Documente Academic
Documente Profesional
Documente Cultură
IBS, CHANDIGARH.
1
INDEX
Synopsis.3 Objective4 Limitations.4 Methodology.5 Schedule5 References.5 Introduction..6 Banking services...8 Risk management11 Credit risk20 Risk management in ICICI Bank34 Risk management in State Bank Of India...... 58
SYNOPSIS
Risk management is the process of measuring, or assessing risk and then developing strategies to manage the risk. In general, the strategies employed include transferring the risk to another party, avoiding the risk, reducing the negative affect of the risk, and accepting some or all of the consequences of a particular risk. Financial risk management, on the other hand, focuses on risks that can be managed using traded financial instruments. Regardless of the type of risk management, all large corporations have risk management teams and small groups and corporations practice informal, if not formal, risk management. In ideal risk management, a prioritization process is followed whereby the risks with the greatest loss and the greatest probability of occurring are handled first, and risks with lower probability of occurrence and lower loss are handled later. In practice the process can be very difficult, and balancing between risks with a high probability of occurrence but lower loss vs. a risk with high loss but lower probability of occurrence can often be mishandled. Risk management also faces a difficulty in allocating resources properly. This is the idea of opportunity cost. Resources spent on risk management could be instead spent on more profitable activities. Again, ideal risk management spends the least amount of resources in the process while reducing the negative effects of risks as much as possible.
Pertaining to risk management in credit portfolio, it is not as though banks are not conscious of the various risk elements - in fact, all these phraseologies are repeated all over from time to time in different context. Such comprehension requires to be translated into practice by evolving systems for control/administration. So, this project comprises understanding the procedure of the risk management carried by the banks in order to maintain their assets and liability position and also to compete well in the market in lieu of guidelines provided by the RBI .In this study we would do study various risks such as credit risk, market risk, liquidity risk and operational risk as well. This project would describe how banks work against these risks and try to minimize it in order to maximize the profit margin. Also the banks management and various departments in regard to manage these kinds of risks. We would also study the guidelines provided by RBI in regard to Risk Management procedure that to be followed by Nationalized and Private Banks also NBFCs. In the project we would describe the risk management process that been carried by banks and also ALM structure in order to control upon assets liability position in the banks in order to keep eye on liquidity position of banks and also we would see which tools or methods are being used by banks in order to control risk and maximize profitability.
OBJECTIVE
1. 2. 3. 4. 5. To study and analyze the Risk Management procedure in Banks. To study different types of tools such as VAR. To study the guidelines provided by RBI. To check Assets-Liability position of the Banks. To study the liquidity position of the Banks.
LIMITATIONS
If risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. Unlikely events do occur, but if the risk is unlikely enough to occur, it may be better to simply retain the risk, and deal with the result if the loss does in fact occur. Prioritizing too highly the Risk management processes it could potentially keep an organization from ever completing a project or even getting started. This is especially true if other work is suspended until the risk management process is considered complete.
1. To assure whether the data would be accurate or not. 2. To see whether the tools which will be used for analysis would be correct
or not. 3. Different methods of each Bank to control Risk
PROPOSED METHODOLOGY
The methodology that would be used in the project as follows:Sample Size: Two Banks. Sampling Method: Random Sampling Technique. Research Methodology: - Personal Meeting With Banks Personnel for collecting Data and analyzing the process of Risk Management.
SCHEDULE
PARTICULARS Meeting with Banks Collecting and Analysis of Process Preparation of Final Report SCHEDULED DATE 12th of December 2005 20th of January 2006 18th of March 2006
REFRENCES
1. 2. 3. 4. 5. 6. 7. 8. 9.
Risk Management in Banks by ICMR press. RBI Guidelines and Journals. www.google.co.in www.bambooweb.com www.rbi.org.co.in www.icicibank.com www.sbi.co.in www.infoscouts.com www.kpmg.com
INTRODUCTION
Banking, the business of providing financial services to consumers and businesses. The basic services a bank provides are checking accounts, which can be used like money to make payments and purchase goods and services; savings accounts and time deposits that can be used to save money for future use; loans that consumers and businesses can use to purchase goods and services; and basic cash management services such as check cashing and foreign currency exchange. Four types of banks specialize in offering these basic banking services: commercial banks, savings and loan associations, savings banks, and credit unions. A broader definition of a bank is any financial institution that receives, collects, transfers, pays, exchanges, lends, invests, or safeguards money for its customers. This broader definition includes many other financial institutions that are not usually thought of as banks but which nevertheless provide one or more of these broadly defined banking services. These institutions include finance companies, investment companies, investment banks, insurance companies, pension funds, security brokers and dealers, mortgage companies, and real estate investment trusts. This article, however, focuses on the narrower definition of a bank and the services provided by banks in Canada and the United States. (For information on other financial institutions, see Insurance; Investment Banking; and Trust Companies.) Banking services are extremely important in a free market economy such as that found in Canada and the United States. Banking services serve two primary purposes. First, by supplying customers with the basic mediums-of-exchange (cash, checking accounts, and credit cards), banks play a key role in the way goods and services are purchased. Without these familiar methods of payment, goods could only be exchanged by barter (trading one good for another), which is extremely time-consuming and inefficient. Second, by accepting money deposits from savers and then lending the money to borrowers, banks encourage the flow of money to productive use and investments. This in turn allows the economy to grow. Without this flow, savings would sit idle in someones safe or pocket, money would not be available to borrow, people would not be able to purchase cars or houses, and businesses would not be able to build the new factories the economy needs to produce more goods and grow. Enabling the flow of money from savers to investors is called financial intermediation, and it is extremely important to a free market economy.
a) Commercial Banks
Commercial banks are so named because they specialize in loans to commercial and industrial businesses. Commercial banks are owned by private investors, called stockholders, or by companies called bank holding companies. The vast majority of commercial banks are owned by bank holding companies. (A holding company is a corporation that exists only to hold shares in another company.) In 1984, 62 percent of banks were owned by holding companies. In 2000, 76 percent of banks were owned by holding companies. The bank holding company form of ownership became increasingly
attractive for several reasons. First, holding companies could engage in activities not permitted in the bank itselffor example, offering investment advice, underwriting securities, and engaging in other investment banking activities. But these activities were permitted in the bank if the holding company owned separate companies that offer these services. Using the holding company form of organization, bankers could then diversify their product lines and offer services requested by their customers and provided by their European counterparts. Second, many states had laws that restricted a bank from opening branches to within a certain number of miles from the banks main branch. By setting up a holding company, a banking firm could locate new banks around the state and therefore put branches in locations not previously available. Commercial banks are for profit organizations. Their objective is to make a profit. The profits either can be paid out to bank stockholders or to the holding company in the form of dividends, or the profits can be retained to build capital (net worth). Commercial banks traditionally have the broadest variety of assets and liabilities. Their historical specialties have been commercial lending to businesses on the asset side and checking accounts for businesses and individuals on the liability side. However, commercial banks also make consumer loans for automobiles and other consumer goods as well as real estate (mortgage) loans for both consumers and businesses.
c) Savings Banks
Traditional savings banks, also known as mutual savings banks (MSBs), have no stockholders, and their assets are administered for the sole benefit of depositors. Earnings are paid to depositors after expenses are met and reserves are set aside to insure the deposits. During the 1980s savings banks were in a great state of flux, and many began to provide the same kinds of services as commercial banks.
BANKING SERVICES
Commercial banks and thrifts offer various services to their customers. These services fall into three major categories: deposits, loans, and cash management services.
a)
Deposits
There are four major types of deposits: demand deposits, savings deposits, hybrid checking/savings deposits, and time deposits. What distinguishes one type from another are the conditions under which the deposited funds may be withdrawn. A demand deposit is a deposit that can be withdrawn on demand at any time and in any amount up to the full amount of the deposit. The most common example of a demand deposit is a checking account. Money orders and travelers checks are also technically demand deposits. Checking accounts are also considered transaction accounts in that payments can be made to third partiesthat is, to someone other than the depositor or the bank itselfvia check, telephone, or other authorized transfer instruction. Checking accounts are popular because as demand deposits they provide perfect liquidity (immediate access to cash) and as transaction accounts they can be transferred to a third party as payment for goods or services. As such, they function like money. Savings accounts pay interest to the depositor, but have no specific maturity date on which the funds need to be withdrawn or reinvested. Any amount can be withdrawn from a savings account up to the amount deposited. Under normal circumstances, customers can withdraw their money from a savings account simply by presenting their passbook or by using their automated teller machine (ATM) card. Savings accounts are highly liquid. They are different from demand deposits, however, because depositors cannot write checks against regular savings accounts. Savings accounts cannot be used directly as money to purchase goods or services. The hybrid savings and checking account allows customers to earn interest on the account and write checks against the account. These are called either negotiable order of withdrawal (NOW) accounts, or money market deposit accounts, which are savings accounts that allow a maximum of three third-party transfers each month. Time deposits are deposits on which the depositor and the bank have agreed that the money will not be withdrawn without substantial penalty to the depositor before a specific date. These are frequently called certificates of deposits (CDs). Because of a substantial early withdrawal penalty, time deposits are not as liquid as demand or savings deposits nor can depositors write checks against them. Time deposits also typically require a minimum deposit amount.
