Risk Management in Banks

Adit S.
Joshi TYBBI Sem5 Risk Management in Banks
CHAPTER 1
1.1 What is Risk?
Risk can be defined as the chance of loss or an unfavorable outcome
associated with an action. Uncertainty is not knowing what will happen in the
future. The greater the uncertainty, the greater the risk. For an individual
farm manager, risk management involves optimizing expected returns
subject to the risks involved and risk tolerance.
Risk is what makes it possible to make a profit. If there was no risk, there
would be no return to the ability to successfully manage it.
Risk is what makes it possible to make a profit. If there was no risk, there
would be no return to the ability to successfully manage it. For each decision
there is a risk-return trade-off. Anytime there is a possibility of loss (risk),
there should also be an opportunity for profit. Growers must decide between
different alternatives with various levels of risk. Those alternatives with
minimum risk may generate little profit. Those alternatives with high risk may
generate the greatest possible return but may carry more risk than the
producer will wish to bear. The preferred and optimal choice must balance
potential for profit and the risk of loss. It all comes down to management, and
there are no easy answers.
The meaning of Risk as per Websters comprehensive dictionary is a
chance of encountering harm or loss, hazard, danger or to expose to a
chance of injury or loss. Thus, something that has potential to cause harm or
loss to one or more planned objectives is called Risk.
The word risk is derived from an Italian word Risicare which means To
Dare. It is an expression of danger of an adverse deviation in the actual
result from any expected result.
Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Banks for International Settlement (BIS) has defined it as- Risk is the threat
that an event or action will adversely affect an organizations ability to
achieve its objectives and successfully execute its strategies.
Risk Management: Risk Management is the process of identifying,

quantifying and managing the risks than an organization faces. As the
outcome of business activities are uncertain, they are said to have some
element of risk. These risks includes strategic failures, financial failures,
market disruptions, environment disasters and regulatory violations. Risk is
the statistical concept that are related to unknown future. Almost all
investments are exposed to it.
Risk Management involves identifying the type of risk exposure within the
company, measuring those potential risks, proposing means to hedge, insure
to mitigate some of the risks, estimating the impact of various risks on the
future earnings of the company.
While it is impossible that companies remove all the risks from the
organization, it is important that they properly understand and manage the
risks that they are willing to accept in the context of the overall corporate
strategy. The management of the company is primarily responsible for risk

management but the board of directors, internal auditor, external auditor,
and general council also play critical role.
Risk can be managed in a number of ways: by the buying of insurance, by
using derivatives instruments as hedges, by sharing risks with others, or by
avoiding risky positions altogether.
Assess what could go wrong
Determine which risks are important to deal with
Implement strategies to deal with those risks
Source: i.investopedia.com

1.2 RISK MANAGEMENT in Banks:
Source: image.slidesharecdn.com
Indian Banking Industry is going through a transformation process in its

transitional journey from the era of protected economy to the tough world of
market economy. Banks are expanding their operations, entering new market
and trading in new asset types. The changes in financial system, product and
structures have created new opportunities along with new risks. Risk
Management has become an internal part of financial activity of Bank and
other market participants. These risks cant be ignored and either has to be
managed by market participants as part of Asset Liability Management or
hedge. Under these circumstances, creating an environment that promotes
risk management assumes critical importance. This requires addressing
certain policy and institutional issues in developing in India.
First and foremost a well-developed market, repo market constitutes an
important prerequisite for the promotion of risk management practice among

market participants. Regulatory gaps and overlaps in debt markets need to
be sorted out quickly to facilitate the repeal of the 1969 notification which will
go a long way in aiding the process of Asset Liability Management for Banks.
Indian conditions are suitable for introduction of credit default swap in India.
It offers advantages of hedging credit risk without impairing the relationship
with the borrower. Forward rate agreements and interest rate swaps enable
users to lock into spreads. The RBI has already permitted interest rate
swaps. A major reason for lack of term money market is the absence of the
practice of Asset Liability Management system among bank for identifying
mismatches in carious time periods. The recent RBI guidelines to lend on a
term and also offer two-way quotes in the market. The advisory group on
banking supervision constituted by RBI recommended greater orientation of
banks management. OECD principles of corporate governance recognized
the risk management as area of increasing importance for Board, which is
related to corporate strategy.
Source: www.curling.com

1.3 DEFINITIONS:
According to Denis Waitely Life is inherently risky. There is only one big risk
you should avoid at all costs and that is the risk or doing nothing
Risks associated with financial institutions are becoming more and more
diverse and complicated due to changes taking place in the operating
environment. In response, and in recognition of the fact that risk cannot be
entirely avoided.
Source: www.housingwire.com
It is the process for identifying the risk the business faces, evaluating them
according to the likely hood of their occurring and the damage. They would
ensure deciding whether to wear, avoid, control or ensure against then,
allocating responsibility for dealing with them ensuring that the process
actual works and reporting material problems as early as possible to the right
level.
The operation of bank inevitably means facing risk of many kinds risk. Risk is
inherent in bank but it is far from routine, nor is it one-dimensional. All round
the globe, market risks, technical risk, operational risk, political risk, legal
risks, and change rapidly and continually. A recent survey in USA revealed

that the directors are not focusing enough on risk management. Most of the
bank did not have a formal enterprise wide risk management process.
However, directors are not expected to understand ever-small aspect of the
management process orb monitor every transaction. Nevertheless, they have
the responsibility to oversee the risk management function and internal
control system of the bank. There can be no one size-fit all risk management
system due to diversity in the size of balance sheet and risk appetite among
banks. Each bank must design and develop its own system to suit its specific
needs depending upon the size and complexity of business, risk philosophy,
market perception and level of capital.
Source: http://cdn2.hubspot.net

1.4 Objectives of Risk Management:
Source: servicestation.co.uk
The very basic objective of risk management system is1.
To put in place and operate a systematic process to give a reasonable
degree of assurance to the top management that the ultimate corporate goals
that are vigorously pursued by it would be achieved in the most efficient
manner.
2.
In this way, all the risk that come in the way of institution achieving the
goals it has to set for itself would managed properly by the risk management
system.
3.
In the absence of such a system, no institution can exist in the long run
without being able to fulfill the objective for which it was set up.

CHAPTER 2
2.1 DIFFERENT TYPES OF RISK:
Different Types Of Risk

Financial Risk
Market Risk
Others
Operational Risk &
Control System
Settlement Risk
Asset Liability
Management Risk
Financial Risk:
Financial Risk
1.
Credit Risk
Trading Credit Risk
Commercial Credit Risk
The risk of loss from holding positions that is subject to change in value with
changing market conditions. This risk includes all changing, in market

conditions, such as prices, volatility, liquidity, and credit risk, the ability and
willingness of counterparties to honor their contractual obligations.
Lloyds of London provided re-insurance without protracted and significant
losses for 300 years. The equity holders in these enterprises started to think
they were purchasing annuities rather than placing their considerable assets
at risk. With a history of profits without significant loss that spans centuries,
such a belief is understandable. Lloyds accumulated $8.6 billion in losses in
the three years from 1988 through 1990. The equity holders achieved a better
understanding of the financial risk they were incurring.
I.
Credit risk
Source: www.origo.ie
Credit risk is defined as the potential that a borrower or counterparty will

fail to meet its obligation in accordance with agreed terms. RBI has been
extremely sensitive to the credit risk it faces on the investment of foreign
currency assets and gold in the international markets. Investments in
bonds/treasury bills, which represent debt obligations of Triple-A rated
sovereigns and supranational entities do not give rise to any substantial
credit risk. Placement of deposit with BIS and other central banks like Bank
10

of England is also considered credit risk-free. However, placement of
deposits with commercial banks as also transactions in foreign exchange and
bonds/treasury bills with commercial banks/investment banks and other
securities firms give rise to credit risk. Stringent credit criteria are,
therefore, applied for selection of counterparties. Credit exposure vis--vis
sanctioned limit in respect of approved counterparties is monitored on line.
The basic objective of an on-going tracking exercise is to identify any
institution (which is on the RBIs approved list) whose credit quality is under
potential threat and to prune down the credit limits or de-list it altogether, if
considered necessary. A quarterly review exercise is also carried in respect
of counterparties for possible inclusion/deletion.
II.
Trading credit Risk
Source: www.openlink.com
This is the risk of loss from the failure of a trading counterparty to perform its
trading obligations as agreed. The largest exposures for this risk typically
occur between major global trading counterparties e.g. liquidity providers in
several markets. Unlike traditional lending, these exposures change values
with changing market conditions (prices, volatility). Note, however, the
largest risk of loss is linked but not directly proportional to the largest
exposures. Credit risk combines exposure with default and recoveries. Thus
a lower exposure can have a higher risk if the default probability is much
higher.
11

III.
Commercial credit Risk
Source: http://www.clker.com
This is the risk of loss form providing credit to corporate counterparties.

Extensions of credit can take the form of direct loans and contingencies or
guarantees.
2.
Market Risk:
Market Risk
Commodity Market Risk

Currency Market Risk
Interest Rate Risk
Market Liquidity Risk
Equity Market Risk
This is the risk that positions can lose value due to changing market
conditions including prices, volatility, and market liquidity. It also includes
basis risk for hedge positions. Market risk, along with credit risk are the two
major components of financial risk. Market risk, which consists primarily of
price risk and volatility risk, occurs within the major market sectors.
12

I.
Commodity market Risk
Source: c1327221.myzen.co.uk
This is the risk of loss from having positions in any of the commodity markets.
There are certainly tremendous variety of them, ranging from agricultural
markets, which include various grains, meats, produce, and wood products
to minerals and metals. More recently, the energy market has undergone an
expansion as electricity has deregulated and become a commodity whose
price fluctuates.
II.
Currency market Risk
13
Source: http://cdn2.hubspot.net/
This is the risk of loss from having positions in any of the currency markets.
The risk can be from outright positions. It can also reside on the balance
sheet or in the income flows of a company. Many Thai companies were
carrying currency risk on their balance sheets with assets in Thai baht and
liabilities/ loans in U.S. dollars. In the summer of 1997, they were bankrupted
overnight by a 20% reduction in their dollar liabilities. Other firms suffer large
fluctuations in income when earnings denominated in foreign currencies
must be converted and reported in dollars.
14

Example of Currency Rate Swaps:
Suppose a U.S. MNC wants to finance a 40,000,000 expansion of a
German plant.
They could borrow dollars in the U.S. where they are well known and
exchange for dollars for euros.

o
This will give them exchange rate risk: financing a euro project with
dollars.
They could borrow euro in the international bond market, but pay a
premium since they are not as well-known abroad.
If they can find a German MNC with a mirror-image financing need they
may both benefit from a swap.
If the spot exchange rate is S0($/ ) = $1.30/ , the U.S. firm needs to
find a German firm wanting to finance dollar borrowing in the amount of

