UNIVERSITY OF MUMBAI

A Project Report On
RISK MANAGEMENT IN BANKS

Submitted By
ADITYA SUNIL SAWANT

Under the Guidance of

Mrs. URMILA CHAUHAN

BACHELOR OF
ACCOUNTING AND FINANCE
(BAF)

SEMESTER VI – TYBAF
Roll No - 31
(ACADEMIC YEAR 2018-19)

REENA MEHTA COLLEGE

(Bhayander West)
 CERTIFICATE

This is to certify that Mr. ADITYA SUNIL SAWANT, Roll no: 31 of Third Year
Bachelor of Accounting and Finance, Semester VI (Year 2018-19) has successfully completed the
project on Risk Management in Banks under the guidance of Mrs. Urmila Chauhan.

______________________ _______________________

Course Coordinator Principal

(Mrs. Urmila Chauhan) (Dr. (Mrs.) Satinder Kaur Gujral)

_____________________ ______________________

Project Guide/ Internal Examiner External Examiner

(Mrs. Urmila Chauhan)

 DECLARATION

I, Aditya Sunil Sawant the student of Third Year Semester VI (Year 2018-19) hereby declare that I have
completed the project Risk Management in Banks.

The information submitted is true and original to the best of my knowledge.

___________________

(Aditya Sunil Sawant)

Name of the Student: - ADITYA SUNIL SAWANT

Roll no: - 31

REENA MEHTA COLLEGE of Commerce and Management Studies

College Address: - Nr. Flyover, 150 ft road, opp. Maxus Mall, Bhayander (west)
 ACKNOWLEDGEMENT

To list who have helped me is difficult because they are so numerous and the depth is so enormous.

I would like to acknowledge the following as being idealistic channels and fresh dimensions in the
completion of the project.

I take this opportunity to thank the University of Mumbai for giving me chance to do this project.

I would like to thank my Principal Dr. (Mrs.) Satinder Kaur Gujral for providing the necessary
facilities required for completion of this project.

I take this opportunity to thank our Coordinator Mrs. Urmila Chauhan, for her moral support and
guidance.

I would like to express my sincere gratitude towards my project guide Mrs. Urmila Chauhan whose
guidance and care made this project successful.

I would like to thank my College Library, for having provided various reference books and magazines
related to my project.

Lastly, I would like to thank each and every person who directly or indirectly helped me in the
completion of the project especially my Parents and Peers who supported me throughout my project.
 INDEX

SR.NO. PARTICULARS PAGE NO.

1. INTRODUCTION TO RISK MANAGEMENT 1

2. BENEFITS OF RISK MANAGEMENT 4

3. TYPES OF RISKS IN BANKS 7

I. MARKET RISK 9

II. CREDIT RISK 28

III. OPERATIONAL RISK 41

IV. REGULATORY RISK 51

4. BASEL III NORMS 52

5. RISK MANAGEMENT AT UNION BANK OF INDIA 56

6. DATA ANALYSIS AND INTERPRETATION 61

7. CONCLUSION 65

8. BIBLIOGRAPHY 67
Executive Summary

Risk is inherent in any walk of life in general and in financial sectors in particular. Till recently, due to
regulated environment, banks could not afford to take risks. But of late, banks are exposed to same
competition and hence are compelled to encounter various types of financial and non-financial risks.
Risks and uncertainties form an integral part of banking which by nature entails taking risks. There are
three main categories of risks namely Credit Risk, Market Risk & Operational Risk. These are discussed
in detail. Main features of these risks as well as some other categories of risks such as Regulatory Risk
and Environmental Risk have been discussed. Various tools and techniques to manage Credit Risk,
Market Risk and Operational Risk and its various components, are also discussed in detail.

Banks need to meet forthcoming regulatory requirements for risk measurement and capital. However, it is
a serious error to think that meeting regulatory requirements is the sole or even the most important reason
for establishing a sound, scientific risk management system. Managers need reliable risk measures to
direct capital to activities with the best risk/reward ratios. They need estimates of the size of potential
losses to stay within limits imposed by readily available liquidity, by creditors, customers, and regulators.
They need mechanisms to monitor positions and create incentives for prudent risk-taking by divisions and
individuals.

Risk management is the process by which managers satisfy these needs by identifying key risks,
obtaining consistent, understandable, operational risk measures, choosing which risks to reduce and
which to increase and by what means, and establishing procedures to monitor the resulting risk positions.

Thus, banks today have to understand that risk management has become an integral part of banking. So
understanding these risks have become the order of the day for the banking sector.
1. Introduction to Risk Management

Risk management is the identification, assessment, and prioritization of risks followed by coordinated and
economical application of resources to minimize, monitor, and control the probability and/or impact of
unfortunate events or to maximize the realization of opportunities.

A risk can be defined as an unplanned event with financial consequences resulting in loss or reduced
earnings. Therefore, a risky proposition is one with potential profit or a looming loss. Risk stems from
uncertainty or unpredictability of the future. In commercial and business risk generates profit or loss
depending upon the way in which it is managed. Risk can be defined as the volatility of the potential
outcome. Risk is the possibility of something adverse happening.

Risk Management

Risk Management is a discipline at the core of every financial institution and encompasses all the
activities that affect its risk profile.

It involves identification, measurement, monitoring and controlling risks to ensure that

a) The individuals who take or manage risks clearly understand it.

b) The organization’s risk exposure is within the limits established by Board of Directors.
c) Risk taking decisions are in line with the business strategy and objectives set by BOD.
d) The expected payoffs compensate for the risks taken.
e) Risk taking decisions are explicit and clear.
f) Sufficient capital as a buffer is available to take risk

Thus, we can say that after the risks have been identified, risk management attempts to lessen their
effects. This is done by applying a range of management techniques. For example, the risk may be
lessened by taking out insurance or using derivatives or re-plan the whole project.

Page | 1
Thus, the essential components of any risk management system are

• Risk Identification
The naming and defining of each type of risk associated with a transaction or type of product or
service

• Risk Measurement
The estimation of the size, probability and timing of potential loss under various scenarios

• Risk Control
The framing of policies and guidelines that define the risk limits not only at the individual level
but also for particular transaction

Page | 2
Need for Risk Management in Banks

The recent crisis in financial markets has underscored the importance of robust risk management
processes that are based on reliable risk assessment for all financial sector participants, including banks.
Renowned financial institutions and corporate have either become bankrupt or had to be rescued,
economic growth had suffered setbacks and governments in even the wealthiest nations have had to come
up with stimulus packages to bail out their economies, especially their financial systems. The losses due
to the global financial turmoil could be no less than $4.1 trillion, two-third of which has been borne by
banks. Though most of these losses pertain to the US and Europe, the emerging market risks have risen
the most in the past two years. The growth in the developing countries had slowed down, mainly driven
by reversal of capital flows, clearly suggesting that the financial turmoil had percolated to the economic
system as well.

Thus, the recent financial crisis has exposed, among other things, the weaknesses in the risk management
systems of financial institutions, especially banks. Accurate risk assessment and management by banks,
thus, becomes crucial for financial and economic stability. Role of rating agencies in correctly assessing
credit risk assumes greater significance along with risk management.

The Indian banking industry is expected to witness unprecedented growth in the volume of business in the
coming decade and this brings with it huge challenges for risk management. A bank with sound risk
management practices in place will be able to precisely ascertain the credit profile of its borrowers,
resulting in enhanced ability to predict default, reduce bad debts and raise collections. This will in turn
enable lower capital requirements, improved performance and higher risk adjusted rate of return. The
proposed implementation of advanced approaches of Basel II will ensure better quantification and
accounting of various risks thereby ensuring more holistic risk management system in the Indian banking
industry. Quality risk management systems could very well act to the advantage of a bank in a country
like India, which has a shallow documentation of credit history, especially in retail banking, and a nascent
culture of credit information sharing.

Page | 3
2. Benefits of Risk Management

There are many benefits in implementing Risk Management procedures. Some of these include

➢ More effective strategic planning

➢ Better cost control
➢ Enhancing shareholder value by minimizing losses and maximizing opportunities
➢ Increased knowledge and understanding of exposure to risk
➢ A systematic, well-informed and thorough method of decision making
➢ Increased preparedness for outside review
➢ Minimized disruptions
➢ Better utilization of resources
➢ Strengthening culture for continued improvement
➢ Creating a best practice and quality organization.

In every financial institution, risk management activities broadly take place simultaneously at following
different hierarchy levels:-

a) Strategic level: It encompasses risk management functions performed by senior management and
BOD. For instance definition of risks, ascertaining institutions risk appetite, formulating strategy and
policies for managing risks and establish adequate systems and controls to ensure that overall risk remain
within acceptable level and the reward compensate for the risk taken.

b) Macro Level: It encompasses risk management within a business area or across business lines.
Generally the risk management activities performed by middle management or units devoted to risk
reviews fall into this category.

c) Micro Level: It involves ‘On-the-line’ risk management where risks are actually created. This is the
risk management activity performed by individuals who take risk on organization’s behalf such as front
office and loan origination functions. The risk management in those areas is confined to following
operational procedures and guidelines set by management. Expanding business arenas, deregulation and
globalization of financial activities emergence of new financial products and increased level of
competition has necessitated a need for an effective and structured risk management in financial

Page | 4
institutions. A bank’s ability to measure, monitor, and steer risks comprehensively is becoming a decisive
parameter for its strategic positioning. The risk management framework and sophistication of the process,
and internal controls, used to manage risks, depends on the nature, size and complexity of institution’s
activities. Nevertheless, there are some basic principles that apply to all financial institutions irrespective
of their size and complexity of business and are reflective of the strength of an individual bank's risk
management practices.

Board and Senior Management Oversight

a) To be effective, the concern and tone for risk management must start at the top. While the overall
responsibility of risk management rests with the BOD, it is the duty of senior management to transform
strategic direction set by board in the shape of policies and procedures and to institute an effective
hierarchy to execute and implement those policies. To ensure that the policies are consistent with the risk
tolerances of shareholders the same should be approved from board.

b) The formulation of policies relating to risk management only would not solve the purpose unless these
are clear and communicated down the line. Senior management has to ensure that these policies are
embedded in the culture of organization. Risk tolerances relating to quantifiable risks are generally
communicated as limits or sub-limits to those who accept risks on behalf of organization. However not all
risks are quantifiable. Qualitative risk measures could be communicated as guidelines and inferred from
management business decisions.

c) To ensure that risk taking remains within limits set by senior management/BOD, any material
exception to the risk management policies and tolerances should be reported to the senior
management/board that in turn must trigger appropriate corrective measures. These exceptions also serve
as an input to judge the appropriateness of systems and procedures relating to risk management.

d) To keep these policies in line with significant changes in internal and external environment, BOD is
expected to review these policies and make appropriate changes as and when deemed necessary. While a
major change in internal or external factor may require frequent review, in absence of any uneven
circumstances it is expected that BOD re-evaluate these policies every year.

