A TRAINING REPORT

ON
(Risk management in banks)

Submitted to:
Satyug Darshan Institute of Engineering and Technology
By:
NAME: KAJAL
ROLLNO-( )

Batch 2015 – 2018

In Partial Fulfillment of
Bachelor of Business Administration
(Industry-Integrated)
(Specialization: Financial Services and Banking)
MAHARSHI DAYANAND UNIVERSITY
ROHTAK
(MAY, 2016)

Satyug Darshan Institute of Engineering and Technology

Bhupani Lalpur Road, Village Bhupani
Faridabad
 DECLARATION

I, Ms. KAJAL hereby declare that this summer training report is the record
of authentic work carried out by me during the period from 2 Jan to 25
April and has not been submitted to any other University or Institute for
the award of any degree / diploma etc.

(Signature)
Kajal

Date: 25 April
 BONAFIDE CERTIFICATE

This is to certify that Ms. Kajal of Satyug Darshan Institute of Engineering and
Technology has successfully completed the project work (Risk management in
banks) in partial fulfillment of requirement for the completion of Bachelor in
Business Administration (BBA IIFSB) course as prescribed by the Maharishi
Dayanand University, Rohtak, (HARYANA).

This project report is the record of authentic work carried out by him/her during
the period from 2 Jan to 25 April He / she has worked under my guidance.

(Signature)

Dr. Sapna taneja

Assistant Professor, BBA Department

Project Guide (Internal)

Date: Counter signed by

(Signature)

Mr. Ravi Bakshi

Department Coordinator (BBA Department)

 ACKNOWLEDGEMENT

Before we get into thick of things, I would like to add a few words of appreciation for the
people who have been a part of this project right from its inception. The writing of this project has
been one of the significant academic challenges I have faced and without the support, patience,
and guidance of the people involved, this task would not have been completed. It is to them I owe
my deepest gratitude.
It gives me immense pleasure in presenting this project report on "Risk management in
banks”. It has been my privilege to have a team of project guide who have assisted me from the
commencement of this project. The success of this project is a result of sheer hard work, and
determination put in by me with the help of my project guide. I hereby take this opportunity to add
a special note of thanks for Mr. Amit Virmani, who undertook to act as my mentor despite her
many other academic and professional commitments. Her wisdom, knowledge, and commitment
to the highest standards inspired and motivated me. Without her insight, support, and energy, this
project wouldn't have kick-started and neither would have reached fruitfulness.
I also feel heartiest sense of obligation to my library staff members & seniors, who helped
me in collection of data & resource material & also in its processing as well as in drafting
manuscript. The project is dedicated to all those people, who helped me while doing this project.

KAJAL
 TABLE OF CONTENT

S.NO PARTICULARS PAGE NO.

1 INTRODUCTION TO THE STUDY-

 Objectives
 Scope
 Limitations of the study

2 DEFINITION OF RISK-

 What is risk?
 What is risk management? Does it eliminate risk?
 Process of risk management?
 Types of risk in banking?

3 CASE STUDY RELATED TO ICICI BANK:

4 STUDY OF OPERATIONAL RISK AND CREDIT RISK AT

PUNJAB NATIONAL BANK:

5 CONCLUSION:

6 REFERENCE:
OBJECTIVES

To study broad outline of management of credit, market and operational risks associated with
banking sector.

Though the risk management area is very wide and elaborated, still the project covers whole
subject in concise manner.

The study aims at learning the techniques involved to manage the various types of risks, various
methodologies undertaken. The application of the techniques involves us to gain an insight into
the following aspects:

 An overview of the risks in general.

 An insight of the various credit, market and operational risks attached to the
banking sector
 The methodology related to the management of operational risk followed at PNB.
 Tools applied in for measurement and management of various types of risks.
 Having an insight into the practical aspects of the working of various departments.
SCOPE OF THE STUDY

The report seeks to present a comprehensive picture of the various risks inherent in the bank. The
risks can be broadly classified into three categories:

 Credit risk
 Market risk
 Operational risk

Within each of these broad groups, an attempt has been made to cover as comprehensively as
possible, the various sub-groups

LIMITATION OF THE STUDY

1. The major limitation of this study shall be data availability as the data is proprietary and not
readily shared for dissemination.

2. Due to the ongoing process of globalization and increasing competition, no one model or method
will suffice over a long period of time and constant up gradation will be required. As such the
project can be considered as an overview of the various risks prevailing in Punjab National Bank
and in the Banking Industry.

3. Each bank, in conforming to the RBI guidelines, may develop its own methods for measuring
and managing risk.

4. The concept of risk management implementation is relatively new and risk management tools
can prove to be costly.
5. Out of the various ways in which risks can be managed, none of the method is perfect and may
be very diverse even for the work in a similar situation for the future.

6. Due to ever changing environment, many risks are unexpected and the remedial measures
available are based on general experience from the past.

7. Selection of methods depends on the firm’s expectations as well as the risk appetite. Also risks
can only be minimized not completely erased.
INTRODUCTION
INTRODUCTION

Banks in the process of financial intermediation are confronted with various kinds of financial and
non-financial risks viz., credit, interest rate, foreign exchange rate, liquidity, equity price,
commodity price, legal, regulatory, reputation, etc. These risks are highly interdependent and
events that affect one area of risk can have ramifications for a range of other risk categories. Thus,
top management of banks should attach considerable importance to improve the ability to identify
measure, monitor and control the overall level of risks undertaken.

The Banking sector has a pivotal role in the development of an economy. It is the key driver of
economic growth of the country and has a dynamic role to play in converting the idle capital
resources for their optimum utilization so as to attain maximum productivity. In fact, the
foundation of a sound economy depends on how sound the Banking sector is and vice versa.

In India, the banking sector is considerably strong at present but at the same time, banking is
considered to be a very risky business. Financial institutions must take risk, but they must do so
consciously. However, it should be borne in mind that banks are very fragile institutions which are
built on customers’ trust, brand reputation and above all dangerous leverage. In case something
goes wrong, banks can collapse and failure of one bank is sufficient to send shock waves right
through the economy. Therefore, bank management must take utmost care in identifying the type
as well as the degree of its risk exposure and tackle those effectively. Moreover, bankers must see
risk management as an ongoing and valued activity with the board setting the example.

As risk is directly proportionate to return, the more risk a bank takes, it can expect to make more
money. However, greater risk also increases the danger that the bank may incur huge losses and
be forced out of business. In fact, today, a bank must run its operations with two goals in mind –
to generate profit and to stay in business. Banks, therefore, try to ensure that their risk taking is
informed and prudent. Thus, maintaining a trade-off between risk and return is the business of risk
management. Moreover, risk management in the banking sector is a key issue linked to financial
system stability. Unsound risk management practices governing bank lending often plays a central
role in financial turmoil, most notably seen during the Asian financial crisis of 1997-1999.

The significant transformation of the banking industry in India is clearly evident from the changes
that have occurred in the financial markets, institutions and products. While deregulation has
opened up new vistas for banks to argument revenues, it has entailed greater competition and
consequently greater risks. Cross- border flows and entry of new products, particularly derivative
instruments, have impacted significantly on the domestic banking sector forcing banks to adjust
the product mix, as also to effect rapid changes in their processes and operations in order to remain
competitive to the globalized environment. These developments have facilitated greater choice for
consumers, who have become more discerning and demanding compelling banks to offer a broader
range of products through diverse distribution channels. The traditional face of banks as mere
financial intermediaries has since altered and risk management has emerged as their defining
attribute.

Currently, the most important factor shaping the world is globalization. The benefits of
globalization have been well documented and are being increasingly recognized. Integration of
domestic markets with international financial markets has been facilitated by tremendous
advancement in information and communications technology. But, such an environment has also
meant that a problem in one country can sometimes adversely impact one or more countries
instantaneously, even if they are fundamentally strong.