$52,000,000.
15
Source: www.imf.org
Source: www.imf.org
16

III.
Interest Rate Risk
Source: bconnect24.com
The crucial aspect of the management of interest rate risk is to protect the
value of the investments as much as possible from the adverse impact of the
interest rate movements. The focus of the investment strategy revolves
around the overwhelming need to keep the interest rate risk of the portfolio
reasonably low with a view to minimizing losses arising out of adverse
interest rate movements, if any. This approach is warranted as reserves are
viewed as a market stabilizing force in an uncertain environment.
Interest Rate Swaps in India:
An Interest rate swap is a contractual agreement entered into between two

counterparties under which each agrees to make periodic payment to the
other for an agreed period of time based upon a notional amount of principal.
The principal amount is notional and is required in order to compute the
actual cash amounts that will be periodically exchanged.
Under the commonest form of interest rate swap, a series of payments
calculated by applying a fixed rate of interest to a notional principal amount is
exchanged for a stream of payments similarly calculated but using a floating
rate of interest. This is a fixed-for-floating interest rate swap. Alternatively,
both series of cash flows to be exchanged could be calculated using floating
rates of interest but floating rates that are based upon different underlying
indices. Examples might be the overnight interest rate (MIBOR) and
17

commercial paper or Treasury bills and this form of interest rate swap is
known as a basis or money market swap.
In India interest rate swaps are commonly traded on 2 benchmarks viz MIBOR
and MIFOR.
(i) Overnight Index Swaps (OIS): This swap consists of exchange of a fixed
rate for the NSE MIBOR rate. The tenor of the swap may extend from 1 month
to 10 years however the most actively traded swaps are for 1 year and 5 year
maturity. The MIBOR rate is compounded daily and interest exchanges on the
notional principal (generally Rs 25 crore) are exchanged half-yearly. The OIS
swap rates track the underlying G-sec yields of relevant maturity. The market
witnesses average daily volumes of Rs 6,000-Rs 8,000 crore and includes
foreign banks, private sector, banks, primary dealers and few nationalized
banks as the major participants.
ii) MIFOR swaps: The MIFOR is another popular benchmark that has
developed into a proxy for the AAA corporate funding cost in India. MIFOR is
derived from USD Libor and the USD/INR Forward Premia and is simply the
Indian equivalent of USD Libor and the USD Interest Rate Swaps market.
MIFOR behaves like an interest rate benchmark and not a forex benchmark.
18

There are a large number of Indian Corporates who now regularly use this
benchmark to actively manage the interest rate risk on their debt portfolios,
and access funding at better rates.
Dollar Interest Rate Swap

Interest Rate Swap 1-year
Interest Rate Swap 5-year
19
Source: www.barchart.com/economy/swaps.php
Interest Rate Swaps Outside India:
Source: www.global-rates.com
An interest rate swap is a contractual agreement between two parties to

exchange interest payments.
How it works/Example:
The most common type of interest rate swap is one in which Party A agrees to
make payments to Party B based on a fixed interest rate, and Party B agrees
to make payments to Party A based on a floating interest rate. The floating
rate is tied to a reference rate (in almost all cases, the London Interbank
Offered Rate, or LIBOR).
20

For example, assume that Charlie owns a $1,000,000 investment that pays
him LIBOR + 1% every month. As LIBOR goes up and down, the payment
Charlie receives changes.
Now assume that Sandy owns a $1,000,000 investment that pays her 1.5%
every month. The payment she receives never changes.
Charlie decides that that he would rather lock in a constant payment and
Sandy decides that she'd rather take a chance on receiving higher payments.
So Charlie and Sandy agree to enter into an interest rate swap contract.
Under the terms of their contract, Charlie agrees to pay Sandy LIBOR + 1%
per month on a $1,000,000 principal amount (called the "notional principal"
or "notional amount"). Sandy agrees to pay Charlie 1.5% per month on the
$1,000,000 notional amount.
Let's see what this deal looks like under different scenarios.
Scenario A: LIBOR = 0.25%
Charlie receives a monthly payment of $12,500 from his investment
($1,000,000 x (0.25% + 1%)). Sandy receives a monthly payment of $15,000
from her investment ($1,000,000 x 1.5%).
Now, under the terms of the swap agreement, Charlie owes Sandy $12,500
($1,000,000 x LIBOR+1%), and she owes him $15,000 ($1,000,000 x 1.5%).
The two transactions partially offset each other and Sandy owes Charlie the
difference: $2,500.
21
Scenario B: LIBOR = 1.0%

Now, with LIBOR at 1%, Charlie receives a monthly payment of $20,000 from
his investment ($1,00,000 x (1% + 1%)). Sandy still receives a monthly
payment of $15,000 from her investment ($1,000,000 x 1.5%).
With LIBOR at 1%, Charlie is obligated under the terms of the swap to pay
Sandy $20,000 ($1,000,000 x LIBOR+1%), and Sandy still has to pay Charlie
$15,000. The two transactions partially offset each other and now Charlie
owes Sandy the difference between swap interest payments: $5,000.
22
Note that the interest rate swap has allowed Charlie to guarantee himself a
$15,000 payout; if LIBOR is low, Sandy will owe him under the swap, but if
LIBOR is higher, he will owe Sandy money. Either way, he has locked in a
1.5% monthly return on his investment.
Sandy has exposed herself to variation in her monthly returns. Under
Scenario A, she made 1.25% after paying Charlie $2,500, but under Scenario
B she made 2% after Charlie paid her an additional $5,000. Charlie was able
to transfer the risk of interest rate fluctuations to Sandy, who agreed to
assume that risk for the potential for higher returns.
One more thing to note is that in an interest rate swap, the parties never
exchange the principal amounts. On the payment date, it is only the
difference between the fixed and variable interest amounts that is paid; there
is no exchange of the full interest amounts.
23

IV.
Market Liquidity Risk:
Source: http://www.regulatory-risk.com/
This is the risk of loss from being unable to buy or sell positions easily, at a
low transaction cost. The speed and ease with which a buyer or seller can
convert assets into cash and vice versa varies with each class of assets in the
market. Gold, for example, is much more liquid than real estate. In addition,
liquidity fluctuates over time. During August and September 1998, some of
the most liquid markets, such as the U.S. government bond market and the
swap markets became considerably less liquid.
In the early 1990s a steep spike in interest rates caused large losses in many
trenches of mortgaged- backed securities (MBS). The market for these
instruments froze because no one was interested in bidding for them, even at
huge discounts to their remaining fair market value. That liquidity freeze
helped keep MBS prices depressed for a long time.
24

V.
Equity market Risk:
This is the risk of loss from holding positions in the equity markets. This is
investor risk and almost everyone is familiar with it. Like the other markets it
contains price, volatility, and liquidity.
3.
Operational risk and control system
Internally, there is a total separation of the front office and back office
functions and the internal control systems ensure several checks at the
stages of deal capture, deal processing and settlement. There is a separate
set up responsible for risk measurement and monitoring, performance
evaluation and concurrent audit. The deal processing and settlement system
is also subject to internal control guidelines based on the principle of one
point data entry and powers are delegated to officers at various levels for
generation of payment instructions. There is a system of concurrent audit for
monitoring compliance in respect of all the internal control guidelines.
Further, reconciliation of accounts is done regularly.
In addition to annual inspection by the internal machinery of the RBI for this
purpose and statutory audit of accounts by external auditors, there is a
system of appointing a special external auditor to audit dealing room
25

transactions.
The main objective of the special audit is to see that risk
management systems and internal control guidelines are adhered to.

There exists a comprehensive reporting mechanism covering all significant
areas of activity/operations relating to reserve management.
These are
being provided to the senior management periodically, viz., on daily, weekly,

monthly, quarterly, half-yearly and yearly intervals, depending on the type
and sensitivity of information.
4.
Settlement Risk:
Source: www.rbnz.govt.nz
This is the risk of loss from failure of a trading counterparty to perform as

obligated during the settlement process. Most settlement processes for
financial transactions have established safeguards to greatly reduce this
risk. For Ex. Most equity and debt purchases settle through clearing houses
that hold delivers until payment is received. Other financial products
frequently settle on a net difference basis. In most swaps, just the difference
between the fixed and floating leg is transmitted. Daily settlement amounts
between the biggest traders i.e. liquidity provider, especially when they do
not occur on a net basis, are very large. The failure of a major financial
26

institution to honor its side of these trades of these trades could cause
significant loss and serious market disruption.
In 1974, a small bank in Germany, Bank Herstatt, which had $60 million in FX,
trades settling the next day closed its doors. The three days of increasing
payment system gridlock that followed served as a waked-up call to the
industry and its regulators.
5. Asset liability Risk:
Source: http://image.slidesharecdn.com
This is the risk that current obligations cannot be met with current assets.
This is a fundamental risk in all organizations, which must maintain liquidity,
or they become insolvent. In financial institutions, this risk is quite significant
because many liabilities can be accelerated if the market perceives a
weakness. Markets and regulators have demanded that financial institutions
maintain a high level of capital to protect the fund providers and a high level
of reserves to safeguard against runs. Most of the risk arises as a result of
mismatch of assets and liability. If the assets of a bank exactly matched its
liability of identical maturity, interest rate conditions and currency risk could
have been avoided. However in practice its near impossible to have such a
perfectly matched balance sheet. A banker, therefore, has to keep different
27

types of risk within acceptable limits. It requires the ability to forecast future
changes in the environment and formulate suitable action plans to protect the
bet worth of the organization form the impact of these risks. It is by no means
an easy task. If he is proving wrong in his judgment the whole process of risk
management may go haywire. Few would disagree with the statement that
being a banker is like being a country hound dog. If you stand still you get
kicked. If you run, they throw rocks at you.
Presettlement
Risk
Commercial
Credit Risk
Hedged Risk
Portfolio
Exposure
Loan Riak
Other
Risk
New Product
And Risks
Gurantee Risk
Portfolio
Recovery
Global
Portfolio Risk
5.
Portfolio
Defaults
Basis Risk (Hedged Positions):
This is the risk of loss from hedging market exposures with instruments
whose changes in value do not exactly offset value changes in the position
being hedged. The mismatch could be in terms of maturity, the underlying
instrument e.g. short a government bond to hedge a long corporate bond
position, or some other characteristic. These small differences can
sometimes cause the combined position to be much more risky than thought.
On May 1, 1997, L.P.Morgan lost $20 to $40 million due to basis risk on one
trade. The trader sold a yen/dollar option, and bought the same option from
counterparty. Both the bought and sold option carried the same knock-out
feature. The change rate is canceled if the dollar/yen exchange rate is
28

greater than 127.3. This looks like one of those perfect hedges, rumored to
occur only in Japanese gardens. The problem was mismatch in maturity. The
sold option expired six hours before the bought option. The exchange rate
was below 127.3 yen when the sold leg matured but moved above that barrier
by the time the bought leg matured. The hedge, the bought leg, was knocked
out by the shift in dollar yen rates, leaving J.P. Morgan with an unhedged loss.
Ironically, if the deals had not contained the knock-out feature, Morgan
would have made money on the basis risk timing it was holding.
6.
Pre settlement Risk:
This is the risk of loss from failure of a trading counterparty to perfume as

obligated, but before the trade actually settles. If counterparty to a deal that
matures in six years, defaults after three years, the other counterparty may
have to go into the marketplace and replace the defaulted deal. This
potential replacement cost is based on the market prices and other factors,
like applicable netting agreements and collaterals, at the time of the default.
Source: www.unomaha.edu
29

7.
Commercial Credit Risk:
Source: www.communitybankeruniversity.com
This is the risk of loss form providing credit to corporate counterparties.