Risk Management Framework

Page | 5
A risk management framework encompasses the scope of risks to be managed, the process/systems and
procedures to manage risk and the roles and responsibilities of individuals involved in risk management.
The framework should be comprehensive enough to capture all risks a bank is exposed to and have
flexibility to accommodate any change in business activities. An effective risk management framework
includes

a) Clearly defined risk management policies and procedures covering risk identification, acceptance,
measurement, monitoring, reporting and control.

b) A well constituted organizational structure defining clearly roles and responsibilities of individuals
involved in risk taking as well as managing it. Banks, in addition to risk management functions for
various risk categories may institute a setup that supervises overall risk management at the bank. Such a
setup could be in the form of a separate department or bank’s Risk Management Committee (RMC) could
perform such function. The structure should be such that ensures effective monitoring and control over
risks being taken. The individuals responsible for review function (Risk review, internal audit,
compliance etc) should be independent from risk taking units and report directly to board or senior
management who are also not involved in risk taking.

c) There should be an effective management information system that ensures flow of information from
operational level to top management and a system to address any exceptions observed. There should be an
explicit procedure regarding measures to be taken to address such deviations.

d) The framework should have a mechanism to ensure an ongoing review of systems, policies and
procedures for risk management and procedure to adopt changes.

Integration of Risk Management

Risks must not be viewed and assessed in isolation, not only because a single transaction might have a
number of risks but also one type of risk can trigger other risks. Since interaction of various risks could
result in diminution or increase in risk, the risk management process should recognize and reflect risk
interactions in all business activities as appropriate. While assessing and managing risk the management
should have an overall view of risks the institution is exposed to. This requires having a structure in place
to look at risk interrelationships across the organization.

Page | 6
3. TYPES OF RISKS IN BANKS

When we use the term “Risk”, we all mean financial risk or uncertainty of financial loss. If we consider
risk in terms of probability of occurrence frequently, we measure risk on a scale, with certainty of
occurrence at one end and certainty of non-occurrence at the other end. Risk is the greatest where the
probability of occurrence or non-occurrence is equal. As per the Reserve Bank of India guidelines issued
in Oct. 1999, there are three major types of risks encountered by the banks and these are Credit Risk,
Market Risk & Operational Risk. In August 2001, a discussion paper on move towards Risk Based
Supervision was published. Further after eliciting views of banks on the draft guidance note on Credit
Risk Management and market risk management, the RBI has issued the final guidelines and advised some
of the large PSU banks to implement so as to gauge the impact. A discussion paper on Country Risk was
also released in May 02. Risk is the potentiality that both the expected and unexpected events may have
an adverse impact on the bank’s capital or earnings.

The expected loss is to be borne by the borrower and hence is taken care of by adequately pricing the
products through risk premium and reserves created out of the earnings. It is the amount expected to be
lost due to changes in credit quality resulting in default. Whereas, the unexpected loss on account of the
individual exposure and the whole portfolio in entirely is to be borne by the bank itself and hence is to be
taken care of by the capital. Thus, the expected losses are covered by reserves/provisions and the
unexpected losses require capital allocation. Hence the need for sufficient Capital Adequacy Ratio is felt.
Each type of risks is measured to determine both the expected and unexpected losses using VaR (Value at
Risk) or worst-case type analytical model.

A bank has many risks that must be managed carefully, especially since a bank uses a large amount of
leverage. Without effective management of its risks, it could very easily become insolvent. If a bank is
perceived to be in a financially weak position, depositors will withdraw their funds, other banks won't
lend to it nor will the bank be able to sell debt securities in the financial markets, which will exacerbate
the bank's financial condition even more. The fear of bank failure was one of the major causes of the 2007
– 2009 credit crises and of other financial panics in the past.

Page | 7
Although banks share many of the same risks as other businesses, the major risks that especially affect
banks are
I.Market Risk
1. Liquidity Risk
2. Interest Rate Risk
3. Foreign Exchange Risk
4. Country Risk
II.Credit Risk
III.Operational Risk
IV.Regulatory Risk

Types of Risks

Market Credit Operational Regulatory

Risk Risk Risk Risk

Foreign
Liquidity Country
Interest Risk Exchange
Risk Risk
Risk

Page | 8
 I. MARKET RISK

Market Risk may be defined as the possibility of loss to bank caused by the changes in the market
variables.

It is the risk that the value of on-/off-balance sheet positions will be adversely affected by movements in
equity and interest rate markets, currency exchange rates and commodity prices. Market risk is the risk to
the bank’s earnings and capital due to changes in the market level of interest rates or prices of securities,
foreign exchange and equities, as well as the volatilities, of those prices. Market Risk Management
provides a comprehensive and dynamic frame work for measuring, monitoring and managing liquidity,
interest rate, foreign exchange and equity as well as commodity price risk of a bank that needs to be
closely integrated with the bank’s business strategy. Scenario analysis and stress testing is yet another
tool used to assess areas of potential problems in a given portfolio. Identification of future changes in
economic conditions like – economic/industry overturns, market risk events, liquidity conditions etc that
could have unfavorable effect on bank’s portfolio is a condition precedent for carrying out stress testing.
As the underlying assumption keep changing from time to time, output of the test should be reviewed
periodically as market risk management system should be responsive and sensitive to the happenings in
the market.

Different types of market risks are:

1. Liquidity Risk
2. Interest Rate Risk
3. Foreign Exchange Risk
4. Country Risk

Page | 9
1. LIQUIDITY RISK

Liquidity risk is the potential for loss to an institution arising from either its inability to meet its
obligations or to fund increases in assets as they fall due without incurring unacceptable cost or losses.

Liquidity risk is considered a major risk for banks. It arises when the cushion provided by the liquid
assets are not sufficient enough to meet its obligation. In such a situation banks often meet their liquidity
requirements from market. However conditions of funding through market depend upon liquidity in the
market and borrowing institution’s liquidity. Accordingly an institution short of liquidity may have to
undertake transaction at heavy cost resulting in a loss of earning or in worst case scenario the liquidity
risk could result in bankruptcy of the institution if it is unable to undertake transaction even at current
market prices.

Early Warning indicators of liquidity risk.

a) A negative trend or significantly increased risk in any area or product line.
b) Concentrations in either assets or liabilities.
c) Deterioration in quality of credit portfolio.
d) A decline in earnings performance or projections.
e) Rapid asset growth funded by volatile large deposit.
f) A large size of off-balance sheet exposure.
g) Deteriorating third party evaluation about the bank

ALCO/Investment Committee

The responsibility for managing the overall liquidity of the bank should be delegated to a specific,
identified group within the bank. This might be in the form of an Asset Liability Committee (ALCO)
comprised of senior management, the treasury function or the risk management department. However,
usually the liquidity risk management is performed by an ALCO. Ideally, the ALCO should comprise of
senior management from each key area of the institution that assumes and/or manages liquidity risk. It is
important that these members have clear authority over the units responsible for executing liquidity-
related transactions so that ALCO directives reach these line units unimpeded. The ALCO should meet
monthly, if not on a more frequent basis. Generally responsibilities of ALCO include developing and
maintaining appropriate risk management policies and procedures, MIS reporting, limits, and oversight
programs. ALCO usually delegates day-to-day operating responsibilities to the bank's treasury
department. However, ALCO should establish specific procedures and limits governing treasury
operations before making such delegation.
Page | 10
Liquidity Risk Strategy
The liquidity risk strategy should enunciate specific policies on particular aspects of liquidity risk
management, such as:

a. Composition of Assets and Liabilities. The strategy should outline the mix of assets and liabilities to
maintain liquidity. Liquidity risk management and asset/liability management should be integrated to
avoid steep costs associated with having to rapidly reconfigure the asset liability profile from maximum
profitability to increased liquidity.

b. Diversification and Stability of Liabilities. A funding concentration exists when a single decision or
a single factor has the potential to result in a significant and sudden withdrawal of funds. An institution
would be more resilient to tight market liquidity conditions if its liabilities were derived from more stable
sources. To comprehensively analyze the stability of liabilities/funding sources the bank need to identify:
• Liabilities that would stay with the institution under any circumstances
• Liabilities that run-off gradually if problems arise
• That run-off immediately at the first sign of problems

c. Access to Inter-bank Market. The inter-bank market can be important source of liquidity. However,
the strategies should take into account the fact that in crisis situations access to interbank market could be
difficult as well as costly.

Page | 11
The cause and effect of liquidity risk are primarily linked to the nature of the assets and liabilities of a
bank. All investments and financing decisions of bank, irrespective of whether they have long term or
short term implications, affect its asset liability position, which in turn, may further affect its liquidity
position, both in long term and short term. Given below are the two approaches that relate to these two
situational decisions:-

➢ Fundamental approach :-
Driving factor of this approach is long term sustenance. Bank tries to eliminate its long term liquidity
risk basically by controlling its asset liability position. A prudent way of tackling this situation can be
adjusting the maturity of assets or liability and / or by diversifying and broadening the sources and uses of
funds. The two alternatives under this approach to control liquidity risk are:
✓ Asset Management :-
Asset Management aims to eliminate liquidity risk by holding near cash assets. For instance, sale
of securities from investment portfolio can enhance liquidity. When asset management is resorted to, the
liquidity requirements are generally met from primary and secondary reserves. Primary reserves refer to
cash assets held to meet the statutory cash requirements and other operating purposes. However most of
the liquidity is generally from the secondary reserves, which includes those assets, held primarily for
liquidity purposes. Assets that fall under this category generally take form of unsecured marketable
securities and are converted into cash prior to their maturity at a little risk of loss in their value.
✓ Liability Management :-
Here the bank does not maintain any surplus funds, but tries to achieve the required liquidity by
borrowing funds when the need arises. The underlying implications of this process are that bank will
mostly be investing in long-term loans and, further, it will not depend on its liquidity position/surplus
balance for credit accommodation. Though it involves a greater risk for the bank, it will also fetch higher
yields due to the long investments. The bank should on the one hand be able to raise funds at low cost
and on the other ensure that the maturity profile of the instrument does not lead to or enhance the liquidity
risk and the interest rate risk.

Page | 12
Applicability of Fundamental Approach:-

The selection of an appropriate alternative from these two strategies depends to a considerable extent on
the size and the nature of operations of the bank. It means that whether the bank is deposit rich or
deposits poor. In case of deposit rich, bank usually concentrates on retail business and should adopt the
asset management approach while if the bank is deposit poor, it means that it usually concentrate on
wholesale business and should adopt liability approach.
Situation:-
Consider, for instance, the statement of assets and liabilities of Bank of Baroda for the year ended March
31. 2001.
(Rs. Crore)

Liabilities Amount Assets Amounts

Capital 577 Cash Bal. with RBI. 3,870.52

Reserve & Surplus 880.03 Call Money 2,656.14
Deposits 28,369.53 Advances 16,012.56
Borrowing 1,206.84 Investments 9,594.71
Other Liabilities 3,116.85 Fixed Assets 223.00
Other Assets 1,713.32

Total 34,070.25 Total 34,070.25

It can be observed from the above balance sheet that the bank is deposit rich and its basis objective is
accepting deposits and financing investment to the industry. Setting aside cash and bank balance,
advances, fixed and other assets, the bank has Rs.12,250.85 Cr. The bank is a net lender in the call
money market of Rs.2656.14 Cr. as against borrowing of Rs.1,206.84 Cr. In order to stabilize its liquidity
position and thereby eliminate liquidity risk, BOB now have to invest these surplus funds effectively
though proper asset management policy, by firstly acquiring liabilities and then determining the
composition of assets.

