21.04.200321.04.2003 11

RISK MANAGEMENT AND RISK RISK MANAGEMENT AND RISK

BASED DISCLOSURE IN BASED DISCLOSURE IN SECURITIES FIRMS SECURITIES FIRMS

YENER COŞKUNYENER COŞKUN

SPECIALIST/ MARKET REGULATIONSPECIALIST/ MARKET REGULATION

CAPITAL MARKETS BOARD OF TURKEYCAPITAL MARKETS BOARD OF TURKEY

Adviser:Adviser:Prof. Anthony M. Santomero.Prof. Anthony M. Santomero.

21.04.200321.04.2003 22

WHAT DOES EVERYBODY WHAT DOES EVERYBODY HATE EXCEPT HATE EXCEPT COMPETITORSCOMPETITORS• IN GOOD TIMES;BAD REPUTATIONIN GOOD TIMES;BAD REPUTATION

• IN BAD TIMES;BANKRUPTCYIN BAD TIMES;BANKRUPTCY

• EVERYBODY? SECURITIES FIRMS AND EVERYBODY? SECURITIES FIRMS AND REGULATORS REGULATORS

21.04.200321.04.2003 33

EVERBODY HURTS SOME EVERBODY HURTS SOME TIME (SOME LEVEL) TIME (SOME LEVEL) • REGULATORS LIKE THE GUYS WHO MANAGE REGULATORS LIKE THE GUYS WHO MANAGE

THEIR RISKS EFFECTIVELYTHEIR RISKS EFFECTIVELY

• EFFECTIVE INTERNAL CONTROL AND RISK EFFECTIVE INTERNAL CONTROL AND RISK MANAGEMENT SYSTEMS ARE THE TOOLS MANAGEMENT SYSTEMS ARE THE TOOLS AFFECTING THE OWNERS AND AFFECTING THE OWNERS AND REGULATORS’ POW REGULATORS’ POW

• BUT REGULATORS STILL NEED TO CARE THE BUT REGULATORS STILL NEED TO CARE THE INDUSTRY; Minimized and managed wrongs INDUSTRY; Minimized and managed wrongs do not rescue the system as a wholedo not rescue the system as a whole

21.04.200321.04.2003 44

DOMINO EFFECTDOMINO EFFECT

• Systemic riskSystemic risk refers to (1) the scenario that a refers to (1) the scenario that a disruptiondisruption at a firm, in a market segment, or to a at a firm, in a market segment, or to a settlement system could cause a "domino effect" settlement system could cause a "domino effect" throughout the financial markets, (2) a "throughout the financial markets, (2) a "crisis of crisis of confidenceconfidence" among investors, creating illiquid conditions " among investors, creating illiquid conditions in the marketplace. Systemic risk encompasses the risk in the marketplace. Systemic risk encompasses the risk that failure in one firm or one segment of the market that failure in one firm or one segment of the market would trigger failure in segments of or throughout the would trigger failure in segments of or throughout the entire financial markets.entire financial markets.

• As a statutory objective, As a statutory objective, regulatorsregulators target to manage target to manage systemic risk in an acceptable/sustainable level by using systemic risk in an acceptable/sustainable level by using some tools such as monitoring, enforcement, external some tools such as monitoring, enforcement, external audit, disclosure etc.audit, disclosure etc.

21.04.200321.04.2003 55

RISK MANAGEMENT AND RISK MANAGEMENT AND DISCLOSURE DISCLOSURE • Regulatory Side of Regulatory Side of

the Story;the Story; The The question is whether question is whether disclosure and effective disclosure and effective risk management risk management systems make positive systems make positive contributions to the contributions to the market efficiency, market efficiency, investor protection and investor protection and systemic risk systemic risk management. management.

21.04.200321.04.2003 66

DOES RM MATTER? DOES RM MATTER? Rationales For RiskManagement Rationales For RiskManagement• The essential motiveThe essential motive of risk of risk

management for a SF is to preserve and management for a SF is to preserve and increase the profit or expected increase the profit or expected shareholder value.shareholder value.

• The SF employs volatility reducing The SF employs volatility reducing strategies, which have the effect of strategies, which have the effect of reducing the variability of earnings. reducing the variability of earnings.

