Core Risks in Banks
Main risks involve in Banks:
Credit Risk: The danger of default by a borrower to whom a bank has extended it credit.
Liquidity Risk: The danger of having insufficient cash to meet bank’s obligations when due.
Market Risks: The danger of changing market values of bank’s assets, liabilities, and equity that may bring about loss.
Interest Rate: The danger that shifting interest rates may adversely affect a bank’s net income, the value of its assets or equity.
Earnings Risks: The danger that a bank’s rate of return on assets or equity or its net earnings may fall.
Solvency Risks: The danger that a bank may fail due to negative profitability and erosion of its capital.
Other forms of Risks:
Inflation Risk:
The probability that an increasing price level for goods and services (inflation) will unexpectedly erode the purchasing power of bank earnings and the return to shareholders
Currency or Exchange Rate Risk:
The probability that fluctuations in market values of foreign currencies
Political Risk:
The probability that changes government laws or regulations, at home and abroad, will adversely affect the bank’s earnings, operations and future prospects
Crime Risk:
The probability that bank owners, employees or customers may choose to violate the law and subject the bank to loss from fraud, embezzlement, theft of other illegal acts.
How to Managing ‘Six Core Risks in Banks’
1. Credit risks
2. Asset & liability/balance sheet risks
2. Asset & liability/balance sheet risks
3. Foreign exchange risks
4. Internal control & compliance risks
5. Money laundering risks
6. IT risks
6. IT risks
1. Credit risks
Credit risk refers to the risk that a borrower will default on any type of debt by failing to make payments which it is obligated to do. The risk is primarily that of the lender and include lost principal and interest, disruption to cash flows, and increased collection costs. The loss may be complete or partial and can arise in a number of circumstances. Credit risk, therefore, arises from the bank’s dealings with or lending to corporate, Individuals, and other banks or financial institutions.
To reduce the lender's credit risk, the lender may perform a credit check on the prospective borrower, may require the borrower to take out appropriate insurance, such as mortgage insurance or seek security or guarantees of third parties, besides other possible strategies. In general, the higher the risk, the higher will be the interest rate that the debtor will be asked to pay on the debt.
Credit risk management is of utmost importance to Banks, and as such, policies and procedures should be endorsed and strictly enforced by the MD/CEO and the board of the Bank.
There are guidelines provided by BB as:
POLICY GUIDELINES
1. Lending Guidelines
2. Credit Assessment & Risk Grading
3. Approval Authority
4. Segregation of Duties
5. Internal Audit
PROCEDURAL GUIDELINES
1. Approval Process
2. Credit Administration
3. Credit Monitoring
4. Credit Recovery
2. Asset & liability/balance sheet risks
Risks that arise due to mismatches between the assets and liabilities (debts and assets) of the bank. Banks manage the risks of asset liability mismatch by matching the assets and liabilities according to the maturity pattern or the matching the duration
Asset Liability Management (ALM) is an integral part of Bank Management; and so, it is essential to have a structured and systematic process for manage the Balance Sheet.
Banks must have a committee comprising of the senior management of the bank to make important decisions related to the Balance Sheet of the Bank. The committee, typically called the Asset Liability Committee (ALCO), should meet at least once every month to analysis, review and formulate strategy to manage the balance sheet. In every ALCO meeting, the key points of the discussion
Specific functions of ALCO are:
1. To receive and review reports on liquidity risk, market risk and capital management as covered in this report.
2. To identify balance sheet management issues like balance sheet gaps, interest rate gap/profiles etc. that are leading to under-performance.
3. To review deposit-pricing strategy for the local market.
4. Review liquidity contingency plan for the bank.
3. Foreign exchange risks
Foreign exchange risk (also known as exchange rate risk or currency risk) is a financial risk posed by an exposure to unanticipated changes in the exchange rate between two currencies. Investors and multinational businesses exporting or importing goods and services or making foreign investments throughout the global economy are faced with an exchange rate risk which can have severe financial consequences if not managed appropriately.
4. Internal control & compliance
Internal control is the process, affected by a company's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the effectiveness and efficiency of operations, the reliability of financial reporting and compliance with applicable laws, regulations, and internal policies.
Internal controls are the policies and procedures established and implemented alone, or in concert with other policies or procedures, to manage and control a particular risk or business activity, or combination of risks or business activities, to which the company is exposed or in which it is engaged.
It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks).