Page | 13
➢ Technical Approach :-
Technical approach focuses on the liquidity position of bank in short run. Liquidity in the short run is
primarily linked to the cash flow arising due to operational transactions. So here cash flow position is to
be tackled. Thus bank should know its cash requirements and cash inflow and adjust these two to ensure
a safe level for its liquidity position. The two alternatives under this approach to manage liquidity risk
are:

✓ Working Funds Approach :-

Under this approach the liquidity position is assessed based on the quantum of working funds available to
the bank, which comprises of owned funds, deposit and float funds. The liquidity of the owned funds
component will be nil, while deposits liquidity depends on the maturity profile and thus prior to assessing
the liquidity requirements of these deposits, the bank should categorize them into different segments
based on the withdrawal pattern under following three categories, analyzed based on historical data:

▪ Volatile funds: - Probability of withdrawal before maturity is short term in nature. Demand
100% liquidity maintenance since the demand for funds can arise at any time.
▪ Vulnerable funds: - Withdrawals are in planning manners. For e.g. saving deposits, the entire
quantum cannot be considered vulnerable. Liquidity requirement will be less than 100%.
▪ Stable funds :- These have the least probability of withdrawals during the planning period and so
liquidity requirement will be very low as compared to the above two categories.

✓ Cash Flow Approach :-

This method of forecasting liquidity tries to eliminate the drawback faced in the working funds approach
by forecasting the potential increase/decrease in deposits/credit accommodation. Here there are two
parameters which are essential to understand. Firstly, it is the decision regarding the planning horizon for
the forecasts and, secondly, the costs involved in forecasting.
The basic steps involved in this process are as follows:-

▪ Estimate anticipated changes in deposits

▪ Estimate the cash inflow by way of loan recovery
▪ Estimate the cash outflow by way of deposits withdrawals and credit accommodations
▪ Forecast these for the end of each period
▪ Estimate the liquidity needs over the planning horizon.

Page | 14
Liquidity Risk Management at Deutsche Bank

Liquidity Risk Management safeguards the ability of the bank to meet all payment obligations when they
come due. Our liquidity risk management framework has been instrumental in maintaining adequate
liquidity and a healthy funding profile.

Group Treasury is responsible for the management of liquidity risk. Liquidity risk management
framework is designed to identify, to measure and to manage the liquidity risk position. The underlying
policies are reviewed on a regular basis by the Group Asset and Liability Committee and finally approved
by the Board Member responsible for Group Treasury. The policies define the methodology which is
applied to the Group, its branches and its subsidiaries.

Liquidity risk management approach starts at the intraday level (operational liquidity) managing the daily
payment queues, forecasting cash flows and our access to Central Banks. It then covers tactical liquidity
risk management dealing with the access to unsecured funding sources and the liquidity characteristics of
our asset inventory (Asset Liquidity). Finally, the strategic perspective comprises the maturity profile of
all assets and liabilities (Funding Matrix) on our balance sheet and our Issuance Strategy.

Bank has developed a cash flow based reporting tool (Lima System) which provides daily liquidity risk
information to global and regional management. Bank’s liquidity position is subject to stress testing and
scenario analysis to evaluate the impact of sudden stress events. The scenarios are either based on historic
events, case studies of liquidity crises or models using hypothetical events.

Page | 15
Short-term Liquidity

Their reporting tool tracks cash flows on a daily basis over an eighteen months horizon. This scheme
allows management to assess its short-term liquidity position in any location, region and globally on a by-
currency, by-product, and by-division basis. The system captures all cash flows from transactions on their
balance sheet, as well as liquidity risks resulting from off-balance sheet transactions. Bank has model
products that have no specific contractual maturities using statistical methods to capture the actual
behavior of their cash flows. Liquidity outflow limits (MCO Limits), which have been set to limit
cumulative global and regional net cash outflows, are monitored on a daily basis and ensure access to
liquidity.

Unsecured Funding

Unsecured funding is a finite resource. Total unsecured funding represents the amount of external
liabilities, which they take from the market irrespective of instrument, currency or tenor. Unsecured
funding is measured on a regional basis by currency and aggregated to a global utilization report. The
Group Asset and Liability Committee have set limits by business divisions to protect the bank’s access to
unsecured funding at attractive levels.

Liquidity
The Asset Liquidity component tracks the volume and booking location within our consolidated inventory
of liquid assets which can be use to raise funds either in the repurchase agreement markets or by selling
the assets. In a first step, they segregate illiquid and liquid securities in each inventory. Subsequently bank
assign liquidity values to different classes of liquid securities. The liquidity of these assets is an important
element in protecting against short-term liquidity squeezes.

Diversification
Diversification of funding profile in terms of investor types, regions, products and instruments is an
important element of liquidity risk management framework. Their core funding resources as well as long-
term capital markets funding, form the cornerstone of their liability profile. Customer deposits, funds
from institutional investors and interbank funding are additional sources of funding. Bank use interbank
deposits primarily to fund liquid assets.

Page | 16
2. INTEREST RATE RISK

Interest rate risk arises when there is a mismatch between positions, which are subject to interest rate
adjustment within a specified period.

The bank’s lending, funding and investment activities give rise to interest rate risk. The immediate impact
of variation in interest rate is on bank’s net interest income, while a long term impact is on bank’s net
worth since the economic value of bank’s assets, liabilities and off-balance sheet exposures are affected.
Consequently there are two common perspectives for the assessment of interest rate risk

a. Earning perspective: In earning perspective, the focus of analysis is the impact of

variation in interest rates on accrual or reported earnings. This is a traditional approach to
interest rate risk assessment and obtained by measuring the changes in the Net Interest
Income (NII) or Net Interest Margin (NIM) i.e. the difference between the total interest
income and the total interest expense.

b. Economic Value perspective: It reflects the impact of fluctuation in the interest rates on
economic value of a financial institution. Economic value of the bank can be viewed as the
present value of future cash flows. In this respect economic value is affected both by
changes in future cash flows and discount rate used for determining present value.
Economic value perspective considers the potential longer-term impact of interest rates on
an institution.

Page | 17
The various types of interest rate risks are detailed below:

Gap/Mismatch Risk: It arises from holding assets and liabilities and off balance sheet items with
different principal amounts, maturity dates & re-pricing dates thereby creating exposure to unexpected
changes in the level of market interest rates.

Basis Risk: It is the risk that the Interest rates of different Assets/liabilities and off balance items may
change in different magnitude. The degree of basis risk is fairly high in respect of banks that create
composite assets out of composite liabilities.

Embedded Option Risk: Option of pre-payment of loan and Fore- closure of deposits before their stated
maturities constitute embedded option risk

Yield Curve Risk: Movement in yield curve and the impact of that on portfolio values and income.

Reprice Risk: When assets are sold before maturities.

Reinvestment Risk: Uncertainty with regard to interest rate at which the future cash flows could be
reinvested.

Net Interest Position Risk: When banks have more earning assets than paying liabilities, net interest
position risk arises in case market interest rates adjust downwards.

Page | 18
ASSETS AND LIABILITIES MANAGEMENT (ALM)

ALM is a dynamic process of planning, organizing, coordinating and controlling the assets and liabilities
– their mixes, volumes, maturities, yields and costs in order to achieve a specified Net Interest Income
(NII). The NII is the difference between interest income and interest expenses and the basic source of
banks profitability. The easing of controls on interest rates has led to higher interest rate volatility in
India. Hence, there is a need to measure and monitor the interest rate exposure of Indian banks.

ALM is a system of matching cash inflows and outflows, and thus of liquidity management. Balance
sheet risk can be categorized into two major types of significant risks, which are liquidity risk and interest
rate risk. The ALM system rests on three pillars, i.e.
a) ALM Information system (MIS)
b) ALM organization (Structure and responsibilities)
c) ALM Process (Risk parameters, identifying, measuring, managing risks and setting risk policies
and tolerance levels).

Techniques for measurement of interest rate risk are

a) Maturity Gap Analysis to measure the interest rate sensitivity

b) Duration Gap Analysis to measure interest rate sensitivity of capital
c) Simulation Method
d) Value at Risk
e) Basis Point Value (BPV) Method

Page | 19
GAP ANALYSIS TECHNIQUE

Gap analysis is a technique of asset-liability management that can be used to assess interest rate risk or
liquidity risk. It measures at a given date the gaps between rate sensitive liabilities (RSL) and rate
sensitive assets (RSA) (including off-balance sheet positions) by grouping them into time buckets
according to residual maturity or next reprising period, whichever is earlier. An asset or liability is treated
as rate sensitive if i) within the time bucket under consideration, there is a cash flow; ii) the interest rate
resets/reprises contractually during the time buckets; iii) administered rates are changed and iv) it is
contractually prepay able or withdrawal allowed before contracted maturities. Thus,

Gap = RSA – RSL

Gap Ratio = RSAs/RSLs

This gap is used as a measure of interest rate sensitivity. The positive or negative gap is multiplied by the
assumed interest changes to derive the Earnings at Risk (EaR). A bank benefits from a Positive Gap
(RSA>RSL), if interest rate rises. Similarly, a Negative Gap (RSA<RSL) is advantageous during the
period of falling interest rate. The interest rate risk is minimized if the gap is near zero.

Gap analysis was widely adopted by financial institutions during the 1980s. When used to manage
interest rate risk, it was used in tandem with duration analysis. Both techniques have their own strengths
and weaknesses. Duration analysis summarizes, with a single number, exposure to parallel shifts in the
term structure of interest rates. Though gap analysis is more cumbersome and less widely applicable, it
addresses exposure to other term structure movements, such as tilts or bends. It also assesses exposure to
a greater variety of term structure movements.

Page | 20
Example: If a bank has a loan for $100 for which it receives $7 annually in interest, and a deposit of
$100 for which it pays $3 per year in interest, that is a net interest margin of $4. But if current market
interest rates for deposits rises to 4%, then the bank will have to start paying $4 for the $100 deposit while
still receiving 7% on the long-term loan, decreasing its profit in this scenario by $1.

All short-term and floating-rate assets and liabilities are interest-rate sensitive—the interest received on
assets and paid on liabilities changes with market rates. Long-term and fixed-rate assets and liabilities are
not interest-rate sensitive. Interest-rate sensitive assets include savings deposits and interest-paying
checking accounts. Long-term CDs are not interest-rate sensitive.
So for a bank to determine its overall risk to changing interest rates, it must determine how its income
will change when interest rates change. Gap analysis and duration analysis are 2 common tools for
measuring the interest rate risk of bank portfolios.