b)
Loans
Banks and thrifts make three types of loans: commercial and industrial loans, consumer loans, and mortgage loans. Commercial and industrial loans are loans to businesses or industrial firms. These are primarily short-term working capital loans (loans to finance the purchase of material or labor) or transaction or longer-term loans (loans to purchase machines and equipment). Most commercial banks offer a variable rate on these loans, which means that the interest rate can change over the course of the loan. Whether a bank will make a loan or not depends on the credit and loan history of the borrower, the borrowers ability to make scheduled loan payments, the amount of capital the borrower has invested in the business, the condition of the economy, and the value of the collateral the borrower pledges to give the bank if the loan payments are not made. Consumer loans are loans for consumers to purchase goods or services. There are two types of consumer loans: closed-end credit and open-end credit. Closed-end credit loans are loans for a fixed amount of money, for a fixed period of time (usually not more than five years), and for a fixed purpose (for example, to buy a car). Most closed-end loans are called installment loans because they must be repaid in equal monthly installments. The item purchased by the consumer serves as collateral for the loan. For example, if the consumer fails to make payments on an automobile, the bank can recoup the cost of its loan by taking ownership of the car. Open-end credit loans are loans for variable amounts of money up to a set limit. Unlike closed-end loans, open-end credit does not require a borrower to specify the purpose of the loan and the lender cannot foreclose on the loan. Credit cards are an example of openend credit. Most open-end loans carry fixed interest ratesthat is, the rate does not vary over the term of the loan. Open-end loans require no collateral, but interest rates or other penalties or fees may be chargedfor example, if credit card charges are not paid in full, interest is charged, or if payment is late, a fee is charged to the borrower. Open-end credit interest rates usually exceed closed-end rates because open-end loans are not backed by collateral. Mortgage loans or real estate loans are loans used to purchase land or buildings such as houses or factories. These are typically long-term loans and the interest rate charged can be either a variable or a fixed rate for the term of the loan, which often ranges from 15 to 30 years. The land and buildings purchased serve as the collateral for the loan.
c)
Although deposits and loans are the basic banking services provided by banks and thrifts, these institutions provide a wide variety of other services to customers. For consumers, these include check cashing, foreign currency exchange, safety deposit boxes in which consumers can store valuables, electronic wire transfer through which consumers can transfer money and securities from one financial institution to another, and credit life
insurance which automatically pays off loans in the event of the borrowers death or disability. In recent years, banks have made their services increasingly convenient through electronic banking. Electronic banking uses computers to carry out transfers of money. For example, automated teller machines (ATMs) enable bank customers to withdraw money from their checking or savings accounts by inserting an ATM card and a private electronic code into an ATM. The ATMs enable bank customers to access their money 24 hours a day and seven days a week wherever ATMs are located, including in foreign countries. Banks also offer debit cards that directly withdraw funds from a customers account for the amount of a purchase, much like writing a check. Banks also use electronic transfers to deposit payroll checks directly into a customers account and to automatically pay a customers bills when they are due. Many banks also use the Internet to enable customers to pay bills, move money between accounts, and perform other banking functions. For businesses, commercial banks also provide specialized cash management and credit enhancement services. Cash management services are designed to allow businesses to make efficient use of their cash. For example, under normal circumstances a business would sell its product to a customer and send the customer a bill. The customer would then send a check to the business, and the business would then deposit the check in the bank. The time between the date the business receives the check and deposits the check in the bank could be several days or a week. To eliminate this delay and allow the business to earn interest on its money sooner, commercial banks offer services to businesses whereby customers send checks directly to the bank, not the business. This practice is referred to as lock box services because the payments are mailed to a secure post office box where they are picked up by bank couriers for immediate deposit. Another important business service performed by banks is a credit enhancement. Commercial banks back up the performance of businesses by promising to pay the debts of the business if the business itself cannot pay. This service substitutes the credit of the bank for the credit of the business. This is valuable, for example, in international trade where the exporting firm is unfamiliar with the importing firm in another country and is, therefore, reluctant to ship goods without knowing for certain that the importer will pay for them. By substituting the credit of a foreign bank known to the exporters bank, the exporter knows payment will be made and will ship the goods. Credit enhancements are frequently called standby letters of credit or commercial letters of credit.
10
Defining Risk
For the purpose of these guidelines financial risk in banking organization is possibility that the outcome of an action or event could bring up adverse impacts. Such outcomes could either result in a direct loss of earnings / capital or may result in imposition of constraints on banks ability to meet its business objectives. Such constraints pose a risk as these could hinder a bank's ability to conduct its ongoing business or to take benefit of opportunities to enhance its business. Regardless of the sophistication of the measures, banks often distinguish between expected and unexpected losses. Expected losses are those that the bank knows with reasonable certainty will occur (e.g., the expected default rate of corporate loan portfolio or credit card portfolio) and are typically reserved for in some manner. Unexpected losses are those associated with unforeseen events (e.g. losses experienced by banks in the aftermath of nuclear tests, Losses due to a sudden down turn in economy or falling interest rates). Banks rely on their capital as a buffer to absorb such losses. Risks are usually defined by the adverse impact on profitability of several distinct sources of uncertainty. While the types and degree of risks an organization may be exposed to depend upon a number of factors such as its size, complexity business activities, volume etc, it is believed that generally the banks face Credit, Market, Liquidity, Operational, Compliance / legal /regulatory and reputation risks. Before overarching these risk categories, given below are some basics about risk Management and some guiding principles to manage risks in banking organization.
Risk Management.
Risk Management is a discipline at the core of every financial institution and encompasses all the activities that affect its risk profile. It involves identification, measurement, monitoring and controlling risks to ensure that a) The individuals who take or manage risks clearly understand it. b) The organizations Risk exposure is within the limits established by Board of Directors. c) Risk taking Decisions are in line with the business strategy and objectives set by BOD. d) The expected payoffs compensate for the risks taken e) Risk taking decisions are explicit and clear. f) Sufficient capital as a buffer is available to take risk
11
The acceptance and management of financial risk is inherent to the business of banking and banks roles as financial intermediaries. Risk management as commonly perceived does not mean minimizing risk; rather the goal of risk management is to optimize riskreward trade -off. Notwithstanding the fact that banks are in the business of taking risk, it should be recognized that an institution need not engage in business in a manner that unnecessarily imposes risk upon it: nor it should absorb risk that can be transferred to other participants. Rather it should accept those risks that are uniquely part of the array of banks services. In every financial institution, risk management activities broadly take place simultaneously at following different hierarchy levels. Strategic level: It encompasses risk management functions performed by senior management and BOD. For instance definition of risks, ascertaining institutions risk appetite, formulating strategy and policies for managing risks and establish adequate systems and controls to ensure that overall risk remain within acceptable level and the reward compensate for the risk taken.
a) b)
Macro Level: It encompasses risk management within a business area or across business lines. Generally the risk management activities performed by middle management or units devoted to risk reviews fall into this category. Micro Level: It involves On-the-line risk management where risks are actually created. This is the risk management activities performed by individuals who take risk on organizations behalf such as front office and loan origination functions. The risk management in those areas is confined to following operational procedures and guidelines set by management.
c)
Expanding business arenas, deregulation and globalization of financial activities emergence of new financial products and increased level of competition has necessitated a need for an effective and structured risk management in financial institutions. A banks ability to measure, monitor, and steer risks comprehensively is becoming a decisive parameter for its strategic positioning. The risk management framework and sophistication of the process, and internal controls, used to manage risks, depends on the nature, size and complexity of institutions activities. Nevertheless, there are some basic principles that apply to all financial institutions irrespective of their size and complexity of business and are reflective of the strength of an individual bank's risk management practices.
be effective, the concern and tone for risk management must start at the top. While the overall responsibility of risk management rests with the BOD, it is the duty of senior management to transform strategic direction set by board in the shape of policies and procedures and to institute an effective hierarchy to execute and implement those
12
policies. To ensure that the policies are consistent with the risk tolerances of shareholders the same should be approved from board. The formulation of policies relating to risk management only would not solve the purpose unless these are clear and communicated down the line. Senior management has to ensure that these policies are embedded in the culture of organization. Risk tolerances relating to quantifiable risks are generally communicated as limits or sub-limits to those who accept risks on behalf of organization. However not all risks are quantifiable. Qualitative risk measures could be communicated as guidelines and inferred from management business decisions.
b)
To ensure that risk taking remains within limits set by senior management/BOD, any material exception to the risk management policies and tolerances should be reported to the senior management/board who in turn must trigger appropriate corrective measures. These exceptions also serve as an input to judge the appropriateness of systems and procedures relating to risk management.
c)
To keep these policies in line with significant changes in internal and external environment, BOD is expected to review these policies and make appropriate changes as and when deemed necessary. While a major change in internal or external factor may require frequent review, in absence of any uneven circumstances it is expected that BOD re-evaluate these policies every year.
d)
well constituted organizational structure defining clearly roles and responsibilities of individuals involved in risk taking as well as managing it. Banks, in addition to risk management functions for various risk categories may institute a setup that supervises overall risk management at the bank. Such a setup could be in the form of a separate department or banks Risk Management Committee (RMC) could perform such function*. The structure should be such that ensures effective monitoring and control over risks being taken. The individuals responsible for review function (Risk review, internal audit, compliance etc) should be independent from risk taking units and report directly to board or senior management who are also not involved in risk taking. There should be an effective management information system that ensures flow of information from operational level to top management and a system to address any
c)
13
exceptions observed. There should be an explicit procedure regarding measures to be taken to address such deviations. The framework should have a mechanism to ensure an ongoing review of systems, policies and procedures for risk management and procedure to adopt changes.
d)
Risk Evaluation/Measurement.