• The financial marketplace strength, as a The financial marketplace strength, as a whole, ultimately depends upon whole, ultimately depends upon individual firms' ability to cover individual firms' ability to cover unexpected losses with capital reserves.unexpected losses with capital reserves.

• The implementation of strong and The implementation of strong and effective risk management and controls effective risk management and controls within securities firms promotes stability within securities firms promotes stability throughout the entire financial system.throughout the entire financial system.

21.04.200321.04.2003 77

MISSION:VMISSION:Volatility Reducing olatility Reducing StrategiesStrategies

• risks that can be risks that can be eliminated or eliminated or avoided by business avoided by business practices;practices;

• risks that can be risks that can be transferred to other transferred to other participants;participants;

• risks that must be risks that must be actively managed at actively managed at the firm level.the firm level.

21.04.200321.04.2003 88

RISK TYPES-I:INTEREST RATERISK TYPES-I:INTEREST RATE

RISK RISK

• Interest Rate RiskInterest Rate Risk; ; the effect of the effect of unanticipated changes in interest rates unanticipated changes in interest rates on portfolios of financial instruments, on portfolios of financial instruments, whether they be assets or liabilities.whether they be assets or liabilities.

• Regulatory bodies and SFs have to evaluate those Regulatory bodies and SFs have to evaluate those three elements very carefully; term structure of the three elements very carefully; term structure of the government-bond portfolio, concentration of the government-bond portfolio, concentration of the government bond portfolio in the asset side of a SF government bond portfolio in the asset side of a SF balance sheet, management of the maturity balance sheet, management of the maturity mismatchingmismatching

21.04.200321.04.2003 99

RISK TYPES-II:MARKET RISKRISK TYPES-II:MARKET RISK

• Market Risk:Market Risk:uncertainty of an FIs earnings resulting uncertainty of an FIs earnings resulting from changes in market conditions such as the price of from changes in market conditions such as the price of assets, interest rates, market volatility and market assets, interest rates, market volatility and market liquidityliquidity

• The VARThe VAR approach evaluates how prices and price approach evaluates how prices and price volatility behaved in the past to determine the range of volatility behaved in the past to determine the range of price movements or risks that might occur in the price movements or risks that might occur in the future.future.

• methodology as good predictors for potential losses, methodology as good predictors for potential losses, and these models will be accepted for purposes of and these models will be accepted for purposes of calculation of capital charges by banks and securities calculation of capital charges by banks and securities firms as from the end of 1997firms as from the end of 1997

21.04.200321.04.2003 1010

RISK TYPES-III:CREDIT RISKRISK TYPES-III:CREDIT RISK

• Credit Risks:Credit Risks:the risk of loss arising from the the risk of loss arising from the failure of a counterparty to perform its failure of a counterparty to perform its obligations under a contract.obligations under a contract.

• For Credit Risk Manegement:For Credit Risk Manegement:

- - The diversification reduces the individual firm The diversification reduces the individual firm specific credit risk but SF still exposed to specific credit risk but SF still exposed to systematic credit risk.systematic credit risk.

- S- Sufficient collateral and marked to the market.ufficient collateral and marked to the market.

--Strong reserves and sufficient equity capital Strong reserves and sufficient equity capital which is proportional to the risk bearing by which is proportional to the risk bearing by the SFs the SFs

21.04.200321.04.2003 1111

RISK TYPES-IV-LIQUIDITY RISK TYPES-IV-LIQUIDITY RISKRISK• Definition;Definition;SFs have sufficient funds to meet SFs have sufficient funds to meet

obligations as they arise without selling assets.SFs obligations as they arise without selling assets.SFs have to fund their commitments not only their effective have to fund their commitments not only their effective economic life but also in the time of liquidation.economic life but also in the time of liquidation.

• Leverage Effect;Leverage Effect; The use of leverage (derivatives, The use of leverage (derivatives, margin and other forms of borrowing)can give rise to margin and other forms of borrowing)can give rise to liquidity riskliquidity risk

• Liquidity Risk Management;Liquidity Risk Management; critical in protecting critical in protecting capital, maintaining market confidence and ensuring capital, maintaining market confidence and ensuring profitable business opportunities.profitable business opportunities.

