated with only if compensated with higher margins higher margins • Focus on risk/reward ratios • Focus on risk/reward ratios

The focus is on management… not control
Risk Control Risk Management

• Avoid • Decrease • Limit

•Absorb/reserve •Hedge/Transfer •Sell/share •Insure •Price for •Limit

Emphasis is on Quantity of risk and Quality of management
What risks and how much
• Loan Rating • Loan Rating • VaR reporting • VaR reporting • Mark to Market • Mark to Market • Portfolios • Portfolios

What risks, how much and how well managed
• Loan Rating • Loan Rating • Value at Risk analysis • Value at Risk analysis • Risk self assessments • Risk self assessments • Operating risk analogs • Operating risk analogs

Historical Analysis

Historical Analysis and Forward modeling

Benefits of integrated risk management
Promotes and strengthens a consistent risk culture Clear, consistent position on risk enhances market image Supports the efficient use of financial and human resources for maximum risk-adjusted returns Facilitates the dissemination of multi-dimensional risk knowledge and expertise to where it makes a difference Provides corporate level overview of risks and risk trends for strategic and business planning Enables performance evaluation on a risk-adjusted basis

Elements of integrated risk management
Common language Consistent measurement and methodologies Integrated processes Clear roles and responsibilities Excellent training and communications Technology supported-MIS a key driver Not bureaucratic—enabling, not controlling

Risk management philosophy
Manage risks at source: Primary responsibility for risk decisions are at the businesses Within businesses, segregation of responsibility for risk management and for customer profitability Risk management is a culture issue: volunteerism Risk management policies and practices should support business goals

Ownership of risk is a key driver to assuring all risks are managed

“Every risk needs an owner”

Risk management framework integrates several areas

Internal Audit Credit Risk Management

ALM

Treasury Management

Management decisions are iterative and continuous
Business strategy & credit policy

Set Policies and Objectives (including FTP rules)

Interest Rates FX rates Economy Competition

Gather External Information

Develop and Assess Scenarios

Collect and Analyze Internal data

Set Liquidity Policy

Set Interest rate position

Set FX Exposure position

Set investment and earnings management guidelines

Execute Drives strategy and credit risk management Source: Booz-Allen & Hamilton

Good risk policies address all identified risks
Assign responsibilities and duties Define risk measures Set risk limits Specify how to handle exceptions to limits Set times for review and revision Set how and when the process should be audited Receive Board of Directors’ approval

Critical success factors for good risk management
Executive level commitment and leadership Education and communication Clear roles and responsibilities Risk management must support business activities and goals—managing risks for rewards Information-based decisions Understandable measurements

Risk management is an integrated process
Systems
• Data extraction • Data transfer links • Data mapping • MIS support

Policies & Processes
• Approval • Limits / Control • Reports • Disclosure

Methodologies Risk Management
• Grading / Scoring • Calculators • Capital attribution

Organization
• Independence • Audit • Education • Performance Evaluation

RAROC drives BIS Pillar 1
RAROC: Risk-adjusted return on capital
Revenue less funding and other costs Predictable losses are expensed

Profit RAROC =

_

Provisions

Economic Capital
The cushion needed to support Unexpected Losses

RAROC allows management to make proper risk-reward trade-offs
Loan/Product/Branch
Interest and fee income Interest and fee income Less cost-of-funds Less cost-of-funds Net interest income Net interest income Less “expected loss” Less “expected loss” Less non interest expenses Less non interest expenses Pretax income Pretax income Less tax Less tax Divided by Economic Divided by Economic Capital Capital RAROC RAROC xxx xxx (xxx) (xxx) xxx xxx (xxx) (xxx) (xxx) (xxx) xxx xxx (xxx) (xxx) xxx xxx xxx xxx X% X%
Pricing guidelines FTP

Credit analysis

Direct and allocated indirect costs

Allocated capital

Applied to hurdle rate

Capital assessments must be consistent with how operate
Return
RAROC

Efficient Frontier

• • • •

Business Units, Sub-Portfolios, Transactions

Risk Free Rate

Risk

One of the most difficult aspects of RAROC is the assignment of EC
RAROC uses a bank’s own allocation RORAC uses BIS assigned weights The more the capital the more the perceived risk of the asset….but more conservative and less risky the bank The more the capital the higher the required return from the asset

Credit risk rating system provides RAROC input
Standardized Approach Internal Ratings Based Approach
Foundation Advanced

What is credit risk?
“The risk that a borrower will not pay what we lent – in full and on time”

The potential that a bank borrower or counterparty will fail to meet its obligations in accordance with agreed terms
“Principles for the Management of Credit Risk” - BIS 1999

Must also include all threats to value, in a probability / net present value sense; e.g. deterioration in quality throughout the life of the loan is a credit risk in itself

Credit risk affects both capital and earnings
Foregone Interest and provisions And mark-to-market losses

The primary objective is to minimize the volatility of earnings and capital (hence the risk as perceived by investors) and at the same time earn a ROE to maintain the value of the common equity.

