Asset/Liability Management Certification Training Program February 7-10, 2012 Day 4 Session 2 Presented by: Leonard Matz

www.sheshunoff.com

Topics for This Session

1. Making ALCO effective. 2. Best practice IRR reporting.

3. Contents of a best practice IRR policy.

4. Oversight, internal controls and audit. 5. Review Q&A

Making ALCO Effective

Flawed Decision Making The non-decision lets just debate the rate outlook Wishful thinking the problem will go away

Delayed decision making lets have another committee meeting before we act

Asset / Liability Committee (ALCO)

Two reasons why a committee is at the center of rate risk management: 1. Many of the risk management issues requires the CEOs and CFOs attention and also have strategic ramifications

2. Typically the CEO and the CFO lack day to day familiarity with all f the bank activities impacting the risks

ALCOs mission should include:

1. To be responsible for setting interest rate risk limits, developing interest rate risk strategies, and making sure that the bank stays within these limits
2. Setting investment portfolio strategy is another responsibility that often falls under the ALCO umbrella 3. Liquidity management

ALCO Membership

Membership should include senior managers from each major lending, investment, deposit, and funding area in the bank. The following bank functions should be represented on ALCO:
Chief Executive Officer President Chief Financial Officer Treasurer Senior Investment Officer Asset/Liability Manager Senior Credit Officer Senior Branch Officer Senior marketing Officer

Poor Delegation of Risk Management Authority

Confusion among managers as to which person or which department is responsible for aspects of risk measurement, management, or oversight.

Lack of an owner responsible for all aspects of risk positions.

Policy restrictions that focus on actions rather than on risks. Ambiguous delegation of authority. For example, insufficient distinction between responsibility for final approval, responsibility for review, and responsibility for active measures. Delegation of responsibility without authority. Delegation of responsibilities to one or more committees without making the committee chairman or some other officer responsible. Duplicative, redundant, or overlapping delegations of authority.
7

Characteristics of Ineffective AL Committees (1) The chief executive officer does not attend meetings. ALCO members are unsure of what the ALCO is required to accomplish. ALCO members are uncomfortable with the validity of the risk information presented. The agenda is cluttered with review items, leaving insufficient time for decisions and providing a lot of excuses to avoid making decisions.

Characteristics of Ineffective AL Committees (2) Risk reports provided to committee members are too voluminous, complex, or late to support informed decision making. Too much time is spent discussing the current interest rate and economic outlook instead of alternative management decisions.

ALCO discussions are dominated by the individuals directly responsible for monitoring IRR exposure.

Characteristics of Ineffective AL Committees (3) Risk management decisions are not implemented. The results of previous decisions are not measured.

The only managed portion of the banks IRR and liquidity risk is the risk in assets, liabilities, or offbalance sheet positions that are managed in Treasury.
Risk management decisions are made in response to the present situation and short-term objectives. Longer term strategic considerations are given little or no thought.

10

Characteristics of Ineffective AL Committees (4) Management of the banks liquidity position is inconsistent with policy guidelines adopted by the ALCO. The profitability and riskiness of key loan and deposit products are not monitored by the ALCO. New loan and deposit products or new variations of existing loan and deposit products are introduced without ALCO discussions about their risk characteristics.

11

ALCO Functions and Responsibilities 1. Select IRR and liquidity measurement systems and methodologies.

2. Select the rate risk variables that the bank believes best describe the rate risk.
The ALCO has to choose whether it is concerned about most likely rate changes or other potential rate changes and how those potential rate changes will be selected. The ALCO must also choose whether it is concerned with changes in projected net income, projected economic value of equity, etc. (selection of the dependent variables).