There is a growing realization that the ability of countries to conduct business across national
borders and the ability to cope with the possible downside risks would depend, interalia, on the
soundness of the financial system. This has consequently meant the adoption of a strong and
transparent, prudential, regulatory, supervisory, technological and institutional framework in the
financial sector on par with international best practices. All this necessitates a transformation: a
transformation in the mindset, a transformation in the business processes and finally, a
transformation in knowledge management. This process is not a one shot affair; it needs to be
appropriately phased in the least disruptive manner.
The banking and financial crises in recent years in emerging economies have demonstrated that,
when things go wrong with the financial system, they can result in a severe economic downturn.
Furthermore, banking crises often impose substantial costs on the exchequer, the incidence of
which is ultimately borne by the taxpayer. The World Bank Annual Report (2002) has observed
that the loss of US $1 trillion in banking crisis in the 1980s and 1990s is equal to the total flow of
official development assistance to developing countries from 1950s to the present date. As a
consequence, the focus of financial market reform in many emerging economies has been towards
increasing efficiency while at the same time ensuring stability in financial markets.

From this perspective, financial sector reforms are essential in order to avoid such costs. It is,
therefore, not surprising that financial market reform is at the forefront of public policy debate in
recent years. The crucial role of sound financial markets in promoting rapid economic growth and
ensuring financial stability. Financial sector reform, through the development of an efficient
financial system, is thus perceived as a key element in raising countries out of their 'low level
equilibrium trap'. As the World Bank Annual Report (2002) observes, ‘a robust financial system
is a precondition for a sound investment climate, growth and the reduction of poverty ’.

Financial sector reforms were initiated in India a decade ago with a view to improving efficiency
in the process of financial intermediation, enhancing the effectiveness in the conduct of monetary
policy and creating conditions for integration of the domestic financial sector with the global
system. The first phase of reforms was guided by the recommendations of Narsimhan Committee.

 The approach was to ensure that ‘the financial services industry operates on the basis of
operational flexibility and functional autonomy with a view to enhancing efficiency,
productivity and profitability'.
 The second phase, guided by Narsimhan Committee II, focused on strengthening the
foundations of the banking system and bringing about structural improvements. Further
intensive discussions are held on important issues related to corporate governance, reform
of the capital structure, (in the context of Basel II norms), retail banking, risk management
proctechnology, and human resources development, among others.
  Since 1992, significant changes have been introduced in the Indian financial system. These
changes have infused an element of competition in the financial system, marking the
gradual end of financial repression characterized by price and non-price controls in the
process of financial intermediation. While financial markets have been fairly developed,
there still remains a large extent of segmentation of markets and non-level playing field
among participants, which contribute to volatility in asset prices. This volatility is
exacerbated by the lack of liquidity in the secondary markets. The purpose of this paper is
to highlight the need for the regulator and market participants to recognize the risks in the
financial system, the products available to hedge risks and the instruments, including
derivatives that are required to be developed/introduced in the Indian system.

The financial sector serves the economic function of intermediation by ensuring efficient
allocation of resources in the economy. Financial intermediation is enabled through a four-pronged
transformation mechanism consisting of liability-asset transformation, size transformation,
maturity transformation and risk transformation. Risk is inherent in the very act of transformation.
However, prior to reform of 1991-92, banks were not exposed to diverse financial risks mainly
because interest rates were regulated, financial asset prices moved within a narrow band and the
roles of different categories of intermediaries were clearly defined. Credit risk was the major risk
for which banks adopted certain appraisal standards. Several structural changes have taken place
in the financial sector since 1992. The operating environment has undergone a vast change
bringing to fore the critical importance of managing a whole range of financial risks. The key
elements of this transformation process:

1. The deregulation of coupon rate on Government securities.

2. Substantial liberalization of bank deposit and lending rates.
3. A gradual trend towards disintermediation in the financial system in the wake of increased
access of corporates to capital markets.
4. Blurring of distinction between activities of financial institutions.
5. Greater integration among the various segments of financial markets and their increased
order of globalization, diversification of ownership of public sector banks.
6. Emergence of new private sector banks and other financial institutions, and,
7. The rapid advancement of technology in the financial system.
DEFINITION OF
RISK
RISK DEFINED
A risk can be defined as an unplanned event with financial consequences resulting in loss or
reduced earnings. An activity which may give profits or result in loss may be called a risky
proposition due to uncertainty or unpredictability of the activity of trade in future. In other words,
it can be defined as the uncertainty of the outcome.

 Risk is the possibility of loss or damage.

 Risk is the measure of profitability and severity of adverse effects.
 Risk is the potential for realization of unwanted negative consequences of an event.

In any transaction, when there is a possibility of loss, it may be termed as a risky transaction. As
discussed above, risks are inherent in financial intermediation and cannot be eliminated. However,
they cannot only be managed and controlled but even be turned into opportunities.

 What is Risk Management - Does it eliminate risk?

Risk management is a discipline for dealing with the possibility that some future event will
cause harm. It provides strategies, techniques, and an approach to recognizing and confronting any
threat faced by an organization in fulfilling its mission. Risk management may be as uncomplicated
as asking and answering three basic questions:

1. What can go wrong?

2. What will we do (both to prevent the harm from occurring and in the aftermath of an
"incident")?
3. If something happens, how will we pay for it?

Risk management does not aim at risk elimination, but enables the organization to bring
their risks to manageable proportions while not severely affecting their income. This balancing act
between the risk levels and profits needs to be well-planned. Apart from bringing the risks to
manageable proportions, they should also ensure that one risk does not get transformed into any
other undesirable risk. This transformation takes place due to the inter-linkage present among the
various risks. The focal point in managing any risk will be to understand the nature of the
transaction in a way to unbundle the risks it is exposed to.

Risk Management is a more mature subject in the western world. This is largely a result of lessons
from major corporate failures, most telling and visible being the Barings collapse. In addition,
regulatory requirements have been introduced, which expect organizations to have effective risk
management practices. In India, whilst risk management is still in its infancy, there has been
considerable debate on the need to introduce comprehensive risk management practices.

 Objectives of Risk Management Function

Two distinct viewpoints emerge –
 One which is about managing risks, maximizing profitability and creating opportunity out
of risks
 And the other which is about minimizing risks/loss and protecting corporate assets.
The management of an organization needs to consciously decide on whether they want
their risk management function to 'manage' or 'mitigate' Risks.
 Managing risks essentially is about striking the right balance between risks and controls
and taking informed management decisions on opportunities and threats facing an
organization. Both situations, i.e. over or under controlling risks are highly undesirable as
the former means higher costs and the latter means possible exposure to risk.
 Mitigating or minimizing risks, on the other hand, means mitigating all risks even if the
cost of minimizing a risk may be excessive and outweighs the cost-benefit analysis.
Further, it may mean that the opportunities are not adequately exploited.
In the context of the risk management function, identification and management of Risk is
more prominent for the financial services sector and less so for consumer products industry. What
are the primary objectives of your risk management function? When specifically asked in a survey
conducted, 33% of respondents stated that their risk management function is indeed expressly
mandated to optimize risk.
PARAMETERS OF RISK MANAGEMENT FUNCTION SHOULD
ENCOMPASS:

(i) Organizational structure;

(ii) Comprehensive risk measurement approach;
(iii) Risk management policies approved by the Board which should be consistent with the
broader business strategies, capital strength, management expertise and overall
willingness to assume risk;
(iv) Guidelines and other parameters used to govern risk taking including detailed structure
of prudential limits;
(v) Strong MIS for reporting, monitoring and controlling risks;
(vi) Well laid out procedures, effective control and comprehensive risk reporting
framework;
(vii) Separate risk management framework independent of operational Departments and
with clear delineation of levels of responsibilities for management of risk; and
(viii) Periodical review and evaluation.
THE PROCESS OF RISK MANAGEMENT INVOLVES THE FOLLOWING

 Recognition and understanding,

 Measurement and
 Monitoring and control.

For effective risk management, a comprehensive risk management policy has to be formulated
incorporating a detailed structure of limits and guidelines to be followed, and a strong management
information system built up for continuous monitoring and reporting of risk exposures.

Risk management is a process, by which an organization, say a bank, identifies, measures,

monitors and controls its risk exposures. Risk management is a continuous process and not a
onetime activity. Diagrammatically risk management process can be presented as under.
By this process, the bank ensures that:

 Risks are within the tolerances established by the board of directors.