Losses in economic capital

Good credit risk management a competitive advantage
Identify Measure Manage Monitor
And price appropriately!

Credit risk measurement takes different forms
Expert systems Credit scoring models Rating systems
CAMELS Pass, OLEM, Substandard, Doubtful, Loss Public bond ratings

Credit rating methodologies are on a continuum
Judgment Template Scoring Model

Grades are set judgmentally against a set of qualitative guidelines

Final ratings are ultimately judgmental, but graders are provided with a “template” of quantitative benchmarks for each rating category

Graders are provided a “scoresheet” which combines a set of objective characteristics with subjective factors in a predetermined manner

Grades are derived purely mechanically, with no role for subjective inputs

Altman Z score is one of earliest credit models
RATIO FORMULA Earnings Before Interest and Taxes ---------------------------------------Total Assets Net Sales ---------------------------------------Total Assets Market Value of Equity ---------------------------------------Total Liabilities Working Capital ---------------------------------------Total Assets Retained Earnings ---------------------------------------Total Assets WEIGHT FACTOR WEIGHTED RATIO Return on Total Assets x. 3.3 -4 to +8.0

Sales to Total Assets

x 0.999

-4 to +8.0

Equity to Debt

x 0.6

-4 to +8.0

Working Capital to Total Assets

x 1.2

-4 to +8.0

Retained Earnings to Total Assets

x1.4

-4 to +8.0

Credit analysis drives the credit risk assessment of all methods

Both the ability and the willingness to pay are key

There are two basic elements of credit risk
Standalone risks
Default probability Loss given default Migration risk

Portfolio risks
Default correlations Exposure
Credit risk management means diversifying and transferring risk

Industry sector

Competitive position

Mgmt. / organization

Standalone creditworthiness depends on many factors
Financial strength Cash flow/ debt serv.

Data drives the credit analysis
Category

Data Required ♦ Industry profile -- 3 years ◊ Size, growth ◊ Concentrations ◊ Cyclicality/seasonality ◊ Explanation of trends Industry outlook Profiles of key competitors (top two) Regulatory profile -- current, recent changes, expected changes Borrower’s strategy Key alliances: ◊ With government ◊ With private sector ◊ With other influential players Company financials -- 3 years ◊ Profit & loss statements, balance sheets ◊ Supplementary statements -reconciliation of net worth, fixed assets\ ◊ Audited where possible Creditor facilities ◊ Banks amounts and condition ◊ Suppliers of facilities ♦

Data Sources Internal ◊ Files ◊ Research department ◊ Other managers familiar with industry Third parties ◊ Ministries ◊ Multilateral agencies -- World Bank, IADB, etc. ◊ Other government organizations ◊ Trade associations ◊ Other banks ◊ Other companies in industries External -- customer calls Business press Internal ◊ Files ◊ Other managers familiar with borrower Issuer ◊ In person calls ◊ Site visits

Industry

♦ ♦ ♦ ♦ ♦

♦ ♦ ♦ ♦

Financial Condition

s example
SAMPLE DATA COLLECTION

Quantitative modeling provides the basis of the analysis
Input Calculation Output

Raw data Raw data

Economic Economic Interpretation Interpretation

Individual Individual Scores Scores

Aggregation to Aggregation to overall Score overall Score

Calibrated Calibrated Rating (PD) Rating (PD) • Calibration fixed

• Financials • Assessment of qualitative Factors

• Ratios

• Scale comparable for all factors

• Weights fixed (e.g. linear algorithm)

May be different by segment (size, state -owned /private, industry, available information)

There are two major factors to consider…
What is the likelihood a borrower will default? Probability [%]

If the borrower defaults, how much are we likely to lose? Amount [JOD or %]

BIS II has led to a new generation of statistical rating models
Three measures for credit risk
Standardized using external ratings for risk weights IRB: Foundation and Advanced

IRB uses banks’ own rating systems with required features Provisions should equal expected loss where EL = PD * LGD * EAD Capital must be held for UL

Probability of Default (PD) is based on historical experience
X Corporate Loans Y Credit Cards

-4

-3

-2

-1

0

1

2

3

4

Standard Deviation

X = 2% Y = 4%

X = 4% Y = 5%

Databases of historical defaults are maintained by ECAIs
• S&P • Moody’s • Fitch • Dun & Bradstreet • Others

Supervisors assign ratings to risk weights for standardized
S & P RATING
AAA AA A BBB BB B CCC CC C

MOODY’S EQUIVALENT
Aaa Aa3/A1 As/A3 Baa2 Ba1/Ba2 Ba3/B1 B2/B3 B3/Caa Caa/Ca

DEFAULT PROBABILITY (SUBSEQUENT YEAR)
0.01% 0.03% 0.10% 0.30% 0.81% 2.21% 6.00% 11.68% 16.29%

Hindsight is perfect….but how do we predict default?

