Risk Management in Banks, The AHP Way- Diksha Arora

8/3/2019 Risk Management in Banks, The AHP Way- Diksha Arora

1/29

Risk Management in Banks: The AHP way

By: Diksha Arora

PG Candidate, Class of PGDM-2010

BIMTECH, India

Abstract

Risk is inherent in every walk of life. Banks are, by definition, in the business of taking and managing

risk. The paper deals with the study of Risks associated with commercial banks like risk revolving on

capital, credit risk, market risk, liquidity risk, earnings risk, business strategy risk, environmental risk,

operational risk, group risk, internal control risk, organizational risk, management risk and

compliance risk. In the global scenario, the degree to which the models have been incorporated into

the Risk Management and economic capital allocation process varies greatly between banks. Through

this paper an attempt was made to construct an optimal model using Analytical Hierarchy

Programming to find the risk rating of a bank. This model will bring uniformity and help in assessing

performance of a bank vis-a-vis another which also forms a part of RBI supervision.

Introduction

The etymology of the word "Risk" can be traced to the Latin word "Rescum" meaning Risk at Sea or

that which cuts. Risk is inherent in every walk of life. Banks are, by definition, in the business of

taking and managing risk. With growing competition and fast changes in the operating environment

impacting the business potentials, banks are compelled to encounter various kinds of financial and

non-financial risks. Risk is associated with uncertainty and reflected by way of charge on the

fundamental/ basic i.e. in the case of business it is the Capital, which is the cushion that protects the

liability holders of an institution.

The various risks that a bank is bound to confront is divided into two categories namely business risks

and control risks. Business risk involves the risks arising out of the operations of the bank, the

business it is into and the way it conducts its operations. It consists of 8 types of risks namely capital,

credit, market, earnings, liquidity, business strategy and environmental, operational and group risk.

Control risk measures the risk arising out of any lapses in the control mechanism such as the

organizational structure and the management and the internal controls that exist in the bank. Controls

risk further consists of internal controls, management, organizational and compliance risk. These risks

are highly interdependent and events that affect one area of risk can have ramifications for a range of

other risk categories. Thus, top management of banks should attach considerable importance to

improve the ability to identify measure, monitor and control the overall level of risks undertaken.

The three main categories of risks which have a mention in the capital accord are: Credit Risk, Market

Risk and Operational Risk. Credit risk, a major source of loss, is the risk that customers fail to comply

with their obligations to service debt. Major credit risk components are exposure, likelihood of

default, or of a deterioration of credit standing, and the recoveries under default. Modelling default

probability directly with credit risk models remains a major challenge, not addressed until recent

years. Market Risk may be defined as the possibility of loss to bank caused by the changes in the

market variables. Market risk management provides a comprehensive and dynamic frame work for

measuring, monitoring and managing liquidity, interest rate, foreign exchange and equity as well as

commodity price risk of a bank that needs to be closely integrated with the bank's business strategy.

Operational riskinvolves breakdown in internal controls, personnel and corporate governance leadingto error, fraud, and performance failure, compromise on the interest of the bank resulting in financial

Page 1 of28


2/29


loss. Putting in place proper corporate governance practices by itself would serve as an effective risk

management tool. The practical difficulties lie in agreeing on a common classification of events and

on the data gathering process.

Risk management in banking designates the entire set of risk management processes and models

allowing banks to implement risk-based policies and practices. They cover all techniques and

management tools required for measuring, monitoring and controlling risks. The spectrum of modelsand processes extends to all risks: credit risk, market risk, interest rate risk, liquidity risk and

operational risk, to mention only major areas. For centuries bankers as well as their regulators have

assessed and managed risk intuitively, without the benefit of a formal and generally accepted

framework or common terminology. No longer is it sufficient to understand just the primary risks

associated with a product or service. They have to constantly monitor and review their approach to

credit, the main earning asset in the balance sheet.

Regulators make the development of risk-based practices a major priority for the banking industry,

because they focus on systematic risk, the risk of the entire banking industry made up of financial

institutions whose fates are intertwined by the density of relationships within the financial system.

Banking failures have been numerous in the past, both in India and internationally. Banking failures

make risk material and convey the impression that the industry is never far away from major

problems. Regulators have been very active in promoting pre-emptive policies for avoiding individual

bank failures and for helping the industry absorb the shock of failures when they happen. To achieve

these results, regulators have totally renovated the regulatory framework. They are promoting and

enforcing new guidelines for measuring and controlling the risks of individual players.

From the banks point of view risk based practices are so important, because banks being risk

machines, they take risks, they transform them, and they embed them in banking products and

services. Banks take risk-based decisions under an ex-ante perspective and they do risk monitoring

under an ex-post perspective, once the decisions are made. There are powerful; motives to implementrisk based practices to provide a balanced view of risk and return from a management point of view;

to develop competitive advantages, to comply with increasingly stringent regulations. It is easy to

lend and obtain attractive revenues from risky borrower. The price to pay is a risk that is higher than

the prudent banks risk. The prudent bank limits risk and therefore both future losses and expected

revenues by restricting business volume and screening out risky borrowers. It might avoid losses but it

might suffer from lower market share and lower revenues. However, after a while, the risk-taker

might end with an ex-post performance lower than the prudent bank due to higher losses

materializing. Risks remain intangible and invisible until they materialize into losses. Simple

solutions simply do not really help to capture risks. All these factors led to the commencement of this

study.

Literature review

Shashi Bhattarai and Shivjee Roy Yadav (2009) review application of Analytic Hierarchy Process

(AHP) in the finance sector with specific reference to banking. Their paper also describes feedback

from bankers community in Nepal on utility of AHP as a decision support tool in the situation of

global financial crisis.

The relationship between problem loans and the economic cycle is also analysed by Salas and Saurina

(2002). Using panel data, they report that the business cycle (proxied by the current and lagged

growth of GDP) has a negative and significant impact on bad loans. They also find that credit risk was

significantly influenced by individual bank level variables, after controlling for macro-economicconditions.

Page 2 of29


3/29


In 2001 Boston Consulting Group study confirmed the general impression that North American banks

have a clear lead on most of their European and Asian competitors. Institutions in the U.S. and in

Australia too for that matter were pursuing risk management not to comply with regulatory

requirements but to enhance their own competitive positions.

Arpa et al., (2001) study the effects of the business cycle on risk provisions and earnings of Austrian

banks in the 1990s. They conclude that risk provisions increase in period of falling real GDP growth,confirming the pro-cyclical tendencies in bank behaviour. Moreover, rising real estate prices lead to

higher provisions, whereas falling inflation depresses them. They also find that some macro-economic

variables such as interest rates, real estate and consumer prices are useful in explaining the

profitability of Austrian banks.

Meyer and Yeager (2001) employ a set of county macro-economic variables to test if rural bank

performance is affected by the local economic framework. They fit an OLS model when the return on

assets and the net loan losses are the dependent variables and a to bit specification for the non-

performing loans. They find that none of the county-level coefficients is significant, suggesting that

county economic activity does not have a relevant effect on bank performance; in contrast, state-level

data are significant.

Eichengreen and Arteta (2000) carefully analyse the robustness of the empirical results on banking

crises using a sample of 75 emerging markets in the period 1975-1997 and considering a huge range

of explanatory variables mentioned in previous works. Their findings confirm that unsustainable

boom in domestic credit is a robust cause of financial distress; macro-economic policies leading to

rapid lending growth and financial overheating generally set the stage for future problems. Domestic

interest-rate liberalization often accompanies these excessive lending activities. On the other hand,

they point out that there is little evidence of any particular relationship between exchange-rate

regimes and banking crises; the role of the legal and regulatory framework is also uncertain.

Gambera (2000), using bivariate VAR systems, tries to understand how economic development

affects bank loan quality. He points out that, since systemic financial conditions help predict the

soundness of the single intermediaries; it may be interesting to predict the systemic financial

conditions themselves. In particular, he uses the ratio of delinquencies to total loans and the ratio of

non-performing loans to total loans as alternative dependent variables and he estimates a bivariate

system for each series of macro-economic variables.

Survey on the Implementation of the Capital Adequacy Directive by the Banking Federation of the

European Union, April 1998 (covering 17 countries) revealed that very few banks are using

sophisticated models for managing their risks. Most banks which use it at first place use it for internal

risk management purposes only.