 Risk taking decisions are consistent with strategic business objectives.
 Appropriate processes facilitate explicit and clear risk-taking decisions.
 Expected return compensates for the risk taken and
 Capital allocation is consistent with risk exposures.
 TYPES OF RISKS

As per the RESERVE BANK OF INDIA guidelines issued in October 1999, there are
three major types of risks encountered by the banks and these CREDIT RISK, MARKET RISK
AND OPERATIONAL RISK. In the article, we will see what the components of these three
major risks are. In August 2001, a discussion paper on move towards Risk based Supervision was
published. Further, in September 2001 a guidance note on Credit Risk Management was sent to all
the banks. Recently in March 2002, a guidance note on Market Risk Management was also
circulated to all the banks and this was followed by a discussion paper on Country Risk released
in May 2002.

Risk is the potentiality that both the expected and unexpected events may have as adverse
impact on the bank’s capital or earnings. The expected loss is to be borne by the borrower and
hence is taken care of by adequately pricing the products through risk premium and reserves
created out of the earnings. It is the amount expected to be lost due to changes in credit quality
resulting in default. Whereas, the unexpected loss on account of the individual exposure and the
whole portfolio in entirety is to be borne by the bank itself and hence is to be taken care of by the
capital.
 RISK IN BANKING

TYPES OF
RISK

NON-
FINANCIAL
RISK
FINANCIAL
RISK
OPERATIONAL
STRATE POLITICAL
RISK
MARKET GIC RISK
Credit risk RISK RISK

LIQUIDITY INTEREST RATE

BORROWER INDUSTRY RISK RISK
RISK RISK
 1. CREDIT RISKS:-

Unlike market risks, where the measurement, monitoring, control etc. are to a great extent
centralized. Credit risks management is a decentralized function or activity. This is to say that
credit risk taking activity is spread across the length and breadth of the network of branches, as
lending is a decentralized function. Proper a sufficient care has to be taken for appropriate
management of credit risk.

Credit risk or default risk involves inability or unwillingness of a customer or counterparty to meet
commitments in relation to lending, trading, hedging, settlement and other financial transactions.
The objective of credit risk management is to minimize the risk and maximize banks risk adjusted
rate of return by assuming and maintaining credit exposure within the acceptable parameters.

The Credit Risk is generally made up of transaction risk or default risk and portfolio risk. The
portfolio risk in turn comprises intrinsic and concentration risk. The credit risk of a bank’s
portfolio depends on both external and internal factors.

External factors are the state of the economy, rates and interest rates, trade restrictions,
economic sanctions, wide swings in commodity/equity prices, foreign exchange rates and interest
rates, trade restrictions, economic sanctions, Government policies, etc.

internal factors are deficiencies in loan policies/administration, absence of prudential

credit concentration limits, inadequately defined lending limits for Loan Officers/Credit
Committees, deficiencies in appraisal of borrowers financial position, excessive dependence on
collaterals and inadequate risk pricing, absence of loan review mechanism and post sanction
surveillance, etc.

The credit approval process should aim at efficiency, responsiveness and accurate
measurement of the risk. This will be achieved through a comprehensive analysis of the borrower's
ability to repay, clear and consistent assessment systems, a process which ensures that renewal
requests are analyzed as carefully and stringently as new loans and constant reinforcement of the
credit culture by the top management team.
Another variant of credit risk is counterparty risk. The counterparty risk arises from non-
performance of the trading partners. The non-performance may arise from counterparty’s
refusal/inability to perform due to adverse price movements or from external constraints that were
not anticipated by the principal. The counterparty risk is generally viewed as a transient financial
risk associated with trading rather than standard credit risk.

Credit risk may take various forms, such as:

 in the case of direct lending, that funds will not be repaid;

 in the case of guarantees or letters of credit, that funds will not be forthcoming from the
customer upon crystallization of the liability under the contract;
 in the case of treasury products, that the payment or series of payments due from the
counterparty under the respective contracts is not forthcoming or ceases;
 in the case of securities trading businesses, that settlement will not be effected;
 In the case of cross-border exposure, that the availability and free transfer of currency is
restricted or ceases.

Strategy and Policy

It is essential that each bank develops its own credit risk strategy or enunciates a plan that
defines the objectives for the credit-granting function. This strategy should spell out clearly the
organization’s credit appetite and the acceptable level of risk - reward trade-off at both the macro
and the micro levels.

The strategy would therefore, include a statement of the bank's willingness to grant loans
based on the type of economic activity, geographical location, currency, market, maturity and
anticipated profitability. This would necessarily translate into the identification of target markets
and business sectors, preferred levels of diversification and concentration, the cost of capital in
granting credit and the cost of bad debts.

The policy document should cover issues such as organizational responsibilities, risk measurement
and aggregation techniques, prudential requirements, risk assessment and review, reporting
requirements, risk grading, product guidelines, documentation, legal issues and management of
problem loans. Loan policies apart from ensuring consistency in credit practices, should also
provide a vital link to the other functions of the bank.

The management of credit risk should receive the top management’s attention and the process
should encompass:

TOOLS OF CREDIT RISK MANAGEMENT.

The instruments and tools, through which credit risk management are carried out, are detailed
below:
1. Portfolio management.
2. Loan review mechanism.

1. PORTFOLIO MANAGEMENT.

Stipulate quantitative ceiling on aggregate exposure on specific rating Categories,

distribution of borrowers in various industries, business group rapid portfolio reviews. The existing
framework of tracking the non-performing loans around the balance sheet date does not signal the
quality of the entire loan book. There should be a proper and regular on-going system for
identification of credit weakness well in advance. Initiative steps to preserve the desired the
portfolio quality and integrate portfolio reviews with credit decision making process.

Credit portfolio management emanated from the potential adverse impact of concentration of
exposures and the necessity to optimize the benefit associated with diversification.

Concentration risk is a banking term denoting the overall spread of a bank's outstanding accounts
over the number or variety of debtors to whom the bank has lent money. This risk is calculated
using a "concentration ratio" which explains what percentage of the outstanding accounts each
bank loan represents.
2. MARKET RISK:-
Traditionally, credit risk management was the primary challenge for banks. With progressive
deregulation, market risk arising adverse changes in market variables, such as interest rate, foreign
exchange rate, equity price and commodity price has become relatively more important. Even a
small change in market variables causes substantial changes in income and economic value of
banks.

MARKET RISK may be defined as the possibility of loss to a bank caused by the changes in the
market variables. It is the risk that the value of on/off-balance sheet positions will be adversely
affected by movements in equity and interest rate markets, currency exchange rates and
commodity prices.

Market risk is the risk to the bank’s earnings and capital due to changes in the market level of
interest rates or prices of securities, foreign exchange and equities, as well as the volatilities of
those prices. Market Risk management provides a comprehensive and dynamic framework for
measuring, monitoring and managing liquidity, interest rate, foreign exchange and equity as well
as commodity price risk of a bank that needs to be closely integrated with the banks business
strategy. Scenario analysis and stress testing is yet another tool used to asses areas of potential
problems in a given portfolio. Identification of future changes in economic conditions like:

 ECONOMIC / INDUSTRY OVERTURNS.

 MARKET RISK EVENTS.
 LIQUIDITY CONDITIONS.

That could have unfavorable effect on banks portfolio is a condition precedent for carrying out
stress testing. As the underlying assumption keeps changing from time to time, out-put of the test
should be reviewed periodically.

Market risk arises out of the dynamics of market forces, which, for the banking industry, may
include interest rate fluctuations, maturity mismatches, exchange rate fluctuations, market
competition in terms of services and products, changing customer preferences and requirements
resulting in product obsolescence, coupled with changes national and international politico-
economic scenario. These risks are like perils of the sea, which can be caused by any change-
taking place anywhere in the national and international arena.

Market risks affect banks in two ways:

I. The customer requirements are changing because of the changing economic scenario.
Hence banks have to fine-tune/modify their products to make them customer friendly,
otherwise the obsolescence of products will divert the customers to other banks thereby
reducing the business and profits of the bank concerned.

II. The macro-economic changes in the national and international politico-economic scenario
affect the risk element in different business activities differently. This aspect has assumed
greater importance in the modern age, because of the increasing integration of global
markets.

Since both these aspects are dynamic in nature, with change being the only constant factor,
market risks need to be monitored on a continuous basis and appropriate strategies evolved to keep
these risks within manageable limits. Again, given that one can manage only what one can
measure, measurement of risks on a continuous basis deserves immediate attention.