• Stress testing, scenario analysis;Stress testing, scenario analysis; are applied to are applied to evaluate potential cash requirements arising from evaluate potential cash requirements arising from early termination, collateral. Particularly turbulent early termination, collateral. Particularly turbulent markets. markets.

21.04.200321.04.2003 1212

RISK TYPES-VRISK TYPES-VOFF-BALANCE SHEET RISKOFF-BALANCE SHEET RISK

• By definition does not appear on the By definition does not appear on the current balance sheetcurrent balance sheet

• Other off-balance-sheet activities are Other off-balance-sheet activities are positions in forward, futures, swaps, positions in forward, futures, swaps, options and other derivatives.options and other derivatives.

21.04.200321.04.2003 1313

RISK TYPES-VIRISK TYPES-VI Technology riskTechnology risk• Technology risk occur when Technology risk occur when

technological investment do not technological investment do not produce the antipated cost savings in produce the antipated cost savings in economies in scale or scope.economies in scale or scope.

• Operational risk is partly related to Operational risk is partly related to technology risk and can arise technology risk and can arise whenever existing technology whenever existing technology malfunctions or back-office support malfunctions or back-office support systems break down.systems break down.

21.04.200321.04.2003 1414

RISK TYPES-VIIRISK TYPES-VII

Operational RiskOperational Risk • Definition;Definition;the risk of loss resulting the risk of loss resulting

from inadequate or failed internal from inadequate or failed internal processes such as unauthorized processes such as unauthorized trading, fraud in trading or in back trading, fraud in trading or in back office functions including inadequate office functions including inadequate books and records and a lack of basic books and records and a lack of basic internal accounting controls, internal accounting controls, inexperienced personnel…inexperienced personnel…

• Barings and Daiwa Case; Old But Barings and Daiwa Case; Old But Still Meaningful StoriesStill Meaningful Stories--separate front and back office separate front and back office functionsfunctions

--well-defined limits on the activities well-defined limits on the activities -require confirmation of each -require confirmation of each transaction bookedtransaction booked

21.04.200321.04.2003 1515

RISK TYPES-VIIIRISK TYPES-VIIIForeign Exchange and Foreign Exchange and CountryRiskCountryRisk • Foreign exchange rate riskForeign exchange rate risk arises when a arises when a

financial institution has assets and revenues financial institution has assets and revenues denominated in one currency(or group of denominated in one currency(or group of currencies) and liabilities and costs in currencies) and liabilities and costs in another currency(or group of currencies)another currency(or group of currencies)

• Country or sovereign riskCountry or sovereign risk is the risk that is the risk that repayments from foreign borrowers may be repayments from foreign borrowers may be interrupted because of interference from interrupted because of interference from foreign governments.foreign governments.

21.04.200321.04.2003 1616

RISK TYPES-IXRISK TYPES-IXLegal Risk, Discrete Risks,Agency Legal Risk, Discrete Risks,Agency RiskRisk• Legal riskLegal risk arises from the possibility that an arises from the possibility that an

entity may not be able to enforce a contract entity may not be able to enforce a contract against another party.against another party.

• Discrete risksDiscrete risks involve the sudden and involve the sudden and unexpected changes in financial markets due to unexpected changes in financial markets due to tax, war, revolution, or sudden collapse.tax, war, revolution, or sudden collapse.

• Agency riskAgency risk closely related with the operational closely related with the operational risk arises from existing conflicts of interest risk arises from existing conflicts of interest between the principal (firms and their between the principal (firms and their shareholders) and agents (managers and/or shareholders) and agents (managers and/or employees)employees)

21.04.200321.04.2003 1717

Effective RM and Control Sytem Effective RM and Control Sytem ComponentsComponents• An effective risk management and control system requires;An effective risk management and control system requires;

--Setting an Risk management and control strategySetting an Risk management and control strategy; Analyse ; Analyse the business and risks+ set the quantitative risk exposure the business and risks+ set the quantitative risk exposure limits+support the risks by adequate capital limits+support the risks by adequate capital

--Policies and Procedures to Accomplish the Policies and Procedures to Accomplish the StrategyStrategy;Develop Specific Guideline;Develop Specific Guideline

--Risk measurement systems,Risk measurement systems, VAR should include sensitivity VAR should include sensitivity analysis and stress testing. A contingency plan to be followed in analysis and stress testing. A contingency plan to be followed in adverse circumstances and worst-case scenarios should be adverse circumstances and worst-case scenarios should be developed. developed.