Until and unless risks are not assessed and measured it will not be possible to control risks. Further a true assessment of risk gives management a clear view of institutions standing and helps in deciding future action plan. To adequately capture institutions risk exposure, risk measurement should represent aggregate exposure of institution both risk type and business line and encompass short run as well as long run impact on institution. To the maximum possible extent institutions should establish systems / models that quantify their risk profile, however, in some risk categories such as operational risk, Quantification is quite difficult and complex. Wherever it is not possible to quantify risks, qualitative measures should be adopted to capture those risks. Whilst quantitative measurement systems support effective decision-making, better measurement does not obviate the need for well-informed, qualitative judgment. Consequently the importance of staff having relevant knowledge and expertise cannot be undermined. Finally any risk measurement framework, especially those which employ quantitative techniques/model, is only as good as its underlying assumptions, the rigor and robustness of its analytical methodologies, controls surrounding data inputs and its appropriate application
14
Independent review.
One of the most important aspects in risk management philosophy is to make sure that those who take or accept risk on behalf of the institution are not the ones who measure, monitor and evaluate the risks. Again the managerial structure and hierarchy of risk review function may vary across banks depending upon their size and nature of the business, the key is independence. To be effective the review functions should have sufficient authority, expertise and corporate stature so that the identification and reporting of their findings could be accomplished without any hindrance. The findings of their reviews should be reported to business units, Senior Management and, where appropriate, the Board.
Contingency planning.
Institutions should have a mechanism to identify stress situations ahead of time and plans to deal with such unusual situations in a timely and effective manner. Stress situations to which this principle applies include all risks of all types. For instance contingency planning activities include disaster recovery planning, public relations damage control, litigation strategy, responding to regulatory criticism etc. Contingency plans should be reviewed regularly to ensure they encompass reasonably probable events that could impact the organization. Plans should be tested as to the appropriateness of responses, escalation and communication channels and the impact on other parts of the institution.
Source analysis Risk sources may be internal or external to the system that is the target of risk management. Examples of risk sources are: stakeholders of a project, employees of a company or the weather over an airport. Problem analysis Risks are related to fear. For example: the fear of losing money, the fear of abuse of privacy information or the fear of accidents and casualties. The fear may exist with various entities, most important with shareholder, customers and legislative bodies such as the government.
When either source or problem is known, the events that a source may trigger or the events that can lead to a problem can be investigated. For example: stakeholders withdrawing during a project may endanger funding of the project; privacy information may be stolen by employees even within a closed network; lightning striking a B747 during takeoff may make all people onboard immediate casualties.
15
The chosen method of identifying risks may depend on culture, industry practice and compliance. The identification methods are formed by templates or the development of templates for identifying source, problem or event. Common risk identification methods are:
Objectives-based Risk Identification Organizations and project teams have objectives. Any event that may endanger achieving an objective partly or completely is identified as risk. Objective-based risk identification is at the basis of COSO's Enterprise Risk Management - Integrated Framework
Scenario-based Risk Identification In scenario analysis different scenarios are created. The scenarios may be the alternative ways to achieve an objective, or an analysis of the interaction of forces in, for example, a market or battle. Any event that triggers an undesired scenario alternative is identified as risk.
Taxonomy-based Risk Identification The taxonomy in taxonomy-based risk identification is a breakdown of possible risk sources. Based on the taxonomy and knowledge of best practices, a questionnaire is compiled. The answers to the questions reveal risks.
Common-risk Checking In several industries lists with known risks are available. Each risk in the list can be checked for application to a particular situation. An example of known risks in the software industry is the Common Vulnerability and Exposures list found at http://cve.mitre.org/.
Assessment
Once risks have been identified, they must then be assessed as to their potential severity of loss and to the probability of occurrence. These quantities can be either simple to measure, in the case of the value of a lost building, or impossible to know for sure in the case of the probability of an unlikely event occurring. Therefore, in the assessment process it is critical to make the best educated guesses possible in order to properly prioritize the implementation of the risk management plan.
16
Ideal use of these strategies may not be possible. Some of them may involve trade offs that are not acceptable to the organization or person making the risk management decisions.
Risk avoidance
Includes not performing an activity that could carry risk. An example would be not buying a property or business in order to not take on the liability that comes with it. Another would be not flying in order to not take the risk that the airplane were to be hijacked. Avoidance may seem the answer to all risks, but avoiding risks also means losing out on the potential gain that accepting (retaining) the risk may have allowed. Not entering a business to avoid the risk of loss also avoids the possibility of earning the profits.
Risk reduction
Involves methods that reduce the severity of the loss. Examples include sprinklers designed to put out a fire to reduce the risk of loss by fire. This method may cause a greater loss by water damage and therefore may not be suitable. Halon fire suppression systems may mitigate that risk, but the cost may be prohibitive as a strategy. Modern software development methodologies reduce risk by developing and delivering software incrementally. Early methodologies suffered from the fact that they only delivered software in the final phase of development; any problems encountered in earlier phases meant costly rework and often jeopardized the whole project. By developing in increments, software projects can limit effort wasted to a single increment. A current trend in software development, spearheaded by the Extreme Programming community, is to reduce the size of increments to the smallest size possible, sometimes as little as one week is allocated to an increment.
Risk retention
Involves accepting the loss when it occurs. True self insurance falls in this category. Risk retention is a viable strategy for small risks where the cost of insuring against the risk would be greater over time than the total losses sustained. All risks that are not avoided or transferred are retained by default. This includes risks that are so large or catastrophic that they either cannot be insured against or the premiums would be infeasible. War is an example since most property and risks are not insured against war, so the loss attributed by war is retained by the insured. Also any amounts of potential loss (risk) over the amount insured is retained risk. This may also be acceptable if the chance of a very large
17
loss is small or if the cost to insure for greater coverage amounts is so great it would hinder the goals of the organization too much.
Risk transfer
Means causing another party to accept the risk, typically by contract or by hedging. Insurance is one type of risk transfer that uses contracts. Other times it may involve contract language that transfers a risk to another party without the payment of an insurance premium. Liability among construction or other contractors is very often transferred this way. On the other hand, taking offsetting positions in derivative securities is typically how firms use hedging to financial risk management: financially manage risk. Some ways of managing risk fall into multiple categories. Risk retention pools are technically retaining the risk for the group, but spreading it over the whole group involves transfer among individual members of the group. This is different from traditional insurance, in that no premium is exchanged between members of the group up front, but instead losses are assessed to all members of the group.
Implementation
Follow all of the planned methods for mitigating the effect of the risks. Purchase insurance policies for the risks that have been decided to be transferred to an insurer, avoid all risks that can be avoided without sacrificing the entity's goals, reduce others, and retain the rest.
18
Limitations
If risks are improperly assessed and prioritized, time can be wasted in dealing with risk of losses that are not likely to occur. Spending too much time assessing and managing unlikely risks can divert resources that could be used more profitably. Unlikely events do occur, but if the risk is unlikely enough to occur, it may be better to simply retain the risk, and deal with the result if the loss does in fact occur. Prioritizing too highly the Risk management processes itself could potentially keep an organization from ever completing a project or even getting started. This is especially true if other work is suspended until the risk management process is considered complete.
19
20
a) Delineate b)
Ensure that banks overall credit risk exposure is maintained at prudent levels and consistent with the available capital Ensure that top management as well as individuals responsible for credit risk management possess sound expertise and knowledge to accomplish the risk management function
c) d)
Ensure that the bank implements sound fundamental principles that facilitate the identification, measurement, monitoring and control of credit risk.
e) Ensure
that appropriate plans and procedures for credit risk management are in place.
The very first purpose of banks credit strategy is to determine the risk appetite of the bank. Once it is determined the bank could develop a plan to optimize return while keeping credit risk within predetermined limits. The banks credit risk strategy thus should spell out The institutions plan to grant credit based on various client segments and products, economic sectors, geographical location, currency and maturity
a)
each
lending
segment,
preferred
level
of
strategy.
It is essential that banks give due consideration to their target market while devising credit risk strategy. The credit procedures should aim to obtain an in depth understanding of the banks clients, their credentials & their businesses in order to fully know their customers. The strategy should provide continuity in approach and take into account cyclic aspect of countrys economy and the resulting shifts in composition and quality of overall credit portfolio. While the strategy would be reviewed periodically and amended, as deemed necessary, it should be viable in long term and through various economic cycles. The senior management of the bank should develop and establish credit policies and credit administration procedures as a part of overall credit risk management framework and get those approved from board. Such policies and procedures shall provide guidance to the staff on various types of lending including corporate, SME, consumer, agriculture, etc. At minimum the policy should include
21
a) Detailed b)
Credit approval authority at various hierarchy levels including authority for approving exceptions.
c) Risk d) Risk
identification, measurement, monitoring and control acceptance criteria origination and credit administration and loan documentation procedures
e) Credit f)
In order to be effective these policies must be clear and communicated down the line. Further any significant deviation/exception to these policies must be communicated to the top management/board and corrective measures should be taken. It is the responsibility of senior management to ensure effective implementation of these policies.
Organizational Structure.