Market risk can be defined as the risk of losses in on and off balance sheet positions
arising from adverse movement of market variables.
 Market Risk Management

Management of market risk should be the major concern of top management of banks. The
Boards should clearly articulate market risk management policies, procedures, prudential risk
limits, review mechanisms and reporting and auditing systems. The policies should address the
bank’s exposure on a consolidated basis and clearly articulate the risk measurement systems that
capture all material sources of market risk and assess the effects on the bank. The operating
prudential limits and the accountability of the line management should also be clearly defined. The
Asset-Liability Management Committee (ALCO) should function as the top operational unit for
managing the balance sheet within the performance/risk parameters laid down by the Board. The
banks should also set up an independent Middle Office to track the magnitude of market risk on a
real time basis. The Middle Office should comprise of experts in market risk management,
economists, statisticians and general bankers and may be functionally placed directly under the
ALCO. The Middle Office should also be separated from Treasury Department and should not be
involved in the day to day management / ALCO / Treasury about adherence to prudential / risk
parameters and also aggregate the total market risk exposures assumed by the bank at any point of
time.

MARKET RISK TAKES THE FORM OF:-

1) Liquidity Risk
2) Interest Rate Risk
3) Commodity Price Risk and
4) Equity Price Risk

A concise definition of each of the above Market Risk factors and how they are managed is
described below:
 i. LIQUIDITY RISK/MATURITY GAP RISK:-

Liquidity Planning is an important facet of risk management framework in banks. Liquidity

is the ability to efficiently accommodate deposit and other liability decreases, as well as, fund loan
portfolio growth and the possible funding of off-balance sheet claims. A bank has adequate
liquidity when sufficient funds can be raised, either by increasing liabilities or converting assets,
promptly and at a reasonable cost. It encompass the potential sale of liquid assets and borrowings
from money, capital and forex markets. Thus, liquidity should be considered as a defense
mechanism from losses on fire sale of assets.

Liquidity risk is the potential inability of a bank to meet its payment obligations in a timely and
cost effective manner. It arises when the bank is unable to generate cash to cope with a decline in
deposits/liabilities or increase in assets.

The cash flows are placed in different time buckets based on future behavior of assets, liabilities
and 0ff-balance sheet items.

LIQUIDITY may be defined as the ability to meet commitments and/or undertake new
transactions. The most obvious form of liquidity risk is the inability to honour desired withdrawals
and commitments, that is, the risk of cash shortages when it is needed which arises due to maturity
mismatch. Therefore, they generally have a mismatched balance sheet in so far as their short-term
liabilities are greater than short-term assets and long-term assets are greater than long term
liabilities. Liquidity risk is measured by preparing a maturity profile of assets and liabilities, which
enables the management to form a judgment on liquidity mismatch. As the basic problem for a
bank is to ascertain whether it will be able to meet maturing obligations on the date they fall due,
it must prepare a projected cash-flow statement and estimate the probability of facing any liquidity
crisis.

Liquidity measurement is quite a difficult task and can be measured through stock or cash flow
approaches. The key ratios, adopted across the banking system are the other methods of measuring
liquidity risk are: _
  To manage liquidity risk, banks should keep the maturity profile of liabilities
compatible with those of assets.
 The behavioral maturity profile of various components of on/off balance sheet
items is being analyzed and variance analysis is been undertaken regularly.
 Efforts are also being made by some banks to track the impact of repayment of
loans and premature closure of deposits to estimate realistically the cash flow
profile.
 Banks are closely monitoring the mismatches in the category of 1-14 days and 15-
28 days’ time bands and tolerance levels on mismatches are being fixed for
various maturities, depending on asset-liability profile, stand deposit base nature
of cash flows, etc.

Liquidity Risk means, the bank is not in a position to make its repayments, withdrawal, and other
commitments in time. For EXAMPLE two Canadian banks, Northland Bank and Continental
Bank of Canada suffered a run on deposits because of a credit crisis at Canadian commercial
bank.

Liquidity risk consists of FUNDING RISK, TIME RISK, and CALL RISK.

The liquidity risk in banks manifest in different dimensions:

 Funding Risk – It is the need to replace net outflows due to unanticipated

withdrawals/non-renewal of deposits (wholesale and retail)

 Time Risk – It is the need to compensate for non-receipt of expected inflows of

funds, i.e. performing assets turning into non-performing assets; and

 Call Risk – It happens due to crystallization of contingent liabilities and unable to

undertake profitable business opportunities when desirable.
 The Asset Liability Management (ALM) is a part of the overall risk management system
in the banks. It implies examination of all the assets and liabilities simultaneously on a continuous
basis with a view to ensuring a proper balance between funds mobilization and their deployment
with respect to their maturity: (a) profiles, (b) cost, (c) yield (d) risk exposures, etc. It includes
product pricing for deposits as well as advances, and the desired maturity profile of assets and
liabilities.

Tolerance levels on mismatches should be fixed for various maturities depending upon the asset
liability profile, deposit mix, nature of cash flow etc. Bank should track the impact of pre-payment
of loans and premature closure of deposits so as to realistically estimate the cash flow profile.

The first step towards liquidity management is to put in place an effective liquidity management
policy, which, inter alia, should spell out the funding strategies, liquidity planning under
alternative scenarios, prudential limits, liquidity reporting/reviewing, etc.

While the liquidity ratios are the ideal indicator of liquidity of banks operating in developed
financial markets, the ratios do not reveal the intrinsic liquidity profile of Indian banks which are
operating generally in an illiquid market. Experiences show that assets commonly considered as
liquid like Government securities, other money market instruments, etc. have limited liquidity as
the market and players are unidirectional. Thus, analysis of liquidity involves tracking of cash flow
mismatches. For measuring and managing net funding requirements, the use of maturity ladder
and calculation of cumulative surplus or deficit at selected maturity dates is recommended as a
standard tool.

The format prescribed by RBI in this regard under ALM System should be adopted for measuring
cash flow mismatches at different time bands. The cash flows should be placed in different time
bands based on future behavior of assets, liabilities and off-balance sheet items.

In other words, banks should have to analyze the behavioral maturity profile of various
components of on / off- balance sheet items on the basis of assumptions and trend analysis
supported by time series analysis. Banks should also undertake variance analysis, at least, once in
six months to validate the assumptions. The assumptions should be fine-tuned over a period which
facilitates near reality predictions about future behavior of on/off-balance sheet items.

Thus, cash outflows can be ranked by the date on which liabilities fall due, the earliest date a
liability holder could exercise an early repayment option or the earliest date contingencies could
be crystallized.

The difference between cash inflows and outflows in each time period, the excess or deficit of
funds becomes a starting point for a measure of a bank’s future liquidity surplus or deficit, at a
series of points of time.

The banks should also consider putting in place certain prudential limits to avoid liquidity
crisis:

2. Cap on inter-bank borrowings, especially call borrowings;

3. Purchased funds vis-à-vis liquid assets;
4. Core deposits vis-à-vis Core Assets i.e. Cash Reserve Ratio,
Liquidity reserve Ratio and Loans;

5. Duration of liabilities and investment portfolio;

6. Maximum Cumulative outflows. Banks should fix
Cumulative mismatches across all time bands;

Banks should also evolve a system for monitoring high value deposits (other than inter-bank
deposits) say Rs.1 crore or more to track the volatile liabilities. Further the cash flows arising out
of contingent liabilities in normal situation and the scope for an increase in cash flows during
periods of stress should also estimate. It is quite possible that market crisis can trigger substantial
increase in the amount of draw from cash credit/overdraft accounts, contingent liabilities like
letters of credit, etc.
 ii. INTEREST RATE RISK (IRR)

The management of Interest Rate Risk should be one of the critical components of market
risk management in banks. The regulatory restrictions in the past had greatly reduced many of the
risks in the banking system. Deregulation of interest rates has, however, exposed them to the
adverse impacts of interest rate risk.

Interest Rate Risk is the potential negative impact on the Net Interest Income and it refers to the
vulnerability of an institutions financial condition to the movement in interest rates. Changes in
interest rate affect earnings, value of assets, liability, off-balance sheet items and cash flow. Hence,
the objective of interest rate risk management is to maintain earnings, improve the capability,
ability to absorb potential loss and to ensure the adequacy of the compensation received for the
risk taken and effect risk return trade-off.