Measurement Problem; Legal/Operational/Reputational/Agency Risk? Measurement Problem; Legal/Operational/Reputational/Agency Risk?

--Compliance monitoring and reporting,Compliance monitoring and reporting,

-Regular assessment of the effectiveness of the policies and -Regular assessment of the effectiveness of the policies and procedures. procedures.

21.04.200321.04.2003 1818

Effective RM and Control Sytem Effective RM and Control Sytem Elements-IElements-I• Control Environment;Control Environment;

-Firms need to establish a mechanism to ensure that they -Firms need to establish a mechanism to ensure that they have internal accounting controls and risk management have internal accounting controls and risk management controls. controls.

-Responsibility for monitoring controls is clearly defined; -Responsibility for monitoring controls is clearly defined; and senior management promotes a culture of controls and senior management promotes a culture of controls at all levels within a firm.at all levels within a firm.

-The control environment's effectiveness is influenced by -The control environment's effectiveness is influenced by several variablesseveral variables

• Management's attitudes, beliefs, and practicesManagement's attitudes, beliefs, and practices

• Degree of external oversight. Degree of external oversight.

• Nature and scope of the governing body and management Nature and scope of the governing body and management committeescommittees

21.04.200321.04.2003 1919

Effective RM and Control Sytem Effective RM and Control Sytem Elements-IIElements-II• Nature and Scope of The Controls;Nature and Scope of The Controls; Firm guidance Firm guidance

and guidance from supervisors should cover both and guidance from supervisors should cover both internal accounting controls and risk management and internal accounting controls and risk management and controls.controls.

• Implementation;Implementation; Firm guidance+written Firm guidance+written documentation about their control procedures.documentation about their control procedures.

• Verification; Verification; The verification procedures should The verification procedures should include --- Internal audits, which should be independent include --- Internal audits, which should be independent of the trading desks and the revenue side of the of the trading desks and the revenue side of the business,business,- - External audits by independent accountants. External audits by independent accountants.

- For supervisors, additional verification would be accomplished - For supervisors, additional verification would be accomplished through an examination process.through an examination process.

21.04.200321.04.2003 2020

Effective RM and Control Sytem Effective RM and Control Sytem Elements-IIIElements-III

• Reporting;Reporting; Firms need to Firms need to establish and supervisors establish and supervisors should require mechanisms to should require mechanisms to report material inadequacies or report material inadequacies or breakdowns in controls to breakdowns in controls to senior management and senior management and supervisors on a timely basissupervisors on a timely basis

21.04.200321.04.2003 2121

Disclosure for SF’s Customers-IDisclosure for SF’s Customers-IShareholder vs. SF’s CustomerShareholder vs. SF’s Customer• The idea;The idea; Disclosure may provide all related parties Disclosure may provide all related parties

such as current and prospective customers with greater such as current and prospective customers with greater transparency and enhances market discipline in the SF’s transparency and enhances market discipline in the SF’s industry.industry.

• The risk is still risk;The risk is still risk; However the risks of the publicly However the risks of the publicly held company’s shareholder and a SF’s customer are in held company’s shareholder and a SF’s customer are in the different context, both of them can face to serious the different context, both of them can face to serious financial troubles due to lack of sufficient information.financial troubles due to lack of sufficient information.

• Poor Guys;Poor Guys; The essential difference between a The essential difference between a shareholder a SF’s customer, shareholder can access shareholder a SF’s customer, shareholder can access much more updated information, therefore, we assume much more updated information, therefore, we assume that the shareholder has a clear idea of his investment that the shareholder has a clear idea of his investment risks.risks.

21.04.200321.04.2003 2222

Disclosure for SF’s Customers-IIDisclosure for SF’s Customers-IIVoluntarily-Regulatory Risk Disclosure Voluntarily-Regulatory Risk Disclosure

• Voluntarily Risk Disclosure;Voluntarily Risk Disclosure;is a tool is a tool for ensuring or enhancing investor for ensuring or enhancing investor confidence. The Board may promote it.confidence. The Board may promote it.

