RISK MANAGEMENT IN BANKS

ST. ANDREWS COLLEGE.

SYBBI GROUP-3
1

RISK MANAGEMENT IN BANKS

SEMESTER IV

ACKNOWLEDGEMENT
It gives us immense pleasure in acknowledgement the valuable and co-operative assistance extended to us by the various individuals who have helped us successfully in completing our project. First of all we would like to thank the Mumbai University for giving us this opportunity to study the subject of financial market. We would like to show our gratitude to our Professor Patricia Pereira for her valuable assistance, encouragement and support on the topic RISK MANAGEMENT IN BANKS. We would also like to thank all the students for their active co-operation. The information has helped us gain practical understanding of the object. Lastly we would like to thank our parents, friends and colleagues who have supported us during the making of this project. It is the encouragement of all these people that has made us proceed towards achieving our goals.

RISK MANAGEMENT IN BANKS

DECLARATION
We the members of Group no. 3 of St. Andrews College, Bandra of S.Y.B.Com ( Banking And Insurance), hereby declare that we completed the project on the topic of RISK MANAGEMENT IN BANKS in the Academic year (2012-2013). The information submitted here in is true, to the best of your knowledge.

GROUP MEMBERS

Name
Dmello Cheryl Suppaya Esaiwani Lasrado Trishala Mathias Roswald Mungse Saylee Pereira Yolanda Quadri Roydon Swamy Someshwari Lakra Nisha

Roll. No.
8105 8114 8123 8129 8134 8140 8142 8149 8153

Signature

RISK MANAGEMENT IN BANKS

INDEX
SR.no TOPIC PAGE NO.

1. 2. 3. 4. 5. 6. 7. 8. 9. 10.

Introduction Meaning Types of risk Risk management process Financial risk management Liquidity risk management Risk management framework Operational risk Risk management system in banks Conclusion

5 6 7-15 16-17 18 19 20-21 22 23-25 26

RISK MANAGEMENT IN BANKS

INTRODUCTION
Risk management in Indian banks is a relatively newer practice, but has already shown to increase efficiency in governing of these banks as such procedures tend to increase the corporate governance of a financial institution. In times of volatility and fluctuations in the market, financial institutions need to prove their mettle by withstanding the market variations and achieve sustainability in terms of growth and well as have a stable share value. Hence, an essential component of risk management framework would be to mitigate all the risks and rewards of the products and service offered by the bank. Thus the need for an efficient risk management framework is paramount in order to factor in internal and external risks. The financial sector in various economies like that of India are undergoing a monumental change factoring into account world events such as the ongoing Banking Crisis across the globe. The 2007present recession in the United States has highlighted the need for banks to incorporate the concept of Risk Management into their regular procedures. The various aspects of increasing global competition to Indian Banks by Foreign banks, increasing Deregulation, introduction of innovative products, and financial instruments as well as innovation in delivery channels have highlighted the need for Indian Banks to be prepared in terms of risk management.

RISK MANAGEMENT IN BANKS

MEANING OF RISK
Risk is the possibility of something unpleasant happening or the chance of encountering loss or harm. Risk provides the basis for opportunity. The terms risk and exposure have subtle differences in their meaning. Risk refers to the probability of loss, while exposure is the possibility of loss, although they are often used interchangeably. Risk arises as a result of exposure. Exposure to financial markets affects most organizations, either directly or indirectly. When an organization has financial market exposure, there is a possibility of loss but also an opportunity for gain or profit. Financial market exposure may provide strategic or competitive benefits. Risk is the likelihood of losses resulting from events such as changes in market prices. Events with a low probability of occurring, but that may result in a high loss, are particularly troub lesome b e c a u s e t h e y a r e o f t e n n o t a n t i c i p a t e d . P u t a n o t h e r wa y, r i s k i s t h e p r o b a b l e v a r i a b i l i t y o f returns. Since it is not always possible or desirable to eliminate risk, understanding it is an important step in determining how to manage it. Identifying exposures and risks forms the basis for an appropriate financial risk management strategy. Financial risk arises through countless transactions of a financial nature, including sales and purchases, investments and loans, and various other business activities.

DEFINITION

The identification, analysis, assessment, control, and avoidance, minimization, or elimination of unacceptable risks. An organization may use risk assumption, risk avoidance, risk relation, risk transfer, or any other strategy in proper management of future events.