Gap analysis is the difference between the value of the interest rate sensitive assets minus the value of
the interest rate sensitive liabilities (the gap) multiplied by a change in interest rate of 1%.
Gap = Value of Interest Rate Sensitive Assets – Value of Interest Rate Sensitive Liabilities.
Gap x Change in Interest Rate = Change in Bank's Profit.

Reducing Interest Rate Risk

Banks could reduce interest rate risk by matching the terms of its interest rate sensitive assets to it
liabilities, but this would reduce profits. It could also make long-term loans based on a floating rate, but
many borrowers demand a fixed rate to lower their own risks. In addition, floating-rate loans increase
credit risk when rates rise because the borrowers have to pay more each month on their loans, and, thus,
may not be able to afford it. This is best exemplified by the many homeowners who defaulted because of
rising interest rates on their adjustable rate mortgages (ARMs) during the 2007 – 2009 credit crises.

Increasingly, banks are using interest rate swaps to reduce their credit risk, where banks pay the fixed
interest rate they receive on their assets to a counterparty in exchange for a floating rate payment.

Page | 21
Interest Rate Risk Management in ICICI Bank

The bank has three dedicated groups, the Global Risk Management Group (GRMG), the Compliance
Group and the Internal Audit Group which are responsible for assessment, management and mitigation of
risk in the bank. In addition, the Credit and Treasury Middle Office Groups and the Global Operations
Group monitor operational adherence to regulations, policies and internal approvals. These groups are
accountable to the Risk and Audit Committees of the Board of Directors. GRMG is further organized into
the Global Credit Risk Management Group and the Global Market & Operational Risk Management
Group.

Interest rate risk is measured through the use of re-pricing gap analysis and duration analysis. Liquidity
risk is measured through gap analysis. Since the bank’s balance sheet consists predominantly of rupee
assets and liabilities, movements in domestic interest rates constitute the main source of interest rate risk.
Exposure to fluctuations in interest rates is measured primarily by way of gap analysis, providing a static
view of the maturity and re-pricing characteristics of balance sheet positions. An interest rate gap report is
prepared by classifying all assets and liabilities into various time period categories according to
contracted maturities or anticipated re-pricing date. The difference in the amount of assets and liabilities
maturing or being re-priced in any time period category, would then give an indication of the extent of
exposure to the risk of potential changes in the margins on new or re-priced assets and liabilities. ICICI
Bank prepares interest rate risk reports on a fortnightly basis. These reports are submitted to the Reserve
Bank of India on a monthly basis. Interest rate risk is further monitored through interest rate risk limits
approved by the Asset Liability Management Committee.

The bank’s core business is deposit taking and lending and these activities expose it to interest rate risk.
The bank’s primary source of funding is deposits and, to a smaller extent, borrowings. Effective January
1, 2004, the bank has moved to a single benchmark prime rate structure for all loans other than specific
categories of loans advised by the Indian Banks’ Association, with lending rates comprising the
benchmark prime rate and transaction-specific credit and other charges. The bank generally seeks to
eliminate interest rate risk on undisbursed commitments by fixing interest rates on rupee loans at the time
of loan disbursement.

In ICICI Bank, interest rate risk is measured through the use of re-pricing gap analysis and duration
analysis. Liquidity risk is measured through gap analysis. ICICI Bank also uses interest rate derivatives to
Page | 22
manage asset and liability positions. The bank is an active participant in the interest rate swap market and
is one of the largest counterparties in India.

3. FOREIGN EXCHANGE RISK

It is the current or prospective risk to earnings and capital arising from adverse movements in currency
exchange rates.

It refers to the impact of adverse movement in currency exchange rates on the value of open foreign
currency position. The banks are also exposed to interest rate risk, which arises from the maturity
mismatching of foreign currency positions. Banks also face the risk of default of the counter parties or
settlement risk. While such type of risk crystallization does not cause principal loss, banks may have to
undertake fresh transactions in the cash/spot market for replacing the failed transactions. Thus, banks may
incur replacement cost, which depends upon the currency rate movements. Banks also face another risk
called time-zone risk arising out of time lags in settlement of one currency in one center and of another
currency in another time zone. Banks may also face transportation risk arising out of exchange
restrictions

The Value at Risk (VaR) indicates the risk that the bank is exposed due to uncovered position of
mismatch and these gap positions are to be valued on daily basis at the prevalent forward market rates
announced by FEDAI. Currency Risk is the possibility that exchange rate changes will alter the expected
amount of principal and return of the lending/investment. Banks may try to cope with this risk on the
lending side by shifting the risk associated with exchange rate fluctuations to the borrowers. However the
risk does not get extinguished, but only gets converted in to credit risk. By setting appropriate limits, open
position and gaps, stop-loss limits, Individual Gap Limits and Aggregate Gap Limits, clear cut and well
defined division of responsibilities between front, middle and back office the risk element in foreign
exchange risk can be monitored.

Banks can hedge this risk with forward contracts, futures, or currency derivatives which will
guarantee an exchange rate at some future date or provide a payment to compensate for losses arising
from an adverse move in currency exchange rates. A bank, with a foreign branch or subsidiary in the
country, can also take deposits in the foreign currency, which will match their assets with their liabilities.

Page | 23
4. COUNTRY RISK

This is the risk that arises due to cross border transactions that are growing dramatically in the recent
years owing to economic liberalization and globalization. It is the possibility that a country will be
unable to service or repay debts to foreign lenders in time.

It comprises of Transfer Risk arising on account of possibility of losses due to restrictions on external
remittances; Sovereign Risk associated with lending to government of a sovereign nation or taking
government guarantees; Political Risk when political environment or legislative process of country leads
to government taking over the assets of the financial entity (like nationalization, etc) and preventing
discharge of liabilities in a manner that had been agreed to earlier; Cross border risk arising on account of
the borrower being a resident of a country other than the country where the cross border asset is booked;
Currency Risk, a possibility that exchange rate change, will alter the expected amount of principal and
return on the lending or investment.

In the process there can be a situation in which seller (exporter) may deliver the goods, but may not be
paid or the buyer (importer) might have paid the money in advance but was not delivered the goods for
one or the other reasons.

As per the RBI guidance note on Country Risk Management published recently, banks should reckon
both fund and non-fund exposures from their domestic as well as foreign branches, if any, while
identifying, measuring, monitoring and controlling country risk. It advocates that bank should also take
into account indirect country risk exposure. For example, exposures to a domestic commercial borrower
with large economic dependence on a certain country may be considered as subject to indirect country
risk. The exposures should be computed on a net basis, i.e. gross exposure minus collaterals, guarantees
etc. Netting may be considered for collaterals in/guarantees issued by countries in a lower risk category
and may be permitted for bank’s dues payable to the respective countries.

The system should be able to identify the full dimensions of country risk as well as incorporate features
that acknowledge the links between credit and market risks. Banks should not rely solely on rating
agencies or other external sources as their only country risk-monitoring tool.

With regard to inter-bank exposures, the guidelines suggests that banks should use the country ratings of
international rating agencies and broadly classify the country risk rating into six categories such as

Page | 24
insignificant, low, moderate, high, very high & off-credit. However, banks may be allowed to adopt a
more conservative categorization of the countries.

Banks may set country exposure limits in relation to the bank’s regulatory capital (Tier I & II) with
suitable sub limits, if necessary, for products, branches, maturity etc. Banks were also advised to set
country exposure limits and monitor such exposure on weekly basis before eventually switching over to
real tie monitoring. Banks should use variety of internal and external sources as a means to measure
country risk and should not rely solely on rating agencies or other external sources as their only tool for
monitoring country risk. Banks are expected to disclose the “Country Risk Management” policies in their
Annual Report by way of notes.

Page | 25
MARKET RISK MANAGEMENT

Besides the role of Board as discussed earlier a typical organization set up for Market Risk Management
should include: -
• The Risk Management Committee
• The Asset-Liability Management Committee (ALCO)
• The Middle Office.

Risk Management Committee:

It is generally a board level subcommittee constituted to supervise overall risk management functions of
the bank. The structure of the committee may vary in banks depending upon the size and volume of the
business. Generally it could include heads of Credit, Market and operational risk Management
Committees. It will decide the policy and strategy for integrated risk management containing various risk
exposures of the bank including the market risk.

Asset-Liability Committee:
Popularly known as ALCO, is senior management level committee responsible for management of
Market Risk (mainly interest rate and Liquidity risks). The committee generally comprises of senior
managers from treasury, CFO, business heads generating and using the funds of the bank, credit, and
individuals from the departments having direct link with interest rate and liquidity risks. The CEO or
some senior person nominated by CEO should be head of the committee. The size as well as composition
of ALCO could depend on the size of each institution, business mix and organizational complexity. To be
effective ALCO should have members from each area of the bank that significantly influences liquidity
risk.

ALCO should ensure that risk management is not confined to collection of data. Rather, it will ensure that
detailed analysis of assets and liabilities is carried out so as to assess the overall balance sheet structure
and risk profile of the bank. The ALCO should cover the entire balance sheet/business of the bank while
carrying out the periodic analysis.

Page | 26
Middle Office:

The risk management functions relating to treasury operations are mainly performed by middle office.
The concept of middle office has recently been introduced so as to independently monitor, to measure and
to analyze risks inherent in treasury operations of banks. Besides the unit it also prepares reports for the
information of senior management as well as bank’s ALCO. Basically the middle office performs risk
review function of day-to-day activities. Being a highly specialized function, it should be staffed by
people who have relevant expertise and knowledge. The methodology of analysis and reporting may vary
from bank to bank depending on their degree of sophistication and exposure to market risks. These same
criteria will govern the reporting requirements demanded of the Middle Office, which may vary from
simple gap analysis to computerized VaR modeling. Middle Office staff may prepare forecasts
(simulations) showing the effects of various possible changes in market conditions related to risk
exposures. Banks using VaR or modeling methodologies should ensure that its ALCO is aware of and
understand the nature of the output, how it is derived, assumptions and variables used in generating the
outcome and any shortcomings of the methodology employed. Segregation of duties should be evident in
the middle office, which must report to ALCO independently of the treasury function. In respect of banks
without a formal Middle Office, it should be ensured that risk control and analysis should rest with a
department with clear reporting independence from Treasury or risk taking units, until normal Middle
Office framework is established.

Page | 27
 II. CREDIT RISK

Credit risk arises from the potential that an obligor is either unwilling to perform on an obligation or its
ability to perform such obligation is impaired resulting in economic loss to the bank.

Before allowing a credit facility, the bank must make an assessment of risk profile of the
customer/transaction. This may include
a) Credit assessment of the borrower’s industry, and macro economic factors.
b) The purpose of credit and source of repayment.
c) The track record / repayment history of borrower.
d) Assess/evaluate the repayment capacity of the borrower.
e) The Proposed terms and conditions and covenants.
f) Adequacy and enforceability of collaterals.
g) Approval from appropriate authority

Credit Administration.
A typical credit administration unit performs following functions:

a. Documentation. It is the responsibility of credit administration to ensure completeness of

documentation (loan agreements, guarantees, transfer of title of collaterals etc) in accordance with
approved terms and conditions.

b. Credit Disbursement. Disbursement should be effected only after completion of covenants, and
receipt of collateral holdings.

c. Credit monitoring. It includes keeping track of borrowers’ compliance with credit terms, identifying
early signs of irregularity, conducting periodic valuation of collateral and monitoring timely repayments.