Management of interest rate risk aims at capturing the risks arising from the maturity and re-pricing
mismatches and is measured both from the earnings and economic value perspective.

The Net Interest Income (NII) or Net Interest Margin (NIM) of banks is dependent on the
movements of interest rates. Any mismatches in the cash flows (fixed assets or liabilities) or
reprising dates (floating assets or liabilities), expose bank’s NII or NIM to variations. The earning
of assets and the cost of liabilities are now closely related to market interest rate volatility.

Interest Rate Risk is the potential negative impact on the Net Interest Income and it refers to the
vulnerability of an institution’s financial condition to the movement in interest rates. Changes in
interest rate affect earnings, value of assets, liabilities, off-balance sheet items and cash flow.
Hence, the objective of interest rate risk management is to maintain earnings, improve the
capability, ability to absorb potential loss and to ensure the adequacy of the compensation received
for the risk taken and affect risk return trade-off.
Management of interest rate risk aims at capturing the risks arising from the maturity and re-pricing
mismatches and is measured both from the earnings and economic value perspective.

Earnings perspective involves analyzing the impact of changes in interest rates on accrual or
reported earnings in the near term. This is measured by measuring the changes in the NET
INTEREST INCOME (NII) equivalent to the difference between total interest income and total
interest expense.

Economic Value perspective involves analyzing the expected cash inflows on assets minus
expected cash outflows on liabilities plus the net cash flows or off-balance sheet items. The
economic value perspective identifies risk arising from long-term interest rate gaps.

In detail Interest Rate Risk is the risk due to changes in market interest rates, which might adversely
affect the bank’s financial condition. The immediate impact of change in interest rates is on the
bank’s earnings through fall in Net Interest Income (NII). Ultimately the impact of the potential
long-term effects of changes in interest rates is on the underlying economic value of bank’s assets,
liabilities and off-balance sheet positions. The interest rate risk when viewed from these two
perspective is called as “Earning’s Perspective” and Economic Value Perspective”, respectively.

In simple terms, high proportion of fixed income assets would mean that any increase in interest
rate will not result in higher interest income (due to fixed nature of interest rate) and likewise
reduction interest rate will not decrease interest income. Low proportion of fixed assets will have
the opposite effect.

Banks have laid down policies with regard to VOLUME, MINIMUM MATURITY, HOLDING
PERIOD, DURATION, STOP LOSS, RATING STANDARDS, etc., for classifying securities in
the trading book. The statement of interest rate sensitivity is being prepared by banks. Prudential
limits on gaps with a bearing on total assets, earning assets or equity have been set up.
Interest rate will be explained with the help of examples:-

For instances, a bank has accepted long-term deposits @ 13% and deployed in cash credit
@ 17%. If the market interest rate falls by 1%, it will have to reduce interest rate on cash credit by
1% as cash credit is reprised quarterly. However, it will not be able to reduce interest on term
deposits. Thus, the net interest income of the bank will go down by 1%.

Or suppose a bank has 90 days deposit @ 9% deployed in one year bond @ 12%. If the market
interest rate arises by 1%, the bank will have to renew the deposits after 90 days at a higher rate.
However it will continue to get interest rate at the old rate from the bond. In this case too, the net
interest income will go down by 1%.

The various types of interest rate risks are identified as follows:-

 Price Risk:-

Price risk occurs when assets are sold before their stated maturities. In the financial market,
bond prices and yields are inversely related. The price risk is closely associated with the trading
book, which is created for making profit out of short-term movements in interest rates. Banks
which have an active trading book should, therefore, formulate policies to limit the portfolio size,
holding period, duration, defeasance period, stop loss limits, marking to market, etc.

 Reinvestment Risk:-

Uncertainty with regard to interest rate at which the future cash flows could be
reinvested is called reinvestment risk. Any mismatches in cash flows would expose the banks to
variations in NII as the market interest rates move in different directions.
MATURITY GAP ANALYSIS

The simplest analytical techniques for calculation of IRR exposure begins with maturity Gap
analysis that distributes interest rate sensitive assets, liabilities and off-balance sheet positions into
a certain number of pre-defined time-bands according to their maturity (fixed rate) or time
remaining for their next reprising (floating rate). Those assets and liabilities lacking definite
reprising intervals (savings bank, cash credit, overdraft, loans, export finance, refinance from RBI
etc.) or actual maturities vary from contractual maturities (embedded option in bonds with put/call
options, loans, cash credit/overdraft, time deposits, etc.) are assigned time-bands according to the
judgment, empirical studies and past experience of banks.

A number of time bands can be used while constructing a gap report. Generally, most of the banks
focus their attention on near-term periods, viz. monthly, quarterly, half-yearly or one year. It is
very difficult to take a view on interest rate movements beyond a year. Banks with large exposures
in the short-term should test the sensitivity of their assets and liabilities even at shorter intervals
like overnight, 1-7 days, 8-1 4 days etc.

In order to evaluate the earnings exposure, interest Rate Sensitive Assets (RSAs) in each time band
are netted with the interest Rate Sensitive Liabilities (RSLs) to produce a reprising ‘Gap’ for that
time band.

The positive Gap indicates that banks have more RSAs than RSLs. A positive or assets sensitive
Gap means that an increase in market interest rates could cause an increase in NII.

Conversely, a negative or liability sensitive Gap implies that the banks NII could decline as a result
of increase in market interest rates. The negative gap indicates that banks have more RSLs than
RSAs. Gap is the difference between a bank’s assets and liabilities maturing or subject to reprising
over a designated period of time.

The Gap is used as a measure of interest rate sensitivity. The Positive or Negative Gap is multiplied
by the assumed interest rate changes to derive the Earnings at Risk (Ear). The Ear method
facilitates to estimate how much the earnings might be impacted by an adverse movement in
interest rates. The changes in interest could be estimated on the basis of past trends, forecasting of
interest rates, etc. the banks should fix Ear which could be based on last/current year’s income and
a trigger point at which the line management should adopt on-or off-balance sheet hedging
strategies may be clearly defined.

The Gap calculations can be augmented by information on the average coupon on assets and
liabilities in each time band and the same could be used to calculate estimates of the level of NII
from positions maturing or due for reprising within a given time-band, which would then provide
a scale to assess the changes in income implied by the gap analysis.

In case banks could realistically estimate the magnitude of changes in market interest rates of
various assets and liabilities (basic risk) and their past behavioral pattern (embedded option risk),
they could standardize the gap by multiplying the individual assets and liabilities by how much
they will change for a given change in interest rate. Thus, one or several assumptions of
standardized gap seem more consistent with real world than the simple gap method. With the
Adjusted Gap, banks could realistically estimate the Ear.

DURATION GAP ANALYSIS

Duration is a measure of change in the value of the portfolio due to change in interest rates.
Duration of an asset or a liability is computed by calculating the weighted average value of all the
cash-flows that it will produce with each cash-flow weighted by the time at which it occurs. It is
expressed in time periods. Duration of high coupon bond is always shorter than duration of low
coupon bonds because of larger cash inflow from higher interest payments. With zero coupon
bonds, the duration would be equal to maturity. By calculating the duration of the entire asset and
liability portfolio, the duration gap can be calculated, that is, the mismatch in asset and liability
duration and, if necessary, corrective action may be taken to create a duration match.

Measuring the duration Gap is more complex than the simple gap model. The attraction of duration
analysis is that it provides a comprehensive measure of IRR for the total portfolio. The duration
analysis also recognizes the time value of money. Duration measure is addictive so that banks can
match total assets and liabilities rather than matching individual accounts. However, Duration Gap
analysis assumes parallel shifts in yield curve. For this reason, it fails to recognize basis risk.

iii. EQUITY PRICE RISK:-

Equity Price Risk is the risk of loss in value of the bank’s equity investments and/or equity
derivative instruments arising out of change in equity prices.

iv. COMMODITY PRICE RISK:-

The risk of loss in value of commodity held / traded by the bank, arising out of changes in prices,
basis mismatch, forward price etc.

3. OPERATIONAL RISK:-

“Operational Risk is defined as the risk of direct or indirect loss resulting from inadequate
or failed internal processes, people and system or from external events.”