Ajit and Bangar (1998) present a tabulation of the performance of private sector banks vis--vis

public sector banks over the period 1991-1997, using a number of indicators: profitability ratio,

interest spread, capital adequacy ratio, and the net NPA ratio. The conclusion is that Indian private

banks outperform public sector banks. What is of interest, however, is that they find Indian private

banks have higher returns to assets in spite of lower spreads.

Shaffer (1998) shows that adverse selection has a persistent effect on the banks which are new

entrants in a market. Salas and Saurina (1999b) have modelled the problem loans ratio of Spanish

banks in order to gauge the impact of loan growth policy on bad loans. According to their empirical

estimation results (which were achieved using a panel data of commercial and savings banks from

1985-1997), the cycle (measured through the current and lagged-one-year GDP growth rates) has a

Page 3 of29


4/29


negative and significant impact on problem loans. The current impact is much more important. It is

also shown that problem loans ratio differs by type of loan. Households and firms have different

levels of bad loans. On an average, the former is lower than the latter. Among households, mortgages

have very low delinquency levels compared to consumer loans, credit loans or overdrafts.

Demirguc-Kunt and Detragiache (1998) estimate a logit model of banking crises over the period

1980-1994 in order to understand the features of the economic environment in the periods preceding abanking crisis and, therefore, to identify the leading indicators of financial distress.

The 1998 study by Demirgue-Kunt and Huizinga (DKH) is a cross-country study of variations in bank

performance, using two performance indicators separately regressed on a set of explanatory factors;

the interest spread (used as an efficiency indicator) and bank profitability. The data set is at bank-

level for 80 countries over the period 1988-95. The most important finding pertains to the differences

in the impact of foreign ownership between developed and developing countries. In developing

countries foreign banks have greater interest margins and profits than domestic banks. In industrial

countries, the opposite is true. The first finding bears out the better NPA performance by foreign

banks in India by country of origin. Among the macro variables reported by DKH that affect bank

profitability positively although not net interest margins (the efficiency indicator), is per capita GDP.

These results suggest that per capita GDP may be less a correlate of banking efficiency or superior

banking technology, and more a correlate of banking opportunities and the operating environment

generally.

The Sarkar, Sarkar and Bhaumik (1998) cross-bank study for India regresses two profitability and

four efficiency measures (one of which is the net interest margin) on pooled data for two years, 1993-

94 and 1994-95, for a total of 73 banks, using single-equation OLS estimation for each. The study

focuses exclusively on an examination of the prediction from the property rights literature about the

superiority of private ownership in terms of performance. Private banks are divided into traded and

non-traded categories; the control variables include the (log of) total bank assets, the proportion ofinvestment in government securities, the proportion of loans made to the priority sector, the

proportion of semi-urban and rural branches and the proportion of non interest income to total

income.

Berger and Deyoung (1997) address a little examined intersection between the problem loan literature

and the bank efficiency literature. They employ Granger-casualty techniques to test four hypotheses

regarding the relationship among loan quality, cost efficiency, and bank capital. The data suggest that

the intertemporal relationships between problem loans and cost efficiency ran in both directions for

U.S. commercial banks between 1985 and 1994. The data suggest that high levels of nonperforming

loans Granger-cause reductions in measured cost efficiency, consistent with the hypothesis that the

extra costs of administering these loans reduces measured cost efficiency ('bad luck'). The data also

suggest that low levels of cost efficiency Granger-cause increases in nonperforming loans, consistent

with the hypothesis that cost-inefficient managers are also poor loan portfolio managers ('bad

management').

In the paper by Mario Quayliariello (1997), the relationship between bank loan quality and business

cycle indicators is studied for Italy. A distributed lag model (which is estimated using ordinary least

squares) and bivariate Granger-causality tests are used in order to evaluate the importance of macro-

economic factors in predicting the quality of bank loans measured by the ratio of non-performing

loans to total loans. The main target of the research is to understand the contribution that macro-data

can offer in capturing the evolution of credit quality and to select a reasonably manageable set ofindicators which can act as early warning signals of the banking system fragility.

Page 4 of29


5/29


Kaminsky and Reinhart (1996) in their well-known paper on twin-crises study about 25 episodes of

banking crises and 71 balance of payments crises in the period 1970-1995. Regarding the influence of

business cycle on the episode of financial instability and the possibility to identify macro-variables

that act as early warning, they find that recessionary conditions such as economic activity decline,

weakening of the export sector, high real interest rates, falling stock market, usually precede banking

as well as currency crises. They also find that Credit expansions, an abnormally high money growth

and the decline in the terms-of-trade anticipate many of the banking crises.

Objective of the Present Study

Risk, in one kind or the other, is inherent in every business. Furthermore, risk taking is essential to

progress, and failure is often a key part of learning. Although some risks are inevitable, it does not

mean that attempting to recognize and manage them will harm opportunities for creativity. Risks pose

new challenges to every company. From employment practices to electronic commerce, from social

and political pressures to the vagaries of the weather, the hazards that exist in today's business climate

are as diverse as the companies that face them. Like any other business organization, banks too face

risks inherent to the company and the industry in which they exist. This paper has been undertaken

with the objective to critically examine the current risk management practices as directed by RBI andsupervision process undertaken by RBI. On the basis of which, an attempt has been made to develop

an AHP model for the same.

Data and Methodology

The current study covers 3 banks and their names have been masked. Judgement sampling method has

been used to collect the data. The study required both primary and secondary data. Primary data was

collected with the help of questionnaires and series of interview schedules. Secondary data has been

collected through published reports, RBI circulars and bulletins.

Analysis and Findings

Risk management: According to the RBI circular issued on risk management by the RBI the broad

parameters of risk management function should encompass:

organizational structure

comprehensive risk measurement approach

risk management policies approved by the Board which should be consistent with the broader

business strategies, capital strength, management expertise and overall willingness to assume risk

guidelines and other parameters used to govern risk taking including detailed structure of

prudential limits

strong MIS for reporting, monitoring and controlling risks

well laid out procedures, effective control and comprehensive risk reporting framework

separate risk management framework independent of operational Departments and with clear

delineation of levels of responsibility for management of risk

Periodical review and evaluation

The banking industry recognizes that an institution need not engage in business in a manner that

unnecessarily imposes risk upon it; nor should it absorb risk that can be efficiently transferred to other

participants. Rather, it should only manage risks at the firm level that are more efficiently managed

there than by the market itself or by their owners in their own portfolios. It has been argued that risks

facing all financial institutions can be segmented into three separable types, from a management

perspective. These are: Risks that can be transferred to other participants, Risks that can be eliminated

or avoided by simple business practices, Risks that must be actively managed at the firm level

Page 5 of29


6/29


The management of the banking firm relies on a sequence of steps to implement a risk management

system. These can be seen as containing the following four parts:

Figure: Steps for implementation of risk management systems

The banking industry has long viewed the problem of risk management as the need to control four of

the given risks which make up most, if not all, of their risk exposure, viz., credit, interest rate, foreign

exchange and liquidity risk. While they recognize counterparty and legal risks, they view them as less

central to their concerns. Accordingly, the study of bank risk management processes is essentially aninvestigation of how they manage all these risks. Irrespective of the nature of risk, the best way for

banks to protect themselves is to identify the risks, accurately measure and price it, and maintain

appropriate levels of reserves and capital, in both good and bad times. However, this is often easier

said than done, and more often than not, developing a holistic approach to assessing and managing the

many facets of risks remains a challenging task for the financial sector.

Credit risk management: Credit risk management enables banks to identify, assess, manage

proactively, and optimise their credit risk at an individual level or at an entity level or at the level of a

country. The credit risk models are intended to aid banks in quantifying, aggregating and managing

risk across geographical and product lines. The outputs of these models also play increasingly

important roles in banks' risk management and performance measurement processes, customer

profitability analysis, risk-based pricing, active portfolio management and capital structure decisions.

The commonly used techniques are econometric technique, neural networks, optimisation models,

rule based and hybrid systems. The domains to which they are applied are credit approval, credit

rating determination and risk pricing. The various models covering these techniques and domain

are Altman's Z-score model (1968), KMV model for measuring default risk, CreditMetrics,

CreditRisk+ and Logit & probit models. Some examples of credit risk are:

In August of 1999, Iridium, the satellite telecom company, defaulted on two syndicated loans of

$1.5 billion that it had borrowed to launch the satellites, but could not repay due to unexpected

low earnings.