RISK MANAGEMENT IN BANKS

Systematic risk is uncontrollable by an organization and macro in nature. Unsystematic risk is controllable by an organization and micro in nature.

Systematic Risk Systematic risk is due to the influence of external factors on an organization. Such factors are normally uncontrollable from an organization's point of view. Systematic risk is a macro in nature as it affects a large number of organizations operating under a similar stream or same domain. It cannot be planned by the organization. Types of risk under the group of systematic risk are listed as follows: 1. Interest rate risk. 2. Market risk. 3. Purchasing power or Inflationary risk. The types of risk grouped under systematic risk are depicted below.

RISK MANAGEMENT IN BANKS

Now let's discuss each risk classified under the group of systematic risk. 1. Interest rate risk Interest-rate risk arises due to variability in the interest rates from time to time. It particularly affects debt securities as they carry the fixed rate of interest. The interest-rate risk is further classified into following types. 1. Price risk. 2. Reinvestment rate risk. The types of interest-rate risk are depicted below.

RISK MANAGEMENT IN BANKS

The meaning of various types of interest-rate risk is discussed below. Price risk arises due to the possibility that the price of the shares, commodity, investment, etc. may decline or fall in the future. Reinvestment rate risk results from fact that the interest or dividend earned from an investment can't be reinvested with the same rate of return as it was acquiring earlier.

2. Market risk Market risk is associated with consistent fluctuations seen in the trading price of any particular shares or securities. That is, it is a risk that arises due to rise or fall in the trading price of listed shares or securities in the stock market. The market risk is further classified into following types. 1. 2. 3. 4. 5. 6. Absolute risk. Relative risk. Directional risk. Non-directional risk. Basis risk. Volatility risk.

The types of market risk are depicted in the following diagram.

RISK MANAGEMENT IN BANKS

The meaning of different types of market risk is briefly discussed below. Absolute Risk is the risk without any content. For e.g., if a coin is tossed, there is fifty percentage chance of getting a head and vice-versa. Relative risk is the assessment or evaluation of risk at different levels of business functions. For e.g. a relative risk from a foreign exchange fluctuation may be higher if the maximum sales accounted by an organization are of export sales. Directional risks are those risks where the loss arises from an exposure to the particular assets of a market. For e.g. an investor holding some shares experience a loss when the market price of those shares falls down. Non-Directional risk arises where the method of trading is not consistently followed by the trader. For e.g. the dealer will buy and sell the share simultaneously to mitigate the risk. Basis risk is due to the possibility of loss arising from imperfectly matched risks. For e.g. the risks which are in offsetting positions in two related but non-identical markets. Volatility risk is the risk of a change in the price of securities as a result of changes in the volatility of a risk factor. For e.g. volatility risk applies to the portfolios of derivative instruments, where the volatility of its underlying is a major influence of prices.
3. Purchasing power or inflationary risk

Purchasing power risk is also known as inflation risk. It is so, since it emanates (originates) from the fact that it affects a purchasing power adversely. It is not desirable to invest in securities during an inflationary period. The purchasing power or inflationary risk is classified into following types. 1. Demand inflation risk. 2. Cost inflation risk. The types of purchasing power or inflationary risk are depicted below.

10

RISK MANAGEMENT IN BANKS

Demand inflation risk arises due to increase in price, which result from an excess of demand over supply. It occurs when supply fails to cope with the demand and hence cannot expand anymore. In other words, demand inflation occurs when production factors are under maximum utilization. Cost inflation risk arises due to sustained increase in the prices of goods and services. It is actually caused by higher production cost. A high cost of production inflates the final price of finished goods consumed by people.

Unsystematic Risk

Unsystematic risk is due to the influence of internal factors prevailing within an organization. Such factors are normally controllable from an organization's point of view. Unsystematic risk is a micro in nature as it affects only a particular organization. It can be planned, so that necessary actions can be taken by the organization to mitigate (reduce the effect of) the risk. The types of risk grouped under unsystematic risk are depicted below. 1. Business or liquidity risk. 2. Financial or credit risk. 3. Operational risk. The types of risk grouped under unsystematic risk are depicted below.