Page | 28
d. Loan Repayment. The obligors should be communicated ahead of time as and when the
principal/markup installment becomes due. Any exceptions such as non-payment or late payment should
be tagged and communicated to the management.

e. Maintenance of Credit Files. Institutions should devise procedural guidelines and standards for
maintenance of credit files.

f. Collateral and Security Documents. Institutions should ensure that all security documents are kept in
a fireproof safe under dual control. Physical checks on security documents should be conducted on a
regular basis.

Credit risk is of enormous importance since the default of small number of important customers can
generate large losses, which can lead to insolvency. Credit risk is normally monitored through classical
methods in banks. The system of limit imposes a ceilings on the amount lent to any customers within a
single industry or customers in a given country. In the global scenario, the increased credit risk arises due
to two reasons. Banks have been forced to lend to riskier clients because well rated corporate have moved
away from banks as they have access to low cost funds. The other reason is the lurking fear of global
recession. Recession in the economy could lead to low industrial output which may lead to defaults
culminating into credit risk.

Credit Risk is the most fundamental of all the risks faced by the bank. The lender always faces the risk of
counter party not repaying the loan or not making due payments in time. Banks are in the business of
taking credit risk in exchange for a certain return above the risk-free rate. The credit risk can be measured
by using following ratios:

1) Ratio of non-performing advance to total advances

2) Ratio of loan losses to bad debts reserves
3) Ratio of loan-loss provision to impaired credit
4) Ratio of loan- losses to capital and reserve
5) Ratio of loan-loss provision to total income

Page | 29
More advanced methods of credit risk measurement require quantification of probability of default and
exposure at default, loss given default and maturity of the exposure. The correlation between credit risk
and other risk should also be found out. The standards for credit risk management can be fixed in advance
as under:

a) Risk selection: Involves the establishment of a formal credit appraisal and approving system with
clearly defined delegation of power.

b) Risk limitation: Involves setting prudential exposure limits for maximum amount that can be lent to
each borrower.

c) Risk diversification: It can be achieved by spreading the credit portfolio over different types of
borrowers.

d) Risk Rating: It serves as a single point indicator of diverse risk factors according to the
characteristics of credit worthiness so that the probable risk of default on repayment is properly
accessed and priced.

e) Risk pricing: It is a framework for pricing of loans which calls of data on portfolio behavior and
allocation of capital commensurate with risk.

f) Risk Sharing: It involves dividing the risk through consortium finance, credit syndication inter-bank
participation, securitization and credit derivatives.

Page | 30
RBI Guidelines on Credit Risk New Capital Accord: Implications for Credit Risk Management

The Basel Committee on Banking Supervision had released in June 1999 the first Consultative Paper on a
New Capital Adequacy Framework with the intention of replacing the current broad-brush 1988 Accord.
The Basel Committee has released a Second Consultative Document in January 2001, which contains
refined proposals for the three pillars of the New Accord - Minimum Capital Requirements, Supervisory
Review and Market Discipline.

The Committee proposes two approaches, for estimating regulatory capital. viz.,
1. Standardized and
2. Internal Rating Based (IRB)

Under the standardized approach, the Committee desires neither to produce a net increase nor a net
decrease, on an average, in minimum regulatory capital, even after accounting for operational risk.

Under the Internal Rating Based (IRB) approach, the Committee's ultimate goals are to ensure that the
overall level of regulatory capital is sufficient to address the underlying credit risks and also provides
capital incentives relative to the standardized approach, i.e., a reduction in the risk weighted assets of 2%
to 3% (foundation IRB approach) and 90% of the capital requirement under foundation approach for
advanced IRB approach to encourage banks to adopt IRB approach for providing capital.

The minimum capital adequacy ratio would continue to be 8% of the risk-weighted assets, which cover
capital requirements for market (trading book), credit and operational risks. For credit risk, the range of
options to estimate capital extends to include a standardized, a foundation IRB and an advanced IRB
approaches.

Page | 31
RBI Guidelines for Credit Risk Management Credit Rating Framework

A Credit-risk Rating Framework (CRF) is necessary to avoid the limitations associated with a simplistic
and broad classification of loans/exposures into a "good" or a "bad" category. The CRF deploys a
number/ alphabet/ symbol as a primary summary indicator of risks associated with a credit exposure.
Such a rating framework is the basic module for developing a credit risk management system and all
advanced models/approaches are based on this structure. In spite of the advancement in risk management
techniques, CRF is continued to be used to a great extent. These frameworks have been primarily driven
by a need to standardize and uniformly communicate the "judgment" in credit selection procedures and
are not a substitute to the vast lending experience accumulated by the banks' professional staff.

Broadly, CRF can be used for the following purposes:

1. Individual credit selection, wherein either a borrower or a particular exposure/ facility is rated on
the CRF
2. Pricing (credit spread) and specific features of the loan facility. This would largely constitute
transaction-level analysis.
3. Portfolio-level analysis.
4. Surveillance, monitoring and internal MIS

Assessing the aggregate risk profile of bank/ lender. These would be relevant for portfolio-level analysis.
For instance, the spread of credit exposures across various CRF categories, the mean and the standard
deviation of losses occurring in each CRF category and the overall migration of exposures would
highlight the aggregated credit-risk for the entire portfolio of the bank.

Page | 32
CREDIT RISK MANAGEMENT

The credit, construed both as funded and non-funded commitments of banks/FIs, involves probability of
‘loss’ in the event of non-fulfillment of corresponding financial obligations by the borrower or guarantor.
Therefore, traditionally the banks and FIs seek to be covered by appropriate tangible and realizable
securities or by third party guarantees to avert or at least minimize the loss in the event of the default by
borrower or guarantor.

A Credit Risk Mitigation tool, commonly referred to as security’, is universally recognized as a

‘protection’ for the lenders although the same is often christened as ‘collateral’ also. The personal
covenants supported by the execution of promissory notes/ agreements are then treated as ‘primary’ cover
in the limited scope of a security cover.

In Indian context, however, there is a subtle difference between primary and collateral security. A
primary security is one on which the drawing power/loan availment is allowed while a collateral security,
though not considered for such purposes, provides the same degree of comfort/rights for the lenders for
ultimate recovery of the dues. It is fairly common in credit market that lenders insist for collaterals (e.g.
mortgage of personal landed property/other assets of the counter party) for extending large volumes of
credit, i.e. Rs. 5 crore and above. This is done to ensure an additional cushion on the top of primary
security reckoned for drawing power/loan availment computation. But the credit ‘risk mitigation’ and
security cover primary/collateral) may not recognized as credit risk mitigation items. On the other hand,
third party guarantee fulfilling certain operational conditions is a recognized credit risk mitigation tool but
third party guarantee is not strictly treated as a security. Thus, the distinction is all-pervasive.

An incidental aspect in the context of security v/s credit risk mitigation phenomenon relates to the
functional role of ‘margin’ and ‘haircut’. A tangible/realizable security considered for the computation of
drawing power/loan availment is subjected to the specific percentage reduction of value (to arrive at
permissible drawing power/amount of loan) depending upon the nature of security without any correlation
with the rating grade of the counterparty. In the case of application of percentage haircut (akin to per cent
reduction) on eligible items of credit risk mitigation, the percentage reduction will be dependent on the
nature of security correlated to rating grade of the counter party. E.g. if gold is accepted as a security in a
borrower account with say 10 per cent margin, irrespective of whether rating grade of the counter party is
AAA or below ‘B’ the same percentage reduction will be applicable. On the other hand in case of haircut
lesser percentage reduction is possible in AAA rated counterparty as opposed to lower rating graded
counter-party. The concept of haircut is thus innovative in the credit administration of banks/financial
institutions.
Page | 33
Source: www.icai.org

Forms of Credit Risk Mitigation under the Basel II Accord

The accord has recognized two types of credit risk mitigation:

- By collateralization of the exposure.
- By obtaining third party guarantee for the exposure.
It would appear that a combination of both no (1) & 2) are also to be acceptable as credit mitigation tool,
this being a very common situation in Indian banking environment. In this respect the accord states, inter
alia, “Partial Collateralization is recognized.”

Salient features specified in Basel II accord for treatment of CRM tool:

• CRM is applicable both for funded and non-funded exposure.

• Only banking book exposures (exposures held for regular bank business i.e. not applicable for
trading, for sale, etc.).
• Where issue specific rating reflects CRM, no additional supervisory recognition of CRM will be
granted to avoid double counting effects.
• Collateral as a CRM tool may be posted by a third party besides recognizing collateral of the
counter party (borrower).
Page | 34
• Collateral must be charged to the financing bank/financial institution for the life of the exposure, it
must be ‘marked to market’ and revalued at least once in six months.
• Appropriate haircuts as may be specified by the regulatory authorities of each country are to be
considered in CRM tool.
• Financing banks/financial institution must have clear and robust procedures for the timely
liquidation of collateral.
• Exposures covered by collateral would have risk weights as applicable for the respective collateral
subject to a minimum of 20 per cent (for cash, however, nil per cent)
• Third party guarantees would be recognized for CRM, provided the guarantees meet the relevant
laid down conditions and the regulatory authorities are satisfied in this regard.

Page | 35
Disclosure requirements

Basel II Accord has placed significant ‘focus’ on the need of public disclosure of all types of risks of a
bank, e.g. credit risk, market risk and operational risk. As an integral part of credit risk exposure
management, it is imperative that a bank using CRM technique must periodically (exact period and mode
may be decided on a case to case basis) bring to public domain the credit risk mitigation procedures by
way of:

• Quantitative Disclosures
• Qualitative Disclosures

The specific requirements of aforesaid two types of disclosures, keeping in view Basel II prescriptions,
are shown in as follows:

Source: www.icai.org

Page | 36
Capital to Risk Weighted Asset Ratio (CRAR)

Banks are required to maintain minimum 9% capital to risk weighted assets (RWA). RBI takes decision
on capital requirement based on risk profile of the banks. This includes effectiveness of risk management
systems in identifying and managing various risks including interest rate risk, liquidity risk, concentration
risk, etc and RBI can prescribe higher level of minimum capital. Generally banks are expected to operate
at a level higher than the minimum.

Banks should maintain at least 6% of Tier I CRAR

Tier I CRAR= Eligible Tier I Capital Funds

(Credit Risk RWA + Market Risk RWA + Operational Risk RWA)

Total CRAR= Eligible Capital Funds

(Credit Risk RWA + Market Risk RWA + Operational Risk RWA)

Page | 37
Risk Weights: Assets are weighed on the possibility of loss/default and accordingly risk weights are
assigned. Cash has zero risk weight.