• The question isThe question is whether SFs self- whether SFs self-disclosure practices can give enough disclosure practices can give enough information(or their business secrets) information(or their business secrets) for investor protection. So, for investor protection. So,

• Regulatory Risk Disclosure;Regulatory Risk Disclosure;The most The most effective way for investor protection and effective way for investor protection and market discipline.market discipline.

21.04.200321.04.2003 2323

Disclosure for SF’s Customers-IIIDisclosure for SF’s Customers-III Regulatory Risk Disclosure-NASD Regulatory Risk Disclosure-NASD Rules Rules

• NASD Conduct Rule 2270(NASD Conduct Rule 2270(Disclosure of Financial Disclosure of Financial Condition to Customers)Condition to Customers);; A member shall make A member shall make available to inspection by any bona fide regular customer, available to inspection by any bona fide regular customer, upon request,the information relative to such member's upon request,the information relative to such member's financial condition as disclosed in its most recent balance financial condition as disclosed in its most recent balance sheet.sheet.

• NASD Rule 2910(Disclosure of Financial Condition to NASD Rule 2910(Disclosure of Financial Condition to Other Members);Other Members); Any member of the Association who is Any member of the Association who is a party to an open transaction or who has on deposit cash a party to an open transaction or who has on deposit cash or securities of another member shall furnish upon written or securities of another member shall furnish upon written request of the other member a statement of its financial request of the other member a statement of its financial condition as disclosed in its most recently prepared condition as disclosed in its most recently prepared balance sheet balance sheet

21.04.200321.04.2003 2424

Disclosure for SF’s Customers-IVDisclosure for SF’s Customers-IV Regulatory Risk Disclosure-NASD Public Regulatory Risk Disclosure-NASD Public Disclosure ProgramDisclosure Program

The reported information is publicly available and has falls into The reported information is publicly available and has falls into two broad categories: two broad categories:

AdministrativeAdministrative - information about the types of business a firm - information about the types of business a firm engages in, background information about a firm or broker, engages in, background information about a firm or broker, registrations and licenses held, etc registrations and licenses held, etc

• DisclosureDisclosure - information about regulatory and disciplinary actions, - information about regulatory and disciplinary actions, criminal proceedings, certain civil and financial proceedings and, in criminal proceedings, certain civil and financial proceedings and, in the case of brokers, customer complaints and related arbitration or the case of brokers, customer complaints and related arbitration or judicial proceedingsjudicial proceedings

• That is not enough;That is not enough; there is no sufficient disclosure periodic there is no sufficient disclosure periodic financial reports and the risk management evaluations, diciplinary financial reports and the risk management evaluations, diciplinary information can represent only current and historical legal problems. information can represent only current and historical legal problems.

21.04.200321.04.2003 2525

Disclosure for SF’s Customers-VDisclosure for SF’s Customers-VRegulatory Risk Disclosure Exchange ActRegulatory Risk Disclosure Exchange Act

• Form BD; Form BD; • the uniform application for broker-dealer the uniform application for broker-dealer

registration,registration,• publicly available,publicly available,• The essential business information and legal The essential business information and legal

disclosures such as criminal disclosure, regulatory disclosures such as criminal disclosure, regulatory action discl. Etcaction discl. Etc

• Legal disclosures are well designed,Legal disclosures are well designed,• There is no sufficient disclosure periodic financial There is no sufficient disclosure periodic financial

reports and the risk management evaluations like reports and the risk management evaluations like NASD’s Public Disclosure Program.NASD’s Public Disclosure Program.

21.04.200321.04.2003 2626

Disclosure for SF’s Customers-VIDisclosure for SF’s Customers-VIRegulatory Risk Disclosure Exchange ActRegulatory Risk Disclosure Exchange Act

• Section17(e)(1)(B) and Rule 17a-5(c);Section17(e)(1)(B) and Rule 17a-5(c);

• A broker-dealer that carries customer accounts A broker-dealer that carries customer accounts must generally send its full balance sheet must generally send its full balance sheet (including footnote disclosures required by (including footnote disclosures required by GAAP) to each of its customers twice a year GAAP) to each of its customers twice a year (once audited and once unaudited)(once audited and once unaudited)

• a footnote disclosing the amount of net capital a footnote disclosing the amount of net capital the broker-dealer held as of the balance sheet the broker-dealer held as of the balance sheet date and the minimum amount of required net date and the minimum amount of required net capital the broker-dealer to hold as of that date.capital the broker-dealer to hold as of that date.