3. Select liquidity scenarios and stress levels.

12

ALCO Functions and Responsibilities 4. Establish specific limits on the acceptable level of risk on a consolidated basis and recommend those limits to the board for its approval and for incorporation into the policy. In addition, the ALCO may establish less-official limits that are more restrictive than limits established in the policy. (More restrictive limits may be established when circumstances require a temporary change.) From time to time, the ALCO may want to recommend changes in limits established by the board of directors

13

ALCO Functions and Responsibilities 5. Regularly review analysis of the banks exposure to adverse consequences from rate changes. Even though the projected exposure may be within policy limits, the ALCO may decide that actions should be undertaken to change this exposure. In addition to responses to changes in rate expectations, ALCO may want to change the banks IRR exposure because other changes, such as poor earnings, make it appropriate to temporarily reduce the banks exposure to rate risk. 6. Regularly review analysis of the banks exposure to liquidity risk under defined stress scenarios. Identify potential vulnerabilities and respond as appropriate.
14

ALCO Functions and Responsibilities 7. Review reports indicating whether previous ALCO decisions were implemented, the extent to which previous ALCO decisions resulted in the intended changes to the banks IRR exposure, and whether IRR exposure limits have been exceeded.

15

ALCO Functions and Responsibilities 8. The ALCO must also keep minutes of all meetings. This rule should hold for informal meetings as well as formal meetings. Also, outside auditors and bank examiners usually review ALCO minutes, and they expect to see a complete record. ALCO minutes do not have to be lengthy or unusually detailed. At a minimum, the minutes should identify: When the meeting was held Who attended Major topics discussed Specific decisions made
16

Sample ALCO Agenda

10:00-10:15 Status Reports 1. Minutes of prior meeting. 2. Review of implementation status of decisions from prior meeting. 3. Review of any policy violations, procedural problems, etc. 10:15-10:30 Review of Historical Information 4. Review of the trend in rate risk exposure levels. 5. Review of the trend in related information, such as liquidity and capital ratios.
17

Sample ALCO Agenda

10:30-10:40 Competitive Situation 6. Review of relevant competitive information, such as deposit rates. 7. Analysis of current loan and deposit strategies, planned promotions, securitizations in process, and other planned changes.

18

Sample ALCO Agenda

10:40-11:10 Current Risk Assessment 8. Current rate risk exposure and projection measures (model reports of EVE and EAR for a range of possible future interest rates). 9. Current rate outlook/forecast.

10.Confidence level in current rate outlook.

11.Comparison of current rate risk exposure to boardapproved limits and to ALCOs most recent target.

19

Sample ALCO Agenda

11:40-11:50 Related Issues

16. The impact of the current and targeted rate risk exposure on the banks capacity to meet its budget.
17. The adequacy of current liquidity. 18. The impact of the current and target rate risk exposure on liquidity risk levels. 11:50-12:00 Open Discussion 12:00 Noon Adjourn
20

Five Steps for Sound Decision Making

AGENDA ITEM
1.

COMMENT
Goals: Provide background Reinforce connection between ALCO decisions and banks financial performance Ensure that prior ALCO decisions were implemented (oversight) Enables the ALCO to compare with limits

NEEDED INPUT
History (e.g., past 12 months) of banks IRR exposure and of rate movements Performance of margin, net interest income, economic value, etc.

Review IRR performance history.

2. 3.

Review current IRR exposures. Determine rate outlook.

Exposure reports (exposures vs. limits)

Steps: Select base case scenario, highlighting expectations vis--vis types of rate change Determine analysts confidence in base case Articulate and document logic Expressed in same terms as exposures are measured (including as a percentage of limit) This usually takes the form of on-balance sheet and/or off-balance sheet actions to alter the banks risk exposure profile Output: decision summary Economic and market data

4.

Decide on IRR positions. Determine basic implementation strategy and delegate implementation
responsibility.

5.

21

Source: Adapted from a table developed by J. Kimball Hobbs.

Best Practice IRR Reporting

22

Best Practice ALCO Reports

Good ALCO reporting has four characteristics: It must include all of the information that decision makers need. It must clearly call attention to the most important issues. It must be timely. It must be actionable.
23

What do Risk Managers Need to See?