In 1974, a small German bank, Bankhaus Herstatt, had a string of losses in forex dealings. It went

bankrupt at the end of a trading day in Germany. Because, it was the end of the trading day in

Germany, it had already received $620 million worth of forex payments from its US trading

counter parties, but because the US markets were still open, Herstatt had not yet been required to

deliver $620 million for its side of the trades. At the time that it went bankrupt, it stopped all

payments, and US banks lost virtually all of the $620 million.

Drivers of effective credit risk management: These are effective credit risk management as a value-enhancing activity, consolidating credit lines, efficient use of economic and regulatory capital,

Page 6 of29


7/29


ensuring that the bank has a safe level of capital, pricing loans to earn attractive risk-adjusted profits,

applying economic capitals trio of core decision making criteria, use of derivatives to reshape credit

profile and technology.

Market risk management: Market risk is defined as the uncertainty in the future values of the

Groups on and off balance sheet financial items, resulting from movements in factors such as interest

rates, equity prices, and foreign exchange rates. The drivers of market risk are equity and

commodities prices, foreign exchange rates, interest rates, their volatilities and correlations. Market

risk can be classified into directional and non-directional risks. Market risk can be measured and

managed through the use ofMaturity gap analysis, Duration analysis, Convexity,Value-at-Risk

(VAR), Stress Testing and the Greeks. In Indian market, being an emerging market, liquidity and

inefficiency are the major concerns in the forex, debt and stock markets. Panic and knee jerk reactions

are also common (e.g. effect on stock markets during Indo-Pak tension and the recent Government

change). All these factors contribute to the market risk of the bank. Some examples of market risk

exposure are: On March 31, 1997 the BSE SENSEX had lost 302.64 points, one of the biggest losses in a single

day.

In October 5, 1998 the BSE SENSEX fell a whopping 224 points and undoubtedly this day is the

Black Monday in the history of Indian stock exchanges.

To analyze the market risk management techniques, an exercise of informal discussion and

unstructured questionnaire was conducted at the banks under study. Few highlights are given as:

The banks have been making progress in the area of Asset Liability Management. But they arestill far from achieving the level, which has been attained in banks abroad.

All of the banks have set up ALM function and established the requisite organizational framework

consisting of the ALCO and the support groups. The composition, scope and functions of these

bodies are in accordance with the guidelines.

Banks have also made an attempt to integrate ALM and management of other risks to facilitate

integrated risk management.

Banks are complaint with the regulatory requirements of the RBI regarding the preparation of

statements. They have also laid out policies and maintain records as required by the guidelines.

Many of them have also achieved 100% coverage of business by ALM.

Private Banks and foreign banks have made the most progress. Some of them had a head start inALM. They have not made the progress that could possibly have been made considering that their

problems are not of the magnitude of some other banks.

Asset liability management: ALM is concerned with strategic balance sheet management involving

risks caused by changes in the interest rates, exchange rates and the liquidity position of the bank. In

recent years in India, most of the interest rates have been deregulated; government securities are sold

in auctions and banks are also, with a few exceptions free to determine the interest rates on deposits

and advances. Hence the ALM function is not simply about risk protection. It should also be about

enhancing the net worth of the institution through opportunistic positioning of the balance sheet. The

more leveraged an institution is, the more critical the ALM function within the enterprise. The ALMprocess allows an institution to take on positions, which are otherwise deemed too large without such

Page 7 of29


8/29


a function. There are various techniques of risk management to address the different types of risk.

ALM primarily aims at managing interest rate risk and liquidity risk.

Operational risk management: Many banks have defined operational risk as any risk not

categorised as market or credit risk and some have defined it as the risk of loss arising from various

types of human or technical error. The majority of banks associate operational risk with all business

lines, including infrastructure, although the mix of risks and their relative magnitude may vary

considerably across businesses. Indeed, the acquisition of meaningful data, cleared of market and

credit factors, is providing a major stumbling block to the overall application of risk management

approaches to operational risk. Operational risk management techniques come in two basic varieties

bottom up or top down approaches take aggregate targets such as net income or net asset value, to

analyse the operational risk factors and loss events that cause fluctuations in the target. Some

examples of operational risk are:

A US government bond trader at the New York branch of a Japanese bank was able to switch

securities out of customers accounts to cover credit losses which mounted to over $1 billion in10years.

In 1997, Nat West lost $127 million and had to greatly reduce its trading operations because its

options traders had been using the wrong data for implied volatility in their pricing models, and

was therefore taking risks that they did not see.

Study of risk management system at banks under study

Most of the banks do not have dedicated risk management team, policy, procedures and framework in

place. Those banks have risk management department, the risk managers role is restricted to pre fact

and post fact analysis of customers credit and there is no segregation of credit, market, operationaland strategic risks. There are few banks which have articulated framework and risk quantification.

The traditional lending practices, assessment of credits, handling of market risks, treasury

functionality and culture of risk-rewards are bane of public sector banks. Whereas private sector

banks and financial institutions are somewhat better in this context.

The sheer size and wide coverage of banks is a big hurdle to integrate and generate a cost effective

real time operational data for mapping the risks. Most of the financial institutions processes are

encircled to functional silos follows bureaucratic structure and yet to come up with a transparent and

appropriate corporate governance structure to achieve the stated strategic objectives. The major

conclusions as listed below have been arrived on the basis of the documents supplied and informaldiscussion held with the officials of the bank.

Since the year 1998 RBI has been giving serious attention towards evolving suitable and

comprehensive models for Risk-management. It has laid stress on integrating this new discipline in

the working systems of the Banks. In view of this, the risk management division in most of the banks

was established in or after 1998 only. All the details regarding the risk management framework is

presented by the bank in a policy document called ICAAP.

The risk management structure followed at all banks is a combination of centralized and decentralized

form. Though risk department forms the heart of the organization because if it fails the bank will gasp

for breath. But this department is a victim of ignorance in todays scenario. After conducting the studyit was found that the banks have lowest number of workforce assigned to this department. Within the

Page 8 of29


9/29


department, maximum stress is given to credit risk and other risks are still neglected. The bank does

not have sufficient skill set for driving risk management function.

The benefits in the next two years, on account of maintaining a separate risk management function

include following:

Improvement in productivity

Enabling risk adjusted performance

Improved assessment of product profitability

Use of risk sensitive approach in business processes

Better pricing of products and consumer segments

Developing skills for risk transfer products

Competitive advantage

Fraud reduction/deduction

Better understanding and scrutiny of all functionalities of the bank.

Apart from those risks mentioned under the Basel accord, banks hardly pay attention to other

categories of risks. Some of the risks not addressed by most of the banks are:

Interest rate risk in the banking book

Settlement risk

Reputational risk

Strategic risk

Legal and compliance risk

Risk of under estimation of credit risk under the standardized approach

Model risk

Residual risk of securitization

The bank can also be exposed to a different category of risk apart from the financial risks called the

environmental risk. For example, if a major portion of their credit concentration loans are in

Mumbais central suburban area. If some calamity or unforeseen event happens in that area like

extensive rainfall incident that took place in 2006-07, it would certainly affect their loan portfolio.

Separate IT division exists in most of the banks to support Risk Management Department. Complete

IT based implementation of risk management system will take at least 1 or 2 more years. Data

collection is the biggest challenge faced. The banks still depend heavily on manually prepared returns

for its MIS. The returns for other departments are prepared through different software and this causes

difficulty in integration. But on the other side, banks have always looked at technology as a key

facilitator to provide better customer service and ensured that its IT strategy follows the Business

strategy so as to arrive at Best Fit. Many banks have made rapid strides in this direction and

achieved almost 100% branch computerisation. A pioneering effort of the bank in the use of IT is the

implementation of Core Banking Solution (CBS) which facilitates anytime, anywhere banking.

Also, on account of CBS, the bank faces a technology risk. The private sector banks and the foreign

banks have relatively fewer branches. They achieve greater levels of computerization and coverage of

business. This helps them in better asset liability management where the decisions should be based ontimely accurate information. The public sector banks have also made progress in the area of

Page 9 of29


10/29


computerization but have not achieved complete coverage of business. Further, while coverage of

business is high, the number of branches covered is still low. It may therefore mean that the public

sector banks will take more time to achieve complete coverage of business by computerization as the

number of branches to be covered will be high whereas the percentage of business covered will be

lower.