21.04.200321.04.2003 2727

Disclosure for SF’s Customers-VIIDisclosure for SF’s Customers-VIIRegulatory Risk Disclosure Exchange ActRegulatory Risk Disclosure Exchange Act• SEC Proposed Rule, Release No. 34-46920; SEC Proposed Rule, Release No. 34-46920; the the

proposed amendments would allow a broker-dealer proposed amendments would allow a broker-dealer that elects to take advantage of the exemption that elects to take advantage of the exemption instead of sending its full balance sheet, instead of sending its full balance sheet,

• to send a financial disclosure statement, consisting to send a financial disclosure statement, consisting of its net capital information and information on of its net capital information and information on how to obtain its full balance sheet, to its customers how to obtain its full balance sheet, to its customers twice a year, twice a year,

• as long as the broker-dealer also posts its balance as long as the broker-dealer also posts its balance sheet on its website and promptly sends its balance sheet on its website and promptly sends its balance sheet to its customers who request it via a toll-free sheet to its customers who request it via a toll-free number.number.

21.04.200321.04.2003 2828

Disclosure for SF’s Customers-VIIIDisclosure for SF’s Customers-VIIIIn TURKEYIn TURKEY

• SFs disclose their semi-annual and SFs disclose their semi-annual and annual financial reports without annual financial reports without detailed info.This disclosure could not detailed info.This disclosure could not get much attention in investment get much attention in investment community.community.

• These reports also do not include the These reports also do not include the risk assessment of the firm for risk assessment of the firm for example the relevant reports do not example the relevant reports do not provide information of the capital provide information of the capital adequacy reports. adequacy reports.

• The independent audit reports is also The independent audit reports is also unobtainable material by the unobtainable material by the investors.investors.

• Investors have no inspection rights Investors have no inspection rights related to the latest financial related to the latest financial information of the SFs.information of the SFs.

21.04.200321.04.2003 2929

Disclosure for SF’s Customers-IXDisclosure for SF’s Customers-IXIn TURKEYIn TURKEY

• A SF customer can get some A SF customer can get some information from the the Board and information from the the Board and the ISE web-sites which contain the the ISE web-sites which contain the essential business information of SFs essential business information of SFs such as business address, phone such as business address, phone numbers, branches, the name of the numbers, branches, the name of the CEO, the final criminal sanctions etc.CEO, the final criminal sanctions etc.

• The information about the SFs is The information about the SFs is very limited for the average very limited for the average investors.investors.

21.04.200321.04.2003 3030

Regulation RecommendationsRegulation Recommendations General Disclosure Form-I General Disclosure Form-I

• As a part of broader disclosure concept, the Board may adopt a As a part of broader disclosure concept, the Board may adopt a General Disclosure FormGeneral Disclosure Form.The form should include,.The form should include,

-the essential business information(business history- ownership -the essential business information(business history- ownership structure, names-address-phones-branches-BoD-CEO-licences-structure, names-address-phones-branches-BoD-CEO-licences-foreign investments etc)foreign investments etc)

-the latest legal problems and the information on any past -the latest legal problems and the information on any past securities violations of the SF, like Form BD and Form U-4 securities violations of the SF, like Form BD and Form U-4

--the latest financial information (the latest audited financial the latest financial information (the latest audited financial information and capital adequacy report results, the summary information and capital adequacy report results, the summary of the latest risk management reports),of the latest risk management reports),

-The Form should be updated and easy to reach via internet -The Form should be updated and easy to reach via internet and customers e-mailand customers e-mail

-The Form should send the customers on a quarterly basis.-The Form should send the customers on a quarterly basis.