Extensions of credit can take the form of direct loans and contingencies or
guarantees.
Bankers dont make loansthey make portfolio decisions and the quality of
those decisions impact bank performance over time. In a constantly changing
world, credit risk management becomes a more important focus for your
bank. Therefore, it is critical that you manage portfolio risk at both the bank
and banker level. This workshop is designed for community bankers who are
in a position to impact credit outcomes in your bank. You will learn a
framework and process for managing credit risk to give you a better
understanding of the factors impacting portfolio quality at the bank level, and
tools for better risk management at the transaction level.
Commercial banking and commercial credit in the marketplace
Economic and marketplace factors that impact portfolio quality
Strategy impact on credit quality
Strategic credit risk management framework
Credit process framework
30
Credit decision-making process and its impact on credit quality
Assessing your banks risk management situation
8.
Loan Risk:`
Source: www.riskmanagementmonitor.com
This is the risk of loss from loaning money and having the borrower fail to
repay, either due to default or because they are not willing to repay. Most
analysis in commercial lending considers how the borrower will repay.
9.
Guarantee Risk:
This is the risk or loss from providing guarantees or letters of credit. These
are from of contingent credit exposure (e.g. the exposure is contingent on
other events occurring).
Guarantees are designed to help extend the reach of private financing by
mitigating perceived risk and encourage private sector involvement in
developing countries. Guarantees provide support to lenders or project
companies against a governments (or government entitys) failure to meet
specific contractual obligations to a private or public project. World Bank
guarantees require a counter-guarantee from the Government. The
guarantee is Partial: The Bank only assumes a portion of risk. The Bank
31

Guarantee is a flexible instrument: different currencies (Local currency or
Forex), any sector, variety of structures available to match specific needs of
individual transactions. Guarantees are an integral part of Country
Assistance Strategies (CAS) / Country Partnership Strategies (CPS).
10.
Portfolio Exposure:
Source: valueofcommodity.com
A measure of the possible loss that could occur with each given
counterparty and with groups of counterparties, for ex. Industries, countries,
and economics regions. When traditional credit products, such as, loans,
leases, letters of credits and guarantee are transacted the exposure is known
as static. Capturing credit exposure for the corporate counterparties that
typically use these traditional credit products is fairly straightforward and
consideration quickly shifts to default risk for them.
When the portfolio contains a significant proportion of derivative trades,
exposure might undergo large shifts with changes in market conditions.
Therefore, measuring portfolio exposure to the dealer or banks where
derivative trades predominate, is a much more difficult the sum deal by deal
32

exposures, due to portfolio effects, close out netting agreements and margin
or collateral agreement.
11.
Portfolio Defaults:
A measure of the rate at which exposure convert in to losses due to default.

Default consideration occurs on both a granular level, counterparty by
counterparty and at various portfolio levels. At the granular level, the credit
managers rate the counterparty ability to repay loans. At the portfolio levels,
credit managers consider how defaults might correlate.
12.
Portfolio Recovery:
A measure of how much credit risk is ameliorated by loan recoveries, which

reduce the loss when counterparty defaults. Loans can contain features and
structures that create higher recovery rates, significantly reducing credit
risk. The two-loan structure considerations that most directly impact
recovery rates are seniority where the loan is situated within the borrowing
firms internal capital structure and security what collateral secures the loan.
Source: www.radiusworldwide.com
33

13.
Global Portfolio Risk:
This is the risk of loss from all financial risks, including the combination of
credit and market risks. There are fundamental factors, like economic
conditions, which create a link between them. Market and credit risks are not
independent from each other, yet most financial firms measures and manage
them separately.
14.
New Products and Risks
With the introduction of new products like plastic cards, credit, debit, smart
card, etc. The risk of fraud has increased manifold. According to estimation
in an active issuing bank card, fraud is likely to claim the lions share of fraud
being experienced in general and could well dominate average operating
losses as a whole worldwide frauds occurred due to loss or steal of plastic
cards that cause the greatest losses. The second largest sources and the
fastest growing source of loss is use of counterfeit card. Emerging areas of
E-commerce and Internet banking are also a matter of concern.
Source: 1.bp.blogspot.com
34

CHAPTER 3
3.1 RISK MANAGEMENT PROCESS:
1)
IDENTIFICATION
2)
ANALYSE and PRIORITIZE
3)
PLAN and SCHEDULE
4)
TRACK and REPORT
5)
CONTROL
6)
LEARN
Source: i-technet.sec.s-msft.com/dynimg/IC119053.gif
Risk can be defined as the potential that events expected or
anticipated may have adverse impact on banks capital or earnings.

Therefore proper identification of existing risk and risk that may arise from
new business is crucial to the risk management process.
Accurate and timely measurement of risk enables a bank to quantify
the risk for controlling and monitoring risk level.
35
It is administered by establishment and communication of limits for risk
taking units through policies standards and procedures. There should be a let
out system to authorize accretion in controlling the risk.
It is affected through risk reporting to ensure timely review of risk
positions and acceptations. Monitoring report should be concise, frequent,

timely and reasonably accurate. The purpose of monitoring is to present right
information to the right people.
With respect to risk management, the Bank places great importance on
implementing the following processes. When commencing new businesses or
handling new products, the Bank also ascertains legal compliance as well as
the application of an adequate risk management system.
1.
Risk Identification:
Source: www.riskmanagementmonitor.com
Risk identification allows individuals to identify risks so that the operations

staff becomes aware of potential problems. Not only should risk identification
be undertaken as early as possible, but it also should be repeated frequently.
36

2.
Risk Analyzing and Prioritizing:
Source: corporatecomplianceinsights.com
Risk analysis transforms the estimates or data about specific risks that
developed during risk identification into a consistent form that can be used to
make decisions around prioritization. Risk prioritization enables operations
to commit resources to manage the most important risks.
3.
Risk Planning and Schedule:
Risk planning takes the information obtained from risk analysis and uses it to
formulate strategies, plans, change requests, and actions. Risk scheduling
ensures that these plans are approved and then incorporated into the
standard day-to-day processes and infrastructure.
4.
Risk Tracking and Report:
37

Risk tracking monitors the status of specific risks and the progress in their
respective action plans. Risk tracking also includes monitoring the
probability, impact, exposure, and other measures of risk for changes that
could alter priority or risk plans and ultimately the availability of the service.
Risk reporting ensures that the operations staff, service manager, and other
stakeholders are aware of the status of top risks and the plans to manage
them.
5.
Risk Controlling:
Source: www.larims.org
Risk control is the process of executing risk action plans and their associated
status reporting. Risk control also includes initiating change control requests
when changes in risk status or risk plans could affect the availability of the
service or service level agreement (SLA).
It deals with setting up of limits to each one of the risks and monitoring to
ensure that the actual exposure to each one of the risks defined is within the
limits prescribed in the risk management policy. Any violation of limits needs
to be thoroughly investigated to ascertain the reason for violation and to
avoid such violation in future.
38

The traditional control based risk management ends with the abovementioned steps. The modern risk management, which strives to align risk
management with overall corporate objectives and strategies, involves two
addition steps in the form of allocation and risk adjusted performance
measurement.
6.
Risk Learning:
Source: blogs.qub.ac.uk
Risk learning formalizes the lessons learned and uses tools to capture,
categorize, and index that knowledge in a reusable form that can be shared
with others.
39

3.2 Steps in the risk management process:
STEPS IN RISK
MANAGEMENT PROCESS
IDENTIFICATION
ASSESSMENT
Identification
A first step in the process of managing risk is to identify potential risks. The
risks must then be assessed as to their potential severity of loss and to the
probability of occurrence. Risks are about events that, when triggered, will
cause problems. Hence, risk identification can start with the source of
problems, or with the problem itself.
Texomonybased Risk
Identification
Source
Analysis
Scenario-based
Risk
Identification
Problem
Analysis
ObjectiveBased Risk
Identification
40
Source analysis Risk sources may be internal or external to the system
that is the target of risk management. Examples of risk sources are:

stakeholders of a project, employees of a company or the weather over an
airport.
Problem analysis Risks are related to identified threats. For example:
the threat of losing money, the threat of abuse of privacy information or the
threat of accidents and casualties. The threats may exist with various
entities, most important with shareholder, customers and legislative bodies
such as the government.
When either source or problem is known, the events that a source may
trigger or the events that can lead to a problem can be investigated. For
example: stakeholders withdrawing during a project may endanger funding of
the project; privacy information may be stolen by employees even within a
closed network; lightning striking a Boeing 747 during takeoff may make all
people onboard immediate causalities.
The chosen method of identifying risks may depend on culture, industry
practice and compliance. The identification methods are formed by templates
or the development of templates for identifying source, problem or event.
Common risk identification methods are:
Objectives-based Risk Identification Organizations and project teams
have objectives. Any event that may endanger achieving an objective partly
or completely is identified as risk. Objective-based risk identification is at the
basis of COSO's
Scenario-based Risk Identification In scenario analysis different
scenarios are created. The scenarios may be the alternative ways to achieve
an objective, or an analysis of the interaction of forces in, for example, a
market or battle. Any event that triggers an undesired scenario alternative is
identified as risk - see Futures Studies for methodology used by Futurists.
41
Taxonomy-based Risk Identification The taxonomy in taxonomy-based
risk identification is a breakdown of possible risk sources. Based on the

taxonomy and knowledge of best practices, a questionnaire is compiled. The
answers to the questions reveal risks.
Common-risk Checking: In several industries lists with known risks are
available. Each risk in the list can be checked for application to a particular
situation. An example of known risks in the software industry is the Common
Vulnerability and Exposures list found at http://cve.mitre.org.
Assessment
Source: www.risk-soft.com
Once risks have been identified, they must then be assessed as to their
potential severity of loss and to the probability of occurrence. These

quantities can be either simple to measure, in the case of the value of a lost
building, or impossible to know for sure in the case of the probability of an
unlikely event occurring. Therefore, in the assessment process it is critical to
make the best educated guesses possible in order to properly prioritize the
implementation on the risk management plan.
42
The fundamental difficulty in risk assessment is determining the rate of

occurrence since statistical information is not available on all kinds of past
incidents. Furthermore, evaluating the severity of the consequences (impact)
is often quite difficult for immaterial assets. Asset valuation is another
question that needs to be addressed. Thus, best educated opinions and
available statistics are the primary sources of information. Nevertheless, risk
assessment should produce such information for the management of the
organization that the primary risks are easy to understand and that the risk
management decisions may be prioritized. Thus, there have been several
theories and attempts to quantify risks. Numerous different risk formulae
exist, but perhaps the most widely accepted formula for risk quantification is:
Rate of occurrence multiplied by the impact of the event equals risk.
Later research has shown that the financial benefits of risk
management are not so much dependent on the formulae used. The most
significant factor in risk management seems to be that:
1.) Risk assessment is performed frequently and
2.) It is done using as simple methods as possible.
Source: independentaudit.com
43