To maintain banks overall credit risk exposure within the parameters set by the board of directors, the importance of a sound risk management structure is second to none. While the banks may choose different structures, it is important that such structure should be commensurate with institutions size, complexity and diversification of its activities. It must facilitate effective management oversight and proper execution of credit risk management and control processes. Each bank, depending upon its size, should constitute a Credit Risk Management Committee (CRMC), ideally comprising of head of credit risk management Department, credit department and treasury. This committee reporting to banks risk management committee should be empowered to oversee credit risk taking activities and overall credit risk management function. The CRMC should be mainly responsible for
a) The implementation b)
Monitor credit risk on a bank-wide basis and ensure compliance with limits approved by the Board. Recommend to the Board, for its approval, clear policies on standards for presentation of credit proposals, financial covenants, rating standards and benchmarks.
c)
Decide delegation of credit approving powers, prudential limits on large credit exposures, standards for loan collateral, portfolio management, loan review mechanism, risk concentrations, risk monitoring and evaluation, pricing of loans, provisioning, regulatory/legal compliance, etc.
d)
22
Further, to maintain credit discipline and to enunciate credit risk management and control process there should be a separate function independent of loan origination function. Credit policy formulation, credit limit setting, monitoring of credit exceptions / exposures and review /monitoring of documentation are functions that should be performed independently of the loan origination function. For small banks where it might not be feasible to establish such structural hierarchy, there should be adequate compensating measures to maintain credit discipline introduce adequate checks and balances and standards to address potential conflicts of interest. Ideally, the banks should institute a Credit Risk Management Department (CRMD). Typical functions of CRMD include: To follow a holistic approach in management of risks inherent in banks portfolio and ensure the risks remain within the boundaries established by the Board or Credit Risk Management Committee.
a)
The department also ensures that business lines comply with risk parameters and prudential limits established by the Board or CRMC.
b)
Establish systems and procedures relating to risk identification, Management Information System, monitoring of loan / investment portfolio quality and early warning. The department would work out remedial measure when deficiencies/problems are identified.
c)
The Department should undertake portfolio evaluations and conduct comprehensive studies on the environment to test the resilience of the loan portfolio.
d)
Notwithstanding the need for a separate or independent oversight, the front office or loan origination function should be cognizant of credit risk, and maintain high level of credit discipline and standards in pursuit of business opportunities.
assessment of the borrowers industry, and macro economic factors. credit and source of repayment.
track record / repayment history of borrower. the repayment capacity of the borrower.
d) Assess/evaluate e) The
f) Adequacy
g) Approval
In case of new relationships consideration should be given to the integrity and repute of the borrowers or counter party as well as its legal capacity to assume the liability. Prior to entering into any new credit relationship the banks must become familiar with the borrower or counter party and be confident that they are dealing with individual or organization of sound repute and credit worthiness. However, a bank must not grant credit simply on the basis of the fact that the borrower is perceived to be highly reputable i.e. name lending should be discouraged. While structuring credit facilities institutions should appraise the amount and timing of the cash flows as well as the financial position of the borrower and intended purpose of the funds. It is utmost important that due consideration should be given to the risk reward trade off in granting a credit facility and credit should be priced to cover all embedded costs. Relevant terms and conditions should be laid down to protect the institutions interest. Institutions have to make sure that the credit is used for the purpose it was borrowed. Where the obligor has utilized funds for purposes not shown in the original proposal, institutions should take steps to determine the implications on creditworthiness. In case of corporate loans where borrower own group of companies such diligence becomes more important. Institutions should classify such connected companies and conduct credit assessment on consolidated/group basis. In loan syndication, generally most of the credit assessment and analysis is done by the lead institution. While such information is important, institutions should not over rely on that. All syndicate participants should perform their own independent analysis and review of syndicate terms. Institution should not over rely on collaterals / covenant. Although the importance of collaterals held against loan is beyond any doubt, yet these should be considered as a buffer providing protection in case of default, primary focus should be on obligors debt servicing ability and reputation in the market.
Limit setting
An important element of credit risk management is to establish exposure limits for single obligors and group of connected obligors. Institutions are expected to develop their own limit structure while remaining within the exposure limits set by State Bank of Pakistan. The size of the limits should be based on the credit strength of the obligor, genuine requirement of credit, economic conditions and the institutions risk tolerance. Appropriate limits should be set for respective products and activities. Institutions may establish limits for a specific industry, economic sector or geographic regions to avoid concentration risk.
24
Some times, the obligor may want to share its facility limits with its related companies. Institutions should review such arrangements and impose necessary limits if the transactions are frequent and significant Credit limits should be reviewed regularly at least annually or more frequently if obligors credit quality deteriorates. All requests of increase in credit limits should be substantiated.
Credit Administration.
Ongoing administration of the credit portfolio is an essential part of the credit process. Credit administration function is basically a back office activity that support and control extension and maintenance of credit. A typical credit administration unit performs following functions:
a.
completeness of documentation (loan agreements, guarantees, transfer of title of collaterals etc) in accordance with approved terms and conditions. Outstanding documents should be tracked and followed up to ensure execution and receipt.
b. Credit
Disbursement. The credit administration function should ensure that the loan application has proper approval before entering facility limits into computer systems. Disbursement should be effected only after completion of covenants, and receipt of collateral holdings. In case of exceptions necessary approval should be obtained from competent authorities. Credit monitoring. After the loan is approved and draw down allowed, the loan should be continuously watched over. These include keeping track of borrowers compliance with credit terms, identifying early signs of irregularity, conducting periodic valuation of collateral and monitoring timely repayments.
c. d.
Loan Repayment. The obligors should be communicated ahead of time as and when
the principal/markup installment becomes due. Any exceptions such as non-payment or late payment should be tagged and communicated to the management. Proper records and updates should also be made after receipt.
Maintenance of Credit Files. Institutions should devise procedural guidelines and standards for maintenance of credit files. The credit files not only include all correspondence with the borrower but should also contain sufficient information necessary to assess financial health of the borrower and its repayment performance. It need not mention that information should be filed in organized way so that external / internal auditors or SBP inspector could review it easily.
e. f.
Collateral and Security Documents . Institutions should ensure that all security
documents are kept in a fireproof safe under dual control. Registers for documents should be maintained to keep track of their movement.
25
Procedures should also be established to track and review relevant insurance coverage for certain facilities/collateral. Physical checks on security documents should be conducted on a regular basis. While in small Institutions it may not be cost effective to institute a separate credit administrative set-up, it is important that in such institutions individuals performing sensitive functions such as custody of key documents, wiring out funds, entering limits into system, etc., should report to managers who are independent of business origination and credit approval process.
selection exposure
b) Amount of
26
c) Tenure
d) Frequency e)
Analysis of migration of deteriorating credits and more accurate computation of future loan loss provision
f) Deciding
Whether to rate a borrower on the basis of point in time philosophy or through the cycle approach.
b)
Besides there are other issues such as whether to include statutory grades in the scale, the type of rating scale i.e. alphabetical numerical or alpha-numeric etc. SBP does not advocate any particular credit risk rating system; it should be banks own choice. However the system should commensurate with the size, nature and complexity of their business as well as possess flexibility to accommodate present and future risk profile of the bank, the anticipated level of diversification and sophistication in lending activities. A rating system with large number of grades on rating scale becomes more expensive due to the fact that the cost of obtaining and analyzing additional information for fine gradation increase sharply. However, it is important that there should be sufficient gradations to permit accurate characterization of the under lying risk profile of a loan or a portfolio of loans
27
Since the rater and reviewer of rating should be following the same basic thought, to ensure uniformity in the assignment and review of risk grades, the credit policy should explicitly define each risk grade; lay down criteria to be fulfilled while assigning a particular grade, as well as the circumstances under which deviations from criteria can take place.
b) c) The
credit policy should also explicitly narrate the roles of different parties involved in the rating process.
d) The
institution must ensure that adequate training is imparted to staff to ensure uniform
ratings 28
Assigning a Rating is basically a judgmental exercise and the models, external ratings and written guidelines/benchmarks serve as input.
e) f)
Institutions should take adequate measures to test and develop a risk rating system prior to adopting one. Adequate validation testing should be conducted during the design phase as well as over the life of the system to ascertain the applicability of the system to the institutions portfolio. Institutions that use sophisticated statistical models to assign ratings or to calculate probabilities of default, must ascertain the applicability of these models to their portfolios. Even when such statistical models are found to be satisfactory, institutions should not use the output of such models as the sole criteria for assigning ratings or determining the probabilities of default. It would be advisable to consider other relevant inputs as well.
Ratings review
The rating review can be two-fold: Continuous monitoring by those who assigned the rating. The Relationship Managers (RMs) generally have a close contact with the borrower and are expected to keep an eye on the financial stability of the borrower. In the event of any deterioration the ratings are immediately revised /reviewed.
a) b) Secondly
the risk review functions of the bank or business lines also conduct periodical review of ratings at the time of risk review of credit portfolio. Risk ratings should be assigned at the inception of lending, and updated at least annually. Institutions should, however, review ratings as and when adverse events occur. A separate function independent of loan origination should review Risk ratings. As part of portfolio monitoring, institutions should generate reports on credit exposure by risk grade. Adequate trend and migration analysis should also be conducted to identify any deterioration in credit quality. Institutions may establish limits for risk grades to highlight concentration in particular rating bands. It is important that the consistency and accuracy of ratings is examined periodically by a function such as an independent credit review group For consumer lending, institutions may adopt credit-scoring models for processing loan applications and monitoring credit quality. Institutions should apply the above principles in the management of scoring models. Where the model is relatively new, institutions should continue to subject credit applications to rigorous review until the model has stabilized.