Generally, operational risk is defined as any risk, which is not categorized as market or credit risk,
or the risk of loss arising from various types of human or technical error. It is also synonymous
with settlement or payments risk and business interruption, administrative and legal risks.
Operational risk has some form of link between credit and market risks. An operational problem
with a business transaction could trigger a credit or market risk.

Indeed, so significant has operational risk become that the bank for International Settlement (BIS)
has proposed that, as of 2006, banks should be made to carry a Capital cushion against losses from
this risk.
Managing operational risk is becoming an important feature of sound risk management practices
in modern financial markets in the wake of phenomenal increase in the volume of transactions,
high degree of structural changes and complex support systems.

The most important type of operational risk involves breakdowns in internal controls and corporate
governance.

Such breakdowns can lead to financial loss through error, fraud, or failure to perform in a timely
manner or cause the interest of the bank to be compromised.

The objectives of Operational Risk Management is to reduce the expected operational losses that
focuses on systematic removal of operational risk sources and uses a set of key risk indicators to
measure and control risk on continuous basis. The ultimate objective of operational risk
management is to enhance the shareholder’s value by being ready for risk based capital allocation.

There is no uniformity of approach in measurement of Operational Risk in the banking system at

present bank’s operational risks can be classified into following six exposure classes:-

 People
 Process
 Management
 System
 Business and
 External
To each of this exposure classes within each business line are attached certain risk categories under
which the bank can incur losses or potential losses.

Bank collected information at first instance for a 5 year period and is being updated on a six
monthly basis June and December. These date help in qualifying the overall potential / actual loss
on account of Operational Risk and initiate measure for plugging these risk areas.

Bank may suitably at a later date move to appropriate models for measuring and managing
Operational Risk also after receipt of RBIs Guidance Note.
MEASUREMENT

There is no uniformity of approach in measurement of operational risk in the banking system.

Besides, the existing methods are relatively simple and experimental, although some of the
international banks have made considerable progress in developing more advanced techniques for
allocating capital with regard to operational risk.

Measuring operational risk requires both estimating the probability of an operational loss event
and the potential size of the loss. It relies on risk factor that provides some indication of the
likelihood of an operational loss event occurring. The process of operational risk assessment needs
to address the likelihood (or frequency) of a particular operational risk occurring, the magnitude
(or severity) of the effect of the operational risk on business objectives and the options available
to manage and initiate actions to reduce/mitigate operational risk. The set of risk factors that
measure risk in each business unit such as audit ratings, operational data such as volume, turnover
and complexity and data on quality of operations such as error rate or measure of business risks
such as revenue volatility, could be related to historical loss experience. Banks can also use
different analytical or judgmental techniques to arrive at an overall operational risk level. Some of
the international banks have already developed operational risk rating matrix, similar to bond
credit rating. The operational risk assessment should be bank-wide basis and it should be reviewed
at regular intervals. Banks, over a period, should develop internal systems to evaluate the risk
profile and assign economic capital within the RAROC framework.
RISK IS A SERIOUS BUSINESS

Why do organizations take risks? The apt answer would be-to make some handsome gains. Banks,
the world over, generally, it is said that “NO RISK-NO GAIN”, but sometimes, taking risk
becomes disastrous for the organizations. It is evident from above that if risk are not managed
properly, even the survival of the bank may become under threat, risk management has, therefore,
become an important area, which needs to be looked into with great concern and care.

WHAT TO DO ABOUT RISK?

Once the risks have been identified, the million dollar question is – What to do about the Risks?
The suitable answer to this question would be to manage the risks in an efficient and effective
manner so that the organization incurs minimum loss.

The resource available to banks could be:-

 If the risk is at prospective stage, try to avoid it.

 If the risk is likely to occur, and it is unavoidable, accept the risk and retain it on an
economically justifiable basis.
 Try to execute some effective actions as to reduce or eliminate the loss likely to be
incurred due to happening of the particular risky incident.
 Try to diversify within a portfolio of risks with a view to shortening the loss.
 For risky business areas, introduction of prudent exposure norms, in advances, may
help in minimizing the loss.
 Sound risks management procedures and information systems, if put in place in the
right perspective, will help in taking timely decisions for avoidance of risks.
 If suitable, hedge the risk artificially i.e. counterbalance and neutralize the risk to a
certain degree, by use of derivative instruments. This, in itself, is a very risky option.
 Monitor various categories of risks on continuous basis and report to appropriate
authority so that risks can be overcome in future.
The effective Risk Management Process in Bank’s which does not result in
getting rid of risks, will help in minimizing the losses.

CASE STUDY:

ICICI BANK:

ICICI Bank one of India’s large private sector Bank with Global Operations, had a requirement
for an end to end integrated Enterprise Technology Solution for Risk Management.

Retain Resource Management and appointed audit team for consulting and implementation
services, successfully achieved their requirements adding substantial value and benefits to their
initiatives.

THE CHALLENGE

Increased Regulatory Compliance requirements and Accountability requires that the Auditors need
to perform large number of Audits, Risk Reviews and Compliance activities, these need to be
repeatable yet qualitative and value oriented; managing workflow manually makes this task
increasingly difficult, and often not cost effective. The Audit Department at ICICI Bank used
manual processes and spreadsheets in executing Audits and maintaining Audit results,
spreadsheets provide flexibility of use but are susceptible to issues relating to security and access
making them often highly unreliable for storing Audit results, it also creates complexities in
relation to managing versions of the spreadsheets. The requirement at ICICI Bank was to
implement an Enterprise solution for managing Audit and Risk reviews, providing the Audit Team
an effective system to plan priorities execute audits and reviews, Knowledge Management, Work
paper management, issue tracking, reporting, and providing various dash boards to the
Management on the Audit and Risk review results. Challenges centered around mapping and
incorporating the processes followed by their internal Audit department, their primary requirement
to view and report on results by way of consolidating splitting, and providing comparative analysis
for both the Banking Business Domain structures and against relevant Processes, Areas, Risks and
Controls. Further to this how effectively could they streamline and improve the diverse and
complex processes followed for Managing Risk Based Internal Audits and risk reviews, while
maintaining and replicating intricacies involved in their existing Manual Audit workflow,
augmenting existing approaches with a technology solutions to drastically simplifying the
Auditors tasks at hand, adding value to it for producing better and uncomplicated results.
Considerable time was spent on Administrative tasks for Resource Management and setting up of
Audits. Report creations was an arduous and time consuming process for the Audit team as they
would have to spend a lot of time collating and presenting the Audit findings in draft reports and
final reports, as well as Meeting Managements Adhoc reporting requirement. Extrapolating
information from Issues, analyzing data and trends is difficult in Risk Audits and Compliance
initiatives that are managed manually and through spreadsheets.

SOLUTION

A well defined Risk and Audit universe structure is created to include all Business Domains,
Processes, units, functions, all types of Audits and Risk Reviews, incorporating perspectives
pertinent to the Internal Audit department for performing their activities. Scalable and flexible
composition created to manage dynamic changes in Business structures. Implemented a practical
and relevant Mechanism that provides an Efficient, effective & streamlined workflow for
managing Audit and Risk Reviews, standardized approach to assessments for all domains with
standard checklists & Assessment Guidance, with work paper manager.

Segregation of Auditor Duties within the Audit team are instituted through user groups within the
system managing the access rights appropriately. Enabled an effective approach to Audit
prioritization, enabling Auditors to concentrate on High risk areas, reduce efforts on mundane
tasks, increase frequency, repeatability and reduce costs. Standardized Checklist Framework
enabled enhanced hierarchical presentation of Processes, Risk, and Controls & Tests. Implemented
an enhanced Risk Scoring Method for better Depiction & Analysis. Enabled a mechanism to
Archive maintain Checklists bringing about effective knowledge management. Established
Internal controls over reporting and mapping of Processes, Risk and Control mapping with relevant
Accounts and Assertions. Established an Integrated Audit Resource Planning & Timesheet
Management system, enabling Instantaneous analysis on Resource availability and utilization.
Built a Simplified extensive issue and action closure processes, with issue categorization,
recording recommendations, action plans and enabled real time and online traceability. Enabled
Instantaneous reporting for impromptu management and Audit Committee Requirements, with
Automation in reporting. Providing various Monitoring Mechanisms & Dashboards, Enterprise
wide Risk dashboards.
THE BENEFIT

• Increased efficiency and effectiveness in Risk Based Internal Audits and Assessments

• Risk Based Audit planning with real time information on patterns & trends in Risks

• Boost in productivity of Auditors by 30 %

• Achieved significant cost savings

• Eliminated gaps and 40 % duplication in Coverage

• Improved Visibility, Enterprise wide Risk and Audit Landscape

• Report Automation with Extensive Comparative real-time Reporting catering to requirements

of Adhoc, management and Audit committee reporting.