At Indian banks securitization occurs at a very low level. Unlike US based banks the approaches used

in Indian banks are less advanced and more conservative in nature due to stringent RBI guidelines.

Therefore there has not been a drastic impact of the subprime crisis on the Indian banking industry.

Attention has been drawn towards liquidity risk management which has emerged to be one of the

most crucial risk management forms. Sooner or later the banks expect Basel III that will include

liquidity risk under pillar 1. Banks do not feel any risk fatigue. In fact high degree of realisation exists

where it is believed that a control from a number of regulatory bodies has protected the system from

the failures like that of subprime crisis. But on the other hand banks do not carry the exercise of

forensic audit also.

Basel II compliance efforts have led to improvement in their risk management system. The bank isnow able to measure residual risks. With Basel-II compliance the bank was able to articulate the need

for external ratings and data integrity.

The main challenges faced by the operational risk management department are:

Quantification of operational risk

Reporting of the near miss events.

Less stress on operational risk by the top management

Less available manpower in operational risk management department

The customer profile of all banks consists mainly of individuals and Corporate. For a large scale bank

number of corporate clients is more. The top revenue earners of all banks are Corporate. All the banks

use all the tools like feedback, service control and they satisfy customer complaints to achieve

customer satisfaction. Also, the competitive advantage of banks can range from Human Resource

base to its marketing abilities. Banks make use of a diversified media for advertisements which helps

them to reach out to the masses more effectively and efficiently.

The threats Exposed to the Banks consists of:

Competition

Less of customers

Volatility in the market share

Attention

Threat of new entrants

It is seen that competition is exposed to all the banks equally and is the most important threat that they

are exposed to.

Strategies adapted by banks to overcome risks include:

Integrative growth

Intensive growth

Downsizing older business

Page 10 of29


11/29


Diversification

Banks have given following as reasons for high incidence of NPAs

Improper Loan Appraisal System by Banks

Poor Risk Management Techniques as a Contribution to NPA's

Lack of Strong Legal Framework to initiate action Incorrect Evaluation of the Credit Worthiness of the borrower

Poor Loan Monitoring

Poor Recovery Mechanisms

Analysing the reasons that has led to loans becoming unpopular with the banking industry:

High Incidences of Non - Performing Assets

High Costs of Servicing

Greater Political Interference

Stricter Formalities to be compiled with

Falling demand & the Pressure on the Banks

The reason as why targets set for loans have not reached by banks includes:

Projects Placed were not Feasible or Risky in the Respective Category

Inadequate Security Provided by the Borrowers

Large No. of Borrowers Whose Credit Worthiness is not Satisfactory

Fear of NPA's

Opinion of Banks for the Trend towards Investments in government securities include:

Large Availability of Government Securities in the Market.

Possible fall in the Interest rates in Future and thus building up a better portfolio as of tomorrow

Investments give maximum contend, as Risk is reduced very much as compared to that of loans

and Advances

There is at least an amount of satisfaction that some Income may be leaped with least or no risk at

all

Regulating requirement: SLR

In the note attached with the guidelines it is mentioned that with liberalization, the risks associated

with banking operations has increased requiring 'strategic management'. Management strategy

depends on the corporate objective. The objective can be deposit mobilization, branch expansion,

long-term viability etc. Some of these may be conflicting. For instance profitability may have to be

sacrificed for branch expansion. Each of these objectives would affect asset liability management.

Unless the hierarchy of objectives is clear, any rational asset liability management and pricing

decisions would be difficult. The banks under study have mentioned a definite objective in their ALM

policy. The banks, which adopted ALM before the issue of the guidelines, had done so in a period

ranging from 2 years to 3 months ahead of the issue of guidelines. These banks have therefore had the

opportunity to make more progress in the implementation of ALM. Having taken the initiative to

introduce ALM, it is assumed that the asset liability management function must have plenty of

support from the management. All the banks under survey adopted ALM after the issue of guidelines.

In fact, all the public sector banks introduced ALM in compliance with the guidelines and therefore

have had less time compared to the others to evolve their systems. The foreign banks had the

advantage of guidance from their head offices abroad where ALM systems were already in place.

Page 11 of29


12/29


Stress testing framework based on scenario and simulation techniques which is based on historical

data to ensure plausibility is applied at few banks but not all.

The guidelines outline the possible scope of ALM in banks which include Liquidity RM, Interest rate

RM, Management of other risks, Funding and capital planning; Profit planning and growth projection

and Trading RM. The ALM in most banks has this scope. Certain banks do not have a trading book

and therefore do not have trading risk management. Since all of these activities have come under the

purview of ALM, the asset liability management function assumes greater importance. Not all banks

have clearly defined policies for management of other risks apart from those under pillar 1. Profit

planning and growth projection found place in none of the banks policy. All of the banks surveyed

have an ALCO in conformity with the guidelines. The RBI guidelines state that the ALCO should be

headed by the CEO/Managing Director of the bank. This is to ensure top management support to the

ALM function. All the banks under study had this principle in place. The guidelines state that that the

heads of Credit, Investment, Fund Management/ Treasury, International Banking and Economic

Research can be members of the ALCO. The head of IT should be included in the committee. The

banks while adhering to this composition have also included other departments' representatives. One

of the banks has also adopted a system where other departments are invited based on the agenda of themeeting. By involving various departments in the ALCO, the banks have ensured that the ALM

function has large coverage extending over their many operational areas. ALCO support groups are

also in existence in almost all the banks surveyed whereas the composition of the support groups

varies.

All of the banks have conducted training programmes on ALM. Many have been internally developed

and conducted. Some banks have opted to train all of their officers in this field. But while such

training as has been imparted would raise the awareness among the staff about what ALM is,

knowledge of the details of the ALM process and requirements in their own bank is lacking. Raising

the level of such awareness would help in better data collection at the branch level and especially helpthose banks where full computerisation has not been achieved. RBI had asked banks to achieve 100%

coverage of assets and liabilities by April 1st 2002. Some of the banks have achieved this target. Some

of these banks consist of those using the ABC approach. Given the difficulty in forecasting, the

coverage while compliant with RBI guidelines, would not result in much accuracy. The majority of

the banks have opted for specific software for ALM. Such software can greatly assist in scenario

analysis and simulation as well as generation of statements. This type of software would require far

more frequent data collection than exists currently. It would also necessitate the building of a

database. Information requirements: The banks are trying to upgrade the frequency of the data

collection. It is probably the main factor in the ALM. Until the banks are able to achieve daily data

collection, the ALM function will not be very effective. Decisions will continue to be made on stale

data and the bank's management will not be able to adapt quickly to changes in the external

environment.

Indian banks have a very significant proportion of assets and liabilities with no fixed maturity. On the

assets side this includes practically all of the working capital finance. Much of this contractually

repayable on demand but in practice it is subject to more or less automatic rollovers, even when in the

form of loans. On the liabilities side the principal items with no fixed maturity are the current and

savings bank accounts. Now the banks approach this problem through behavioural analysis. It is the

process of capturing the assets and liabilities as per the buckets given by RBI. As on March 31, 2008,

for the scheduled banks together current account and savings bank deposits formed about 28% of

external liabilities: again the bulk of the loans and advances (40% of assets) was probably working

capital finance. This is a large and significant proportion of the assets and liabilities. All of the banks

Page 12 of29


13/29


surveyed follow the classification of assets and liabilities recommended by the RBI. They use the

maturity gap model.

Opportunities for Banks from Basel II

Measuring, Managing and Monitoring Risk in a scientific manner

Align risk appetite and business strategy

Risk Based Pricing

Effective Portfolio Management

Optimum utilization of Capital

Enhance shareholders value by generating risk adjusted return on capital

Benefits of moving to advanced approaches

Relief in Capital Charge

Risk based Pricing focus on identified business areas. Competitive pricing in niche areas.

Image/Prestige

International recognition/benefits in dealing with Foreign banks Risk Control

Action Points for Effective Implementation

Grooming and Retaining Talent

Percolating risk culture across the organization through frequent communications, organizing

seminars and training.

Setting up of Data Warehouse to provide risk management solutions.

Integrating risk management with operational decision making process by conducting periodic

use tests.

Periodic back testing and stress testing of the existing models to test their robustness in the

changing environment and make suitable amendments, if required.