Data lets us generalize about a
similar population
Example: Life insurance company

How we can we classify individuals into broad risk bands to manage our actuarial risk?

?

How do we discern the predictive risk variables?
Example: Life insurance company
Set hypothesis Examine experience Select variables Test predictability Test and Calibrate • Age • Male / female • Smoker / non-smoker • Obesity • Family history

Analysis of the data
Risk factor: Obesity Set hypothesis Examine experience Select variables Test predictability Test and Calibrate
100 80 60 40 20 0 40 k 60 k 80 k 100 k 120 k 140 k 160 k 180 k

90 80 70 60 50 40 30 20 10 0 40 k 60 k 80 k 100 k 120 k 140 k 160 k 180 k

90 80 70 60 50 40 30 20 10 0 40 k 60 k 80 k 100 k 120 k 140 k 160 k 180 k

Larger populations and more reliable data = more confident

The most reliable are consumer credit scoring models
: Example s ard Credit C
100 80 100 60 40 20 0 80 100 60 40 20 1 0 80 100 60 40 2 20 1 0 80 100 60 80 3 4 100 6 7 8 9 10 5 40 60 80 100 2 3 4 5 6 7 8 9 10 20 40 60 80 1 2 3 4 5 6 7 8 9 10 0 20 40 60 1 2 3 4 5 6 7 8 9 0 20 40 1 20 3 4 5 6 7 8 2 0 1 0 2 1 3 2 4 3 5 4 6 5 7 6

10 9 8 7 10 9 8 10 9 10

Examples of predictive factors for credit cards

Not surprisingly, such models can drive the whole credit process
100 80 100 60 40 20 0 80 100 60 40 20 1 0 80 100 60 40 2 20 1 0 80 100 60 80 3 4 100 6 7 8 9 10 5 40 60 80 100 2 3 4 5 6 7 8 9 10 20 40 60 80 1 2 3 4 5 6 7 8 9 10 0 20 40 60 1 2 3 4 5 6 7 8 9 0 20 40 1 20 3 4 5 6 7 8 2 0 1 0 2 1 3 2 4 3 5 4 6 5 7 6

10 9 8 7 10 9 8 10 9 10

• Planning • Marketing • Approval • Pricing • Monitoring • Collections • Provisioning

Design, integrity, maintenance, and validity of the model is the core
100 80 100 60 40 20 0 80 100 60 40 20 1 0 80 100 60 40 2 20 1 0 80 100 60 80 3 4 100 6 7 8 9 10 5 40 60 80 100 2 3 4 5 6 7 8 9 10 20 40 60 80 1 2 3 4 5 6 7 8 9 10 0 20 40 60 1 2 3 4 5 6 7 8 9 0 20 40 1 20 3 4 5 6 7 8 2 0 1 0 2 1 3 2 4 3 5 4 6 5 7 6

10 9 8 7 10 9 8 10 9 10

Backtesting Stress testing Validation

Potential losses should be priced in our rates
Expected loss

=

?

How much we expect to lose (probability) on a credit or group of credits May be expressed as a per cent or an absolute number Often abbreviated as “EL” – also known as “ROL” (risk of loss)

Expected loss is a function of three variables
Expected loss

=

Probability of default

x

Loss given default

x

Exposure at default

Let’s calculate a simple example
Expected loss Probability of default
Rating 1 2 3 4 5 6 7 8 9 10 PD % 0.01 0.03 0.05 0.25 0.70 1.50 6.00 20.0 50.0 100.0 100 25 50 75

=

x

Loss given default
LGD % 0 10

x

Exposure at default
EaD % 100

In per cent…
Expected .03 or 3% loss Probability .06 of default

=

x

Loss given .50 default
LGD % 0 10 25 50 75 100

x

Exposure 1.00 at default
EaD % 100

Rating So if the credit is JOD PD % 7,000, EL for that 1 credit0.01 is 2 JOD 210 (3% x 7,000) 0.03 3 4 5 6 7 8 9 10 0.05 0.25 0.70 1.50 6.00 20.0 50.0 100.0