29
Banks need to enunciate a system that enables them to monitor quality of the credit portfolio on day-to-day basis and take remedial measures as and when any deterioration occurs. Such a system would enable a bank to ascertain whether loans are being serviced as per facility terms, the adequacy of provisions, the overall risk profile is within limits established by management and compliance of regulatory limits. Establishing an efficient and effective credit monitoring system would help senior management to monitor the Overall quality of the total credit portfolio and its trends. Consequently the management could fine tune or reassess its credit strategy /policy accordingly before encountering any major setback. The banks credit policy should explicitly provide procedural guideline relating to credit risk monitoring. At the minimum it should lay down procedure relating to
a) The roles b)
The assessment procedures and analysis techniques (for individual loans & overall portfolio)
c) The
Given below are some key indicators that depict the credit quality of a loan:
a. Financial
an obligor is its financial health, as it would determine its repayment capacity. Consequently institutions need carefully watch financial standing of obligor. The Key financial performance indicators on profitability, equity, leverage and liquidity should be analyzed. While making such analysis due consideration should be given to business/industry risk, borrowers position within the industry and external factors such as economic condition, government policies, regulations. For companies whose financial position is dependent on key management personnel and/or shareholders, for example, in small and medium enterprises, institutions would need to pay particular attention to the assessment of the capability and capacity of the management/shareholder(s).
b.
would give a fair idea about the quality of credit facility. Institutions should monitor the obligors account activity, repayment history and instances of excesses over credit limits. For trade financing, institutions should monitor cases of repeat extensions of due dates for trust receipts and bills.
30
Loan Covenants. The obligors ability to adhere to negative pledges and financial covenants stated in the loan agreement should be assessed, and any breach detected should be addressed promptly.
c. d.
unsecured lending, banks need to reassess value of collaterals on periodic basis. The frequency of such valuation is very subjective and depends upon nature of collaterals. For instance loan granted against shares need revaluation on almost daily basis whereas if there is mortgage of a residential property the revaluation may not be necessary as frequently. In case of credit facilities secured against inventory or goods at the obligors premises, appropriate inspection should be conducted to verify the existence and valuation of the collateral. And if such goods are perishable or such that their value diminish rapidly (e.g. electronic parts/equipments), additional precautionary measures should be taken. External Rating and Market Price of securities such as TFCs purchased as a form of lending or long-term investment should be monitored for any deterioration in credit rating of the issuer, as well as large decline in market price. Adverse changes should trigger additional effort to review the creditworthiness of the issuer.
Risk review
The institutions must establish a mechanism of independent, ongoing assessment of credit risk management process. All facilities except those managed on a portfolio basis should be subjected to individual risk review at least once in a year. The results of such review should be properly documented and reported directly to board, or its sub committee or senior management without lending authority. The purpose of such reviews is to assess the credit administration process, the accuracy of credit rating and overall quality of loan portfolio Independent of relationship with the obligor. Institutions should conduct credit review with updated information on the obligors financial and business conditions, as well as conduct of account. Exceptions noted in the credit monitoring process should also be evaluated for impact on the obligors creditworthiness. Credit review should also be conducted on a consolidated group basis to factor in the business connections among entities in a borrowing group. As stated earlier, credit review should be performed on an annual basis, however more frequent review should be conducted for new accounts where institutions may not be familiar with the obligor, and for classified or adverse rated accounts that have higher probability of default. For consumer loans, institutions may dispense with the need to perform credit review for certain products. However, they should monitor and report credit exceptions and deterioration.
31
Delegation of Authority.
Banks are required to establish responsibility for credit sanctions and delegate authority to approve credits or changes in credit terms. It is the responsibility of banks board to approve the overall lending authority structure, and explicitly delegate credit sanctioning authority to senior management and the credit committee. Lending authority assigned to officers should be commensurate with the experience, ability and personal character. It would be better if institutions develop risk-based authority structure where lending power is tied to the risk ratings of the obligor. Large banks may adopt multiple credit approvers for sanctioning such as credit ratings, risk approvals etc to institute a more effective system of check and balance. The credit policy should spell out the escalation process to ensure appropriate reporting and approval of credit extension beyond prescribed limits. The policy should also spell out authorities for unsecured credit (while remaining within SBP limits), approvals of disbursements excess over limits and other exceptions to credit policy. In cases where lending authority is assigned to the loan originating function, there should be compensating processes and measures to ensure adherence to lending standards. There should also be periodic review of lending authority assigned to officers. Managing problem credits The institution should establish a system that helps identify problem loan ahead of time when there may be more options available for remedial measures. Once the loan is identified as problem, it should be managed under a dedicated remedial process. A banks credit risk policies should clearly set out how the bank will manage problem credits. Banks differ on the methods and organization they use to manage problem credits. Responsibility for such credits may be assigned to the originating business function, a specialized workout section, or a combination of the two, depending upon the size and nature of the credit and the reason for its problems. When a bank has significant credit-related problems, it is important to segregate the workout function from the credit origination function. The additional resources, expertise and more concentrated focus of a specialized workout section normally improve collection results. A problem loan management process encompass following basic elements.
Negotiation and follow-up. Proactive effort should be taken in dealing with obligors to implement remedial plans, by maintaining frequent contact and internal records of follow-up actions. Often rigorous efforts made at an early stage prevent institutions from litigations and loan losses
a. b.
as restructuring of loan facility, enhancement in credit limits or reduction in interest rates help improve obligors repayment capacity. However it depends upon business condition, the nature of problems being faced and most importantly obligors commitment and willingness to repay the loan. While such remedial strategies often bring up positive 32
results, institutions need to exercise great caution in adopting such measures and ensure that such a policy must not encourage obligors to default intentionally . The institutions interest should be the primary consideration in case of such workout plans. It needs not mention here that competent authority, before their implementation, should approve such workout plan.
Review of collateral and security document. Institutions have to ascertain the loan recoverable amount by updating the values of available collateral with formal valuation. Security documents should also be reviewed to ensure the completeness and enforceability of contracts and collateral/guarantee.
c.
Status Report and Review. Problem credits should be subject to more frequent review and monitoring. The review should update the status and development of the loan accounts and progress of the remedial plans. Progress made on problem loan should be reported to the senior management
d.
33
34
Credit Risk Management, Market Risk Management, Analytics, Internal Audit, Retail Risk Management and Credit Policies and Reserve Bank of India Inspection. The Analytics Unit develops proprietary quantitative techniques and models for risk measurement.
35
The Risk, Compliance and Audit Group is also responsible for assessing the risks pertaining to international business, including review of credit policies and setting sovereign and counterparty limits .
Credit Risk
In our lending operations, we are principally exposed to credit risk. Credit risk is the risk of loss that may occur from the failure of any party to abide by the terms and conditions of any financial contract with us, principally the failure to make required payments on loans due to us. We currently measure, monitor and manage credit risk for each borrower and also at the portfolio level. We have a structured and standardized credit approval process, which includes a well-established procedure of comprehensive credit appraisal.
Industry risk is evaluated by considering: Certain industry characteristics, such as the importance of the industry to the economy, its growth outlook, cyclicality and government policies relating to the industry; The competitiveness of the industry; and Certain industry financials, including return on capital employed, operating margins and earnings stability.
After conducting an analysis of a specific borrower's risk, the Credit Risk Management Group assigns a credit rating to the borrower. ICICI Bank has a scale of 10 ratings ranging from AAA to Band an additional default rating of D. Credit rating is a critical input for the credit approval process ICICI Bank determines the desired credit risk spread over its cost of funds by considering the borrower's credit rating and the default pattern corresponding to the credit rating. Every proposal for a financing facility is prepared by
36
the relevant business unit and reviewed by the appropriate industry specialists in the Credit Risk Management Group before being submitted for approval to the appropriate approval authority. The approval process for non-fund facilities is similar to that for fund based facilities. The credit rating for every borrower is reviewed at least annually and is typically reviewed on a more frequent basis for higher risk credits and large exposures. ICICI Bank also reviews the ratings of all borrowers in a particular industry upon the occurrence of any significant event impacting that industry. Working capital loans are generally approved for a period of 12 months. At the end of 12 months, ICICI Bank reviews the loan arrangement and the credit rating of the borrower and takes a decision on continuation of the arrangement and changes in the loan covenants as may be necessary.
37
ICICI Banks project finance credits are generally fully secured and have full recourse to the borrower. In most cases, ICICI Bank has a security interest and first lien on all the fixed assets and a second lien on all the current assets of the borrower. Security interests typically include property, plant and equipment as well as other tangible assets of the borrower, both present and future. Typically, it is ICICI Banks practice to lend between 60.0% and 80.0% of the appraised value of these types of collateral securities. ICICI Banks borrowers are required to maintain comprehensive insurance on their assets where ICICI Bank is recognized as payee in the event of loss. In some cases, ICICI Bank also takes additional collateral in the form of corporate or personal guarantees from one or more sponsors of the project and a pledge of the sponsors' equity holding in the project company. In certain industry segments, ICICI Bank also takes security interest in relevant project contracts such as concession agreements, off-take agreements and construction contracts as part of the security package. In limited cases, loans are also guaranteed by commercial banks and, in the past, have also been guaranteed by Indian state governments or the government of India. It is ICICI Banks current practice to normally disburse funds after the entire project funding is committed and all necessary contractual arrangements have been entered into. Funds are disbursed in tranches to pay for approved project costs as the project progresses. When ICICI Bank appoints technical and market consultants, they are required to monitor the project's progress and certify all disbursements. ICICI Bank also requires the borrower to submit periodic reports on project implementation, including orders for machinery and equipment as well as expenses incurred. Project completion is contingent upon satisfactory operation of the project for a certain minimum period and, in certain cases, the establishment of debt service reserves. ICICI Bank continues to monitor the credit exposure until its loans are fully repaid.