In business it is imperative to be able to present the findings of risk
assessments in financial terms. Robert Courtney Jr. (IBM, 1970) proposed a
formula for presenting risks in financial terms. The Courtney formula was
accepted as the official risk analysis method for the US governmental
agencies. The formula proposes calculation of ALE (Annualized Loss
Expectancy) and compares the expected loss value to the security control
implementation costs (cost-benefit analysis).
3.3 Possible actions available:

Once risks have been identified and assessed, all techniques to manage the
risk fall into one or more of these four major categories:
Avoidance
Reduction
Retention
Transfer
Ideal use of these strategies may not be possible. Some of them may involve
tradeoffs that are not acceptable to the organization or person making the
risk management decisions.
Risk
Avoidance
Risk
Transfer
Risk
Reduction
Risk
Retention
44

Risk avoidance
Includes not performing an activity that could carry risk. An example would
be not buying a property or business in order to not take on the liability that
comes with it. Another would be not flying in order to not take the risk that the
planes were to be hijacked. Avoidance may seem the answer to all risks, but
avoiding risks also means losing out on the potential gain that accepting
(retaining) the risk may have allowed. Not entering a business to avoid the
risk of loss also avoids the possibility of earning the profits.
Source: http://secure360.org
Risk reduction
Source: www.chp-inc.com
Involves methods that reduce the severity of the loss. Examples include
sprinklers designed to put out a fire to reduce the risk of loss by fire. This
method may cause a greater loss by water damage and therefore may not be
suitable. Halon fire suppression systems may mitigate that risk, but the cost
may be prohibited by the strategy.
45

Modern software development methodologies reduce risk by developing and
delivering software incrementally. Early methodologies suffered from the fact
that they only delivered software in the final phase of development; any
problems encountered in earlier phases meant costly rework and often
jeopardized the whole project. By developing in increments, software
projects can limit effort wasted to a single increment. A current trend in
software
development,
spearheaded
by
the
Extreme
Programming
community, is to reduce the size of increments to the smallest size possible,

sometimes as little as one week is allocated to an increment.
Risk retention:
Source: csbcorrespondent.com
Involves accepting the loss when it occurs. True self-insurance falls in this
category. Risk retention is a viable strategy for small risks where the cost of
insuring against the risk would be greater over time than the total losses
sustained.
All risks that are not avoided or transferred are retained by default. This
includes risks that are so large or catastrophic that they either cannot be
insured against or the premiums would be infeasible. War is an example since
46

most property and risks are not insured against war, so the loss attributed by
war is retained by the insured. Also any amount of potential loss (risk) over
the amount insured is retained risk. This may also be acceptable if the
chance of a very large loss is small or if the cost to insure for greater
coverage amounts were so great it would hinder the goals of the organization
too much.
Risk transfer
Source: discoveringif.files.wordpress.com
Means causing another party to accept the risk, typically by contract

Insurance is one type of risk transfer. Other times it may involve contract
language that transfers a risk to another party without the payment of an
insurance premium. Liability among construction or other contractors is very
often transferred this way.
Some ways of managing risk fall into multiple categories. Risk retention pools
are technically retaining the risk for the group, but spreading it over the
whole group, involves transfer among individual members of the group. This
is different from traditional insurance, in that no premium is exchanged
between members of the group.
47

For example, whenever someone purchases home insurance, he or she is
essentially paying an insurance company to take the risk involved with
owning a home. In the event that something does happen to the house, such
as property damage from a fire or natural disaster, the insurance company
will be responsible for dealing with any resulting consequences.
In today's financial marketplace, insurance instruments have grown more
and more intricate and complex, but the transfer of risk is the one
requirement
that
is
always
met
in
any
insurance
contract.
Create the plan
Source: michellemacconnell.com
Decide on the combination of methods to be used for each risk. Each risk
management decision should be recorded and approved by the appropriate
level of management. For example, a risk concerning the image of the
organization should have top management decision behind it whereas IT
management would have the authority to decide on computer various risk.
The risk management plan should propose applicable and effective security
controls for managing the risks. For example, an observed high risk of
computer viruses could be mitigated by acquiring and implementing antivirus software. A good risk management plan should contain a schedule for
48

control implementation and responsible persons for those actions. The risk
management concept is old but is still not very effectively measured.
Implementation
Source: www.innovationgames.com
Follow all of the planned methods for mitigating the effect of the risks.
Purchase insurance policies for the risks that have been decided to be
transferred to an insurer, avoid all risks that can be without sacrificing the
entity's goals, reduce others, and retain the rest.
Review and evaluation of the plan.
Initial risk management plans will never be perfect. Practice, experience, and
actual loss results, will necessitate changes in the plan and contribute
information to allow possible different decisions to be made in dealing with
the risks being faced.
Limitations.
If risks are improperly assessed and prioritized, time can be wasted in
dealing with risk of losses that are not likely to occur. Spending too much
time assessing and managing unlikely risks can divert resources that could
be used more profitably. Unlikely events do occur, but if the risk is unlikely
enough to occur, it may be better to simply retain the risk, and deal with the
result if the loss does in fact occur. Prioritizing too highly the Risk
management processes it could potentially keep an organization from ever
49

completing a project or even getting started. This is especially true if other
work is suspended until the risk management process is considered
complete.
Source: 2.bp.blogspot.com
50
CHAPTER 4
4.1
SYSTEM RISK MANAGEMENT:
Source: www.hedgefundexchange.net
Computer systems have become indispensable in banking operations, which

are not only growing more diverse and sophisticated, but are encompassing
large increases in transaction volumes. Accordingly, safety measures to
avoid system risks are extremely crucial for providing customers with highquality services. From January 2004, the Bank transitioned its core computer
system to a new system with the most advanced functions at the NTT Data
Banking Center for Regional Banks.
This center has established solid safety measures that include the adoption
of a mutual backup system using its two centers in eastern and western
Japan. The Bank takes all possible measures against system risks through
utilization of a program that specifies detailed responses in case of system
failure and internal rules for preventing computer crimes and malfunctions.
The Bank also employs external audits of its system risk management. By
undergoing strict checking of our system risk management by an
51

independent institution, we are further ensuring that our risk management is
maintained at the highest level while increasing the sophistication of our
system risk management.
Source: ougaz.files.wordpress.com
52

4.2
REPUTATION RISK MANAGEMENT
Reputational risk is defined as the current or prospective risk to earnings and

capital arising from an adverse perception of financial institutions on the part
of existing and potential transactional stakeholders, i.e. clients, trading
counterparties, employees, suppliers, regulators/governmental bodies, and
investors.
Tangential stakeholders such as the media, NGOs, trade unions, competitors,
and the general public influence how the banks activities are perceived by
transactional stakeholders. All of a bank's activities and decisions can lead to
reputational risk, if they are perceived as controversial by the bank's
stakeholders.
Stakeholders Adverse Perceptions of the Bank's Activities Lead to
Reputational Risk
Source: www.garp.org
Reputational Risk Has a Bottom Line Financial Impact
53
Reputational Risk Framework
54

Most banks, but also other types of organizations such as insurance
companies, have reputational risk management processes in place. The
larger organizations have made their environmental and social criteria public
(at least partly), or have announced that they are withdrawing from specific
types of business / sectors.
Source: thumbs.dreamstime.com
55

4.3
INFORMATION SECURITY RISK MANAGEMENT
Source: www.esecuritytogo.com
Recent advances in IT have led to a rapid increase in and diversification of

information-processing environments and objectives, including the use of the
Bank's internal LAN and connection to the Internet. Therefore, strengthening
the management system to maintain information security against system
threats such as information leakage, unauthorized changes and destruction
of information is becoming extremely crucial.
To respond to these circumstances, the Bank formulated an Information
Security Policy as a basic policy on safety measures concerning the
protection of information assets (information and information systems). The
Bank has also formulated Information Security Standards as its specific
safety standards for information security.
In addition, in February 2005, the Bank formulated new Regulations on the
Handling of Personal Information and established a Privacy Policy (a
statement on protection of personal information), while seeking to further
reinforce its systems for adequately protecting personal information in line
with the enactment of the Personal Information Protection Act as of April 1,
2005.
56
CHAPTER 5
The New Basel Capital Accord
Three Basic Pillars
Minimum
Capital
Requirement
Supervisory
Review Process
57
Market
Discipline
Requirements

5.1
Banking Risks & Capital Accords
The extent of risk taken by a bank and the amount of capital required to be
maintained by the bank for such risk-taken is all about capital adequacy
standards. Prior to the implementation of the Basels first capital accord in
the beginning of the 1990s, there was no relationship between capital and
risk taking. Banking businesses, being one of the highly levered businesses,
is the significantly prone to stocks. Moreover, banking business is the
business of public confidence. If public confidence erodes, it becomes
difficult for a bank to be in business. Basel Committee, with a view to
protecting banks from vulnerabilities and to maintain financial stability,
recommended a minimum capital to risk-weighted assets ratio, thereby
limiting the risk exposure to availability of capital. Initially the capital accord
recognized only credit risk. Subsequently, the market risks also brought
under the capital accord. Recently in the Basel Accord-2, sweeping changes
have been suggested for the computation of capital adequacy as Basel
Accord-1 miserably failed to achieve its objectives of promoting safety and
soundness of the financial system. Apart from credit and market risks, the
operational risk would also require minimum capital to be maintained under
Basel Accord-II.
To achieve these objectives, Basel Committee proposed a three-pillared
framework as under:
Pillar 1: Minimum Capital Requirements: Under this, in the current accord, a
minimum capital has been prescribed to be maintained. To arrive at the
capital for various types of risks, a number of approaches, widely classified
as standardized approach, have been prescribed. The critical issues in the
internal approach in which the banks are free to develop their own approach
to measures risks, validating the internal approach and ensuring consistency
across banks.
58

Pillar 2: Supervisory Review Process: This puts responsibility on the bank
supervisor to ensure that bank follow rigorous processes, measure their risk
exposures correctly and maintain capital in accordance with risk exposure.
The recent initiatives of the RBI in the introduction of Risk Based Supervision
and Risk Based internal Audit are in conformity with this pillar.
Pillar 3: Market Discipline: This aims to strengthen the safety and soundness
of the banking system through better disclosure of risk exposure and capital
maintained. This is expected to help the market participants to better assess
the position of banks.
Source: comps.canstockphoto.com
59