Putting in place a comprehensive plan of action to capture risks not captured under Pillar I,

through ICAAP framework

Handling interrelationship between businesses. Linkage needs to be established between Funds

Transfer Pricing, Asset and Liability Management, Credit risk, Market risk and Operational risk

so that cost allocation can be done in a scientific manner.

For Pillar III requirements, banks should disclose information that are easily understood by the

market players and gradually move to disclosure of information requiring advanced concepts and

complex analysis.

Adopting RAROC framework and moving from regulatory capital to economic capital.

Challenges faced by banks

1. General issues

Guidance, motivation and support from senior management are essential to help ensure

success of Basel II project.

Page 13 of29


14/29


Good risk management involves a high degree of cultural changes. Embedding good risk

mgmt practices into day to day business will be difficult.

Sophisticated risk management techniques require human resources with appropriate skill sets

and training.

The models under advanced approaches require lot of historical data, collection of data is a

formidable task. Banks to customize and tailor make the risk products

2. Legal& Regulatory infrastructure

Steps required for adoption of internationally accepted accounting standards, consistent,

realistic and prudent rules for asset valuation and loan loss provisions reflecting realistic

repayment expectations.

Legal systems will require changes for speedier and effective liquidation of collaterals

The laws governing supervisory confidentiality and bank secrecy would require modifications

to permit disclosure envisaged under pillar III.

Operational autonomy, corporate governance etc needs to be addressed.

3. Derivatives& mitigation products Credit derivative products yet to be introduced in India. Evolution of developed market for

credit derivative is required to mange credit risk effectively and to get full benefit of risk

mitigation.

Rigorous legal and regulatory framework and less developed secondary market for bonds/

loans etc is a major impediment in development of credit derivative markets.

4. MIS and IT

100% internal IT development is costly

System integration, dedicated software for risk assessment, enterprise wide integrated data

warehouse pose challenge.

Lack of data driven culture: Historical issues in getting reliable data, only data that wasnecessary to ease operational processes was captured, structured, data-backed decision-

making has not been very prevalent.

Short data history and lesser no. of data points in LGD, EAD and high impact low frequency

events in operational risk may give distorted results.

5. Credit rating agencies

Limited no of agencies and insignificant level of penetration

At present default rates are disclosed by CRISIL only and other agencies are yet to declare,

which may create difficulties in mapping and compliance with disclosure criterion if they

want to be accredited by RBI.

In India banks/ FIs are having stake in rating agencies that may impact their independence. Banks are awaiting detailed guidelines from the regulator involving regulatory discretion

under IRB approach.

Risk based supervision: The Basel Committee on Banking Supervision has advocated a risk-based

supervision of banks as stability of the financial system has become the central challenge to bank

regulators and supervisors throughout the world. This has been put into practice in various countries.

This is a robust and sophisticated supervision with adoption of the CAMELS/CALCS approach

essentially based on risk profiling of banks. The focus of RBS is on the assessment of inherent risks in

the business undertaken by a bank and efficacy of the systems to identify measure, monitor and

control the risks. In pursuance of that risk profile, RBI prepares a customized supervisory program. Itis a systems based inspection approach.

Page 14 of29


15/29


CAMELS: (Applicable to all domestic banks) Capital Adequacy, Asset Quality, Management,

Earnings, Liquidity and Systems & Controls.

CALCS: (Applicable to Indian operations of banks incorporated outside India) Capital Adequacy,

Asset Quality, Liquidity, Compliance and Systems.

The objective of prudential regulation and supervision is a banking system that is safe and sound.

Safety and soundness are difficult to define because there are no limits to how safe or sound a bank

can be. Banks may fail due to any of the following reasons: run out of liquidity, run out of capital or

run out of both. RBS, would use a range of tools to prepare the risk profile of each bank including

CAMELS rating, off-site surveillance and monitoring (OSMOS) data, prudential returns and market

intelligence reports, ad-hoc data from external and internal auditors, information from other domestic

and overseas supervisors, on-site findings, sanctions applied, structured meetings with bank

executives at all various levels, inter face dialogue with the auditors etc. A monitorable action plan

(MAP), to mitigate risks to supervisory objectives posed by individual banks would be drawn up for

follow-up. RBI is already using MAPs to set out the improvements required in the areas identified

during the current on-site and off-site supervisory process. If actions and timetable set out in the MAPis not met, RBI would consider issuing further directions to the defaulting banks and even impose

sanctions and penalties.

Objectives of risk based supervision:

RBI follows a carrot and stick system for implementation of Risk Management and Supervisory

controls in Banks.

The approach is expected to optimize utilisation of supervisory resources.

It is to minimise impact of crisis situation in the financial system.

Construction of a Risk Matrix for each institution.

Continuous monitoring & evaluation of risk profile of the supervised institutions. Facilitates implementation of new capital adequacy frame work

Benefits of RBS: The RBS holds out a package of benefits of the supervisor, the supervised entities

and the depositor as shown below:

1. Supervisor

Deeper understanding of the risks associated with the banks and

Facilitate optimum use of scarce supervisory resources and direct supervisory attention to

those banks and those areas within the banks, which cause more supervisory concern

2. Supervised entity

it will enhance the banks own capability for risk management and risk control it will provide a built-in incentive of lesser supervisory intervention for the good performer

3. Depositor

The increased attention to risk factors both by the supervisor and the bank itself will

reduce the risk of insolvency and provide for greater comfort for deposit protection.

Effectiveness of RBI supervision: For the purpose of study, impact of supervision on banks

performance has been assessed in terms of a few parameters

Page 15 of29


16/29


Level of NPAs: The trend of improvement in the asset quality of banks continued during the period

of study. Moreover, gross NPAs (in absolute terms) of nationalized banks and old private

sector banks have continued to decline. A reason for this progress can be the stringent and

conservative approach by RBI. The following graph shows the movement of NPAs.

Source: Basic Statistical Returns of Scheduled Commercial Banks in India

Bringing improvement in weak banks: Here, the cases of four public sector banks (Indian

Bank, United Bank of India, UCO Bank and Dena Bank) have been taken for study. The problem

in the first three banks started in the 1996-97, when they began showing very poor performance in

terms of profits. Supervisory and regulatory actions were taken to arrest the deterioration of these

banks and through a process of recapitalization, enough capital was also infused. Narrow banking

was recommended for these banks, wherein all advances are stopped and the investments are

limited to those in G-Securities, which assure safe returns. Currently these banks are under

control. Similarly, problems cropped up in Dena Bank in 2000, which were brought under control

immediately. The banks internal management and controls contributed to the success.

Supervision was also one of the qualifiers for the same. Other evidences showing the CRAR

levels, the Operating Profit / Working Funds, Net NPAs / Net Advances and Return on Assets of

the three banks indicate a gradual improvement in the overall health of the three banks (though

the improvement in the case of Indian Bank is marginal).

Profitability of Banks: To judge the effect of profitability of banks Net Profit / Loss as a

percentage of Total Assets has been taken for study. The following table shows the figures for the

scheduled commercial banks. Reflecting the buoyant growth in noninterest income on the one

hand and a relatively subdued growth in operating expenses on the other, operating profits of

SCBs have increased over the years. Though the operating profits increased across all bank

groups, the increase was more pronounced in respect of new private sector and foreign banks.

This increase in profitability can be attributed to efficient operations of banks along with good

RBI supervision.

Improvement in Capital Adequacy: The CRAR data of all the banks (private, public and

foreign) provided in the Reports on Trend and Progress of banking in India of the last few years

show that there is a considerable improvement in the capital adequacy of the banks. The

improvement was, however, more pronounced in respect of new and old private sector banks,

followed by SBI and associates. As at end-March 2008, the CRAR of nationalised banks at 12.5

Page 16 of29


17/29


per cent was below the industry average (13.0 per cent), while that of all other groups was above

the industry level.

Improvement in Inspection and Supervision Method: There has been an improvement in the

periodicity of the inspections. Earlier the private and foreign banks were inspected once in two

years, but now they are inspected annually. Similarly, the public sector banks were inspected once

in four years (besides the Annual Financial Reviews), but now, they are also being inspected

every year. Quarterly visits are being made to the weak banks and also the new banks. The

supervisory process has acquired a certain level of robustness and sophistication with the adoption

of the CAMELS / CALCS approach to supervisory risk assessments and rating.