38
carrying out a detailed analysis of cash flows to accurately forecast the amounts that will be paid and the timing of the payments based on an exhaustive analysis of historical data; conducting due diligence on the underlying business systems, including a detailed evaluation of the servicing and collection procedures and the underlying contractual arrangements; and paying particular attention to the legal, accounting and tax issues that may impact any structure.
ICICI Banks analysis enables it to identify risks in these transactions. To mitigate risks, ICICI Bank uses various credit enhancement techniques, such as over-collateralization, cash collateralization, creation of escrow accounts and debt service reserves and performance guarantees. The residual risk is typically managed by complete or partial recourse to the borrowing company whose credit risk is evaluated as described above. ICICI Bank also has a monitoring framework to enable continuous review of the performance of such transactions.
39
The following table sets forth the composition and the approval authority of these committees.
40
(1) Capital funds consist of Tier 1 and Tier 2 capital, as defined in the Reserve Bank of India regulations, under Indian GAAP. See Supervision and Regulation Capital Adequacy Requirements.
41
All new loans must be approved by the above committees in accordance with their respective powers. Certain designated executives are authorized to approve: Ad-hoc/ additional working capital facilities not exceeding the lower of 10.0% of existing approved facilities and Rs. 20 million (US$ 420,610); Temporary accommodation not exceeding the lower of 20.0% of existing approved facilities and Rs. 20 million (US$ 420,610); and Facilities fully secured by deposits, cash margin, letters of credit of approved banks or approved sovereign debt instruments. In addition to the above loan products, ICICI Banks Rural Micro Banking Group provides loans to self-help groups, rural agencies, as well as certain categories of agricultural loans and loans under government-sponsored schemes. These loans are typically of small amounts. The credit approval authorization approved by the board of directors of ICICI Bank requires that all such loans aboveRs.1.5 million (US$ 31,546) be approved by the Committee of Directors comprising all the whole time directors, while the authority to approve loans up to Rs.1.5 million (US$ 31,546) has been delegated to designated executives.
42
We have an established process for evaluating and selecting our dealers and franchisees and there is a clear segregation between the group responsible for originating loans and the group that approves the loans. A centralized set of risk assessment criteria has been created for retail lending operations after approval by the Risk, Compliance and Audit Group. These criteria vary across product segments but typically include factors such as the borrower's income, the loan-to-value ratio and certain stability factors. The loan approval authority is delegated to credit officers, subject to loan amount limits, which vary across different loan products. We use Direct Marketing Agents (DMAs) for the marketing and sale of retail credit products. Credit approval authority lies only with our credit officers. Credit officers approve loans in compliance with the risk assessment criteria. External agencies are used to facilitate a comprehensive due diligence process including visits to office or home in the case of loans to individual borrowers. Before disbursements are made, the credit officer conducts a centralized check and review of the borrower's profile. In order to limit the scope of individual discretion in the loan assessment and approval process, ICICI Bank has implemented a credit-scoring program for credit cards. ICICI Bank has also implemented a credit-scoring program for certain variants within the consumer durables loan product. The credit-scoring program is an automated credit approval system for evaluating loan applications by assigning a credit score to each applicant based on certain demographic attributes like earnings stability, educational background and age. The credit score then forms the basis of loan evaluation. Though a formal credit bureau does not as yet operate in India, we avail the services of certain private agencies operating in India to check applications before disbursement. ICICI Bank has a separate retail credit team, which undertakes review and audit of credit quality across each credit approval team. ICICI Bank has established centralized operations to manage operating risk in the various back office processes of its retail loan business except for a few operations which are decentralized to improve turnaround time for our customers. The Risk, Compliance and Audit Group conducts an independent audit of processes and documents at periodic intervals. As with our other retail credit products, ICICI Bank emphasizes conservative credit standards, including credit scoring and strict monitoring of repayment patterns, to optimize risks associated with credit cards. ICICI Bank has a collections unit structured along various product lines and geographical locations, to manage delinquency levels. The collections unit operates under the guidelines of a standardized recovery process. ICICI Bank also makes use of external collection agents to aid ICICI Bank in its collection efforts, including collateral repossession in accounts that are overdue for more than 90 days. A fraud control department has been set up to manage levels of fraud, primarily through fraud prevention in the form of forensic audits and also through recovery of fraud losses. The fraud control department is aided by specialized agencies. External agencies for collections are strictly
43
governed by standardized process guidelines. External agencies are also used to facilitate a comprehensive due diligence process including property valuation prior to the approval of home loans and visits to home or office in the case of loans to individual borrowers.
44
The board of directors of ICICI Bank reviews and approves the policies for the management of market risk. The board has delegated the responsibility for market risk management on the banking book to the Asset Liability Management Committee and the trading book to the Committee of Directors, under the Risk Committee of the Board. The Asset Liability Management Committee is responsible for approving policies and managing interest rate risk on the banking book and liquidity risks reflected in the balance sheet. The Committee of Directors is responsible for setting policies and approving risk controls for the trading portfolio. The Asset Liability Management Committee is chaired by the Joint Managing Director and all four Executive Directors are members of the Committee. The Committee generally meets on a monthly basis and reviews the interest rate and liquidity gap positions on the banking book, formulates a view on interest rates, sets deposit and benchmark lending rates, reviews the business profile and its impact on asset liability management and determines the asset liability management strategy, as deemed fit, in light of the current and expected business environment. The Committee reports to the Risk Committee. A majority of the members of the Risk Committee are independent directors and the committee is chaired by an independent director. The Balance Sheet Management Group, reporting to the Chief Financial Officer, is responsible for managing interest rate risk on the banking book, and liquidity, under the supervision of the Asset Liability Management Committee. An independent Market Risk Management Group, which is part of the Risk, Compliance and Audit Group, recommends changes in risk policies and controls, including for new trading products, and the processes and methodologies for quantifying and assessing market risks. Risk limits including position limits and stop loss limits for the trading book are monitored on a daily basis and reviewed periodically. In addition to risk limits, risk monitoring tools such as Value-at-Risk models are also used for measuring market risk in the trading portfolio. ICICI Securities, our investment banking subsidiary which is a primary dealer in government of India securities and has government of India securities as a significant proportion of its portfolio, has a corporate risk management group formanaging its interest rate and liquidity risk.
on a fortnightly basis in fiscal 2003. The same were reported to the Reserve Bank of India on a monthly basis. Interest rate risk is further monitored through interest rate risk limits approved by the Asset Liability Management Committee. Our core business is deposit taking and lending in both rupees and foreign currencies, as permitted by the Reserve Bank of India. These activities expose us to interest rate risk. As the rupee market is significantly different from the international currency markets, gap positions in these markets differ significantly. In the rupee market, most of our deposit taking is at fixed rates of interest for fixed periods, except that savings deposits and current deposits which do not have any specified maturity and can be withdrawn on demand. We usually borrow for a fixed period with a one-time repayment on maturity, with some borrowings having European call/put options, exercisable only on specified dates, attached to them. However, we have a mix of floating and fixed interest rate assets. Our loans generally are repaid more gradually, with principal repayments being made over the life of the loan. Our housing loans are primarily floating rate loans where the rates are reset every quarter. We follow a four-tier prime rate structure, namely, a short-term prime rate for one-year loans or loans that re-price at the end of one year, a medium-term prime rate for one to three year loans, a long-term prime rate for loans with maturities greater than three years and a prime rate for cash credit products. We seek to eliminate interest rate risk on un disbursed commitments by fixing interest rates on rupee loans at the time of loan disbursement. In contrast to our rupee loans, a large proportion of our foreign currency loans are floating rate loans. These loans are generally funded with floating rate foreign currency funds. Our fixed rate foreign currency loans are generally funded with fixed rate foreign currency funds. We generally convert all our foreign currency borrowings and deposits into floating rate dollar liabilities through the use of interest rate and currency swaps with leading international banks. The foreign currency gaps are generally significantly lower than rupee gaps, representing a considerably lower exposure to fluctuations in foreign currency interest rates. We use the duration of our government securities portfolio as a key variable for interest rate risk management. We increase or decrease the duration of government securities portfolio to increase or decrease our interest rate risk exposure. In addition, we also use interest rate derivatives to manage the asset and liability positions. We are an active participant in the interest rate swap market and are one of the largest counterparties in India. Sensitivity analysis, which is based upon a static interest rate risk profile of assets and liabilities, is used for risk management purposes only and the model above assumes that during the course of the year no other changes are made in the respective portfolios. Actual changes in net interest income will vary from the model.