5.2
Why Basel II?
The essence of Basel II is to manage the risk profitably and align the risks
undertaken/assumed by the bank to the economic capital of the bank.
The new accord is designed to introduce safety and soundness into the
banking system. Banks need to measure risk, diversify exposures and
manage risks in an optimum manner that fetches them adequate
compensation, improves bottom-line in the short-term and helps them to
maximize the stakeholders value in the long-run.
Banks have been compelled to review and overhaul the Risk Managements is
also emerging as an important business differentiator in the face of rapid
economic growth that is being witnessed in the global economy and is
capable of ensuring orderliness in the global financial scenario if
implemented properly. The keystone of Basel initiative is to achieve this
objective and to ensure that banks are not strapped for capital to cover the
risks they assume.
Basel II framework provides a methodology for transforming banks into
vibrant and stable entities in the globally competitive and dynamic financial
markets. It points towards RAPM (Risk Adjusted Performance Management)
methodology and RAROC (Risk Adjusted Return on Capital).
All the three pillars are intended to be equal in importance. The first pillar
echoes Basel I in terms of minimum prescriptive levels of regulatory capital,
across credit and market risks, but also introduces operational risk charges
for the first time. With increasing transactional complexities, multiplicity of
technology platforms and various product innovations, banks face a number
of operational risks which could affect their market reputation. Pillar II is
actually the next sieve for any of the risks not captured under Pillar I with a
Supervisory Review Process (SRP) designed for this. Pillar III brings into play
60

the importance of market driven disclosures to peers and other stakeholders.
As the saying goes, it is a Risk Determined Code of Conduct, signifying
among others, the status of the bank in terms of adoption of sophisticated
risk management practices.
Source: s3.amazonaws.com
61

5.3
Basel-II
A Need for Existence

The Indian Scenario
A feature, which is unique to our Indian financial system, is the diversity of its
composition. We have the dominance of government ownership coupled with
significant private shareholding in the public sector banks, which in turn
continue to have a dominate share in the total banking system. These public
sector banks, especially the new ones are continuously trying to be at par
with international standards and norms. We also have cooperative banks
whose numbers are large. There are Regional Rural Banks with links to their
parent commercial banks. The foreign banks operate profitably and have
uniform regulatory standards. Now banking has become a one-stop shop of
varied financial services.
In this scenario, Reserve Bank of India has been setting prudential norms in
convergence to international standard. India has to aim for global standards
across the banking sector in order to manage risk. This is the guiding
principle in Basel-II Accord.
In the annual policy statement in May this year, the RBI announced that Indian
banks should come out with a framework by the end of December 2006 for
migrating their standards of supervision, accountability and best practice
guidelines in line with the provision of the Basel-II Accord. Moreover, the
framework adopted by the banks must be adaptable to changes in business
size, market dynamics, and introduction of newer products in future.
62

To ensure that Indian banks must:
Make an in-depth analysis of the option available under Basel-II.
Adopt standardized approach for credit risk.
Adopt basic indicator approach for operational risk.
Review the progress at quarterly intervals.
Install comprehensive and rigorous system to assess borrowers risk.
Source: pbs.twimg.com
63

5.4
Issue in implementing Basel II by the Indian banking Industry
Implementation OF Basel II is no longer a possibility, it is a certainty. Thus,

the Indian banking industry has to gear up towards it and ensure that it is
implemented well in time-or else the cost of being left behind will be too large
to bear
The draft Basel II Accord has finally been accepted and is applicable to all
banks in member countries from January 1, 2007, and India is no exception.
In fact, Indias association with the Basel Committee on Banking Supervision
dates back to 1997 when it was among the 16 non-member countries that
were consulted in the drafting of the Basel Core Principles. Reserve Bank of
India (RBI) became a member of the Core Principle Liaison Group in 1998 and
subsequently became a member of the Core Principle Working Group on
capital. Within the CPWG, RBI had the privilege of leading a group of 6 major
non G-10 supervisors who presented a proposal on a simplified approach for
Base II to the committee.
The main addition or improvement fund in Basel II over Basel I is that it
recognizes both credit and operational risks apart from market risk as the
primary sources of risks and directs banks to allocate adequate amount of
capital for these types of risks. RBIs approach to implementing the
prudential norms has been one of gradual convergence with international
best practices with appropriate adaptations. RBI wants to achieve this in a
phased manner through a consultative process evolved within the country.
RBI, in its annual policy statement in May 2004, had announced that banks in
India should examine, in depth, the option available under Basel II and draw a
road map by the end of December 2004 for migration to Basel II by December
2006, and review the progress made thereof at quarterly intervals. Further,
the RBI will be closely monitoring the progress made by the banks in this
direction. Hence, all banks in India, to begin with, will be directed to adopt the
64

Standardized Approach for Credit Risk and the Basic Indicator Approach for
Operational Risk. After adequate skills are developed, both in banks as well
as at the supervisory levels, some banks may be allowed to migrate to the
Integrated Risk Based (IRB) approach.
The regulatory initiatives taken by RBI towards implementing Basel II
include:
Ensuring that banks have a suitable risk management framework
oriented towards their requirements as dictated by the size and complexity of

their business, risk philosophy, market perceptions and expected level of
capital. The framework adopted by the banks has to be one that can be
adoptable to changes, if required.
Introduction of Risks Based Supervision (RBS) in 23 banks on pilot
basis.
Encouraging banks to formalize their Capital Adequacy Assessment
Program (CAAP) in alignment with their business plan and performance

budgeting systems.
Enhancing the area of disclosure, so as to have greater transparency,
of the financial position and the risk profit of the banks. The areas of greater
disclosure include capital ratios, profitability ratios, non-performing loans,
provision for non-performing loans, etc.
Improvement the level of corporate governance standards in banks.
Building capacity for ensuring the regulators ability to identify and
permit eligible banks for IRB/Advanced Measurement approach.
65

5.5
RBI Initiatives
RBI has initiatives concepts like:
Risk-Based Supervision (RBS) in 23 banks on pilot basis.

Encouraging banks to formulate Capital Adequacy Assessment
Program.
Improving corporate governance in banks.
RTGS System: Many Indian banks (11to be precise) are going in for
Real Time Gross Settlement (RTGS) system, e.g., ING Vysya Bank. This
system will allow the clients to transfer funds instantaneously across RTGSenabled Banks in India, thus putting their funds to better use because of a
quicker realization as compared to current instrument based fund transfers.
Also the bank can manage intraday liquidity effectives.
Nevertheless, there are many challenges that Indian banks faces by virtue of
its culture diversity and lack of infrastructure.
Source: environmentalrisk.org
66

5.6
Requirement for an Effective Risk Management System
The Basel Committee on Banking Supervision has set out the requirement for
an effective risk management system as under:
Well-informed board of directors and oversight of board
Capable management
Adequate risk management policies and processes
High quality MIS for risk management and
Appropriate staffing of the risk management function
The job of the board is to establish banks strategic direction and define risk
tolerances for various type of risk. The risk management policies and
standards need to be approved by the board. The senior management of the
board is responsible for implementation, integrity and maintenance of the risk
management system.
Source: s3.amazonaws.com
67

CHAPTER 6
6.1
Challenges
The Indian financial system, the banking system in particular, is vastly

diverse. There is a simultaneous existence of the huge government
ownership along with significant private shareholders in public sector banks,
which have a huge presence in total banking system. Apart from the public
sector banks there are the relatively new private sector banks-most of which
are multinationals. There are also many Co-operative Banks and the Regional
Rural Banks and branches of foreign banks (these branches are, by and
large, hugely profitable operations for the present banks). The process of
providing financial services is also changing rapidly from traditional banking
to a one-stop shop of varied financial services, and the old institutional
demarcations are increasingly getting blurred.
To implement Basel II norms in India, the following challenges are envisaged:
Implementation of Basel II Accord, especially the IRB approach, will be
a major challenge as banks will have to substantially upgrade their

information system, risk management systems as well as technical skills of
the staff.
In terms of operational risk, the banks will have to prioritize risk control
among
different
business
lines.
Given
the
complexities
and
data
requirements, may banks will be compelled to use the standardized

Approach, which means that the capital charge for operational risk will only
be an add-on to the overall capital.
The issue of credit rating has to be streamlined. Though there are a few
players in the credit rating arena in India, the credit rating methodology used
by these agencies need to be strengthened and applied universally. Also,
encouraging the ratings of issuers could turn out to be a challenge.
68
Basel II allows the supervisor to prescribe higher minimum capital
levels for banks for, amongst other things, interest rate in the banking book
and concentration of risk exposures. RBI has already initiated action to
identify these issues in banks. But given the huge magnitude of this task in
the Indian context, the task is, at a very last, daunting.
Issues of cross-border capital have to be sorted out-this will
particularly affect foreign banks (currently foreign banks are statutorily

required to be maintain local capital).
o
Note that this list of challenges is not exhaustive, but in all likelihood
refers to the major challenges that would need to be addressed in the

process of implementation of Basel II.
Source: sameerdhanrajani.files.wordpress.com
69

6.2
Impact
RBI in various documents has pointed out that Basel II will involve a shift from
direct supervisory focus to implementation issues, and that banks and
supervisors will be required to invest large resources in upgrading
technology and human resources to meet the minimum standards. Assuming
that banks and supervisors can switch over to the Basel II norms without a
problem, Indian banks, especially the public sector banks, will become more
efficient and globally competitive.
Implementation of Basel II will, in general, lead to decrease in the required
capital with respect to operational risks. However, in India, several factors
may raise the required capital even for credit risks (one example to this effect
could be the use of real estate as collateral for loans attracting a 150% risk
weight on non-performing loans). On the contrary, a 75% risk weight on retail
lending to SMEs and a 35% risk weight on home loans might lead to some
reduction in the capital requirements.
As per Basel II, the bulk of the borrowers in the Indian market fall in the
speculative grade-this might cause a dramatic rise in the debt costs and
heightened cyclicality of bank credit. Augmenting the capital requirements of
the banks could have adverse impact on the credit portfolios of the banking
sectors.
Another issue could be the introduction of the Economic Capital Based (ECB)
models to help banks in capital budgeting, deal pricing and performance
management in a risk adjusted framework. Though this will be a useful tool,
it would require banks and supervisors to understand the two elements of
economic capital assessment; namely:
Calculation of aggregate economic capital across all sources of risk.
70
Allocation of capital to individual business units or profit centers on a
risk-efficient basis.
These are some of the major impacts that are going to be felt by all the banks
including the RBI in implementing Basel II. However, there is no doubt that a
successful implementation of Basel II will ensure that the banks would benefit
from the economic capital framework. IT will further provide the banks with a
platform to develop models for managing their business efficiently and
complete with the more sophisticated players. It will also help banks learn to
use their capital in the most efficient manner, which will definitely be the key
to survival in a global, unconstrained and ruthless environment in the
financial service sector.
Source: trauma.massey.ac.nz
71

6.3
Improved Risk Management (RM) Process
Basel II is normally seen largely as a compliance driven issue and only a small
number of banks have fully exploited business efficiency and integrity. In fact,
Base II affords a good opportunity to undertake a thorough review of RM
processes and consolidated them. While implementing to comply, we can
implement to gain. We can implement for reduced overall cost, increased
RAROC and improved decision-making process. It also helps build a
transparent corporate accountability and enables management of risk in
accordance with the risk appetite enabling economic capital saving, a
precursor to development of integrated risk management capability across
the bank. It creates an increased level of transparency around disclosure of
risk. Hence, banks need to use the opportunity to implement effective RM
system to achieve competitive efficiency.
As Basel II helps banks differentiate customers by risk, advantages and
disadvantages are likely to accrue for bank customers.
Those with possible advantage:
Prime customer
Well-rated entities.
Small and medium- sized business.
High-quality liquidity portfolios.
Collateralized and hedged exposures
Low credit and operational loss exposures.
Strong risk management processes.
Those with possible disadvantages:
Higher credit risk individuals.
Uncollateralized credit.
Specialized lending (in some cases).
High historical credit and operational loss experience.
Weak risk management processes.
72