• Online real time Issue closure cycle and traceability.

• Established a foundation for relevant GRC convergence

. • Quantitative Score based rating system with Qualitative dimension of Risk Analysis

• Adoption of Best Practices and Adherence to RBI guidelines

Eg. Credit Risk Management of ICICI

Credit risk, the most significant risk faced by ICICI Bank, is managed by the Credit Risk
Compliance & Audit Department (CRC & AD) which evaluates risk at the transaction level as
well as in the portfolio context. The industry analysts of the department monitor all major sectors
and evolve a sectorial outlook, which is an important input to the portfolio planning process. The
department has done detailed studies on default patterns of loans and prediction of defaults in the
Indian context. Risk-based pricing of loans has been introduced.
The functions of this department include

 Review of Credit Origination & Monitoring

 Credit rating of companies/structures
 Default risk & loan pricing
 Review of industry sectors
 Review of large exposures in industries/ corporate groups/ companies
 Ensure Monitoring and follow-up by building appropriate systems such as CAS
 Design appropriate credit processes, operating policies & procedures
 Portfolio monitoring
 Methodology to measure portfolio risk
 Credit Risk Information System (CRIS)
 Focused attention to structured financing deals
 Pricing, New Product Approval Policy, Monitoring
 Monitor adherence to credit policies of RBI

During the year, the department has been instrumental in reorienting the credit processes, including
delegation of powers and creation of suitable control points in the credit delivery process with the
objective of improving customer response time and enhancing the effectiveness of the asset
creation and monitoring activities.

Availability of information on a real time basis is an important requisite for sound risk
management. To aid its interaction with the strategic business units, and provide real time
information on credit risk, the CRC & AD has implemented a sophisticated information system,
namely the Credit Risk Information System. In addition, the CRC & AD has designed a web-
based system to render information on various aspects of the credit portfolio of ICICI Bank.
Operational Risk Management of ICICI

ICICI Bank, like all large banks, is exposed to many types of operational risks. These include
potential losses caused by events such as breakdown in information, communication, transaction
processing and settlement systems/ procedures.

The Audit Department, an integral part of the Risk Compliance & Audit Group, focusses on the
operational risks within the organization. In recent times, there has been a shift in the audit focus
from transactions to controls. Some examples of this paradigm shift are:

 Adherence to internal policies, procedures and documented processes

 Risk Based Audit Plan
 Widening of Treasury operations audit coverage
 Use of Computer Assisted Audit Techniques (CAATs)
 Information Systems Audit
 Plans to develop/ buy software to capture the workflow of the Audit Department

The Audit Department conceptualized and put into operation a Risk Based Audit Plan during the
year 1998-99. The Risk Based Audit Plan envisages allocation of audit resources in accordance
with the risk constituents of ICICI Bank’s business.

.
 Study of Operational Risk at Punjab National Bank

 About Punjab National Bank

Established in 1895 at Lahore, undivided India, Punjab National Bank (PNB) has the

distinction of being the first Indian bank to have been started solely with Indian capital. The

bank was nationalized in July 1969 along with 13 other banks. From its modest beginning, the

bank has grown in size and stature to become a front-line banking institution in India at present.

It is a professionally managed bank with a successful track record of over 110 years.

It has the largest branch network in India - 4525 Offices including 432 Extension Counters

spread throughout the country. With its presence virtually in all the important centers of the

country, Punjab National Bank offers a wide variety of banking services which include

corporate and personal banking, industrial finance, agricultural finance, financing of trade and
 international banking. Among the clients of the Bank are Indian conglomerates, medium and

small industrial units, exporters, non-resident Indians and multinational companies. The large

presence and vast resource base have helped the Bank to build strong links with trade and

industry.

 Operational Risk

Punjab National Bank is exposed to many types of operational risk. Operational risk can result
from a variety of factors, including:
1. Failure to obtain proper internal authorizations,
2. Improperly documented transactions,
3. Failure of operational and information security procedures,
4. Computer systems,
5. Software or equipment,
6. Fraud,
7. Inadequate training and employee errors.

PNB attempts to mitigate operational risk by maintaining a comprehensive system of internal

controls, establishing systems and procedures to monitor transactions, maintaining key back–up
procedures and undertaking regular contingency planning.

I. Operational Controls and Procedures in Branches

PNB has operating manuals detailing the procedures for the processing of various banking
transactions and the operation of the application software. Amendments to these manuals are
implemented through circulars sent to all offices.

When taking a deposit from a new customer, PNB requires the new customer to complete a
relationship form, which details the terms and conditions for providing various banking services.
Photographs of customers are also obtained for PNB’s records, and specimen signatures are
scanned and stored in the system for online verification. PNB enters into a relationship with a
customer only after the customer is properly introduced to PNB. When time deposits become due
for repayment, the deposit is paid to the depositor. System generated reminders are sent to
depositors before the due date for repayment. Where the depositor does not apply for repayment
on the due date, the amount is transferred to an overdue deposits account for follow up.

PNB has a scheme of delegation of financial powers that sets out the monetary limit for each
employee with respect to the processing of transactions in a customer's account. Withdrawals from
customer accounts are controlled by dual authorization. Senior officers have delegated power to
authorize larger withdrawals. PNB’s operating system validates the check number and balance
before permitting withdrawals. PNB’s banking software has multiple security features to protect
the integrity of applications and data.

PNB gives importance to computer security and has s a comprehensive information technology
security policy. Most of the information technology assets including critical servers are hosted in
centralized data centers, which are subject to appropriate physical and logical access controls.

II. Operational Controls and Procedures for Internet Banking

In order to open an Internet banking account, the customer must provide PNB with documentation
to prove the customer's identity, including a copy of the customer's passport, a photograph and
specimen signature of the customer. After verification of the same, PNB opens the Internet banking
account and issues the customer a user ID and password to access his account online.
 III. Operational Controls and Procedures in Regional Processing Centers &
Central Processing Centers

To improve customer service at PNB’s physical locations, PNB handles transaction processing
centrally by taking away such operations from branches. PNB has centralized operations at
regional processing centers located at 15 cities in the country. These regional processing centers
process clearing checks and inter-branch transactions, make inter-city check collections, and
engage in back office activities for account opening, standing instructions and auto-renewal of
deposits.

PNB has centralized transaction processing on a nationwide basis for transactions like the issue of
ATM cards and PIN mailers, reconciliation of ATM transactions, monitoring of ATM functioning,
issue of passwords to Internet banking customers, depositing post-dated cheques received from
retail loan customers and credit card transaction processing. Centralized processing has been
extended to the issuance of personalized check books, back office activities of non-resident Indian
accounts, opening of new bank accounts for customers who seek web broking services and
recovery of service charges for accounts for holding shares in book-entry form.
 IV. Operational Controls and Procedures in Treasury

PNB has a high level of automation in trading operations. PNB uses technology to monitor risk
limits and exposures. PNB’s front office, back office and accounting and reconciliation functions
are fully segregated in both the domestic treasury and foreign exchange treasury. The respective
middle offices use various risk monitoring tools such as counterparty limits, position limits,
exposure limits and individual dealer limits. Procedures for reporting breaches in limits are also in
place.

PNB’s front office treasury operation for rupee transactions consists of operations in fixed income
securities, equity securities and inter-bank money markets. PNB’s dealers analyze the market
conditions and take views on price movements. Thereafter, they strike deals in conformity with
various limits relating to counterparties, securities and brokers. The deals are then forwarded to
the back office for settlement.

The inter-bank foreign exchange treasury operations are conducted through Reuters dealing
systems. Brokered deals are concluded through voice systems. Deals done through Reuters
systems are captured on a real time basis for processing. Deals carried out through voice systems
are input in the system by the dealers for processing. The entire process from deal origination to
settlement and accounting takes place via straight through processing. The processing ensures
adequate checks at critical stages. Trade strategies are discussed frequently and decisions are taken
based on market forecasts, information and liquidity considerations. Trading operations are
conducted in conformity with the code of conduct prescribed by internal and regulatory guidelines.