Internal Control and Management: A strong internal control mechanism has been developed in

the banks, wherein RBI has taken up special in-house monitoring of certain areas of weakness in

the banks, viz. Inter-branch / Inter-bank reconciliation and balancing of books. The quantum of

outstanding entries has been brought down drastically, thus reducing the fraud prone areas.

Besides this, the emphasis laid down by the supervisors on the computerization of the various

branches has been successful as a number of branches of both public and private sector banks

have been computerized.

Disclosure Norms: With stricter disclosure norms, more and more information is being brought out

to the public. This has not only helped the shareholders, who are now in a better position to

assess the performance of the banks, but has also helped in keeping the management under a

kind of check.

Risk management scenario in the future

Risk management activities will be more pronounced in future banking because of liberalization,

deregulation and global integration of financial markets. This would be adding depth and dimension

to the banking risks. As the risks are correlated, exposure to one risk may lead to another risk,therefore management of risks in a proactive, efficient & integrated manner will be the strength of the

successful banks. The standardized approach was to be implemented by 31st March 2007, and the

forward-looking banks placed their MIS for the collection of data required for the calculation of

Probability of Default (PD), Exposure at Default (EAD) and Loss Given Default (LGD). The banks

are expected to have at a minimum PD data for five years and LGD and EAD data for seven years.

Presently most Indian banks do not possess the data required for the calculation of their LGDs. Also

the personnel skills, the IT infrastructure and MIS at the banks need to be upgraded substantially if the

banks want to migrate to the IRB Approach

Major finding: Devising a model for calculation of banks rating based on its riskmanagement practices

Models exist for assigning credit rating to borrowers. This helps the bank to identify potential

borrowers by determining their credit worthiness. Higher the rating of the prospect, higher is his

worthiness and lesser are the chances of loss to the bank. Hence banks extend loans to the higher rated

borrowers. But this model caters to the need of the bank so that chances of loss are minimized.

But there are times when banks also fail to perform. Potential customers find it difficult to determine

in which bank they should deposit their money or take loan from. Hence, it is also desired that bank

should also be assigned a rating so that it comes to the rescue of the borrowers. RBI is also practicing

the same but it does not publish the ratings of these banks. It assigns the ratings to all the banks underits jurisdiction but keeps it for the discussion with the top management.

Page 17 of29


18/29


Here, in this section, an attempt has been made to give the various banks a rating which would help to

determine healthiness of the bank. Due to the limited scope of the study, the rating model suggested

henceforth, is purely based on a banks risk management framework. Risk management practices by

banks cover almost all the perspectives as they have to manage the risk associated with their each and

every business line. For this purpose a model has been proposed using which a bank will be assigned

such a rating. This rating would describe how successful a bank is as compared to its peer banks. It is

a multicriteria decision problem. Two possible ways of solving it are: analytical hierarchy process

(AHP) and goal programming. Here, AHP has been used.

Further a C++ program has been developed to make it more user friendly. This software will enable

the regulator to just enter the rating of individual risks and the final risk rating of the bank would be

generated.

The multiple criterions faced in this problem are with regards to various risks faced by banks. Banks

have to manage all the risks. But some risks are important than the others. So a comparison of all risks

has been made to come to a set of criterions. These criterions should be met and suffice to one

solution. The solution should be true representative of all the criterions. AHP has been done in threeways in the given section. The same solution for each verifies the integrity of the model proposed.

The three methods used under AHP are arithmetic mean transformation method, geometric mean

transformation and Eigen value transformation. Banking industry faces two kinds of risks as shown

namely business risk and controls risk. In this problem, the criterion/goals are:

In case of business risk category (after driving conclusion from above mentioned analysis)

1. Capital risk is the most crucial type of risk faced by banks.

2. Credit and operational risk are at second level and are equally important.

3. Next most crucial risk faced after capital credit and operational risk is market risk. Earnings riskis also equally important as market risk.

4. Liquidity risk is the next most important risk

5. Least important/ crucial risks are business and group risk.

It can be depicted as:

Figure: Hierarchy of business risk

In the case of controls risk category: (after driving conclusion from above mentioned analysis)

Page 18 of29


19/29


1. Internal controls risk the most crucial risk faced.

2. Management and compliance risk are the next most important risks.

3. Risk associated with organization is the least important of all.

It can be depicted as:

Figure: Hierarchy of controls risk

Use the coding of risks as:

1 - Both are equally important.

2 - First is slightly more important than second.

3 - First is moderately more important than second.

4 - First is strongly more important than second.5 - First is very strongly more important than second.

Here, First = Read L.H.S. i.e. Row cell

Second = Read R.H.S. i.e. Column cell

Arithmetic mean transformation method

For this purpose a two phase procedure is followed. In the first phase, mapping of risks is done

wherein all the risks are compared with each other. Step1, 2, and 3 deals with this in business risk

category. Step 4, 5, and 6 deal with in the controls risk category. In the second phase after using

statistical tools on the results of the first phase, weighted average of individual ratings of risks

associated with banks is done. The step by step procedure is explained as under.

Page 19 of29


20/29


Figure: Flowchart for arithmetic model

Geometric Model:

Figure: Flowchart for geometric model

Eigen model

Page 20 of29


21/29


Figure: Flowchart for Eigen value model

Mathematically all these models are shown in Exhibits.

Suggestions by banks to RBI: Some suggestions were given by the bank officials through the modeof an informal discussion. They are:

Banks are of the opinion that it would ease the processes if regulator comes up with industry wise

correlation.

RBI guidelines are broader in nature. They should be more indicative.

The document requirement for complying by the guidelines of RBI and Basel are highly centered

according to international banks. Some scenarios are not at all relevant to Indian markets. Hence

there is a need to revise the framework of guidelines with an Indian perspective so that the fatigue

of writing so many documents can be done away with.

RBI has modified the CRAR from 8% to 9%. This makes capital a limiting factor. Hence it

restricts the natural growth of the bank. Hence the regulator should reconsider this.

The terms used in the guidelines issued are directly picked from the documents in Basel or those

finding implementation in foreign countries. The terms should be explained more correctly to all

the banks.

Conclusion

Worldwide, there is an increasing trend towards centralizing risk management with integrated

treasury management to benefit from information synergies on aggregate exposure, as well as scale

economies and easier reporting to top management. Keeping all this in view, the Reserve Bank hasissued broad guidelines for risk management systems in banks. This has placed the primary

Page 21 of29


22/29


responsibility of laying down risk parameters and establishing the risk management and control

system on the Board of Directors of the bank. However, it is to be recognized that, in view of the

diversity and varying size of balance sheet items as between banks, it might neither be possible nor

necessary to adopt a uniform risks management system. The design of risk management framework

should, therefore, be oriented towards the bank's own requirement dictated by the size and complexity

of business, risk philosophy, market perception and the existing level of capital. While doing so,

banks may critically evaluate their existing risk management system in the light of the guidelines

issued by the Reserve Bank and should identify the gaps in the existing risk management practices

and the policies and strategies for complying with the guidelines.

Credit risk management: Risk management has assumed increased importance of regulatory

compliance point of view. Credit risk, being an important component of risk, has been adequately

focused upon. Credit risk management can be viewed at two levelsat the level of an individual asset

or exposure and at the portfolio level. Credit risk management tools, therefore, have to work at both

individual and portfolio levels. Traditional tools of credit risk management include loan policies,

standards for presentation of credit proposals, delegation of loan approving powers, multi-tier credit

approving systems, prudential limits on credit exposures to companies and groups, stipulation offinancial covenants, standards for collaterals, limits on asset concentrations and independent loan

review mechanisms. Monitoring of non-performing loans has, however, a focus on remedy rather than

advance warning or prevention. Banks assign internal ratings to borrowers, which will determine the

interest spread charged over PLR. These ratings are also used for monitoring of loans. A more

scientific & Quantitative approach is the need of the hour.