11

RISK MANAGEMENT IN BANKS

Now let's discuss each risk classified under the group of unsystematic risk. 1. Business or liquidity risk Business risk is also known as liquidity risk. It is so, since it emanates (originates) from the sale and purchase of securities affected by business cycles, technological changes, etc. The business or liquidity risk is further classified into following types. 1. Asset liquidity risk. 2. Funding liquidity risk. The types of business or liquidity risk are depicted and explained below.

Asset liquidity risk is the risk of losses arising from an inability to sell or pledge assets at, or near, their carrying value when needed. For e.g. assets sold at a lesser value than their book value.
12

RISK MANAGEMENT IN BANKS

Funding liquidity risk is the risk of not having an access to sufficient funds to make a payment on time. For e.g. when commitments made to customers are not fulfilled as discussed in the SLA (service level agreements).

2. Financial or credit risk

Financial risk is also known as credit risk. This risk arises due to change in the capital structure of the organization. The capital structure mainly comprises of three ways by which funds are sourced for the projects. These are as follows: 1. Owned funds. For e.g. share capital. 2. Borrowed funds. For e.g. loan funds. 3. Retained earnings. For e.g. reserve and surplus. The financial or credit risk is further classified into following types. 1. 2. 3. 4. 5. 6. Exchange rate risk. Recovery rate risk. Credit event risk. Non-Directional risk. Sovereign risk. Settlement risk.

The types of financial or credit risk are depicted and explained below.

Exchange rate risk is also called as exposure rate risk. It is a form of financial risk that arises from a potential change seen in the exchange rate of one country's currency in relation to another country's currency and vice-versa. For e.g. investors
13

RISK MANAGEMENT IN BANKS

or businesses face an exchange rate risk either when they have assets or operations across national borders, or if they have loans or borrowings in a foreign currency. Recovery rate risk is an often neglected aspect of a credit risk analysis. The recovery rate is normally needed to be evaluated. For e.g. the expected recovery rate of the funds tendered (given) as a loan to the customers by banks, non-banking financial companies (NBFC), etc. Sovereign risk is the risk associated with the government. In such a risk, government is unable to meet its loan obligations, reneging (to break a promise) on loans it guarantees, etc. Settlement risk is the risk when counterparty does not deliver a security or its value in cash as per the agreement of trade or business.
3. Operational risk

Operational risks are the business process risks failing due to human errors. This risk will change from industry to industry. It occurs due to breakdowns in the internal procedures, people, policies and systems. The operational risk is further classified into following types. 1. 2. 3. 4. Model risk. People risk. Legal risk. Political risk.

The types of operational risk are depicted and explained below.

14

RISK MANAGEMENT IN BANKS

Model risk is the risk involved in using various models to value financial securities. It is due to probability of loss resulting from the weaknesses in the financial model used in assessing and managing a risk. People risk arises when people do not follow the organizations procedures, practices and/or rules. That is, they deviate from their expected behavior. Legal risk arises when parties are not lawfully competent to enter an agreement among themselves. Furthermore, this relates to regulatory risk, where a transaction could conflict with a government policy or particular legislation (law) might be amended in the future with retrospective effect. Political risk is the risk that occurs due to changes in government policies. Such changes may have an unfavorable impact on an investor. This risk is especially prevalent in the third-world countries.

15

RISK MANAGEMENT IN BANKS

RISK MANAGEMENT PROCESS

The process of financial risk management is an ongoing one. Strategies need to be implementeda n d r e f i n e d a s t h e ma r k e t a n d r e q u i r e me n t s c h a n g e . R e f i n e me n t s ma y r e f l e c t c h a n g i n g expectations about market rates, changes to the business environment, or changing international political conditions, for example. In general, the process can be summarized as follows: Identify and prioritize key financial risks. Determine an appropriate level of risk tolerance . Implement risk management strategy in accordance with policy . Measure, report, monitor, and refine as needed. Risk management needs to be looked at as an organizational approach, as management of risks independently cannot have the desired effect over the long term. This is especially necessary as risks result from various activities in the firm and the personnel responsible for the activities do not always understand the risk attached to them. The steps in risk management process are: 1. Determining objectives: - d e t e r mi n a t i o n o f o b je c t i v e s i s t h e first step in the r i s k management function. The objective may be to protect profits, or to develop competitivea d v a n t a g e . T h e o b j e c t i v e o f r i s k m a n a g e m e n t n e e d s t o b e d e c i d e d u p o n b y t h e management. So that the risk manager may fulfill his responsibilities in accordance with the set objectives. 2. Identifying Risks Every organization faces different risks, based on its business, the economic, social and political factors, the features of the industry it operates in like the degree of competition, the strengths and weakness of its competitors, availability of raw ma t e r i a l , f a c t o r s i n t e r n a l t o t h e c o m p a n y l i k e t h e c o mp e t e n c e a n d o u t l o o k o f t h e management, state of industry relations,