The Treasury Middle Office Group, monitors counterparty limits, evaluates the mark-to-market
impact on various positions taken by dealers and monitors market risk exposure of the investment
portfolio and adherence to various market risk limits set up by the Risk, Compliance and Audit
Group.
PNB’s back office undertakes the settlement of funds and securities. The back office has
procedures and controls for minimizing operational risks, including procedures with respect to
deal confirmations with counterparties, verifying the authenticity of counterparty checks and
securities, ensuring receipt of contract notes from brokers, monitoring receipt of interest and
principal amounts on due dates, ensuring transfer of title in the case of purchases of securities,
reconciling actual security holdings with the holdings pursuant to the records and reports any
irregularity or shortcoming observed.

V. Audit

The Internal Audit Group undertakes a comprehensive audit of all business groups and other
functions, in accordance with a risk-based audit plan. This plan allocates audit resources based on
an assessment of the operational risks in the various businesses. The Internal Audit group
conceptualizes and implements improved systems of internal controls, to minimize operational
risk. The audit plan for every fiscal year is approved by the Audit Committee of PNB’s board of
directors. The Internal Audit group also has a dedicated team responsible for information
technology security audits. Various components of information technology from applications to
databases, networks and operating systems are covered under the annual audit plan.
 Credit risk of Punjab national bank:

Credit is a core activity of banks & an important source of their earnings, which go to pay interest
to depositors, salaries to employees & dividend to shareholders. In credit, it is not enough that we
have sizable growth in quantity/ volume, it is also necessary to ensure that we have only good
quality growth. To ensure asset quality, proper risk assessment and management right at the
beginning, that is, at the time of taking an exposure, is extremely important. Moreover, with the
implementation of Basel accords, capital has to be allocated for loan assets depending on the risk
perception/ rating of respective assets. It is, therefore, extremely important for every bank to have
a clear assessment of risks of the loan assets. That is why Credit Risk Management is needed. The
study will be able to reveal the procedures need to be followed by the bank regarding credit risk
management at PNB. This study will help to know about the various risks related to credit that
they should avoid. It will help to know the various methods of lending and various indicators or
parameters considered by the bank for measuring the performance of the company. This study will
reveal the pre-sanction and post-sanction follow-up procedures followed by bank. It will help the
customers to understand the procedure for availing credit facilities from the bank. Now Credit risk
mechanism includes the following:

1. The credit risk mechanism consists of policies and practices that ensure credit risk is
measured, and monitored at account level and portfolio level. The Credit Risk Management
policy along with Real Estate Lending Policy and Collateral Management Policy address
the Credit Risk related to lending. Credit Approving Authority, Prudential Exposure
Limits, Risk Rating System, Risk Based Pricing, Portfolio Management are the various
instruments for Management of Credit Risk.

2. The Bank has standardized and well defined approval processes for all credit proposals to
minimize the credit risk associated with them. The Bank has Credit Approval Committee
at different administrative offices as per Govt. of India’s guidelines. The Bank has also
developed credit rating models for exposure above Rs 2.00 lakh and scoring model for
Retail lending schemes. Entire credit portfolio of the Bank is subject to internal credit
rating.
 3. The Bank has implemented LAS (loan and advances by states) which seamlessly integrates
the entire Credit Management Process and provides an assured turnaround time for disposal
of loan applications on one hand and standardized processes on the other hand. It also
covers Loan Monitoring and NPA Management.

4. The Bank constantly strives to improve credit quality and maintain a risk profile that is
diverse in terms of borrowers, products and industry types.

We measure, manage/mitigate and report/monitor our credit risk using the following
philosophy and principles:

 PNB’s credit risk function is independent from its business divisions and in each of our
divisions, credit decision standards, processes and principles are consistently applied.

 A key principle of credit risk management is client credit due diligence. Our client selection is
achieved in collaboration with our business division counterparts who stand as a first line of
defense.

 We aim to prevent undue concentration and tail-risks (large unexpected losses) by maintaining
a diversified credit portfolio. Client, industry, country and product-specific concentrations are
assessed and managed against our risk appetite.

 PNB maintain underwriting standards aiming to avoid large credit risk on a counterparty and
portfolio level. In this regard we assume unsecured cash positions and actively use hedging for
risk mitigation purposes. Additionally, we strive to secure our derivative portfolio through
collateral agreements and may additionally hedge concentration risks to further mitigate credit
risks from underlying market movements.

 Every new credit facility and every extension or material change of an existing credit facility
(such as its tenor, collateral structure or major covenants) to any counterparty requires credit
approval at the appropriate authority level. We assign credit approval authorities to individuals
according to their qualifications, experience and training, and we review these periodically.

 We measure and consolidate all our credit exposures to each obligor across our consolidated
Group on a global basis, in line with regulatory requirements.
 We manage credit exposures on the basis of the “one obligor principle”, under which all
facilities to a group of borrowers which are linked to each other (i.e., by one entity holding a
majority of the voting rights or capital of another) are consolidated under one group.

 We have established within Credit Risk Management – where appropriate – specialized teams
for deriving internal client ratings, analyzing and approving transactions, monitoring the
portfolio or covering workout clients.
CONCLUSION
 CONCLUSION

The objective of risk management is not to prohibit or prevent risk taking, but to ensure that
the risks are consciously taken with full knowledge, clear purpose and understanding so that
it can be measured and mitigated.

The purpose of managing risk is to prevent an institution from suffering unacceptable loss causing
an institution to fail or materially damage its competitive position. Functions of risk management
should actually be bank specific dictated by the size and quality of balance sheet, complexity of
functions, technical/professional manpower and the status of MIS in place in that bank. There may
not be one-size-fits-all risk management module for all the banks to be made applicable uniformity.

As in the international practice, a committee approach may be adopted to manage various risks.
Risk Management Committee, Credit Policy Committee, Asset Liability Management Committee,
etc., are such committee that handles the risk management aspects.

The effectiveness of risk management depends on efficient Management Information System,

computerization and networking of the branch activities. An objective and reliable data base has
to be built up for which bank has to analyses its own past performance data relating to loan defaults,
trading losses, operational losses, etc., and come out with bench ,marks so as to prepare themselves
for the future risk management activities.

A large project involves certain risks, and that is true of banking projects. The Risk Management
is an emerging area that aims to address the problem of identifying and managing the risks
associated with the banking industry. The Risk Management helps banks in preventing problems
even before they occur. In managing the risks, the Board of Directors and Senior Management will
have to play an effective role by formulating clear and comprehensive policies
PNB Employees preferred Credit Risk Rating or Credit Scoring the most preferred activity for
credit risk management. In making future improvements employees of PNB bank was more
concerned with the early warning system. Employees of PNB considered Credit Approval
Authority, Risk ratings and Portfolio management. The impact of risk definition in formulating
risk management was significantly high in view of PNB employees. PNB also aimed to prevent
large unexpected losses by maintaining a diversified credit portfolio.

The Risk Based Audit Plan envisages allocation of audit resources in accordance with the risk
constituents of ICICI Bank’s business. We find that effectiveness of risk management depends on
efficient management information system.

Credit Risk Management framework in India is on the right track and it is fully based on the RBI’s
guidelines issued in this regard. While ‘risk rating’ is the most important instrument, the others
proper credit administration, prudential limits and loan review are used as very highly important
instruments of credit risk management. Most banks have their credit approving authority at ‘Head
Office Level’. Borrower limits and exposure limits are major prudential limits for credit risk
management. Risk pricing is a modern tool for pricing credit risk in banks. The risk managers were
of the opinion that the implementation of credit risk related guidelines was not a problem for them,
but lack of the understanding of the methodologies / instruments was a cumbersome task for many
of them. They needed to undergo some training/education program in this regard. Hence, the
concerned banks as well as RBI should take appropriate steps to organize high training programs
on risk management.
REFERENCE
 REFERENCE:

WEBSITES:
 www.rbi.org
 www.google.co.in
 www.pnbindia.com
 www.icici.com

BOOKS:

 Galai, mark, crouny, Risk management, second edition.

 Saunders Anthony, credit risk management, second edition.

 Schleiferr Bell, Risk management, third edition.