21.04.200321.04.2003 3131

Regulation RecommendationsRegulation Recommendations General Disclosure Form-IIGeneral Disclosure Form-II

- As a broader disclosure concept,- As a broader disclosure concept, g general eneral disclosure form referring a publicly available disclosure form referring a publicly available document covering both the diciplinary document covering both the diciplinary information and the latest financial information information and the latest financial information including the securities firm’s overall risk including the securities firm’s overall risk assessment.assessment.

- As a specific part of the broader disclosure idea, - As a specific part of the broader disclosure idea, the concept of risk-based disclosure has hybrid the concept of risk-based disclosure has hybrid characteristics; importance of the characteristics; importance of the implementation of the effective risk implementation of the effective risk management and control systems and the risk-management and control systems and the risk-based disclosure to current and prospective based disclosure to current and prospective customers of securities firms. customers of securities firms.

21.04.200321.04.2003 3232

The Role Of Regulators in The Role Of Regulators in Risk ManagementRisk Management• CMB have heavily focused its CMB have heavily focused its

traditional jobtraditional job;;market market surveillance,setting levels of capital surveillance,setting levels of capital reserves, auditing of firms’ etc.reserves, auditing of firms’ etc.

• Risk management needs Risk management needs particular attention.particular attention.

• CMB may promote the better risk CMB may promote the better risk management practices in the management practices in the industry; seminars, training programs, industry; seminars, training programs, and a regulation. and a regulation.

21.04.200321.04.2003 3333

Regulation Recommendations-IRegulation Recommendations-I

• We believe that either the article 32 of the Serial:5, Number:46 We believe that either the article 32 of the Serial:5, Number:46 or an independent regulation of the Board should contain these or an independent regulation of the Board should contain these additional points in the below related to the effective use of additional points in the below related to the effective use of risk management technics in the SFs.risk management technics in the SFs.

-the clear definition and the purpose of risk management-the clear definition and the purpose of risk management– the clear definitions of the responsibilities of the risk the clear definitions of the responsibilities of the risk

management unit,management unit,– the requirement of SF guidance and guidance from the requirement of SF guidance and guidance from

supervisors should cover both internal accounting controls supervisors should cover both internal accounting controls and risk management and controls, and risk management and controls,

– the requirement of the each SF has to establish its the requirement of the each SF has to establish its independent risk management unit and organizational independent risk management unit and organizational structure of a SF must provide adequate resources to the structure of a SF must provide adequate resources to the unit unit

21.04.200321.04.2003 3434

Regulation Recommendations-IIRegulation Recommendations-II

- the requirement of the each SF has to define both its firm-- the requirement of the each SF has to define both its firm-specific risks and general risks (such as market risk, interest specific risks and general risks (such as market risk, interest rate risk, liquidity risk, legal risk etc),rate risk, liquidity risk, legal risk etc),

-the requirement of the independent risk management unit -the requirement of the independent risk management unit should support by the independent staff named as risk should support by the independent staff named as risk managers,managers,

-the requirement of the each risk controller must be licensed by -the requirement of the each risk controller must be licensed by the Board, the Board,

- - the requirement of the each SF has to define both its firm-specific the requirement of the each SF has to define both its firm-specific risks and its risk exposures, risks and its risk exposures, the requirement of the risk the requirement of the risk management unit of a SF has to report impact and likelihood management unit of a SF has to report impact and likelihood analysis on a periodical basis, analysis on a periodical basis,

- the requirement of the summary basis disclosure of the risk - the requirement of the summary basis disclosure of the risk management report to the prospective customers and other related management report to the prospective customers and other related parties parties

21.04.200321.04.2003 3535

Regulation Recommendations-IIIRegulation Recommendations-III

– the requirement of the summary basis report delivery the requirement of the summary basis report delivery to the current customers on a quarterly basis, to the current customers on a quarterly basis,

– audit requirement to the quarterly basis risk audit requirement to the quarterly basis risk management reports, management reports,

– requirement of the risk management reports should requirement of the risk management reports should prepare and send to CEO of a SF in a daily, weekly, prepare and send to CEO of a SF in a daily, weekly, monthly, quarterly, semi-annually and annually basis. monthly, quarterly, semi-annually and annually basis. **The SF must define the contents of each report type The SF must define the contents of each report type according to its own needs and risk management according to its own needs and risk management goals. goals.