Compliance with Risk Exposure Limits.

Non-limit policy violations. Current exposures.

History. Information that relates current risk exposures to exposures in prior time periods and to prior risk management decisions provides both context and continuity.
Support for new decisions. The package should also contain economic data or forecasts to help guide ALCO members.
24

US Interagency Requirements Reportable items may include but are not limited to:
cash flow gaps, cash flow projections, asset and funding concentrations, critical assumptions used in cash flow projections, key early warning or risk indicators, funding availability, status of contingent funding sources, or collateral usage, the use of and availability of government support, such as lending and guarantee programs, and implications on liquidity positions, particularly since these programs are generally temporary or reserved as a source for contingent funding. Format revised. Interagency Policy Statement on Funding and Liquidity Risk
Management, Paragraph 20, March 2010 25

Typical CEOs Report Load!!

Credit Reports ALCO Reports Operating Loss Reports Financial Reports Performance Reports Audits Etc

CEO should not be the first point of integration!

26

Management Reports Multiple levels of details Focus on key metrics

Appropriate aggregation
Appropriate disaggregation currencies Clarity for non-specialists

Flexible content special situations and topics reviewed infrequently

Flexible frequency for scenarios

27

Advice for ALCO Packages

An executive summary is a big help for busy managers. Report formats should be uncluttered, emphasizing graphs and simple tables. Use color to highlight key information. Use the same description each time you prepare a package, and show the history for each major exposure as a line graph. Try to keep supporting detail in appendices.
28

More Focused ALCO Reporting and Risk Dashboards

29

Percentage Point Variance Under Various Rate Scenarios

EARNINGS AT RISK
Rising Interest Rate Scenario Flat Rat Scenario
No change

Declining Interest Rate Scenario

Up 300 bp

Up 200 bp

Up 100 bp

Down 100 bp

Down 200 bp

Down 300 bp

Business strategy 1: Business strategy 2: Business strategy 3: Base case strategy: Business strategy 4: Business strategy 5: Business strategy 6:
Source: BancWare ALM 5

5.41%

3.76%

2.17%

0.0%

-2.44 %

-5.14%

-7.97%

30

Comparisons of Risk Limits and Measured Exposures

200 150

Net Interest Income

100 50 0 -50 -100 -150 rates rise -200 Q0 Q1 Q2 Q3 Q4 Q5 Q6 no change rates fall

31

Trend in Net Income: Actual Plus Four Projected Scenarios

50
Actual Forecast
Budget

45
Net Interest Income

40 35

Rising

Current

30 25 20 1Q 2Q 3Q 4Q 1Q 2Q 3Q 4Q
32
Declining

Sample Output of Economic Value Simulation Model Interest Rate Scenario

(in thousands of dollars)

Down 300 bp

Down 200 bp

Down 100 bp

Base Case

Up 100 bp

Up 200 bp

Up 300 bp

PV of Assets

606,537

589,107

574,333

560,866

548,097

536,172

524,713

Percent Change

8.14%

5.04%

2.40%

-2.28%

-4.40%

-6.45%

PV of Liabilities

491,109

484,877

478,866

472,727

466,530

460,391

454,413

Percent Change

3.89%

2.57%

1.30%

-1.31%

-2.61%

-3.87%

PV of Equity

115,429

104,230

95,467

88,140

81,567

75,781

70,300

Percent Change

30.96%

18.26%

8.31%

-7.46%

-14.02%

-20.24%

Source: BancWare ALM 5

33

Comparisons of Risk Limits and Measured Exposures

15% 10% 5% 0% -5% -10% -15% -20% -25% -30% -35% -300 -200 -100 Base Case 100 200 300
34
% Value at Risk March 200X % Value at Risk June 200X % Value at Risk September 200X

Policy Limit - all months

Products Ranked by Economic Value Sensitivity

(for a 200-basis point decrease in rates scenario)