6.4
Challenges Ahead
Infrastructure
In a recent survey conducted by the Federation of Indian Chambers of
Commerce and Industry (FICCI), 55% of the respondents claims that Indian
banks lack adequate preparedness to be able to confirm to the Basel-II
provision by 2006. Whereas, 50% of public sector banks have expressed their
preparedness in meeting these guidelines, only 25% of the old and new
private sector and foreign banks are likely to be ready to meet them by 2006.
According to the survey, concerns of the Indian banks in implementing these
norms are:
51.6% said due to low levels of computerization,
87% said due to absence of robust internal credit rating mechanism,
80.6% said due to lack a strong management information system,
And 58% said due to the lack of sufficient training and education to
reach the levels to conform to the provision of Basel-II.
Source: bocahbancar.files.wordpress.com
73

6.5
Effect on Indian Banks
State Bank of India, Bank of Baroda, and Bank of India

Vivek Srivastava, senior bank analyst at Fitch Ratings, Mumbai, is more
skeptical. Collecting the necessary data is going to take some time, he says.
So far, the RBI has told only the internationally active banks that they to be
ready to comply with Basel-II from the outset. And, there are only about three
banks that fall into this category, even loosely defined: The State Bank of
India, Bank of Baroda, and Bank of India (all public sector banks). These
banks will probably adopt the standardized approach to credit risk
management he says.
In addition, some of the progressive new generation of private sector banks,
which have the most advanced technology platforms because they entered
the business late, will also want to apply the new Accord from the outset.
HDFC Bank
This is confirmed by Paresh Sukthankar, head of credit and market risk, at
HDFC Bank, one of the largest of the new generation of private sector (it is
eight years old). Fully automated and growing at an annual compound rate of
20-25%, HDFC Bank has had a grading model in a place to rate its corporate
portfolio for some time. Sukthankar says he is still waiting for final guidelines
from the RBI, buts expects that banks will initially be required to adopt the
standardized approach for credit risk, with a more advanced approach being
introduced a year or two later. We will be at the forefront in implementing the
new guidelines as they are rolled out by the central bank, he says.
ABN AMRO
ABN AMRO has decided to adopt the A-IRB approach, under the new accord,
for calculating the minimum capital required against its credit risk, reveals
Jan Sijbrand in the interview with GRR. But the bank has not yet decided
74

whether it would adopt the AMA approach for operational risk. If it does not,
this could raise difficulties over its regulation in the US.
Adopting the A-IRB means that the bank will attract seriously lower capital
charge on its mortgage retail business-its main strength in the US mid-west
than its local competitors, who will face the higher capital charges
associated with Basel-I.
CITIGROUP
Citigroup will be on the advanced approach for all risk types. It planes to run
parallels of Base-II from 2006 onwards and go live from 2007. This will give it
a strategic edge by reaping advantages through the learning curve
throughout 2006. From data collection and implementation standpoint, it will
be more challenging for Citigroup, given over 50% of Citigroups exposures
reside outside of the US. Citigroup will be the most complex Basel-II
implementation in the world.
75

CHAPTER 7
7.1 From Risk Management to Value Management

The subject of finance suggests that the ultimate objective of commercially
oriented enterprise is shareholder wealth maximization. This means that all
the decisions should be towards maximizing the market the value of equity
shares traded in the market in the long run. Accounting measures of
performance evaluation such as Net Profit Margin, Return on Assets, Return
on Equity, Earnings per Share, etc. are at best useless as they are only return
measures. They do not consider the actual risk taken to earn the return
earned. The measures of shareholder wealth maximization, broadly called as
SWM measures, consider both the return and risk in its framework and are
superior to the accounting measures in a number of ways.
The following description explains the relationship between the expected
return, actual return and addition to shareholder wealth in a given time
period:
AR > ER: Addition to existing wealth of shareholders
AR < ER: Destruction of existing wealth of shareholders
AR = ER: Maintenance of existing wealth of shareholders
Where, AR = Actual rate of return on shareholders capitals

ER = Expected Rate of Return on shareholders capitals
As it can be seen, wealth maximization takes place only when the actual
return is higher than the expected return. Actual return for this purpose is an
economic measure, not an accounting measure. The term expected return
denotes the rate of return expected by the shareholders for the level of risk
they are exposed to in their investment. There are a number of approaches to
estimating the expected return such as Capital Asset Pricing Model (CAPM),
Arbitrage Pricing Theory (APT), etc.
76

There has been a shift gradually from accounting based measures to SWM
measures in many industries. Banking is not an exception to this. The most
popular SWM measure in the banking industry is Risk Adjusted Return On
Capital (RAROC) and its variants. RAROC has its numerator the return earned
and capital allocated in its denominator. Given the importance of SWM
measures, the traditional control oriented risk management system should
have pave the way for value based risk management system. In order to
achieve this, the two steps need to be added to the existing list of steps in risk
management:
1.
Capital Allocation:
Under this step, activities of a blank would be
broken down to various major businesses, retail banking, corporate banking,

government business, proprietary trading, etc. Each one can be viewed as a
Strategic Business Unit (SBU) with targets of return performance. Each one
of the SBUs is allocated a portion of the banks equity capital. The allocation
of capital is based on the contribution of each SBU to various risk of the bank.
Higher the contribution of an SBU to the risk of the bank, higher will be the
capital allocated.
2.
Risk-adjusted Performance Measurement: Having allocated capital to
each SBU commensurate with its contribution to the overall risk of the bank,
a target return on the capital allocated needs to be set. The question of
whether the target returns to be achieved by each SBU dependent upon risk
contribution is the most contentious issue occupying the attention of the risk
management community.
Source: www.gvm.net.au
77

7.2 Integration of Risks Leading to EWRM System:
Source: www.pwc.com.au
Enterprise-wide risk management (EWRM) is defined as a structured,

consistent and continuous process across the whole organization for
identifying, assessing, deciding
on
responses to
and
reporting
on
opportunities and threats that affect the achievement of its objectives.

Institutions are finding that they need to manage risk in a more proactive way
to avoid losses and gain advantage in an increasingly competitive
environment.
The traditional approach to risk management, driven largely by regulatory
pressure and the desire to avoid losses, is no longer considered
78

sufficient. Quit recently, risks were, managed on a departmental basis, eg by
the H&S department or the Financial department. These departments then
focused mainly on policies, procedures, methodologies and systems and
separately on operational management, financial control and financial risk
management.
A gap occurred in terms of sharing of information throughout the
organization, and applying risk management principles to the management
practices of the company. EWRM should identify how the organization as a
whole could be affected by risks and what actions should be taken to avoid
major losses.
Enterprise Risk Management Value
Effective and efficient structures to govern and oversee the
organization and achieve the strategy creating synergies between different

risk management activities.
Increased risk awareness which facilitates better operational and
strategic decision-making.
Ensuring that risk-taking decisions across the organization are within
and aligned to the nature and level of risk that stakeholders in the
organization are willing to take.
More informed/risk-based decision-making.
Each one of the risk is interrelated to the other. It has been observed that
one type of risk can transfer itself into some other type, if not managed
properly thereby causing losses to the bank. For example, it has been
generally observed that when interest rate go up in the economy, the credit
risk also increases as increase in the interest rates on loan increases the
burden of the borrower to pay. Similarly, the market risk and liquidity risk are
highly interrelated. It has been witnessed that when the markets crash, the
liquidity of the traded securities in the market dries up drastically. The recent
example in the Indian market highlighting the interrelationship between
79

operational risk and market risk (of adverse price change) was the fall in the
market value of ONGC stocks when wrong allotments were made due to error
in the software used by the registrar of the issue.
When risk are interrelated strongly, managing each one of them under a silo
approach can leads to losing the focus on interrelationship as each one the
risk management function would be concentrating only on a particular risk.
To prevent this leakage, RBI has suggested that the banks should move
towards an integrated risk management system in which the mentioned
interrelationships are analyzed prior to ascertaining the impact of risk. The
current risk management practices under the silo approach do not pave the
way for identifying the tool. This means that there is a need for a thorough
overhauling of the entire risk management system rather than merely making
cosmetic changes to the existing system.
Source: www.amicuscompliance.co.uk
80

7.3 Technology and Risk Management
Technology can be very effectively employed in measurement and
management of various risks in banks.
Liquidity risk can be controlled by proper deployment of technology for
centralized operations with networking of branches, payment system
reforms, implementation of technology-oriented schemes like electronic
clearing services, electronic fund transfer, real-time gross settlement
systems,
centralized
fund
management
systems,
public
debt
office
negotiated dealing system etc. measures which can mitigate credit risk
include analysis of industry data, software-based preventive monitoring
system for borrower accounts, straight through processing, implementation
of know your customer guidelines of RBI etc.
Product/Services risk can be controlled by proper customer relationship
management, implementing data warehousing and data mining, proper
market analysis, emphasis on proper deployment of delivery channels.
Technology has a major role in deployment of product and services.
81

CASE STUDY
I.Northern Rock
Northern Rock emerged as an important player in UK mortgage lending
following its creation from a merger of two mutual building societies in the
1960s and subsequent demutualization in October 1997. It grew rapidly from
around 15 bill assets after demutualization to 100 bill assets in 2006. It
had 8% of the mortgage market and 2% of bank deposits in 2007, and it sold
19% of all new home mortgages in the UK in the first half of 2007. It focused
on home mortgage lending, using an originate to distribute model, whereby
mortgages originated would be securitized and sold into wholesale markets.
It was an aggressive lender providing high loan to valuation loans. Retail
deposits were just over 20% of total assets.
Source: www.apec.org.au
Total equity (including subordinated notes) was 3,382 mill. Total assets of
113,503 mill comprised 96,659 mill of advances, of which around 50,000
mill were securitized (although included on the consolidated balance sheet
due to residual exposure) and the rest either funded directly on balance sheet
or by way of covered bonds. 1 Early in 2007, Northern Rock received
approval from the FSA to use the internal ratings based approach for
calculation of capital adequacy requirements.
In August 2007, interbank loan interest rates and wholesale market rates
increased substantially.
82
It should be recognized that the key dependency for Northern Rock was not
its use of wholesale funding per se. In terms of its net short term wholesale
funding to balance sheet asset ratio it was not a significant outlier in relation
to other UK banks. Rather, its key dependency was its use of securitization;
its securitization product was a simple one, based on high quality assets. The
market disruption did not affect Northern Rock's existing securitizations, but
the market for new securitizations had largely closed. Neither did the market
disruption lead to a cessation of Northern Rock's wholesale funding, but
rather to a shortening of its duration and an increase in its price. The
combination of these factors led the Northern Rock Board to seek assurance
that contingency funding from the Bank of England would be available. The
large retail outflows in mid-September led to a significant and sudden
deterioration in Northern Rock's liquidity and required it to draw on the Bank
of England facility. So it is clear that a combination of circumstances led to
the position which Northern Rock is now in, rather than any single event.
http://www.fsa.gov.uk/pubs/other/tsc.pdf 5 Oct, 2007.
Options identified for dealing with Northern Rocks funding difficulties
included (a) Northern Rocks own dealings in short term money markets (b)
arranging takeover by a larger player (c) accessing liquidity support facilities
from the government.
Source: m.ft-static.com
83
Source: im.ft-static.com
Retail depositors ran on the bank on Sept 14, 2007. The UK authorities had
announced a liquidity support package, but not assured depositors that their
funds were safe, relying on a deposit insurance scheme which fully
guaranteed GBP 2,000 plus 90% of the next 33,000 of deposits. The Tripartite
(Treasury, Bank of England, FSA) statement said The FSA judges that
Northern Rock is solvent, exceeds its regulatory capital requirement and has
a good quality loan book. On September 17, the UK government announced
a complete guarantee of deposits in Northern Rock.
The CEO of the FSA commented in October that In terms of the probability of
this organization getting into difficulty, we had it as a low probability.
84