Market risk management: Asset Liability Management as a risk management technique is gaining

in popularity as banks are beginning to recognize the need for proper risk management. The challenge

for the banks therefore is to put in place the necessary infrastructure that can help them derive the

utmost benefit from ALM. The banks progress in Asset Liability Management will depend on theinitiatives of their management rather than on RBI supervision. Given the existing hurdles, the

evolution of ALM in commercial banks will be a slow process. ALM has evolved since the early

1980's. Techniques of ALM have also evolved. The growth of OTC derivatives markets has facilitated

a variety of hedging strategies. A significant development has been securitization, which allows firms

to directly address asset-liability risk by removing assets or liabilities from their balance sheets. Thus,

the scope of ALM activities has widened. Today, ALM departments are addressing (non-trading)

foreign exchange risks as well as other risks. Corporations have adopted techniques of ALM to

address interest-rate exposures, liquidity risk and foreign exchange risk. Thus it can be safely said that

Asset Liability Management will continue to grow in future and an efficient ALM technique will go a

long way in managing volume, mix, maturity, rate sensitivity, quality and liquidity of the assets andliabilities so as to earn a sufficient and acceptable return on the portfolio.

Operational risk management: The best defense against operational risk is to have effective systems

and controls. These need to be appropriate to the risks and as easy as possible to understand,

implement and monitor. There is a strong common interest here between the regulator and a banks

senior management. An intensified interest by the latter in everyday operational losses is likely to

reduce the possibility of large losses, improve general risk awareness in a company and the regulator

will feel that the interests of the consumer are being better safeguarded. When considering operational

risk, the regulator faces a similar dilemma to the bank: where are the main risks, how can they best be

controlled, and what level of capital can reasonably be required? In future, it is likely these questions

will become even more pertinent. This is not least because regulators, in line with some banks, are

carving out capital to be held specifically against market, credit and operational risk. But it is also

Page 22 of29


23/29


because regulators have come to think that operational risk may not be significantly correlated with

either of the other two types of risk categories. However, as was the case with the original regulatory

capital ratio set by the Basle Committee, the only real touchstone for this is some sort of reference to

current aggregate capital. Another option for the regulator would be to refer to benchmark loss

experiences. The problem here is that the data are often not obtainable availability differs from

country to country and business to business and may not be suitable for operational risk throughout

the bank. The regulator could, alternatively, rely on internal economic capital allocation. Perhaps what

is needed most is time. One thing is clear, and it is that there are more questions than answers around

operational risk for both banks and regulators. Consequently, both parties will need, in the immediate

future, to enter into an open and technical discussion of the way forward.

Supervision process: Before 1950s regulation and supervision by RBI was not that stringent as the

banking activity was limited to collection of deposits and issue of loans. Moreover, there was no

separate comprehensive enactment for the banking sector. With the introduction of the Banking

Companies Act, 1949, (later Banking Regulations Act, 1949) the scope of RBI supervision broadened

over the years, necessary changes in the supervisory system have been made to meet with the new

challenges emerging in the financial sector. In the wake of rapid changes in the financial sector suchas emergence of Universal Banking, introduction of Securitization, integration of various markets, etc.

a lot of preparations for further strengthening the supervisory mechanism is required, not only on the

part of RBI but by individual banks also. World over the way financial markets are integrating day by

day, risk is continuously increasing. RBI, keeping in view international best practices has already

taken certain initiatives in this regard and there is a proposal to introduce shortly, the system of

Consolidated Supervision too, along with Risk Based Supervision. The impact on banks key ratios

due to banking supervision reveals good results and walking on the same continuum few issues can be

stressed upon like technology upgradation, corporate governance, market intelligence etc.

By critically examining all the aspects related to risk management, an AHP model was developedwhich gave the comprehensive risk rating of the bank. This rating would help in comparison with

other banks in the industry and evaluate the areas of improvement if any.

Exhibits

Exhibit 1: Arithmetic model

Table 1: Pair wise comparison of Business Risk parameters

Capital

Credit

Risk

Market

Risk Earnings

Liquidity

Risk

Business

Strategy &

Environmental

Risk

Operational

Risk

Group

RiskCapital 1.00 2.00 3.00 3.00 4.00 5.00 2.00 5.00

Credit Risk 0.50 1.00 2.00 2.00 3.00 5.00 1.00 5.00

Market Risk 0.33 0.50 1.00 1.00 2.00 5.00 0.50 5.00

Earnings 0.33 0.50 1.00 1.00 2.00 5.00 0.50 5.00

Liquidity Risk 0.25 0.33 0.50 0.50 1.00 5.00 0.33 5.00

Business

Strategy &

Environmental

Risk 0.20 0.20 0.20 0.20 0.20 1.00 0.20 1.00

Operational

Risk 0.50 1.00 2.00 2.00 3.00 5.00 1.00 5.00

Group Risk 0.20 0.20 0.20 0.20 0.20 1.00 0.20 1.00

Table 2: Normalized matrix for Business Risk

Page 23 of29


24/29


Capita

l

Credi

t Risk

Marke

t Risk

Earning

s

Liquidit

y Risk

Business

Strategy &

Environment

al Risk

Operation

al Risk

Grou

p

Risk

AVERAG

E

Capital 0.301 0.348 0.303 0.303 0.259 0.156 0.348 0.156 0.272

Credit Risk 0.150 0.174 0.202 0.202 0.194 0.156 0.174 0.156 0.176

Market Risk 0.100 0.087 0.101 0.101 0.129 0.156 0.087 0.156 0.114

Earnings 0.100 0.087 0.101 0.101 0.129 0.156 0.087 0.156 0.114Liquidity

Risk 0.075 0.058 0.050 0.050 0.064 0.156 0.058 0.156 0.083

Business

Strategy &

Environment

al Risk 0.060 0.034 0.020 0.020 0.013 0.031 0.034 0.031 0.030

Operational

Risk 0.150 0.174 0.202 0.202 0.194 0.156 0.174 0.156 0.176

Group Risk 0.060 0.034 0.020 0.020 0.013 0.031 0.034 0.031 0.030

Table 3: Pair wise comparison of Controls Risk parameters

Internal Controls Management Organization Compliance

Internal Controls 1.00 2.00 3.00 2.00

Management 0.50 1.00 2.00 1.00

Organization 0.33 0.50 1.00 0.50

Compliance 0.50 1.00 2.00 1.00

Table 4: Normalized matrix for Controls Risk

Internal

Controls Management Organization Compliance Average

Internal

Controls 0.428 0.444 0.375 0.444 0.423

Management 0.214 0.222 0.250 0.222 0.227Organization 0.142 0.111 0.125 0.111 0.122