No Change in Rates

Down 200 Basis Points Scenario Percentage Change 0.03% 0.08% 0.33% 0.59% 0.71% 0.83% 0.95% 1.10% 1.50% 1.91% 2.07% 3.54%

Economic Value Fed Funds Sold Personal Loans Floating US Treasuries Treasury US Treasuries Fixed Commercial Loans - Floating CDs LT 100k Personal Loans - Fixed Commercial LOC Agencies CDs GT 100k Municipals Savings Accounts 8,936 5,070 17,239 17,080 111,440 71,252 24,774 61,924 21,225 193,918 9,167 19,193

Economic Value 8,939 5,074 17,295 17,181 112,235 71,842 25,009 62,602 21,544 197,620 9,357 19,872

Change 3 4 56 100 795 590 235 678 319 3,703 190 679

NOW Accounts
ARMs Money Market Accounts Lines of Credit Commercial Loans Fixed Mortgages MBS

33,537
79,150 74,620 25,007 97,334 23,507 23,012

34,723
82,242 77,840 26,161 107,325 29,302 28,842

1,186
3,092 3,220 1,153 9,991 5,794 5,830

3.54%
3.91% 4.32% 4.61% 10.26% 24.65% 25.33%

35

Just Because We Can, Doesnt Mean We Should

Sample ALCO Report
% of limit
100

12-month history of position-taking, expressed as % of limit

high confidence -- rates up

Asset Sensitive

80

moderate confidence -- rates up

IRR Position History (% of Limit) 20

x
low confidence or no direction

recommended target

Liability Sensitive

-20

moderate confidence -- rates down

-80

high confidence -- rates down

-100

prior 12 months

24

36

Improving Rate Risk Disclosure: Bank of Americas Are More Realistic

37

Contents of a Best Practice IRR Policy

38

Five Good Reasons to Have A Formal, Written Policy

1. Bank examiners require it

2. The policy communicates managements intentions and rules to everyone involved in the process
3. Establishes specific objectives and responsibilities 4. Establishes priorities for goals

5. Helps establish goal congruence and coordination throughout the bank

39

General Qualities for Effective Policies

Policy provisions should be specific enough to achieve the banks goals. The policy should not include excessive detail. Confine most details to either policy appendices or procedures manuals. The best policy provisions provide clear, focused, and practical guidance.

Policies should delegate responsibility for developing procedures or assumptions rather than dictating the procedures or assumptions.
The best policies are customized to the financial institutions resources, markets and strategies.

The best policies are living documents.

Policies must reflect constraints resulting from legal entity structure, regulations and international activities.
40

Policy Perspectives

Strategic risk management how much liquidity risk, measurement and management conditions, etc. Tactical risk management what to do about liquidity risk in todays bank and market conditions.

41

Rate Risk Policy Scope and Content.

42

Why Do We Need a Formal IRR Policy?

1. Bank regulators require it. Necessary but not sufficient.

2. A more important reason to have a policy is that it communicates managements intentions and rules to everyone involved in the process. If you dont know where you are going, any road will take you there. 3. The policy establishes specific objectives and responsibilities. Creating the policy forces managers and directors to identify their objectives and to assign responsibilities. 4. The policy establishes priorities for goals..
43

Eleven Elements of An Effective IRR Policy

1. Frequency and Method for Monitoring Interest Rate Risk Exposure

The IRR policy should address which methods the bank uses to measure and monitor rate risk, How is interest rate risk defined (earnings or value).

What target of rate risk exposure is the bank aiming to manage?

What time frame(s) or time horizon(s)? How often is rate risk measured?

44

Eleven Elements of An Effective IRR Policy

2. Rate Risk Exposure Limits

Consistent with risk appetite. (Managing to risk neutral or positioning?) Appropriate given the banks risk management expertise?

Consistent with path to the exit.