46
We undertake trading activities to enhance earnings through profitable trading for our own account. ICICI Securities, our investment banking subsidiary, is a primary dealer in government of India securities, and a significant proportion of its portfolio consists of government of India securities. As noted above, sensitivity analysis is used for risk management purposes only and the model used above assumes that during the course of the year no other changes are made in the respective portfolios. Actual changes in the value of the fixed income portfolio will vary from the model above. We revalue our trading portfolio on a daily basis and recognize aggregate re-valuation losses in our profit and loss account. The asset liability management policy stipulates an interest rate risk limit which seeks to cap the risk on account of the mark-to-market impact on the mark-to-market book (under the Indian GAAP classification which is different from the US GAAP classification see Supervision and Regulation Banks Investment Classification and Valuation Norms) and the earnings at risk on the banking book, based on a sensitivity analysis of a 100 basis points parallel and immediate shift in interest rates. In addition, the Market Risk Management Group stipulates risk limits including position limits and stop loss limits for the trading book. These limits are monitored on a daily basis and reviewed periodically. In addition to risk limits, we also have risk monitoring tools such as Value-at-Risk models for measuring market risk in our trading portfolio. ICICI Bank is required to invest a specified percentage, currently 25.0%, of its liabilities in government of India securities to meet the statutory ratio requirement prescribed by the Reserve Bank of India. As a result, we have a very large portfolio of government of India securities and these are primarily classified as available for sale securities. Our available for sale securities included Rs. 244.1billion (US$ 5.1 billion) of government of India securities.
Equity Risk
We assume equity risk both as part of our investment book and our trading book. On the investment book, investments in equity shares and preference shares are essentially longterm in nature. Nearly all the equity investment securities have been driven by our project financing activities. The decision to invest in equity shares during project financing activities has been a conscious decision to participate in the equity of the company with the intention of realizing capital gains arising from the expected increases in market prices, and is separate from the lending decision. Trading account securities are recorded at market value. For the purpose of valuation of our available for sale equity investment securities, an assessment is made whether a decline in the fair value, below the amortized cost of the investments, is other than temporary. If the decline in fair value below the amortized cost is other than temporary, the decline is provided for in the income statement. 47
A temporary decline in value is excluded from the income statement and charged directly to the shareholders equity. To assess whether a decline in fair value is temporary, the duration for which the decline had existed, industry and company specific conditions and dividend record are considered .Non-readily marketable securities for which there is no readily determinable fair value are recorded at cost. Venture capital investments are carried at fair value. However, they are generally carried at cost during the first year, unless a significant event occurs that affected the long-term value of the investment. At year-end fiscal 2003, the fair value of trading account equity securities was Rs. 187 million (US$ 4 million). The fair value of our available for sale equity securities investment portfolio, including non-readily marketable securities of Rs. 9.4 billion (US$ 198 million), was Rs. 25.5 billion(US$ 537 million). This included investments of approximately Rs. 5.4 billion (US$ 115 million) in liquid mutual fund units at year-end fiscal 2003. At year-end fiscal 2002, the fair value of trading equity securities was Rs. 742 million (US$ 16 million). The fair value of the available for sale equity securities investment portfolio, including non-readily marketable securities of Rs. 8.3 billion (US$ 174 million), was Rs. 28.5 billion (US$ 600 million).
Liquidity Risk
48
Liquidity risk arises in the funding of lending, trading and investment activities and in the management of trading positions. It includes both the risk of unexpected increases in the cost of funding an asset portfolio at appropriate maturities and the risk of being unable to liquidate a position in a timely manner at a reasonable price. The goal of liquidity management is to be able, even under adverse conditions, to meet all liability repayments on time, to meet contingent liabilities, and fund all investment opportunities. We maintain diverse sources of liquidity to facilitate flexibility in meeting funding requirements. We fund our operations principally by accepting deposits from retail and corporate depositors and through public issuance of bonds. We also borrow in the shortterm inter-bank market. Loan maturities, securitization of assets and loans, and sale of investments also provide liquidity. See Operating and Financial Review and Prospects Financial Condition Liquidity Risk for a detailed description of liquidity risk.
Operational Risk
ICICI Bank is exposed to many types of operational risk. Operational risk can result from a variety of factors, including failure to obtain proper internal authorizations, improperly documented transactions, failure of operational and information security procedures, computer systems, software or equipment, fraud, inadequate training and employee errors. ICICI Bank attempts to mitigate operational risk by maintaining a comprehensive system of internal controls, establishing systems and procedures to monitor transactions, maintaining key backup procedures and undertaking regular contingency planning.
49
operating system validates the check number and balance before permitting withdrawals. Cash transactions over Rs. 1 million (US$ 21,030) are subject to special scrutiny to avoid money laundering. ICICI Banks banking software has multiple security features to protect the integrity of applications and data. ICICI Bank gives importance to computer security and has s a comprehensive information technology security policy. Most of the information technology assets including critical servers are hosted in centralized data centers which are subject to appropriate physical and logical access controls.
Operational Controls and Procedures in Regional Processing Centers & Central ProcessingCenters
To improve customer service at ICICI Banks physical locations, ICICI Bank handles transaction processing centrally by taking away such operations from branches. ICICI Bank has centralized operations at regional processing centers located at 15 cities in the country. These regional processing centers process clearing checks and inter-branch transactions, make inter-city check collections, and engage in back office activities for account opening, standing instructions and auto-renewal of deposits. In Mumbai, ICICI Bank has centralized transaction processing on a nationwide basis for transactions like the issue of ATM cards and PIN mailers, reconciliation of ATM transactions, monitoring of ATM functioning, issue of passwords to Internet banking customers, depositing postdated cheques received from retail loan customers and credit card transaction processing. Centralized processing has been extended to the issuance of personalized check books, back office activities of non-resident Indian accounts, opening of new bank accounts for customers who seek web broking services and recovery of service charges for accounts for holding shares in book-entry form.
Operational Treasury
Controls
and
Procedures
in
ICICI Bank has a high level of automation in trading operations. ICICI Bank uses technology to monitor risk limits and exposures. ICICI Banks front office, back office and accounting and reconciliation functions are fully segregated in both the domestic treasury and foreign exchange
50
treasury. The respective middle offices use various risk monitoring tools such as counterparty limits, position limits, exposure limits and individual dealer limits. Procedures for reporting breaches in limits are also in place. ICICI Banks front office treasury operations for rupee transactions consists of operations in fixed income securities, equity securities and inter-bank money markets. ICICI Banks dealers analyze the market conditions and take views on price movements. Thereafter, they strike deals in conformity with various limits relating to counterparties, securities and brokers. The deals are then forwarded to the back office for settlement. The inter-bank foreign exchange treasury operations are conducted through Reuters dealing systems. Brokered deals are concluded through voice systems. Deals done through Reuters systems are captured on a real time basis for processing. Deals carried out through voice systems are input in the system by the dealers for processing. The entire process from deal origination to settlement and accounting takes place via straight through processing. The processing ensures adequate checks at critical stages. Trade strategies are discussed frequently and decisions are taken based on market forecasts, information and liquidity considerations. Trading operations are conducted in conformity with the code of conduct prescribed by internal and regulatory guidelines. The Treasury Middle Office Group, which reports to the Executive Director, Corporate Centre, monitors counterparty limits, evaluates the mark-to-market impact on various positions taken by dealers and monitors market risk exposure of the investment portfolio and adherence to various market risk limits set up by the Risk, Compliance and Audit Group. ICICI Banks back office undertakes the settlement of funds and securities. The back office has procedures and controls for minimizing operational risks, including procedures with respect to deal confirmations with counterparties, verifying the authenticity of counterparty checks and securities, ensuring receipt of contract notes from brokers, monitoring receipt of interest and principal amounts on due dates, ensuring transfer of title in the case of purchases of securities, reconciling actual security holdings with the holdings pursuant to the records and reports any irregularity or shortcoming observed.
Audit
51
The Internal Audit Group undertakes a comprehensive audit of all business groups and other functions, in accordance with a risk-based audit plan. This plan allocates audit resources based on an assessment of the operational risks in the various businesses. The Internal Audit group conceptualizes and implements improved systems of internal controls, to minimize operational risk. The audit plan for every fiscal year is approved by the Audit Committee of ICICI Banks board of directors. The Internal Audit group also has a dedicated team responsible for information technology security audits. Various components of information technology from applications to databases, networks and operating systems are covered under the annual audit plan. The Reserve Bank of India requires banks to have a process of concurrent audits at branches handling large volumes, to cover a minimum of 50.0% of business volumes. ICICI Bank has instituted systems to conduct concurrent audits, using reputed chartered accountancy firms. Concurrent audits have also been arranged at the Regional Processing Centers and other centralised processing operations to ensure existence of and adherence to internal controls.
Legal Risk
The uncertainty of the enforceability of the obligations of ICICI Banks customers and counterparties, including the foreclosure on collateral, creates legal risk. Changes in law and regulation could adversely affect ICICI Bank. Legal risk is higher in new areas of business where the law is often untested by the courts. ICICI Bank seeks to minimize legal risk by using stringent legal documentation, employing procedures designed to ensure that transactions are properly authorized and consulting internal and external legal advisors.
52
ICICI Banks derivative transactions are subject to counter-party risk to the extent particular obligors are unable to make payment on contracts when due.