Compliance 0.214 0.222 0.250 0.222 0.227

Table 5: Risk profile rating of a bank: Business Risk

Risk Rating Weightage

Capital 2 0.272

Credit Risk 3 0.176

Market Risk 2 0.114

Earnings 2 0.114

Liquidity Risk 3 0.083

Business Strategy & Environmental

Risk 2 0.030

Operational Risk 3 0.176Group Risk 3 0.030

Total Business Risk Rating of a Bank 2

Table 6: Risk profile rating of a bank: Controls Risk

Risk Rating Weightage

Internal Controls 3 0.423

Management 2 0.227

Organization 2 0.122

Compliance 2 0.227

Total Control Risk Rating of a Bank 2

Total Risk Rating for a Bank 2

Exhibit 2: Geometric Model

Page 24 of29


25/29


Table 1: Geometric Mean Transformation of Business Risk

Capit

al

Cred

it

Risk

Mark

et

Risk

Earnin

gs

Liquidi

ty Risk

Business

Strategy &

Environme

ntal Risk

Operatio

nal Risk

Grou

p

Risk

Geomet

ric

Mean

Normaliz

ed

Priorities

Capital 1 2 3 3 4 5 2 5 2.780.26

Credit Risk 0.5 1 2 2 3 5 1 51.87 0.18

Market

Risk 0.33 0.5 1 1 2 5 0.5 51.19 0.11

Earnings 0.33 0.5 1 1 2 5 0.5 51.19 0.11

Liquidity

Risk 0.25 0.33 0.5 0.5 1 5 0.33 50.80 0.07

Business

Strategy &

Environme

ntal Risk 0.2 0.2 0.2 0.2 0.2 1 0.2 10.29 0.02

Operational

Risk 0.5 1 2 2 3 5 1 5

1.87

0.18

Group Risk 0.2 0.2 0.2 0.2 0.2 1 0.2 10.29

0.028

Mean 10.31 1

Table 2: Geometric Mean Transformation of Control Risk

Internal

Controls Management Organization Compliance

Geometric

Mean Normalized

Internal

Controls 1 2 3 2 1.86 0.42

Management 0.5 1 2 1 10.22

Organization 0.33 0.5 1 0.5

0.53 0.12

Compliance 0.5 1 2 1 10.22

Mean4.39

1

Table 3: Risk Rating of Bank A

Weightages Ratings Ratings Weightages

0.2697 Capital 2

Internal

Controls 3 0.4231

0.1813 Credit Risk 3 Management 2 0.2273

0.1158 Market Risk 2 Organization 2 0.1221

0.1158 Earnings 2 Compliance 2 0.2273

0.0778 Liquidity Risk 3

0.0289

Business Strategy

& Environmental

Risk 2

0.1813 Operational Risk 3

0.0289 Group Risk 3

Total Business

Risk Rating 2

Total Control

Risk Rating 2

Total Risk rating 2

Exhibit 3: Eigen Value Model

Table 1: Pair-wise Comparison of Control Risk Components

Capital Credit

Risk

Market

Risk

Earnings Liquidity

Risk

Business

Strategy &

Environmental

Operational

Risk

Group

Risk

Page 25 of29


26/29


Risk

Capital 1 2 3 3 4 5 2 5

Credit Risk 0.5 1 2 2 3 5 1 5

Market Risk 0.33 0.5 1 1 2 5 0.5 5

Earnings 0.33 0.5 1 1 2 5 0.5 5

Liquidity Risk 0.25 0.33 0.5 0.5 1 5 0.33 5

Business

Strategy &

Environmental

Risk 0.2 0.2 0.2 0.2 0.2 1 0.2 1

Operational

Risk 0.5 1 2 2 3 5 1 5

Group Risk 0.2 0.2 0.2 0.2 0.2 1 0.2 1

Table 2: Squaring the above matrix

Capit

al

Cred

it

Risk

Mark

et

Risk

Earnin

gs

Liquidi

ty Risk

Business

Strategy &

Environme

ntal Risk

Operatio

nal Risk

Gro

up

Risk

Row

sums

Normalized

Row

sums/Priori

ties

Capital 8.00

12.3

3 21.00 21.00 34.00 85.00 12.33 85.00

278.6

7 0.27

Credit Risk 5.58 8.00 13.00 13.00 21.00 57.50 8.00 57.50

183.5

8 0.18

Market

Risk 4.00 5.33 8.00 8.00 12.33 36.67 5.33 36.67

116.3

3 0.11

Earnings 4.00 5.33 8.00 8.00 12.33 36.67 5.33 36.67

116.3

3 0.11

Liquidity

Risk 3.16 4.00 5.58 5.58 8.00 24.58 4.00 24.58 79.50 0.07

Business

Strategy &

Environme

ntal Risk 0.98 1.46 2.30 2.30 3.40 8.00 1.47 8.00 27.91 0.02

Operationa

l Risk 5.58 8.00 13.00 13.00 21.00 57.50 8.00 57.50

183.5

8 0.18

Group Risk 0.98 1.46 2.30 2.30 3.40 8.00 1.47 8.00 27.91 0.02

1013.

83 1

Table 3: Another iteration

Capit

al

Cred

it

Risk

Mark

et

Risk

Earnin

gs

Liquid

ity

Risk

Business

Strategy &

Environme

ntal Risk

Operatio

nal Risk

Grou

p

Risk

Row

sums

Normalized

Row

sums/Priori

ties

Capital

644.5

5

905.

33

1405.

50

1405.5

0

2158.0

0 5834.16 905.33

5834.

16

19092.

55 0.27

Credit Risk

417.5

8

588.

19

915.0

0 915.00

1405.5

0 3784.16 588.19

3784.

16

12397.

80 0.17

Market

Risk

266.7

2

376.

88

588.1

9 588.19 905.33 2429.86 376.88

2429.

86

7961.9

4 0.11

Earnings

266.7

2

376.

88

588.1

9 588.19 905.33 2429.86 376.88

2429.

86

7961.9

4 0.11

Liquidity

Risk

188.3

4

266.

72

417.5

8 417.58 644.55 1728.61 266.72

1728.

61

5658.7

3 0.08

Business

Strategy &

Environme

ntal Risk 69.14

97.1

9

151.3

6 151.36 233.36 632.50 97.19

632.5

0

2064.6

3 0.02

Operational Risk

417.58

588.19

915.00 915.00

1405.50 3784.16 588.19

3784.16

12397.80 0.17

Group Risk 69.14 97.1 151.3 151.36 233.36 632.50 97.19 632.5 2064.6 0.02

Page 26 of29


27/29


9 6 0 3

69600.

05 1

Table 4: Calculation of difference

Difference between the priorities obtained from the two iterations

-0.0005

-0.0029

-0.0004

-0.0004

0.0029

0.0021

-0.0029

0.0021

Table 5: Pair-wise Comparison of Control Risk Components

Internal Controls Management Organization Compliance

Internal Controls 1 2 3 2

Management 0.5 1 2 1Organization 0.33 0.5 1 0.5

Compliance 1 1 2 1

Table 6: Squaring the above matrix

Internal

Controls Management Organization Compliance Row sums

Normalized

Row

sums/Priorities

Internal

Controls 4.00 7.50 14.00 7.50 33.00 0.42

Management 2.16 4.00 7.50 4.00 17.66 0.22

Organization 1.16 2.16 4.00 2.16 9.50 0.12

Compliance 2.16 4.00 7.50 4.00 17.66 0.22

77.83 1

Table 7: Another iteration

Internal

Controls Management Organization Compliance Row sums

Normalized

Row

sums/Priorities

Internal

Controls 64.83 120.33 224.50 120.33 530.00 0.42

Management 34.75 64.50 120.33 64.50 284.08 0.22

Organization 18.72 34.75 64.83 34.75 153.05 0.12

Compliance 34.75 64.50 120.33 64.50 284.08 0.22

1251.22 1.00

Table 8: Calculation of difference

Difference between the priorities obtained from the two iterations

-0.0004

0.0001

0.0003

0.0001

Table 9: Business Risk profile comparison

Geometric Mean Arithmetic Mean Eigen Value Bank A

Capital 0.2698 0.2722 0.2743 2

Credit Risk 0.1813 0.1764 0.1781 3

Market Risk 0.1159 0.1149 0.1144 2Earnings 0.1159 0.1149 0.1144 2

Liquidity Risk 0.0779 0.0838 0.0813 3

Page 27 of29


28/29


Business Strategy &

Environmental Risk 0.0290 0.0307 0.0297 2

Operational Risk 0.1813 0.1764 0.1781 3

Group Risk 0.0290 0.0307 0.0297 3

Table 9: Controls Risk profile comparison

Eigen Value Arithmetic Mean Geometric mean Bank A

Internal Controls 0.4236 0.4231 0.4231 3

Management 0.2270 0.2272 0.2274 2

Organization 0.1223 0.1225 0.1222 2

Compliance 0.2270 0.2272 0.2274 2

Table 10: Total risk rating of bank

Total Business Risk Rating

of Bank A 2

Total Control Risk Rating

of Bank A 2

Total Risk rating for Bank

A 2

References Ajit, D. and Bangar, R.D (1998): The Role and Performance of Private Sector Banks in India-

1991-92 to 1996-97, Political Economy Journal of India 7:1 and 2, 7-20

Arpa M., Giulini I., Ittner A. and Pauer F.(2001), The Influence of Macro-economic

Developments

on Austrian Banks: Implications For Banking Supervision, BIS Papers, n. 1, Basel

Bessis, Joel (2002),Risk Management in Banking,Wiley; 2nd edition

Berger, A.N. and DeYoung, R. (1997),Problem Loans and Cost efficiency in Commercial Banks.

Journal of Banking and Finance 21, 849-870

Berger, A. N. and Udell, G. F.(1998), The Economics of Small Business Finance: The Roles of

Private Equity and Debt Markets in The Financial Growth Cycle, Journal of Banking and

Finance, 22, pp.613-673

Berger, A. N. and Udell, G. F. (1993), Securitization, Risk, and the Liquidity Problem in Banking,

Structural Change in Banking, M. Klausner and L. White editors, Irwin Publishers, Illinois

BIS Publication (2001), The Second Consultative Document, The New Basel Capital Accord

_______(2001), Stand

Date post:	06-Apr-2018
Category:	Documents
Upload:	diksha-arora-kathuria
View:	219 times
Download:	0 times

Risk Management in Banks, The AHP Way- Diksha Arora

Documents