45

Limits for Stress Tests (rate shocks) are Mandatory

Management should establish limits, triggers, or thresholds for stress scenarios in order to compare risk measurement results with the institutions risk tolerance. Typically, institutions establish a set of stress scenarios as part of the regular IRR assessment process. Longstanding supervisory guidance provides that an appropriate limit system should permit management to control IRR exposures, initiate discussion about opportunities and risk, and monitor actual risk taking against predetermined risk tolerances. Risk measurements and limits generally focus on the level of volatility on earnings and capital.

Source: Answer to Question 7, Interagency Advisory on Interest Rate Risk Management Frequently Asked Questions, January 12, 2012, pages 5 and 6.
46

Eleven Elements of An Effective IRR Policy

3. Clear Identification of Authority/Responsibility The policy should clearly identify the authority and responsibility for specific elements of rate risk management and oversight. Individuals and committees responsible for making rate risk management decisions should be identified. IRR policies typically include many specific requirements for the creation and operation of an ALCO. A sample list of IRR policy specifications for an ALCO includes:

ALCO membership
ALCO duties and responsibilities How often the ALCO should meet Decision-making authority of the ALCO

Form of reports from the ALCO to senior management and the board
Frequency of required reports from the ALCO
47

Eleven Elements of An Effective IRR Policy

4. Reporting

The rate risk management policy must specify and describe required reports. An accurate, informative, and timely management reporting system is essential for both monitoring and managing rate risk exposure.

The policy should identify what position or department is responsible for preparing reports.
The policy should stipulate the frequency of reporting.

48

Eleven Elements of An Effective IRR Policy

5. Acceptable and Unacceptable Courses of Action for Managing

Interest Rate Risk Major hedging strategies and risk management actions, such as the use of derivatives, should be authorized by the policy. The IRR policy should define: When capital markets hedging is permitted. How much capital markets hedging is permitted. What hedging instruments are acceptable. Hedge limits by instrument. What department or area in the bank is responsible for using capital markets hedge instruments. What hedging strategies are acceptable. How hedging activities will be reported, to whom they must be reported, and how often they must be reported. What controls will be required.
49

Eleven Elements of An Effective IRR Policy

6. Measures to Take to Monitor Compliance with the IRR Policy Regular reports of compliance with all policy provisions, especially limits are necessary.

The policy should identify:

who prepares compliance reports, who receives compliance reports and how often is compliance reported.

Last but not least, some independent report of compliance with the IRR policy is a good idea. The policy might, for example, require the audit department to make an annual review and report of compliance with policy provisions.

50

Eleven Elements of An Effective IRR Policy 7. Measures to Test the Accuracy of Data, Assumptions, and Calculations Used in the Rate Risk Measurement Process Data reconcilement Date testing (exception trapping) and scrubbing Assumption validation/backtesting Model audits

51

Eleven Elements of An Effective IRR Policy 8. Measures to Test the Accuracy of Estimated or Projected Exposure to Changes in Prevailing Interest Rates It is also important to establish procedures for periodic comparisons of forecasted rate sensitivity with actual changes in the banks income or EVE after subsequent rate changes. The term backtesting mainly refers to this type of output verification. EVE backtesting is limited to outputs for which there is a corresponding, observable market price.

52

Eleven Elements of An Effective IRR Policy 9. Measures to Test the Effectiveness of Rate Risk Management Activities

IRR management activities do not always accomplish what we expect. The bestintentioned- and implemented plans do not always produce the desired results. While measuring and managing IRR is imperfect at best, bank managers should have some procedures to follow so that the effectiveness of their rate risk measurement and management can be monitored and adjusted as necessary. The procedures themselves do not belong in the policy. However, the policy should at least establish the requirement for such follow-up and testing. 53

Eleven Elements of An Effective IRR Policy 10. Regulatory Compliance A general policy declaration to the effect that the bank will comply with all applicable laws and regulations never hurts, but a broad statement to that effect is clearly not sufficient by itself. Regulators usually expect to see some specific requirements included in ALM or IRR policies.