16

RISK MANAGEMENT IN BANKS

dependence on foreign markets for inputs, sales or finances, capabilities of its staff and other innumerable factors. 3. Risk Evaluation: Once the risks are identified, they need to be evaluated for ascertaining their significance. The significance of a particular risk depends upon the size of the loss that it may result in, and the probability of the occurrence of such loss. On the basis of these factors, the various risks faced by the corporate need to be classified as critical risks, important risks and not-soimportant risks. Critical risks are those that may r e s u l t i n b a n k r u p t c y o f t h e f i r m. I mp o r t a n t r i s k s a r e t h o s e t h a t ma y n o t r e s u l t i n bankruptcy, but may cause severe financial distress. 4. Development of policy: B a s e d o n t h e r i s k t o l e r a n c e o e v e l o f t h e f i r m , t h e r i s k ma n a g e me n t p o l i c y n e e d s t o b e d e v e l o p e d . Th e t i me f r a me o f t h e p o l i c y s h o u l d b e comparatively long , so that the policy is relatively stable. A policy generally takes the form of a declaration as to how much risk should be covered. 5 . De v e l o pm e n t o f s t r a t e g y : B a s e d o n t h e p o l i c y, t h e f i r m t h e n n e e d s t o d e v e lo p t h e strategy to be followed for managing risk. A strategy is essentially an action plan, which specifies the nature of risk to be managed and the timing. It also specifies the tools, techniques and instruments that can be used to manage these risks. A strategy also deals with tax and legal problems. Another important issue that needs to be specified by the strategy is whether the company would try to make profits out of risk management or would it stick to co6. 6.Implementation: Once the policy and the strategy are in place, they are to b e i mp l e me n t e d f o r a c t u a l l y ma n a g in g t h e r i s k s . Th i s i s t h e o p e r a t i o n a l p a r t o f r i s k ma n a g e me n t . I t i n c l u d e s f i n d i n g th e b e s t d e a l i n case of risk transfer, providing for contingencies in case of r i s k r e t e n t i o n , d e s i g n i n g a n d i mp l e me n t i n g r i s k c o n t r o l programs etc.

17

RISK MANAGEMENT IN BANKS

FINANCIAL RISK MANAGEMENT

Broadly speaking, risk management can be defined as a disc i p l i n e f o r L i v i n g w i t h t h e possibility that future events may cause adverse effects. In the context of risk management inf i n a n c i a l i n s t i tu t i o n s s u c h a s b a n k s o r i n s u r a n c e c o mp a n i e s t h e s e a d v e r s e e f f e c t s u s u a l l yc o r r e s p o n d t o l a r g e l o s s es o n a p o r t f o l i o o f a s s e t s . S p e c i f i c e x a mp l e s i n c l u d e : l o s s e s o n a portfolio of markettraded securities such as stocks and bonds due to falling market prices (a so-called market risk event); losses on a pool of bonds or loans, caused by the default of some i s s u e r s o r b o r r o we r s (credit risk); l o s s e s o n a p o r t f o l i o o f i n s u r a n c e c o n t r a c t s d u e t o t h e occurrence of large claims (insurance- or underwriting risk). An additional risk category is operational risk, which includes losses resulting from inadequate or failed internal processes ,fraud or litigation . In financial markets, there is in general no so- called free lunch or, in other words, no profit without risk. This is the reason why financial institutions actively take on risks. The role of financial risk management is to measure and manage these risks. Hence risk management can be seen as a core competence of an insurance company or a bank: by using its expertise and its capital, a financial institution can take on risks and manage them by various techniques such as diversification, hedging, or repackaging risks and transferring them back to markets, etc.