– The mThe monthly and quarterly risk management reports onthly and quarterly risk management reports should also send the Board as a summary basis. should also send the Board as a summary basis.

21.04.200321.04.2003 3636

Regulation Recommendations-IVRegulation Recommendations-IV

• The management of the firm should announce The management of the firm should announce its current or prospective customers whether its current or prospective customers whether there is a serious problem or not in terms of there is a serious problem or not in terms of firm’s risk exposure. firm’s risk exposure.

• Semi-annual and yearly basis internal risk Semi-annual and yearly basis internal risk management reports can also overview by a management reports can also overview by a audit firm in a part of its usual audit process.audit firm in a part of its usual audit process.

• In addition to other information explained in In addition to other information explained in subsection 7.1., esubsection 7.1., essential points of report should ssential points of report should also disclose to the public as part of the firm’salso disclose to the public as part of the firm’s latest financial condition.latest financial condition.

21.04.200321.04.2003 3737

Regulation Recommendations-VRegulation Recommendations-V

– The report should cover and the answer all points The report should cover and the answer all points related with the risk management such as,related with the risk management such as,

Whether the data produced by the internal accounting Whether the data produced by the internal accounting system is accurate, system is accurate,

Whether all risk types are covered and all current and Whether all risk types are covered and all current and potential problems related those risks are presented in potential problems related those risks are presented in the report,the report,

whether balance sheet risks are suitable to the firm’s whether balance sheet risks are suitable to the firm’s risk management goals or risk profile, in other words risk management goals or risk profile, in other words whether the firm expose excessive risks,whether the firm expose excessive risks,

whether there is a outstanding trend or significant whether there is a outstanding trend or significant changes in a particular risk type and overall risk level of changes in a particular risk type and overall risk level of the firm, the firm,

21.04.200321.04.2003 3838

Regulation Recommendations-VIRegulation Recommendations-VI whether pwhether potential risk exposure and capital of the firm otential risk exposure and capital of the firm

periodically overviewed by using the stress tests, scenario periodically overviewed by using the stress tests, scenario analysis and other risk management technics,analysis and other risk management technics,

whether SF has sufficient capital proportional to its risk whether SF has sufficient capital proportional to its risk level,level,

whether there is a material inadequacies, breakdowns or whether there is a material inadequacies, breakdowns or extra-ordinary developments in the system, extra-ordinary developments in the system,

whether there is an unexpected events made negative whether there is an unexpected events made negative impacts to the business such as serious civil action or a impacts to the business such as serious civil action or a regulatory action,regulatory action,

whether there is a negative expectation related to whether there is a negative expectation related to securities business and its potential impacts to the securities business and its potential impacts to the balance sheet of the SF,balance sheet of the SF,

21.04.200321.04.2003 3939

Regulation Recommendations-VIIRegulation Recommendations-VII whether there is a problem in whether there is a problem in

terms of the Board’s risk terms of the Board’s risk management criteria such as management criteria such as negative developments in the negative developments in the capital adequacy reports in the capital adequacy reports in the near future,near future,

Whether audit firm approve the Whether audit firm approve the results of the quarterly basis risk results of the quarterly basis risk management report. management report.

21.04.200321.04.2003 4040

SOME REALITIES SOME REALITIES

• Risk management and controls are not a substitute for  Risk management and controls are not a substitute for  adequate capital requirements and they could not adequate capital requirements and they could not enough for systemic risk management.So, shows must enough for systemic risk management.So, shows must go on. go on.

• It could not easy to achieve regulatory objectives of It could not easy to achieve regulatory objectives of the Board by using risk management and control the Board by using risk management and control systems and disclosure as policy instruments, if the systems and disclosure as policy instruments, if the auditing system does not really work well. auditing system does not really work well.

• As a value added activity, strong internal control and As a value added activity, strong internal control and risk management environment protects SFs from risk management environment protects SFs from unexpected losses and capital inadequacy unexpected losses and capital inadequacy problems.BUT, if you have not sufficient control culture problems.BUT, if you have not sufficient control culture or your senior management does not really care it, this or your senior management does not really care it, this is just a best wishes.is just a best wishes.

21.04.200321.04.2003 4141

THANKS…THANKS…