Assets Risk Weight Balance RWA

Cash Balance with RBI 0 100 0

Balance with other banks 20 100 20
Investments in Government securities 0 100 0
Securities in State Government Bonds where 100 100 100
guarantee is invoked
Securities guaranteed by Central Government 0 100 0
Investment in other banks’ subordinated 100 100 100
bonds
Premises & Furniture 100 100 100
Loans/Advances to corporate 100 100 100
Advances against Fixed Deposits, NSE 0 100 0
certificates, LIC policies
Loans to staff (Fully covered) 20 100 20

Page | 38
Managing Problem Credits

The institution should establish a system that helps identify problem loan ahead of time when there may
be more options available for remedial measures. Once the loan is identified as problem, it should be
managed under a dedicated remedial process.

A problem loan management process encompass following basic elements.

a. Negotiation and follow-up. Proactive effort should be taken in dealing with obligors to implement
remedial plans, by maintaining frequent contact and internal records of follow-up actions. Often rigorous
efforts made at an early stage prevent institutions from litigations and loan losses

b. Workout remedial strategies. Sometimes appropriate remedial strategies such as restructuring of loan
facility, enhancement in credit limits or reduction in interest rates help improve obligor’s repayment
capacity. However it depends upon business condition, the nature of problems being faced and most
importantly obligor’s commitment and willingness to repay the loan. Institutions need to exercise great
caution in adopting such measures and ensure that such a policy must not encourage obligors to default
intentionally.

c. Review of collateral and security document. Institutions have to ascertain the loan recoverable
amount by updating the values of available collateral with formal valuation. Security documents should
also be reviewed to ensure the completeness and enforceability of contracts and collateral/guarantee.

d. Status Report and Review Problem credits should be subject to more frequent review and monitoring.
The review should update the status and development of the loan accounts and progress of the remedial
plans. Progress made on problem loan should be reported to the senior management

Page | 39
Credit Risk Management at ICICI Bank

In ICICI Bank this department is managed and taken care by Credit Risk Compliance & Audit
Department (CRC & AD). It evaluates risk at the transaction level as well as in the portfolio context.

The following things need to be done in order to achieve complete Credit Risk Management.

Review of Credit Origination & Monitoring:

It is done through
➢ Checking the Credit rating of companies/structures
➢ Analyzing Default risk & loan pricing
➢ Review of industry sectors
➢ Review of large exposures in industries/ corporate groups/ companies
➢ Ensuring Monitoring and follow-up by building appropriate systems.

Designing appropriate credit processes, operating policies & procedures

Portfolio monitoring
It is done through
➢ Designing a Methodology to measure portfolio risk
➢ Developing Credit Risk Information System (CRIS)

Focused attention to structured financing deals:

It includes Pricing, New Product Approval Policy, Monitoring etc.

Monitor adherence to credit policies of RBI

To make sure whatever guidelines RBI has given, to ensure Credit Risk is managed effectively, are
followed.

Page | 40
III. OPERATIONAL RISK

Operational risk is the risk of loss resulting from inadequate or failed internal processes, people and
system or from external events.

Operational risk covers such a wide area that it is useful to subdivide operational risk into two
components:
• Operational failure risk.
• Operational strategic risk.

Operational failure risk arises from the potential for failure in the course of operating the business. A
firm uses people, processes and technology to achieve the business plans, and any one of these factors
may experience a failure of some kind. Accordingly, operational failure risk can be defined as the risk
that there will be a failure of people, processes or technology within the business unit

Operational strategic risk arises from environmental factors, such as a new competitor that changes the
business paradigm, a major political and regulatory regime change, and earthquakes and other such
factors that are outside the control of the firm. It also arises from major new strategic initiatives, such as
developing a new line of business or re-engineering an existing business line. All businesses rely on
people, processes and technology outside their business unit, and the potential for failure exists there too,
this type of risk is referred to as external dependency risk.

Page | 41
 Operational Risk

Operational failure risk (Internal Operational strategic risk (External

operational risk) operational risk)

The risk encountered in pursuit of The risk of choosing an

a particular strategy due to: inappropriate strategy in response
to environmental factors, such as
• People
• Process • Political
• Technology • Taxation
• Regulation
• Government
• Societal
• Competition, etc.

Figure: Two Broad Categories of Operational Risk

Operational Risk Measurement

As operational risk emanates from internal operational performance factors, it has all along remained
fuzzy, making its quantification difficult. Hence, it is difficult to build a clear statistical link between
individual risk factors and the likelihood of a loss. It is an acknowledged fact that due to both, data
limitations and lack of analytical tools, a number of operational risks cannot be quantified. Hence, banks
are resorting to the process of “high, medium and low” rather than risk measurement. There are two broad
categories or operational losses: first is the frequent, small operational losses that may result from human
error that are quite common to all businesses; and second, major operational risk losses resulting from
actions beyond the delegated authority or outside the laid down procedures. The latter losses are of low
probability but their impact could be very large and any attempt to measure operational risk must focus on
Figure: Two Broad Categories of Operational Risk
these two areas.

Page | 42
Basel II Directives for calculating Operational Risk Capital Charges

The Basel Committee desires that banks hold capital to protect against loss from operational risk. The
committee builds on bank’s rapidly developing rapidly developing internal assessment techniques and
seeks to provide incentives for banks to improve upon those techniques and more broadly, their
management of operational risk over time. The Basel committee suggested three possible approaches to
the calculation of operational risk capital

➢ The Basic Indicator Approach

This method suggests that banks must hold capital for operational risk equal to a fixed percentage
(denoted by alpha) of average annual gross income over the previous three years. The charge may be
expressed as follows
KBIA = GI * α
where, KBIA = the capital charge under the Basic Indicator Approach
GI = average annual gross income over the previous three years
α = 15% which is set aside by the committee, relating the industry wide level of required capital to the
industry wide level of the indicator.

➢ The Standardized Approach

Under this method, bank’s activities are divided into 8 business lines namely corporate finance, trading
and sales, retail banking, commercial banking, payment and settlement, agency services, asset
management and retail brokerage. Within each business line, gross income is taken as a broad indicator to
serve as a proxy for the scale of business operations and thus as the likely scale of operational risk
exposure within each of these business lines. The capital charge for each of these business lines is
calculated by multiplying gross income by a factor (denoted by beta) assigned to that business line (as
shown in the table below). Beta serves as the proxy for the industry wide relationship between the
operational risk loss experience for a given business line and the aggregate level of gross income for that
business line.

Page | 43
The total capital charge is calculated as the simple summation of the regulatory capital charges across
each of the business lines. This may be expressed as
KTSA = ∑ (GI1-8 * β1-8)
where, KTSA = the capital charge under the Standardized Approach
GI1-8 = average annual gross income over the previous three years, as defined above in the Basic
Indicator Approach, for each of the 8 business lines.
β1-8 = a fixed percentage set by the committee, relating to the level of required capital to the level
of the gross income for each of the 8 business lines

Business Line-Wise Betas

Business Lines Beta Factors (in %)
Corporate Finance (β1) 18
Trading And Sales (β2) 18
Retail Banking (β3) 12
sCommercial Banking (β4) 15
Payment And Settlement (β5) 18
Agency Services (β6) 15
Asset Management (β7) 12
Retail Brokerage (β8) 12

➢ Advanced Measurement Approaches (AMA)

Under this method, the banks are permitted to use their own internal model to calculate the required
capital, subject to, supervisory approval on the following

✓ Active involvement of directors and senior management in the oversight of the operational
risk management framework.
✓ Implementation of conceptually sound risk management system with integrity.
✓ Process of sufficient resources that are required to manage different business lines and to
manage ‘control’ and ‘audit’ functions effectively.

Page | 44
Internal Modeling Approach
Under this method, the expected losses in each business line are calculated by examining the average of
past losses experienced and then multiplied by a standard “gamma” factor to derive a figure for
unexpected or worst case losses which give the capital requirement.

Loss Distribution Approach

This method attempts to fit a statistical distribution of the historical losses and derives the capital
requirement from a confidence level on this distribution.

Scorecard Approach
Under this method, banks start estimating historical loss data as in the previous two methods, but also
take into consideration the future risks such as staff turnover and the qualitative assessment of the banks’
control environment. Amongst the 3 models, the scorecard approach is perceived as an attractive
approach as it offers the following advantages

✓ It provides a more complete and accurate measure of operational risk, by incorporating

forward looking risk indicators and qualitative assessments of the control environment as well
as loss data.
✓ It gives managers much stronger incentives to reduce risks and much better tools to help them
identify how to do so.
✓ It is much easier to implement and also easier to adapt as the requirements of the bank and the
regulators evolve over time.

The first two methods have two major defects. They fail to take into account the loss types that have not
yet occurred and secondly, they fail to adapt to the recent changes in the risk environment that have
altered the probability or likely impact of events. As against this, the scorecard approach captures these
two issues by focusing on general risk classes and on the risk factors that are internal and external to the
bank that drives the probability of these risks. There is however an element of “subjectivity” under the
scorecard approach in assigning weightage to each item.

Page | 45
Operational Risk Management at ICICI Bank

About ICICI Bank

ICICI Bank is one of the leading private sector banks in the country. It has established its position further
through the acquisition of Bank of Madura in March 2001. The bank now has presence in 17 states in
India, with a branch network of 395 and over 3.7mn customer’s accounts. ICICI Bank has the largest
network of ATM in the country. The promoters of ICICI divested part of its stake to comply with the
RBI’s bank licensing condition. ICICI now holds only 47% stake in ICICI Bank and it has ceased to be
subsidiary of ICICI.

It offers wide spectrum of domestic and international banking services. It is the first bank to start the
Internet banking service in India and has around 110000 Internet banking accounts.

Operational Risk

ICICI Bank is exposed to many types of operational risk. Operational risk can result from a variety of
factors, including:
1. Failure to obtain proper internal authorizations,
2. Improperly documented transactions,
3. Failure of operational and information security procedures,
4. Computer systems,
5. Software or equipment,
6. Fraud,
7. Inadequate training and employee errors.

ICICI Bank attempts to mitigate operational risk by maintaining a comprehensive system of internal
controls, establishing systems and procedures to monitor transactions, maintaining key back–up
procedures and undertaking regular contingency planning.

Page | 46
Operational Controls and Procedures in Branches

ICICI Bank has operating manuals detailing the procedures for the processing of various banking
transactions and the operation of the application software. Amendments to these manuals are
implemented through circulars sent to all offices.

When taking a deposit from a new customer, ICICI Bank requires the new customer to complete a
relationship form, which details the terms and conditions for providing various banking services.

Photographs of customers are also obtained for ICICI Bank’s records, and specimen signatures are
scanned and stored in the system for online verification. ICICI Bank enters into a relationship with a
customer only after the customer is properly introduced to ICICI Bank. When time deposits become due
for repayment, the deposit is paid to the depositor. System generated reminders are sent to depositors
before the due date for repayment. Where the depositor does not apply for repayment on the due date, the
amount is transferred to an overdue deposits account for follow up.