18

RISK MANAGEMENT IN BANKS

LIQUIDITY RISK MANAGEMENT

Liquidity risk refers to multiple dimensions such as (a) inability to raise funds at normal cost (b) market liquidity risk, and (c) asset liquidity risk. The market liquidity risk arises out of illiquidity in the market while asset liquidity risk is caused by inability to sell the asset immediately. Funding risk depends on how risky the market perceives the issuer and its funding policy. The cost of funding is a critical profitability driver. The cost of the funds depends on the banks credit standing. In addition the rating drives the ability to do business with other banks/financial institutions and to attract investors. The liquidity risk of the market relates to liquidity crunches because of lack of volume. In such a scenario, the prices become highly volatile, sometimes embedding high discounts for par, when counter parties are unwilling to trade. Market liquidity risk materializes as an impaired ability to raise money at a reasonable cost. Asset liquidity risk results from the lack of liquidity related to the nature of assets rather than to the market liquidity. In fluctuating market liquidity, holding a pool of liquid assets act as a cushion to meet short term obligations. When a bank gets into trouble, massive withdrawals of funds by depositors and closing of credit-lines by institutions results in brutal liquidity crises, ending up in bankruptcy of bank. There are challenges to liquidity risk measurement. The practices rely on empirical and continuous observations of market liquidity. Liquidity risk models appear too theoretical to permit instrumental applications. The time profiles of projected uses and sources of funds, and their gaps or liquidity mismatches, capture the liquidity position of a bank

19

RISK MANAGEMENT IN BANKS

RISK MANAGEMENT FRAMEWORK

The risk-based approach to security control selection and specification considers effectiveness, efficiency, and constraints due to applicable laws, directives, Executive Orders, policies, standards, or regulations. The following activities related to managing organizational risk (also known as the Risk Management Framework) are paramount to an effective information security program and can be applied to both new and legacy information systems within the context of the system development life cycle and the Federal Enterprise Architecture: The Risk Management Framework (RMF), illustrated at right, provides a disciplined and structured process that integrates information security and risk management activities into the system development life cycle. The RMF steps include: Categorize the information system and the information processed, stored, and transmitted by that system based on an impact analysis. Select an initial set of baseline security controls for the information system based on the security categorization; tailoring and supplementing the security control baseline as needed based on an organizational assessment of risk and local conditions. Implement the security controls and describe how the controls are employed within the information system and its environment of operation. Assess the security controls using appropriate assessment procedures to determine the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. Authorize information system operation based on a determination of the risk to organizational operations and assets, individuals, other organizations, and the Nation resulting from the operation of the information system and the decision that this risk is acceptable.
20

RISK MANAGEMENT IN BANKS

Monitor the security controls in the information system on an ongoing basis including assessing control effectiveness, documenting changes to the system or its environment of operation, conducting security impact analyses of the associated changes, and reporting the security state of the system to designated organizational officials.

21

RISK MANAGEMENT IN BANKS

OPERATIONAL RISK
An operational risk is an adverse event or outcome, which occurs as a consequence of a organizations activity. Operational risk is the broad discipline focusing on the risks arising from the people, systems and processes through which a company operates. It can also include other classes of risk, such as fraud, legal risks, physical or environmental risks. A widely used definition of operational risk is the one contained in the Basel II regulations. This definition states that operational risk is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. Operational risk management differs from other types of risk, because it is not used to generate profit (e.g. credit risk is exploited by lending institutions to create profit, market risk is exploited by traders and fund managers, and insurance risk is exploited by insurers). They all however manage operational risk to keep losses within their risk appetite - the amount of risk they are prepared to accept in pursuit of their objectives. What this means in practical terms is that organisations accept that their people, processes and systems are imperfect, and that losses will arise from errors and ineffective operations. The size of the loss they are prepared to accept, because the cost of correcting the errors or improving the systems is disproportionate to the benefit they will receive, determines their appetite for operational risk. Determining appetite for operational risk is a discipline which is still in its infancy. Some of the issues and considerations around this process are outlined in this Sound Practice paper published by the Institute for Operational Risk in December 2009.