On February 17th, 2008 the government announced plans to nationalize the
bank following the failure of alternative private sector takeover proposals to
be approved.
Extracts from the FSA Summary (26 Mar 08) of its Internal Audit of its
supervision of Northern Rock
From early August 2007, conditions in credit markets deteriorated and
Northern Rock experienced increasing difficulty in securing wholesale

market funding. From 9-August, the FSA took part in daily discussions with
the other tripartite authorities to discuss the latest market conditions. The
significance of 9 August, therefore, is that it was the start 2 of what can be
termed the crisis period. The scope of this review excludes the crisis period.
The extent of the market disruption that occurred in the crisis period
to wholesale funding markets, including securitization markets was

generally not foreseen by commentators. It was the crystallization of a low
probability, high impact risk. It prompted the need for Northern Rock to seek
emergency liquidity assistance from the Bank of England; ultimately, it
prompted the run on Northern Rocks retail deposits.
In April 2004, the FSA effected a major re-organization,
From the start of our review period to June 2006, Northern Rock was
supervised in a department whose primary responsibility was for insurance

groups. Between June 2006 and February 2007, Northern Rock was
supervised by a team which had responsibility for one other group an
insurance group. From February 2007 to the end of the review period, it was
supervised with deposit-taking peers. As a consequence of these moves,
Northern Rock was the responsibility of three heads.
[The supervisory process (review held at 20 Feb 2006)] included an
overview of the firms strategy and business, its principal activities, capital
85

and liquidity positions, and nature of funding, as well as a summary of
management and of the control environment. We were unable to assess the
content of the analysis alongside what key Northern Rock executives and the
external auditors had contributed during the discovery work because,
contrary to ARROW I and ARROW II standard practice, formal records of key
meetings were not prepared
[No developed Financial Analysis was provided to the supervisory
team]. Comparison would have shown Northern Rock, relative to its peers, as
having a high public target for asset growth (15-25% year-on-year) and for
profit growth; a low net interest margin; a low cost; income ratio; and
relatively high reliance on wholesale funding and securitization.
[Decided] not to issue a Risk Mitigation Programme (RMP),
lengthening the supervisory period to 36 months, from the 24 months

proposed against a backdrop of the FSAs publicly stated objective that
we should create incentives for firms to do the right thing in return for a
regulatory dividend that is less regulatory intervention3 where the FSA
judged that their behavior (including in their regulatory relationship) and the
quality of their management, merited it.
Issues that would be addressed in its Close and Continuous (C&C)
supervision. These included: the viability of the firms strategy in the

prevailing market conditions, and the firms capacity to deliver its strategic
objectives whilst ensuring that its credit risk profile remained consistent with
its
risk
appetite;
that
its
access
to
funding,
particularly
through
securitization, was maintained; the adequacy of its stress-testing; on-going

developments of the firms risk management framework, particularly with
respect to Basel; the operational risks arising from its rapid pace of growth;
and the mitigation of the internal and external risks associated with the
impending retirement of the Finance Director.
86
The Panel process resulted in a number of the key risks among them
the viability of the firms strategy, including its need to maintain its access to
funding, particularly through securitization being drawn out for the
supervisory team to pursue;
Those risks were not effectively pursued by the supervisory team in
line with Northern Rocks increasing business risk profile and control
framework;
The lack of formal risk re-assessment, of recording of issues in IRM and
of escalation of the risks which emerged during the supervisory period meant
that there was no trigger to re-assess the level of supervisory resource nor to
increase FSA management scrutiny;
The FSAs approach to liquidity reflected a presumption that, in the
event of a crisis like that experienced in August 2007, general market liquidity
provided by the Bank of England would be increased and, in extremis,
liquidity would be provided for systemically important institutions.
II. The Dearth of Ethics and the Death of Lehman Brothers
History and Facts

Many believe the beginning of the end for Lehman Brothers was when
Washington repealed the Glass-Steagall Act. This landmark legislation from
the Great Depression separated the interests of commercial and investment
87

banks, preventing them from competing against each other (2) and protecting
their balance sheets by allowing each sector to focus on the business and
transactions that it did best. For investment banks, that typically meant highly
liquid, asset-light portfolios, leaving commercial banks to handle capitalintensive portfolios, including real estate or corporate investments.
Additionally, the act insulated the economy from mass collapse in the event of
one sectors failure by preventing the other from being dragged down in tow.
But in 1999, President Clinton signed the Gramm-Leach-Bliley Act into law,
allowing commercial and investment banks to compete head-to-head for the
first time in 60 years (2). The arms race that ensued would prove disastrous
for Lehman Brothers, the financial community, and the global economy at
large.
With the repeal of Glass-Steagall, Lehman Brothers became a key player in
the United States housing boom. From 2004 to 2006, Lehman Brothers
experienced a 56 percent surge in revenues from real estate businesses
alone (1). The firm recognized profits from 2005 to 2006, and in 2007 it
reported a record net income of $4.2 billion on revenues of $19.3 billion. In
the same year, Lehman Brothers stock reached an all-time high of $86.18 per
share, giving it a market capitalization close to $60 billion (1). This proved
exceptional to the surrounding climate, however, and the housing market
began to show signs of a pending bubble burst.
In March 2007, the stock market experienced its biggest single-day plunge in
five years, while the number of mortgage defaults simultaneously rose to the
highest percentage in almost a decade. Bear Stearns, Lehman Brothers
most comparable Wall Street rival, experienced the total failure of two hedge
funds in August. Despite rapidly deteriorating marketing conditions, Lehman
Brothers continued writing mortgage-backed securities and touting its
financial strength to the press and shareholders while decrying the notion
that domestic and global economies were in danger. Meanwhile, its
operations were reckless, as illustrated by its $11.9 billion in tangible equity
and $308.5 billion in tangible assets on balance sheets in 2003 that yielded a
leverage ratio of 26 to 1. Four years later, its $20 billion in tangible equity and
88

$782 billion in tangible assets sent its leverage ratio skyrocketing to 39 to 1
(4). Even with storms brewing in every direction, Lehman Brothers failed to
trim its portfolio of high-risk, illiquid assets, and when crisis erupted in 2007,
Lehman Brothers had missed its chance. Instead of acknowledging this
misstep, executives took internal action to preserve a rosy faade.
Source: anticap.files.wordpress.com
By means of deliberate accounting sleight-of-hand, concealment, and

communication of misleading information, until 2008 Lehman Brothers
maintained the appearance of underdog success to the investment
community. The primary means by which Lehman Brothers disguised its
distress was through implementation of what was known to insiders as Repo
105. This legal but shady accounting device helped create favorable net
leverage and liquidity measures on the balance sheet, which was key for
credit rating agencies and consumer confidence. By utilizing Repo 105,
Lehman Brothers raised cash by selling assets to a behind-the-scenes
phantom company called Hudson Castle, which appeared to be an
independently run organization but was actually controlled by Lehman
Brothers executives. In accordance with Repo 105 terms, assets were sold to
Hudson Castle and repurchased between one and three days later (3).
Because the assets were valued at 105 percent of the cash received, GAPP
89

accounting rules allowed the transactions to be treated as sales, thus
removing the assets from Lehman Brothers balance sheet altogether.
Under the direction of Chief Financial Officer Erin Callan and the certification
of Chief Executive Officer Richard S. Fuld, Jr., Lehman Brothers applied this
technique at the end of the first and second fiscal quarters of 2008 to transfer
a combined total of $100 billion, amending its leverage ratio from 13.9 to a far
more favorable 12.1. Thanks to creative accounting and clever public
relations, Lehman Brothers was able to report a positive view of its net
leverage, including a $60 billion reduction in net assets on the balance sheets
and a deep liquidity pool. Each of these quarterly balance sheet spins was
intended to offset the effect of announcing for the first time in years a
loss of $2.8 billion from write-downs on assets, decreased revenues, and
losses on hedges (1). Application of Repo 105 allowed Lehman Brothers to
avoid having to report selling assets at a loss.
During the bankruptcy investigation, the companys global finance controller
admitted that, there was no substance to [Repo 105] transactions (5). Fuld,
Callan, and their respective teams concealed the use of this tactic from
ratings agencies, investors, and the board of directors. The one party in on
the scheme was Ernst & Young, Lehman Brothers audit firm, which failed to
alert either internal or external parties to the manipulation that was taking
place, even when explicitly questioned. They could not maintain the illusion
for long, however, and in September 2008, Lehman Brothers situation finally
came to a head.
90
Source: media.cagle.com
On September 10, 2008, just three months after reporting second-quarter

successes, Lehman Brothers announced that its supposedly robust liquidity
amounted to approximately $40 billion, but only $2 billion constituted assets
that could be readily monetized. The remainder was tied up on so-called
comfort deposits with various clearing banks, and though the firm
technically had the right to recall said deposits, the validity of Lehman
Brothers work with these institutions was questionable at best (2). By
August, the deposits had been converted into actual pledges.
A few months prior, Fuld began coming to terms with Lehman Brothers
negative outlook. In a last-ditch effort, he made a public offering that yielded
$6 billion in new capital for the firm. However, by the by the time third fiscal
quarter financial statements were due, Lehman Brothers was projecting
additional losses of $3.9 billion. Its stock price had plummeted to $3.65 per
share, a 94 percent decrease from January 2008. Fuld announced a plan to
spin off the majority of the companys real estate holdings into a new public
company, but there were no prospective buyers (Holdings, Inc.). On Sept. 13,
the United States Treasury made it clear that Lehman Brothers would not be
91

the recipient of bailout money. Instead, a number of financial institutions,
including Barclays and Bank of America, were being encouraged to acquire
the faltering company, invigorate it with much-needed capital, and bring it
back from the edge of collapse (3). Each potential acquirer declined. On Sept.
15, 2008, Fuld admitted defeat and finally heeded private advice from
Treasury Secretary Henry Paulson, Jr. At 1:45 a.m., he filed for Chapter 11
bankruptcy protection, just before the opening of Asian markets (1).
Source: s.wsj.net
In the days following the largest bankruptcy filing in United States history, the
American market experienced a shock unlike any it had felt since the Great
Depression. When the domestic stock market opened on Sept. 15, the Dow
Jones dropped 504 points. The following day, Barclays agreed to buy Lehman
Brothers United States capital markets division for the bargain price of $1.75
billion. Meanwhile, insurance giant AIG was on the verge of total collapse,
forcing the federal government to step in with a financial bailout package that
ultimately cost $182 billion (3). On Sept. 16, the Primary Fund announced that
due to its Lehman Brothers exposure, its price had plummeted to less than $1
per share. The ripple effect of Lehman Brothers failure was widespread,
giving rise to a confidence crisis in global banks and hedge funds. Credit
92

markets froze, forcing international governments to step in and attempt to
ease concerns. Domestically, this resulted in the controversial passage of the
Trouble Asset Relief Program, a $700 billion federal rescue aid package, on
Oct. 3, 2008 (5).
Source: www.telegraph.co.uk
Ethical Issues Examined