Loan Portfolio
Our gross loan portfolio, which includes loans structured as debentures and preferred stock, was Rs. 684.6 billion (US$ 14.4 billion) at year-end fiscal 2003, an increase of 22.2% over ICICIs gross loan portfolio of Rs. 560.2 billion (US$ 11.8 billion), at year-end fiscal 2002. At year-end fiscal 2002, ICICIs gross loan portfolio decreased 11.8% to Rs. 560.2 billion (US$ 11.8 billion) from Rs. 635.1billion (US$ 13.3 billion) at yearend fiscal 2001, primarily due to securitization and sell-down of ICICIs loan portfolio. Approximately 86.5% of our gross loans were rupee loans at year-end fiscal 2003. At year-end fiscal 2003, our balance outstanding in respect of loans of corporates outside India was Rs. 536 million (US$ 11 million), representing approximately 0.1% of our total gross loan portfolio.
consumer durable products, medical equipment and farm and construction equipment, and personal loans and credit card receivables. Corporate finance and project finance loans are typically secured by a first lien on fixed assets, which normally consists of property, plant and equipment. These security interests are perfected by the registration of these interests within 30 days with the Registrar of Companies pursuant to the provisions of the Indian Companies Act. We may also take security of a pledge of financial assets like marketable securities, corporate guarantees and personal guarantees. This registration amounts to a constructive public notice to other business entities. Working capital loans are typically secured by a first lien on current assets, which normally consist of inventory and receivables. Additionally, in some cases, we may take further security of a first or second lien on fixed assets, a pledge of financial assets like marketable securities, corporate guarantees and personal guarantees. A substantial portion of our loans to retail customers is also secured by a first lien on the assets financed (predominantly property and vehicles). In general, our loans are over-collateralized. In India, there are no regulations stipulating any loan-to-collateral limits. In India, foreclosure on collateral generally requires a written petition to an Indian court. An application, when made, may be subject to delays and administrative requirements that may result, or be accompanied by, a decrease in the value of the collateral. These delays can last for several years leading to deterioration in the physical condition and market value of the collateral. In the event a corporate borrower makes an application for relief to a specialized quasi-judicial authority called the Board for Industrial and Financial Reconstruction, foreclosure and enforceability of collateral is stayed. In fiscal 2003, the Indian Parliament passed the Securitization and Reconstruction of Financial Assets and Enforcement of Security Interest Act, 2002, which is expected to strengthen the ability of lenders to resolve nonperforming assets by granting them greater rights as to enforcement of security and recovery of dues. Petitions challenging the constitutional validity of this legislation are currently pending before the Indian Supreme Court. There can be no assurance that the legislation in its current form will be upheld by the Indian Supreme Court or that it will have a favorable impact on our efforts to resolve non-performing assets. See Overview of the Indian Financial Sector Recent Structural Reforms Legislative Framework for Recovery of Debts due to Banks.
54
We recognize that our ability to realize the full value of the collateral in respect of current assets is difficult, due to, among other things, delays on our part in taking immediate action, delays in bankruptcy foreclosure proceedings, defects in the perfection of collateral and fraudulent transfers by borrowers. However, cash credit facilities are so structured that we are able to capture the cash flows of our customers for recovery of past due amounts. In addition, we have a right of set-off for amounts due to us on these facilities. Also, we monitor the cash flows of our working capital loan customers on a daily basis so that we can take any actions required before the loan becomes impaired. On a case-by case basis, we may also stop or limit the borrower from drawing further credit from its facility.
Loan Concentration
We follow a policy of portfolio diversification and evaluate our total financing exposure in a particular industry in light of our forecasts of growth and profitability for that industry. ICICI Banks Risk, Compliance and Audit Group monitors all major sectors of the economy and specifically follows industries in which ICICI Bank has credit exposures. We seek to respond to any economic weakness in an industrial segment by restricting new credits to that industry segment and any growth in an industrial segment by increasing new credits to that industry segment, resulting in active portfolio management. ICICI Banks current policy is to limit its loan portfolio to any particular industry (other than retail loans) to 15.0%. Pursuant to the guidelines of the Reserve Bank of India, ICICI Banks credit exposure to individual borrowers must not exceed 15.0% of its capital funds comprising Tier 1 and Tier 2 capital, calculated pursuant to the guidelines of the Reserve Bank of India, under Indian GAAP. Credit exposure to individual borrowers may exceed the exposure norm of 15.0% of a banks capital funds by an additional 5.0% (i.e. up to 20.0%) provided the additional credit exposure is on account of infrastructure financing. ICICI Banks exposure to a group of companies under the same management control must not exceed 40.0% of its capital funds unless the exposure is in respect of an infrastructure project. In that case, the exposure to a group of companies under the same management control may be up to 50.0% of ICICI Banks capital funds. Pursuant to the Reserve Bank of India guidelines, exposure for funded facilities is calculated as the total approved limit or the outstanding funded amount, whichever is higher (for term loans, as undisbursed commitments plus the outstanding amount). Exposure for non-funded facilities is calculated as 50.0% of the approved amount or
55
the outstanding non-funded amount, whichever is higher (100.0% of the approved amount or the outstanding non-funded amount, whichever is higher, with effect from fiscal 2004). ICICI Bank is incompliance with these limits, except in the case of two borrowers to whom its exposure is in excess ofthe single exposure limit. The excess over the single borrower exposure limits in respect of these two borrowers is mainly due to the reduction in the level of reserves under Indian GAAP, as a result of adjustments arising out of the amalgamation. ICICIs exposure to these borrowers was not in excess of the limit at the time of providing the assistance. The Reserve Bank of India has granted its approval for exceeding the single exposure limit in the case of these two borrowers until the date of completion or stabilization of the projects.
Geographic Diversity
Except as described below, our portfolios were geographically diversified throughout India, primarily reflecting the location of our corporate borrowers. The states of Maharashtra and Gujarat, two of the most industrialized states in India, accounted for the largest proportion of our gross loans outstanding at year-end fiscal 2003.
Directed Lending
The Reserve Bank of India requires banks to lend to certain sectors of the economy. Such directed lending is comprised of priority sector lending, export credit and housing finance.
56
While granting its approval for the amalgamation, the Reserve Bank of India stipulated that since ICICIs loans transferred to us were not subject to the priority sector lending requirement, we are required to maintain priority sector lending of 50.0% of our net bank credit on the residual portion of our advances (i.e. the portion of our total advances excluding advances of ICICI at year-end fiscal, 2002, henceforth referred to as residual net bank credit). This additional 10.0% priority sector lending requirement will apply until such time as our aggregate priority sector advances reach a level of40.0% of our total net bank credit. The Reserve Bank of Indias existing instructions on sub-targets under priority sector lending and eligibility of certain types of investments/ funds for qualification as priority sector advances apply to us. We are required to comply with the priority sector lending requirements at the end of each fiscal year. Any shortfall in the amount required to be lent to the priority sectors may be required to be deposited with government sponsored Indian development banks like the National Bank for Agriculture and Rural Development and the Small Industries Development Bank of India. These deposits have a maturity of up to five years and carry interest rates lower than market rates.
57
Competition
As a result of the acquisition of Bank of Madura, we became and continue to be the largest private sector bank in India and as a result of the amalgamation; we became and continue to be the second largest bank in India, in terms of total assets. We face strong competition in all our principal areas of business from Indian and foreign commercial banks, housing finance companies, mutual funds and investment banks. We believe that our principal competitive advantage over our competitors arises from our innovative products and services, our use of technology, our long-standing customer relationships and our highly motivated and skilled employees. Because of these factors, we believe that we have a strong competitive position in the Indian financial services market. We evaluate our competitive position separately in respect of our products and services for retail and corporate customers.
58
Traditionally, foreign banks have been active in providing trade finance, fee-based services and other short-term financing products to top tier Indian corporations. We effectively compete with foreign banks in cross-border trade finance as a result of our wider geographical reach relative to foreign banks and our customized trade financing solutions. We have established strong fee-based cash management services and compete with foreign banks due to our technological edge and competitive pricing strategies. Other new private sector banks also compete in the corporate banking market on the basis of efficiency, service delivery and technology. However, our strong corporate relationships, wider geographical reach and ability to use technology to provide innovative, value-added products and services provide us with a competitive edge. In project finance, ICICIs primary competitors were established long-term lending institutions. In recent years, Indian and foreign commercial banks have sought to expand their presence in this market. We believe that we have a competitive advantage due to our strong market reputation and expertise in risk evaluation and mitigation. We believe that our in-depth sector specific knowledge has allowed us to gain credibility with project sponsors, overseas lenders and policy makers.
59
60
Internal Controls
The Bank has an in-built internal control system with well-defined responsibilities at each level. The Inspection & Management Audit Department of the Bank carries out 3 streams of audit- Inspection and Audit, Credit Audit and Management Audit covering different facets of Banks activities.
Credit Audit
Credit Audit aims at achieving continuous improvement in the quality of Commercial Credit portfolio with the exposures of Rs. 5 crore and above. Duly aligned with Risk Focused Internal Audit, it examines the probability of default, identifies risks and suggests risk mitigation measures.
Management Audit
Management audit which has been reoriented to focus on the effectiveness of risk management in processes and the procedures is conducted under 2 streams viz. General Management Audit (GMA Every 4/5 years) and Risk Management Audit (RMAEvery 2/3 years). Risk Management Audit of four Circles was taken up and completed during the current year.
61
Composition of the Committee The Committee has 4 members: 1. MD&GE (NB) 2. MD & GE (CB) 3. Two non-executive Directors Sarvashri P.R. Khanna and Suman K. Bery
Meetings
RMCB meets quarterly or more often if the situation so demands. The Committee met 4 times during the year.
62