Objective of Internal Control
The primary objective of internal control system in a bank is to help the bank perform better through the use of its resources. Through internal control system bank identifies its weaknesses and takes appropriate measures to overcome the same. The main objectives of internal control are as follows:
1. Performance objectives:
Efficiency and effectiveness of activities
Efficiency and effectiveness of activities
2. Information objectives:
Reliability, completeness and timelines of financial and management Information
3. Compliance objectives:
Compliance with applicable laws and regulations
Compliance with applicable laws and regulations
5. Money Laundering Risks
As per Bangladesh Bank
Money Laundering means -
(i) Properties acquired or earned directly or indirectly through illegal means;
(ii) Illegal transfer, conversion, concealment of location or assistance in the above act of the properties acquired or earned directly of indirectly through legal or illegal means
Stages of Money Laundering
Placement - the physical disposal of the initial proceeds derived from illegal activity.
Layering - separating illicit proceeds from their source by creating complex layers of financial transactions designed to disguise the audit trail and provide anonymity.
Integration - the provision of apparent legitimacy to wealth derived criminally. If the layering process has succeeded, integration schemes place the laundered proceeds back into the economy in such a way that they re-enter the financial system appearing as normal business funds.
Funds which have thus been laundered, apart from supporting and further increasing organized crime, threaten the international financial system and, on an institutional level, promote the development of corruption and risk to threaten the very foundations of the rule of law.
6. IT Risks
The IT risks can be classified under (a) IT environment risks, (b) IT operations risks and (c) product/service risks.
A. IT Environment Risk -
i. Regulatory Risk - The banks operate within a set of regulatory framework. The design and operation of computer systems must comply with the regulatory framework in place. Regulatory breaches can result in diminishing reputation, increased cost of capital, limited business opportunities and punitive action, which may ultimately result into loss of banking operations.
ii. Strategic Risk - IT in banks is implemented to meet business needs. Thus, selection of right type of technology for the right type activity to achieve strategic business needs. When a bank adopts inappropriate IT strategy strategies, the bank may not be able to achieve its effectiveness and loose competitive edge and may place undue pressure on the bank’s IT resources and systems to adapt to new business environment, as new products and services come on-line.
iii. Organization Risk - The organizational structure of a bank can determine the effectiveness of the bank’s use of IT. When the organizational structure fails to provide and define reporting lines and responsibilities for the IT functions, this can lead to misunderstanding of responsibility and a poor distribution of human and financial resources. In addition, poor segregation of duties can increase the risk of error and fraud within a computerized environment.
iv. Location Risk - The technology resources are susceptible to the risks of unforeseen and sometimes naturally occurring events. Depending on the location of a bank’s data processing activities it can be susceptible to natural events such as floods, earthquakes, storms and other events like riots or sabotage.
v. Outsourcing Risk - It is increasingly common for banks to outsource some or all of their data processing activities. When outsourcing takes place there are some additional risks which need to be considered. Without proper management control and documentation, the responsibilities and liabilities of vendor and client may not be clear. Over reliance on single vendor/ supplier increases the risks from their failure and may lead to unacceptably high costs. There is also risk of disclosure of some strategic business information and strategy.
B. IT Operations Risk - Operations risk relates to those risks arising from day to day transaction processing on computer systems.
i. Error Risk - Errors in a computerized environment may arise from a number of sources, including errors made during the development and modification of computer programs simple error in data entry or misuse of some tools and sensitive facilities. These errors may affect the completeness and accuracy of transactions and may result into loss to the bank. The bugs in the application program may also result into errors.
ii. Computer Fraud Risk - A computerized environment provides a number of new opportunities for fraudsters. This is primarily due to the ease with which fraudsters can hide their actions on computer systems and the speed with which fraudulent activity can take place. It is imperative that the banks are aware of the vulnerable points within its system and guards against new opportunities for fraud which may materialize, especially during times of business and system change. Such risks are more likely when the security and control systems are weak or not properly implemented.
iii. Disclosure Risk - Information held on a bank’s computer and passed around its communication network includes very sensitive financial and other data about the bank’s customers. Accidental or intentional disclosure of this information can have a negative impact on bank’s reputation and may result into loss to its customers and legal litigation.
iv. Interruption Risk - The failure of computer and/or communication systems may result into interruption of bank’s operations and business. The impact of discontinuity of computer operations can be dramatic which may lead to customers’ dissatisfaction, loss of business, etc. If computer facilities and related infrastructures are not adequately protected and secured the result may be a major impact upon the business continuity.
C. Product/ Service Risk - Banks may implement technology-based products to improve operational efficiency and effectiveness. Whilst the operational risks associated with these products remain fundamentally unchanged, the way in which management design and implement a control framework to mitigate against those risks is different. The services like ATMs, Electronic Funds Transfer (EFT), and Computer based dealing services, etc. required to be available without any disruption.
No comments:
Post a Comment