So what went wrong? The collapse of Lehman Brothers was not the result of a
single lapse in ethical judgment committed by one misguided employee. It
would have been nearly impossible for an isolated incident to bring the Wall
Street giant to its knees, especially after it successfully withstood so many
historical trials.
Instead its demise was the cumulative effect of a number of missteps
perpetrated by several individuals and parties. These offenses can be
categorized into three acts: Lies told by Chief Executive Officer Richard Fuld;
concealment endorsed by Chief Financial Officer Erin Callan; and negligence
on behalf of Ernst & Young.
Three Wrongs
1.
When the housing marketing began faltering in 2007, Fuld was
entrenched in a highly aggressive and leveraged business model, not unlike

many other Wall Street players at the time. Unlike the competitors, a few of
whom had the foresight to identify the pending collapse and evaluate possible
93

consequences of mortgage defaults, Fuld did not rethink his strategy. Instead
he proceeded into mortgage-backed security investments, continuously
increasing Lehman Brothers asset portfolio to one of unreasonably high risk
given market conditions. In short, he was obstinate, but when the time came
to recognize his error, he did not assume responsibility or admit wrongdoing.
Fuld had an opportunity in 2007 to voice concerns about his banks shortterm financial health and its heavy involvement in risky loans, and he
squandered it in favor of communicating to investors and Wall Street that no
foreseeable concerns existed. Had he been truthful, more competitive
solutions along with the benefit of time would have been available, likely
helping prevent or minimize the financial hemorrhage that loomed on the
horizon. For example, commercial banks, such as Barclays and Bank of
America, which were approached for a snap acquisition decision, would have
had more time to evaluate whether the move would complement their longterm strategies. They also would have had more time and opportunity to
resuscitate Lehman Brothers than they did a few quarters down the road.
Additionally, while the immediate effects of admitting a shaky outlook would
have been negative, two repercussions must be considered. First, large
capital investors would have been appreciative of the transparency, and after
getting past the initial shock, they would have taken action to get the bank
back on track. Second, had the general public including the federal
government been aware of the situation and the actionable measures
being taken to rectify it, more intellectual and financial aid would have been
available to minimize losses and potentially avoid total collapse. This was not
the case, however, and by choosing to paint an unrealistically optimistic
picture of Lehman Brothers financial situation, Fuld forfeited the opportunity
to take advantage of various solutions that would have cut the companys
losses. Had he acted more prudently, Lehman Brothers story may have
ended differently.
2.
The second ethical lapse, which was perhaps the most premeditated
and fundamentally wrong, was Callans approval of siphoning assets away

94

from Lehman Brothers accounts and into Hudson Castle, the phantom
subsidiary created for the benefit of its parent companys balance sheet. This
blatant misrepresentation of financial health, perpetrated through the
employment of Repo 105, was an attempt to grossly manipulate the banks
many stakeholders and also clearly indicative of a much bigger problem.
Even more telling is the fact that this technique was used in two consecutive
quarters.
Various documents examining the collapse of Lehman Brothers, including
congressional testimonies and investigative reports, confirm that the purpose
of Repo 105 was not to diminish earnings for tax benefits or similar effects.
Instead, moving assets away from the balance sheet was intended to create
the illusion of a company that was stable and secure. Had Lehman Brothers
executive team been capable of managing the issue, this tactic would have
been a temporary stay until reorganizational measures were taken and
accurate statement releases could be resumed. Instead, for six consecutive
months, the banks leverage was so dangerously high that it had no choice
but to intentionally mislead its shareholders if it hoped to maintain any
semblance of confidence in its operation. As with Fulds decision to lie about
the companys state of affairs, Lehman Brothers would have been better
served by fully and accurately disclosing the details of its finances. With the
benefit of credibility and time to strategize, the likelihood of receiving muchneeded aid would have been far greater.
3.
Finally, Ernst & Young, the only third party privy to the happenings at
Lehman Brothers, failed to reveal the extensive steps taken by executive

leadership to conceal financial problems. As a firm of certified public
accountants expected to honor and uphold an industry-wide code of ethics,
Ernst & Young may be accused of being responsible for gross negligence and
lack of corporate responsibility. Why would such a highly respected
organization risk its own reputation and turn a blind eye on behavior that is
clearly unethical? Obviously Lehman Brothers was a sizeable (and
presumably lucrative) client of the firm. But past scandals involving
95

questionable accounting observances, such as Enron, have demonstrated
firsthand that inaction is as equally reprehensible as direct involvement in the
scheme itself. More than just a paycheck was at risk, and failure to act
successfully discredited Ernst & Young on the basis of ethical and industry
standards.
As an accounting firm, Ernst & Young is charged with certifying that
companies deliver accurate and reliable information to shareholders. In this
regard, Ernst & Young failed completely, as executives were aware of behindthe-scenes bookkeeping and the extent to which it was occurring. In this
situation, concern for ethical behavior was of minimal or nonexistent
concern. Therefore, the companys shareholders were deliberately deceived
for the purpose of preserving a paycheck, and in that regard, the team of
accountants who chose not to act disappointed more than just their company;
they let down the entire industry and each of the right-minded professionals
within it.
The story of Lehman Brothers demise is unfortunate, and not just because its
collapse meant the end of a Wall Street institution. The real tragedy lies in the
lack of ethical behavior of its executives and professional advisors. They
made conscious decisions to deceive and manipulate, and the consequences
proved too dire to preserve the historic investment banks existence.
The perennial lesson of the Lehman Brothers case is that no matter how dire
the circumstances may appear, transparency and accountability are
paramount. Right action up front may sting initially, but as history has
repeatedly shown, gross unethical business practices rarely endure in the
long term. A global financial crisis such as that of 2008 may not be prevented
from happening again. What can be improved, in large measure through
ethics education, is how corporations behave. Wall Street should take note of
the case of Lehman Brothers to ensure history does not find a way to repeat
itself.
96

Newspaper Article:
Source: asset.tovima.gr
Source: resources1.news.com.au
97

CONCLUSION
The objective of risk management is not to prohibit or prevent risk taking, but
to ensure that the risks are consciously taken with full knowledge, clear
purpose and understanding so that it can be measured and mitigated. The
purpose of managing risk is to prevent an institution from suffering
unacceptable loss causing an institution to fail or materially damage its
competitive position. Functions of risk management should actually be bank
specific dictated by the size and quality of balance sheet, complexity of
functions, technical / professional manpower and the status of MIS in place in
the bank. They may not be one-size-fits-all risk management module for all the
banks to be made applicable uniformly.
As in the international practice, a committee approach may be adopted to
manage
various
risks.
Risk
Management
Committee,
Credit
Policy
Committee, Asset Liability Management Committee, etc., are such committee

that handles the risk management aspects. To the extent the bank can take
risk more consciously, anticipates adverse changes and hedges accordingly,
it becomes a source of competitive advantage, as it can offer its products at a
better price than its competitors. What can be measured can also be
managed. It should be clearly understood that risk mitigation is more
important than capital allocation against inadequate risk management
system.
The effectiveness of risk measurement depends on efficient Management
Information System, computerization and networking of the branch activities.
An objective and reliable data base has to be built up for which bank has to
analyze its own past performance data relating to loan defaults, trading
losses, operational losses etc., and come out with benchmarks so as to
prepare themselves for the future risk management activities.
98

BIBILOGRAPHY
BOOKS REFERRED
RISK MANAGEMENT S.B. VERMA
MAGAZINES
INSTITUTE AND FACULTY OF ACTUARIES,UK
NEWSPAPERS
ECONOMICS TIMES
FINANCIAL TIMES
WALL STREET JOURNALS
99

WEBILOGRAPHY
http://www.communitybankeruniversity.com/CBU/managing-
commercial-credit-risk
http://web.worldbank.org/external/default/main?theSitePK=3985219&p
iPK=64143448&pagePK=64143534&menuPK=64143504&contentMDK=20191
686
https://technet.microsoft.com/en-us/library/cc535304.aspx
http://www.investopedia.com/terms/t/transferofrisk.asp
http://www.garp.org/media/1106495/reputationalriskmanagement_raul
manjarin_112712.pdf
http://christelfouche.com/ewrm-explained/
http://www.pwc.com.au/consulting/risk-
controls/management/enterprise-wide-risk-mgt.htm
http://lexicon.ft.com/Term?term=risk-management
http://www.investinganswers.com/financial-
dictionary/optionsderivatives/interest-rate-swap-2252
http://stcipd.com/interestrate1.aspx
http://sevenpillarsinstitute.org/case-studies/the-dearth-of-ethics-and-
the-death-of-lehman-brothers
https://www.imf.org/external/np/fin/data/rms_mth.aspx?SelectDate=20
15-09-30&reportType=REP
100

Risk Management in Banks

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Risk Management in Banks

Caricato da

Copyright:

Formati disponibili

Adit S.

Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Risk Management: Risk Management is the process of identifying,

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Assess what could go wrong

Determine which risks are important to deal with

Implement strategies to deal with those risks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Indian Banking Industry is going through a transformation process in its

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

The very basic objective of risk management system is1.

To put in place and operate a systematic process to give a reasonable

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Different Types Of Risk

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Credit risk is defined as the potential that a borrower or counterparty will

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Trading credit Risk

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Commercial credit Risk

This is the risk of loss form providing credit to corporate counterparties.

Commodity Market Risk

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Commodity market Risk

Currency market Risk

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Suppose a U.S. MNC wants to finance a 40,000,000 expansion of a

exchange for dollars for euros.

premium since they are not as well-known abroad.

may both benefit from a swap.

find a German firm wanting to finance dollar borrowing in the amount of

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Interest Rate Risk

Interest Rate Swaps in India:

An Interest rate swap is a contractual agreement entered into between two

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Dollar Interest Rate Swap

Interest Rate Swap 5-year

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Interest Rate Swaps Outside India:

An interest rate swap is a contractual agreement between two parties to

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Scenario B: LIBOR = 1.0%

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Market Liquidity Risk:

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Equity market Risk:

Operational risk and control system

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

The main objective of the special audit is to see that risk

management systems and internal control guidelines are adhered to.

being provided to the senior management periodically, viz., on daily, weekly,

This is the risk of loss from failure of a trading counterparty to perform as

Adit S. Joshi TYBBI Sem5 Risk Management in Banks

Adit S. Joshi TYBBI Sem5 Risk Management in Banks