22

RISK MANAGEMENT IN BANKS

RISK MANAGEMENT SYSTEMS IN BANKS

Risk is inherent and absolutely unavoidable in banking. Risk is the potential loss an asset or a portfolio is likely to suffer due to a variety of reasons. As a financial intermediary, bank assumes or restructures risks for its clients. A simple example for this would be acceptance of deposits. A more sophisticated example is an interest rate swap. A bank while operating on behalf of the customers as well as on its own behalf, has to face various types of risk associated with those transactions. Prudent banking lies in identifying, assessing and minimizing these risks. In a competitive market environment, a banks rate of return will be greatly influenced by its risk management skills. Risk In Banking Risks in banking are many. These risks can be broadly classified into 3 categories 1)Balance sheet risks: The Balance Risk generally arises out of the mismatch between the currency, maturity and interest rate structure of assets and liquidities resulting in, 1. Interest Rate mismatch risk 2. Liquidity Risk, and 3. Foreign Exchange Risk, 2)Transactional Risk: The Transactional Risk essentially involves 2 types of risks. They are: 1. Credit Risk which is the risk of loss on lending/investment, etc., due to counter party default. 2. Price Risk which include risk of loss due to change in value of Assets and Liabilities. The factors contributing to price risks are:

23

RISK MANAGEMENT IN BANKS

a) Market Liquidity Risk: This is the risk of lack of liquidity of an instrument or asset or the loss one is likely to incur while liquidating the assets in the market due to the fluctuations in prices. b) Issuer Risk: The financial strength and standing of the institution/sovereign that has issued the instrument can affect price as well as reliability. The risk involved with the instrument issued by corporate bodies would be an ideal example in this context. c) Instruments Risk: The nature of instrument creates risks for the investor. With many hybrid instruments in the market, and with fluctuation in market conditions, the prices of various instruments may react differently from one another d) Changes in commodity prices, interest rates and exchange rates may affect the realizable value or yield of many assets when transactions take place. 3) Operating and Liquidity risks: The Operating and Liquidity Risk encompasses 2 types of risks 1. Risk of loss due to technical failure to execute or settle a transaction , and 2. Risk of loss due to adverse changed in the cash flows of transactions.

24

RISK MANAGEMENT IN BANKS

Risk Management: Objectives The objectives of risk management for any organization can be summarized as under: (a)Survival of the organization, (b)Efficiency in operations, (c)Identifying and achieving acceptable levels of worry, (d)Earnings stability, (e)Uninterrupted operations, (f)Continued growth , and (g)Preservation of reputation. Risk Management: Components Risk management may be defined as the process of identifying and controlling risk. It is also described at times as the responsibility of the management to identify measure, monitor and control various items of risk associated with banks position and transaction. The process of risk management has three clearly identifiable steps, Risk identification. Risk measurement and Risk control. Risk Control: After identification and assessment of risk factors, the next step involved is risk control. The major alternatives available in risk control are: 1. 2. 3. 4. 5. Avoid the exposure. Reduce the impact by reducing frequency of severity. Avoid concentration in risky areas. Transfer the risk to another party. Employ risk management instrument to cover the risks.

25

RISK MANAGEMENT IN BANKS

CONCLUSION
The significant transformation of the banking industry in India is clearly evident from the changes that have occurred in the financial markets, institutions and products. While deregulation has opened up new vistas for banks to argument revenues, it has entailed greater competition and consequently greater risks. Crossborder flows and entry of new products, particularly derivative instruments, have impacted significantly on the domestic banking sector forcing banks to adjust the product mix, as also to effect rapid changes in their processes and operations in order to remain competitive to the globalized environment. These developments have facilitated greater choice for consumers, who have become more discerning and demanding compelling banks to offer a broader range of products through diverse distribution channels. The traditional face of banks as mere financial intermediaries has since altered and risk management has emerged as their defining attribute. Currently, the most important factor shaping the world is globalization. The benefits of globalization have been well documented and are being increasingly recognized. Integration of domestic markets with international financial markets has been facilitated by tremendous advancement in information and communications technology. But, such an environment has also meant that a problem in one country can sometimes adversely impact one or more countries instantaneously, even if they are fundamentally strong.

26

RISK MANAGEMENT IN BANKS

BIBILOGRAPHY
Risk management in banks S. Singh & Yogesh Singh.

27