54

Eleven Elements of An Effective IRR Policy 11. Policy Coordination For all banks, an IRR policy paragraph should address how policy will be coordinated with policies for lending/credit, investments, liquidity, strategic planning, and capital. One way to coordinate these would be to have proposed changes in any one policy made subject to a review process that includes individuals responsible for enforcing the other policies.

55

Oversight, Internal Controls and Audit

56

IRR Oversight Elements

Monitor compliance with policy limits and approved procedures Review the impact of previous changes in interest rates to evaluate the accuracy of previous measurements of rate risk exposure Monitor implementation of previous risk management decisions to determine the quality, timeliness and completeness of implementation Audit the integrity of the risk measurement and risk reporting process

57

IRR Oversight Procedures and Controls

1. Financial Institutions should develop procedures requiring:

Appropriate methods for quantifying assumptions Documentation of how assumptions were quantified, when it was done and who did the work Test of critical assumptions Documentation of assumptions reviews Controls for assumptions changes Controls for assumption changes are particularly important

2.

Controls for compliance with policies and risk management procedures

Periodic reviews to validate that bank enforces its IRR policy Whether exceptions to policies or procedures receive the prompt attention

58

Internal Controls The regulators expect institutions to have an adequate system of internal controls to ensure the integrity of all elements of their IRR management process, including the adequacy of corporate governance, compliance with policies and procedures, and the comprehensiveness of IRR measurement and management information systems. These controls should be an integral part of the institutions overall system of internal controls and should promote effective and efficient operations, reliable financial and regulatory reporting, and compliance with relevant laws, regulations, and institution policies.

FFIEC Advisory On Interest Rate Risk, page 8.

59

Requirements for Audit Focus on risks not reconcilements Training

Testing data
Testing assumptions Testing output Testing for compliance with limits, policy constraints and regulatory requirements. Testing internal controls for key vulnerabilities such as assumption modifications.

60

Controls for Assumptions

Appropriate methods for quantifying assumptions. Documentation of how assumptions were quantified, when the work was done and who did the work.

Tests of critical assumptions (sensitivity tests and/or back tests).

Documentation of assumptions reviews both periodic reviews and reviews following changes in bank activities or market conditions. Controls for assumption changes. Controls for assumption changes are particularly important. Internal and external auditors should review changes and control procedures for changes. All changes should be undertaken for valid risk management reasons and not to avoid violating a risk exposure limit.
61

Essential Non-Audit Oversight Tasks Review the impact of previous changes in interest rates to evaluate the accuracy of previous measurements of rate risk exposure. Monitor implementation of previous risk management decisions to determine the quality, timeliness, and completeness of implementation.

62

IT Resources A Critical Risk Management Requirement

Supervisors have observed that an inability to aggregate risk data in an accurate, timely, or comprehensive manner can undermine the overall value of internal risk reporting. For example, whereas most firms focus on establishing a management information reporting framework to meet operational requirements, internal risk reporting standards do not articulate the type of critical reporting that would be required in a crisis or the speed at which these reports would have to be produced. We believe that in order to meet the needs of the business line and risk management staffs, firms should establish standards, cutoff times, and schedules for internal risk reports.
Source: SSG, Observations on Developments in Risk Appetite Frameworks and IT Infrastructure, December 23, 2010, page 2 and page 12. 63

Review Q&A

64

Do you have a question that you would like answered during the Q&A session? Simply follow the instructions below.
To ask a question, please press *1 on your touchtone phone. If you are using a speaker phone, please lift the receiver and then press *1.

If you would like to withdraw your question, press *1.

65

Copyright Notice

Portions of this presentation are copyrighted by Sheshunoff Information Services, Inc. The remainder is copyrighted by Leonard Matz. No part may be reproduced in any form or incorporated in any information retrieval system without prior written permission from the copyright owner.

66