ICICI Bank has a scheme of delegation of financial powers that sets out the monetary limit for each
employee with respect to the processing of transactions in a customer's account. Withdrawals from
customer accounts are controlled by dual authorization. Senior officers have delegated power to authorize
larger withdrawals. ICICI Bank’s operating system validates the check number and balance before
permitting withdrawals. Cash transactions over Rs. 1 million (US$ 21,030) are subject to special scrutiny
to avoid money laundering. ICICI Bank’s banking software has multiple security features to protect the
integrity of applications and data.

ICICI Bank gives importance to computer security and has s a comprehensive information technology
security policy. Most of the information technology assets including critical servers are hosted in
centralized data centers, which are subject to appropriate physical and logical access controls.

Page | 47
Operational Controls and Procedures for Internet Banking

In order to open an Internet banking account, the customer must provide ICICI Bank with documentation
to prove the customer's identity, including a copy of the customer's passport, a photograph and specimen
signature of the customer. After verification of the same, ICICI Bank opens the Internet banking account
and issues the customer a user ID and password to access his account online.

Operational Controls and Procedures in Regiona l Processing Centers & Central

Processing Centers

To improve customer service at ICICI Bank’s physical locations, ICICI Bank handles transaction
processing centrally by taking away such operations from branches. ICICI Bank has centralized
operations at regional processing centers located at 15 cities in the country. These regional processing
centers process clearing checks and inter-branch transactions, make inter-city check collections, and
engage in back office activities for account opening, standing instructions and auto-renewal of deposits.

In Mumbai, ICICI Bank has centralized transaction processing on a nationwide basis for transactions like
the issue of ATM cards and PIN mailers, reconciliation of ATM transactions, monitoring of ATM
functioning, issue of passwords to Internet banking customers, depositing post-dated cheques received
from retail loan customers and credit card transaction processing. Centralized processing has been
extended to the issuance of personalized check books, back office activities of non-resident Indian
accounts, opening of new bank accounts for customers who seek web broking services and recovery of
service charges for accounts for holding shares in book-entry form.

Page | 48
Operational Controls and Procedures in Treasury

ICICI Bank has a high level of automation in trading operations. ICICI Bank uses technology to monitor
risk limits and exposures. ICICI Bank’s front office, back office and accounting and reconciliation
functions are fully segregated in both the domestic treasury and foreign exchange treasury. The respective
middle offices use various risk monitoring tools such as counterparty limits, position limits, exposure
limits and individual dealer limits. Procedures for reporting breaches in limits are also in place.

ICICI Bank’s front office treasury operation for rupee transactions consists of operations in fixed income
securities, equity securities and inter-bank money markets. ICICI Bank’s dealers analyze the market
conditions and take views on price movements. Thereafter, they strike deals in conformity with various
limits relating to counterparties, securities and brokers. The deals are then forwarded to the back office
for settlement.

The inter-bank foreign exchange treasury operations are conducted through Reuters dealing systems.
Brokered deals are concluded through voice systems. Deals done through Reuters systems are captured on
a real time basis for processing. Deals carried out through voice systems are input in the system by the
dealers for processing. The entire process from deal origination to settlement and accounting takes place
via straight through processing. The processing ensures adequate checks at critical stages. Trade strategies
are discussed frequently and decisions are taken based on market forecasts, information and liquidity
considerations. Trading operations are conducted in conformity with the code of conduct prescribed by
internal and regulatory guidelines.

The Treasury Middle Office Group, which reports to the Executive Director, Corporate Centre, monitors
counterparty limits, evaluates the mark-to-market impact on various positions taken by dealers and
monitors market risk exposure of the investment portfolio and adherence to various market risk limits set
up by the Risk, Compliance and Audit Group.

Page | 49
ICICI Bank’s back office undertakes the settlement of funds and securities. The back office has
procedures and controls for minimizing operational risks, including procedures with respect to deal
confirmations with counterparties, verifying the authenticity of counterparty checks and securities,
ensuring receipt of contract notes from brokers, monitoring receipt of interest and principal amounts on
due dates, ensuring transfer of title in the case of purchases of securities, reconciling actual security
holdings with the holdings pursuant to the records and reports any irregularity or shortcoming observed.

Audit

The Internal Audit Group undertakes a comprehensive audit of all business groups and other functions, in
accordance with a risk-based audit plan. This plan allocates audit resources based on an assessment of the
operational risks in the various businesses. The Internal Audit group conceptualizes and implements
improved systems of internal controls, to minimize operational risk. The audit plan for every fiscal year is
approved by the Audit Committee of ICICI Bank’s board of directors. The Internal Audit group also has a
dedicated team responsible for information technology security audits. Various components of
information technology from applications to databases, networks and operating systems are covered under
the annual audit plan.

The Reserve Bank of India requires banks to have a process of concurrent audits at branches handling
large volumes, to cover a minimum of 50.0% of business volumes. ICICI Bank has instituted systems to
conduct concurrent audits, using reputed chartered accountancy firms. Concurrent audits have also been
arranged at the Regional Processing Centers and other centralized processing operations to ensure
existence of and adherence to internal controls.

Page | 50
IV. REGULATORY RISK

When owned funds alone are managed by an entity, it is natural that very few regulators operate and
supervise them. However, as banks accept deposit from public obviously better governance is expected of
them. This entails multiplicity of regulatory controls. Many Banks, having already gone for public issue,
have a greater responsibility and accountability. As banks deal with public funds and money, they are
subject to various regulations. The very many regulators include Reserve Bank of India (RBI), Securities
Exchange Board of India (SEBI), Department of Company Affairs (DCA), etc. Moreover, banks should
ensure compliance of the applicable provisions of The Banking Regulation Act, The Companies Act, etc.
Thus all the banks run the risk of multiple regulatory risks which inhibits free growth of business as focus
on compliance of too many regulations leave little energy and time for developing new business. Banks
should learn the art of playing their business activities within the regulatory controls.

Regulatory Risk from Regulatory Changes

Governmental and regulatory bodies often enact new regulations or update old ones. Here are some
examples of regulatory changes that may affect companies or industries:

1. Tariffs and trade policies: - Changes to international trade policies may affect companies that
regularly export and import goods. They also affect investors that engage in foreign direct investments.

2. Tax policy reform: - Tax policy reforms can affect the bottom line for businesses and individual
investors alike. Any change to income tax law directly affects the income being brought in by respective
parties and may present new regulatory risk.

3. Minimum wage laws: - Increases to minimum wage can be a critical source of regulatory risk, as they
substantially impact businesses, especially if they hire large quantities of low-skilled labor. In particular,
small businesses suffer greater losses due to their inability to access economies of scale.

Page | 51
4. BASEL III NORMS

BASEL III is a new global regulatory standards on bank capital adequacy and liquidity agreed by the
members of the Basel Committee on Banking Supervision The third of the Basel Accords was developed
in a response to the deficiencies in financial regulation revealed by the Global Financial Crisis. Basel III
strengthens bank capital requirements and introduces new regulatory requirements on bank liquidity and
bank leverage. The OECD estimates that the implementation of Basel III will decrease annual GDP
growth by 0.05 to 0.15 percentage point.

In response to the recent financial crisis, the Basel Committee on Banking Supervision (BCBS) set forth
to update their guidelines for capital and banking regulations:

This consultative document presents the Basel Committee's proposals to strengthen global capital and
liquidity regulations with the goal of promoting a more resilient banking sector. The objective of the
Basel Committee's reform package is to improve the banking sector's ability to absorb shocks arising
from financial and economic stress, whatever the source, thus reducing the risk of spillover from the
financial sector to the real economy

On December 19, 2009 the BCBS issued a press release which presented to the public two consultative
documents for review and comment:
• Strengthening the resilience of the banking sector
• International framework for liquidity risk measurement, standards and monitoring

The Basel Committee on Banking Supervision (BCBS) allowed a public comment period (ended April
16, 2010) resulting in 272 responses to their request for comment.

Page | 52
Summary of proposed changes

• First, the quality, consistency, and transparency of the capital base will be raised.
o Tier 1 capital: the predominant form of Tier 1 capital must be common shares and retained
earnings
o Tier 2 capital instruments will be harmonized
o Tier 3 capital will be eliminated.

• Second, the risk coverage of the capital framework will be strengthened.

o Strengthen the capital requirements for counterparty credit exposures arising from banks’
derivatives, repo and securities financing transactions
o Raise the capital buffers backing these exposures
o Reduce procyclicality and
o Provide additional incentives to move OTC derivative contracts to central counterparties
(probably clearing houses)
o Provide incentives to strengthen the risk management of counterparty credit exposures

• Third, the Committee will introduce a leverage ratio as a supplementary measure to the Basel II
risk-based framework.
o The Committee therefore is introducing a leverage ratio requirement that is intended to
achieve the following objectives:
▪ Put a floor under the build-up of leverage in the banking sector
▪ Introduce additional safeguards against model risk and measurement error by
supplementing the risk based measure with a simpler measure that is based on
gross exposures.
• Fourth, the Committee is introducing a series of measures to promote the buildup of capital
buffers in good times that can be drawn upon in periods of stress ("Reducing procyclicality and
promoting countercyclical buffers").
o The Committee is introducing a series of measures to address procyclicality:
▪ Dampen any excess cyclicality of the minimum capital requirement;
▪ Promote more forward looking provisions;
▪ Conserve capital to build buffers at individual banks and the banking sector that
can be used in stress; and
o Achieve the broader macro prudential goal of protecting the banking sector from periods
of excess credit growth.
Page | 53
 ▪ Requirement to use long term data horizons to estimate probabilities of default,
▪ downturn loss-given-default estimates, recommended in Basel II, to become
mandatory
▪ Improved calibration of the risk functions, which convert loss estimates into
regulatory capital requirements.
▪ Banks must conduct stress tests that include widening credit spreads in
recessionary scenarios.
o Promoting stronger provisioning practices (forward looking provisioning):
▪ Advocating a change in the accounting standards towards an expected loss (EL)
approach (usually, EL amount := LGD*PD*EAD)
• Fifth, the Committee is introducing a global minimum liquidity standard for internationally active
banks that includes a 30-day liquidity coverage ratio requirement underpinned by a longer-term
structural liquidity ratio called the Net Stable Funding Ratio.
• The Committee also is reviewing the need for additional capital, liquidity or other supervisory
measures to reduce the externalities created by systemically important institutions.
As on Sept 2010, Proposed Basel 3 norms ask for ratios as: 7-8.5%(4.5% +2.5%(conservation buffer) + 0-
2.5%(seasonal buffer))for Common equity and 8.5-11% for tier 1 cap and 10.5 to 13.5 for total capital

Page | 54
Macroeconomic Impact of Basel III

An OECD study released on 17 February 2011, estimates that the medium-term impact of Basel III
implementation on GDP growth is in the range of −0.05 to −0.15 percentage point per annum. Economic
output is mainly affected by an increase in bank lending spreads as banks pass a rise in bank funding
costs, due to higher capital requirements, to their customers. To meet the capital requirements effective in
2015 (4.5% for the common equity ratio, 6% for the Tier 1 capital ratio), banks are estimated to increase
their lending spreads on average by about 15 basis points. The capital requirements effective as of 2019
(7% for the common equity ratio, 8.5% for the Tier 1 capital ratio) could increase bank lending spreads
by about 50 basis points. The estimated effects on GDP growth assume no active response from monetary
policy. To the extent that monetary policy will no longer be constrained by the zero lower bound, the
Basel III impact on economic output could be offset by a reduction (or delayed increase) in monetary
policy rates by about 30 to 80 basis points.