… or in numbers
3% JOD 210 .06

=

x

.50

x

JOD 7,000 1.00

Rating 1 2 3 4 5 6 7 8 9 10

PD % 0.01 0.03 0.05 0.25 0.70 1.50 6.00 20.0 50.0 100.0

LGD % 0 10 25 50 75 100

EaD % 100

The standalone EL’s can be aggregated for the whole portfolio
100 90 80

100 90 80 70 60 50 40
100 90 80 70 60 50 40 30 20 10 0 1 2 3 4 5 6 7 8 9 10

70 60 50 40 30 20 10 0 1 2 3 4 5 6 7 8 9 10

30 20 10 0 1 2 3 4 5 6

7

8

9

10

90 80 70 60 50 40 30 20 10 0 1 2 3 4 5 6 7 8 9

Probability

Losses

Over time actual can be compared to expected losses
100 90 80

100 90 80 70 60 50 40
100 90 80 70 60 50 40 30 20 10 0 1 2 3 4 5 6

70 60 50 40 30 20 10 0 1 2 3 4 5 6 7 8 9 10

100 90 80 70 60 50 40 30 20 10 0 1 2 3 4 5

30 20 10 0 1 2 3 90
80 70 60 50 7 40 30 20 10 0 1 2 3
8 9 10

100 90 80 70 60 6 50 40 30 20 10 0 1
100 80

4

5

6

7

8

9

10

?
8 9

7

8

9

10

2

3

4

5

6

7

8

9

10

4

5

6

7

60 40 20 0 1 2 3 4 5 6 7 8 9

EL are “predictable” – UL losses (i.e. volatility) represent true risk
Expected Loss (EL) Expected Loss (EL)

• • • • • •

Anticipated average loss Anticipated average loss rate rate Foreseeable “cost” Foreseeable “cost” Charged through Charged through income statement income statement

Unexpected Loss (UL) Unexpected Loss (UL)

• • • • • •

Anticipated volatility of Anticipated volatility of loss rate loss rate True “risk” True “risk” Captured through Captured through assignment of capital assignment of capital

The greater the variance, the more capital required
Unexpected Loss Requires capital support - as a cushion

Probability of Loss

Mean “expected” Loss

Unexpected Loss (Standard Deviation)

Amount of Loss

The amount of capital depends on target debt rating
Mean “expected” Loss

Unexpected Loss ( 1 Standard Deviation) Required Capital Solvency Standard
BBB A .03 .01 AA AAA .003 .001

Total “Economic” Capital = Reserves + Equity

Uncovered Risk

Credit analysis drives the PD but is only one component of risk
Based on analysis & identified comparative standards
Feedback loop

Credit Analysis and Structuring

Feedback process: annual review & experience

Risk Rating: Borrower and Facility

Loss Given Default
A function of analysis and structuring

Probability of Default
Based on historical risk rating data

Exposure at Default

Expected Loss

EL=PD x LGD x EAD

Credit risk analysis is an evolving field
Quantitative modeling includes structural and reduced form models Credit risk management means diversifying and transferring risk Research continues to integrate new asset classes and correlations

The Control Environment is an important part of risk management
Control Environment
Internal Audit
Independent review to ensure controls working as intended, risks are controlled and operational inefficiencies are identified during: •On-site reviews •Off-site reviews
Enforces

Internal Control
Management control of day-today activities including: •Policies and procedures •Segregation of duties •Authorities and approval limits •Checking procedures •Supervision of transactions and recording •Budget controls

Operational risks are classified as either “event” or “business” risks
All non-credit and non-market risks
“Routine processes” Payments/Settlements Documentation IT, regulatory, legal, fraud Strategy and planning

Managed by organizational and other internal controls
Segregation of duties and dual controls Internal audit scope, procedures, findings and responses Self-assessment process

Communications is key!
“An

effective internal control system requires effective channels of communication to ensure that all staff fully understand and adhere to policies and procedures affecting their duties and responsibilities and that other relevant information is reaching the appropriate personnel.”

Bank for International Settlements, Framework for Internal Control Systems in Banking Organizations

Internal audit is an important component
Third line of defense Business partner not adversary Separate from risk management oversight Responsible to ensure that controls and limits are working

Next steps
Individual interviews Diagnostic reviews Standardized risk rating system Individual Workshop ? Sarah (Sally) Hargrove swhargrove@nc.rr.com swhargrove@yahoo.com Tel: 550 3069 Ext. 149

Sign up to vote on this title
UsefulNot useful