Page | 55
5. RISK MANAGEMENT AT
UNION BANK OF INDIA

Risk is inherent part of Bank’s business. Effective Risk Management is critical to any Bank for achieving
financial soundness. In view of this, aligning Risk Management to Bank’s organizational structure and
business strategy has become integral in banking business. Over a period of year, Union Bank of India
(UBI) has taken various initiatives for strengthening risk management practices. Bank has an integrated
approach for management of risk and in tune with this, formulated policy documents taking into account
the business requirements / best international practices or as per the guidelines of the national supervisor.
These policies address the different risk classes viz., Credit Risk, Market Risk and Operational Risk.
1. The issues related to Credit Risk are addressed in the Policies stated below;
• Loan Policy.
• Credit Monitoring Policy.
• Real Estate Policy.
• Credit Risk Management Policy.
• Collateral Risk Management Policy.
• Recovery Policy.
• Treasury Policy.

2. The Policies and procedures for Market Risks are articulated in the ALM Policy and Treasury
Policy.

3. The Operational Risk Management involves framework for management of operational risks faced
by the Bank. The issues related to this risk is addressed by;
• Operational Risk Management Policy.
• Business Continuity Policy.
• Outsourcing Policy.
• Disclosure Policy.

4. Besides, the above Board mandated Policies, Bank has detailed ‘Internal Control Principles’
communicated to the business lines for ensuring adherence to various norms like Anti-Money

Page | 56
 Laundering, Information Security, Customer complaints, Reconciliation of accounts, Book-
keeping etc.

UBI’s Board of Directors have the overall responsibility of ensuring that adequate structures, policies and
procedures are in place for risk management and that they are properly implemented. Board approves
their risk management policies and also sets limits by assessing their risk appetite, skills available for
managing risk and their risk bearing capacity.

The Board has delegated this responsibility to a sub-committee: the Supervisory Committee of Directors
on Risk Management & Asset Liability Management. This is the Apex body / Committee is responsible
for supervising the risk management activities of the Bank.

Further, Bank has the following separate committees of top executives and dedicated Risk Management
Department:

I. Credit Risk Management Committee (CRMC): This Committee deals with issues relating to credit
policies and procedure and manages the credit risk on a Bank-wide basis.
II. Asset Liability Management Committee (ALCO): This Committee is the decision-making unit
responsible for balance sheet planning and management from the angle of risk-return perspective
including management of market risk.
III. Operational Risk Management Committee (ORMC): This Committee is responsible for
overseeing Bank’s operational risk management policy and process.
IV. Risk Management Department of the Bank provides support functions to the risk management
committees mentioned above through analysis of risks and reporting of risk positions and making
recommendations as to the level and degree of risks to be assumed. The department has the
responsibility of identifying, measuring and monitoring the various risk faced the bank, assist in
developing the policies and verifying the models that are used for risk measurement from time to
time.

Page | 57
Credit Risk Management

I. Credit Risk Management Policy of the Bank dictates the Credit Risk Strategy.
II. These Polices spell out the target markets, risk acceptance / avoidance levels, risk tolerance limits,
preferred levels of diversification and concentration, credit risk measurement, monitoring and
controlling mechanisms.
III. Standardized Credit Approval Process with well-established methods of appraisal and rating is the
pivot of the credit management of the bank.
IV. Bank has comprehensive credit rating / scoring models being applied in the spheres of retail and
non-retail portfolios of the bank.
V. The Credit rating system of the Bank has eight borrower grades for standard accounts and three
grades for defaulted borrowers.
VI. Proactive credit risk management practices in the form of studies of rating-wise distribution,
rating migration, probability of defaults of borrowers, Portfolio Analysis of retail lending assets,
periodic industry review, Review of Country, Currency, Counter-party and Group exposures are
only some of the prudent measures, the bank is engaged in mitigating risk exposures.
VII. The current focus is on augmenting the bank’s abilities to quantify risk in a consistent, reliable and
valid fashion, which will ensure advanced level of sophistication in the Credit Risk Measurement
and Management in the years ahead.

Page | 58
Market Risk Management

I. Bank has well-established framework for Market Risk management with the Asset Liability
Management Policy and the Treasury Policy forming the fulcrum for procedures, processes and
structure. It has a major objective of protecting the bank’s net interest income in the short run and
market value of the equity in the long run for enhancing shareholders wealth. The important
aspect of the Market Risk includes liquidity management, interest rate risk management and the
pricing of assets and liabilities. Further, Bank views the Asset Liability Management exercise as
the total balance sheet management with regard to its size, quality and risk.
II. The ALCO is primarily entrusted with the task of market risk management. The Committee
decides on product pricing, mix of assets and liabilities, stipulates liquidity and interest rate risk
limits, monitors them, articulates Bank’s interest rate view and determines the business strategy of
the Bank.
III. Bank has put in place a structured ALM system with 100% coverage of data on both assets and
liabilities. To measure liquidity and interest rate risk, Bank prepares various reports such as
Structural Liquidity, Interest Rate Sensitivity, Fortnightly Dynamic Statement etc. Besides RBI
reporting many meaningful analytical reports such as Duration Gap analysis, Contingency
Funding Plan, Contractual Maturity report etc. are generated at periodic intervals for ALCO,
which meets regularly. Statistical and mathematical models are used to analyze the core and
volatile components of assets and liabilities.
IV. The objective of liquidity management is to ensure adequate liquidity without affecting the
profitability. In tune with this, Bank ensures adequate liquidity at all times through systematic
funds planning, maintenance of liquid investments and focusing on more stable funding sources.
V. The Mid Office group positioned in treasury with independent reporting structure on risk aspects
ensure compliance in terms of exposure analysis, limits fixed and calculation of risk sensitive
parameters like VaR, PV01, Duration, Defeasance Period etc. and their analysis.

Page | 59
Operational Risk Management

I. Operational Risk, which is intrinsic to the bank in all its material products, activities, processes
and systems, is emerging as an important component of the enterprise-wide risk management
system. Recognizing the importance of Operational Risk Management, Bank has adopted a
Comprehensive Operational Risk Management Policy. This would entail the bank to move
towards enhanced level of sophistication in the years ahead and to capture qualitative and
quantitative measures of Operational Risk indicators in management of operational risk.
II. Bank has comprehensive system of internal controls, systems and procedures to monitor and
mitigate risk. Bank has also institutionalized new product approval process to identify the risk
inherent in the new product and activities.
III. The Internal audit function of the Bank and the Risk Based Internal Audit, compliments the
bank’s ability to control and mitigate risk.

Page | 60
6. DATA ANALYSIS AND
INTERPRETATION

Page | 61
Page | 62
Page | 63
Page | 64
7. CONCLUSION

Risk management underscores the fact that the survival of an organization depends heavily on its
capabilities to anticipate and prepare for the change rather than just waiting for the change and react to it.
The objective of risk management is not to prohibit or prevent risk taking activity, but to ensure that the
risks are consciously taken with full knowledge, clear purpose and understanding so that it can be
measured and mitigated. It also prevents an institution from suffering unacceptable loss causing an
institution to fail or materially damage its competitive position. Functions of risk management should
actually be bank specific dictated by the size and quality of balance sheet, complexity of functions,
technical/ professional manpower and the status of MIS in place in that bank. There may not be one-size-
fits-all risk management module for all the banks to be made applicable uniformly. Balancing risk and
return is not an easy task as risk is subjective and not quantifiable whereas return is objective and
measurable. If there exist a way of converting the subjectivity of the risk into a number then the balancing
exercise would be meaningful and much easier. Banking is nothing but financial inter-mediation between
the financial savers on the one hand and the funds seeking business entrepreneurs on the other hand. As
such, in the process of providing financial services, commercial banks assume various kinds of risks both
financial and non-financial. Therefore, banking practices, which continue to be deep routed in the
philosophy of security based lending and investment policies, need to change the approach and mindset,
rather radically, to manage and mitigate the perceived risks, so as to ultimately improve the quality of the
asset portfolio.
As in the international practice, a committee approach may be adopted to manage various risks. Risk
Management Committee, Credit Policy Committee, Asset Liability Committee, etc are such committees
that handle the risk management aspects. While a centralized department may be made responsible for
monitoring risk, risk control should actually take place at the functional departments as it is generally
fragmented across Credit, Funds, Investment and Operational areas. Integration of systems that includes
both transactions processing as well as risk systems is critical for implementation. In a scenario where
majority of profits are derived from trade in the market, one can no longer afford to avoid measuring risk
and managing its implications thereof. Crossing the chasm will involve systematic changes coupled with
the characteristic uncertainty and also the pain it brings and it may be worth the effort. The engine of the
change is obviously the evolution of the market economy abetted by unimaginable advances in
technology, communication, transmission of related uncontainable flow of information, capital and
commerce throughout the world. Like a powerful river, the market economy is widening and breaking
down barriers.

Page | 65
Government’s role is not to block that flow, but to accommodate it and yet keep it sufficiently under
control so that it does not overflow its banks and drown us with the associated risks and undesirable side
effects. To the extent the bank can take risk more consciously, anticipates adverse changes and hedges
accordingly, it becomes a source of competitive advantage, as it can offer its products at a better price
than its competitors. What can be measured can mitigation is more important than capital allocation
against inadequate risk management system. Basel proposal provides proper starting point for forward-
looking banks to start building process and systems attuned to risk management practice.
The effectiveness of risk measurement in banks depends on efficient Management Information System,
computerization and net working of the branch activities. The data warehousing solution should
effectively interface with the transaction systems like core banking solution and risk systems to collate
data. An objective and reliable data base has to be built up for which bank has to analyze its own past
performance data relating to loan defaults, trading losses, operational losses etc., and come out with bench
marks so as to prepare themselves for the future risk management activities. Any risk management model
is as good as the data input. With the onslaught of globalization and liberalization from the last decade of
the 20th Century in the Indian financial sectors in general and banking in particular, managing
transformation would be the biggest challenge, as transformation and change are the only certainties of
the future.

Page | 66
8. BIBLIOGRAPHY

Sr. No Name of the (Year) Title of the book Name of

Author Publisher

1 Fraser, Gup, Kolari 1995 Commercial Banking: The West Pub.

Management of Risk Co.

2 Cornett, Marcia 2008 Financial Institutions McGraw-

Millon, Saunders Management: A Risk Hill
Management Approach

The following websites were also used in drawing information for project

➢ www.rbi.org.in
➢ www.unionbankofindia.com
➢ www.wikipedia.org
➢ www.icai.org
➢ www.iibf.org.in

Page | 67