Building out a Robust and Efficient Risk Management - Alan Cheung
-
Upload
laszlo-arvai -
Category
Economy & Finance
-
view
242 -
download
0
Transcript of Building out a Robust and Efficient Risk Management - Alan Cheung
Building out a Robust and Efficient Risk Management
Provided by Alan Cheung,MBA,CFE,CEH
Purpose
• In this workshop training, we will cover the following:
List of key activities related to credit portfolio, risk reporting, credit risk coordination, and market risk
Important elements use to verify the efficiency of credit risk rating systems
Imperfection of measuring risk using Value-at-Risk (VaR) calculation
Credit Risk • Reviewing Credit Portfolio
Evaluate credit monitoring procedures, annual reviews, and risk ratings. Determine all ‘Watchlist’ and non-performing loans book in an entity are properly
monitored. Credit approvals – verifying that credit applications are properly approved and any
subject to the conditions are satisfied. Credit documentation – evaluate the completeness of credit and legal files, as well as
controls over safe keeping of legal and credit documentation.
Structured Product -Credit Derivatives are off-balance sheet financial statements that permit one party to transfer the risk of a reference asset, which it typically owns, to another one party (the guarantor) without actually selling the assets.-Through the use of Credit Derivatives, a financial institution can acquire new credit risk or hedge on existing one. For example, TROR is consist of an agreement by one counterparty to pay the total rate of return on a public by the traded asset, in exchange for stream of payments reflecting LIBOR plus a negotiated spread received from the other counterparty.
Risk Management – Capital Market
Monitoring of risk exposures developed in financial institution with objective of enhancing the overall efficiency of the control framework;
Approve the credit risk (client ratings, transactions, individual credit applications and Global limits) after initial approval by the concerned operational managers;
Collaborate with business lines to develop standardized calculation models for risk exposures in respect of products and trading activities, while taking account of settlement and collateralization effects;
Perform monitoring and reporting for major risks, counterparties on the watch list and provisions;
Operates and/or develops information systems used to calculate and monitor risk exposures in respect of financial institutional and market counterparties.
Market Risks Maintain continuous monitoring (independent from the Front Office)
of positions and risk exposures arising from the Group’s trading activities; verifies that positions and exposures are within set limits;
Establish the appropriate set of limits, approval and escalation process;
Define methodologies (VaR, sensitivity, stress testing, …etc.), validates valuation models, verifies market parameters, establishes risk monitoring procedures and determines reserves;
Defines the functionalities and supervises the development of databases and information systems used to measure market risk;
Generate consolidated view of reporting for regulatory authorities (e.g. FBNY, FSB) in respect of capital requirements for market risk and counterparty risk. It is important to have continuously monitoring and ensuring the reliability of reporting.
Credit Risk Rating Systems and Capital Requirements
Implementation and enforcement of governance rules for the Group’s credit risk rating system:
Development of cross-disciplinary models for use by multiple Business Divisions;
Standardization and validation of methods and models used within the Group; and,
Establishment of performance reporting on the internal rating system. Definition and functionality of methodology for calculation of economic and
regulatory capital for various categories of risk (e.g. credit, operational). Definition of methods for the measurement of capital by risk exposures, Facilitation and contribution to various project initiatives within the Risk Group
for capital measurement (stress testing, portfolio analysis,…etc.) Definition of related key processes
Determine key requirements (e.g. tools & process models) and regulatory constraints,
Coordinates and facilitates between Operations, Model, and Risk teams, projects to create or upgrade processes, notably including efforts to use risk management modelling in banking environments.
Support for Management Efforts
Establish a working group led by Operational Risk to coordinate the Firm’s response to a ‘potential’ risk event;
Incorporate key infrastructure areas (e.g. Financial Risk Management, Operations and Independent Validation team/Product Control);
The aim of the working group is to identify and review key controls on a firm-wide basis, encompassing;
The substance of existing reports, and their approval and escalation procedures; Existence of any large positions; and, Other areas which may be subject to this type of activity.
The Board Risk Management Committee should request that IAD undertake issues assurance of any remedial activities of the working group. In addition, IAD will provide management any information required as a result of previous audits and issues assurance work.
Imperfection of Value at Risk (VaR)Below is a summary of proposed audit coverage for trading desk across business units globally
due to imperfection of measuring risk using VaR calculation.
Business Area Parameters Comments
Daily Calculation of VaR (not monthly)
PricesCorrelation measures
Greek scenarios
Prices and correlation may not always be available on
the open markets
Counterparty Risk Analysis
Credit Default swaps
Credit Spread
Recovery rate
Must not exceed specific thresholds
Trend AnalysisMTM on
exposureDashboards
Reference on CBOE
Determine if the patterns are aligned with the
business line strategies and risk appetite
ValuationIncome
Attribution
Independent Price
Verification
Pricing Models
All price changes/inputs must be reflected
accurately to the P&L with support.
Market Risk Limits Limits ThresholdsChange
Management
Determine the limit breaches are increasing
exposure bets.
Risk Management – Credit & Market Risks
What uniquely distinguishes large financial institutions from other companies is their role in risk transfer and risk management.
As Walter Wriston famously said: “…managing risk … is the business of banking.”
Attributed to Walter Wriston, ex-CEO and Chairman of CitiCorp by the Economist in 1993 (“Survey of International Bankers: A comedy of errors” April 1993) though other sources also attribute the quote to John Pierpoint Morgan.
Market Risk Credit RiskThe bank’s assets are mostly invested in loans and securities (about 90% of average assets). These loans and securities have differing interest rate structures – some are fixed and some are floating. They also have different set of maturities.
The bank’s liabilities, deposits and borrowings also have differing maturities and interest rate characteristics. If the bank’s (asset-based) interest income structure is not properly aligned with the (liability-based) interest expense structure, the result is interest rate risk.
Market risk involves calculating risk that the value of a portfolio, either an investment portfolio or a trading portfolio, will decrease due to the change in value of the market risk factors.
Credit risk involves going through the financials of the clients and analyzing them with debt ratios ...etc. to determine credit quality.
Market risk focuses more on the trading desk's activities and stress testing/sensitivity analysis of current and prospective trades.
Credit risk involves looking at the financial statements of the company and analyzing their industry (e.g. Issuer credit risk requires a detailed understanding of how cash flows through a company and how leverage affects company health).
Market risk is typically measured over very short time periods (daily).
Credit risk is typically measured over a long time horizon (annually).
The five “C’s” of Credit - Capital, Capacity, Conditions, Collateral, and Character.
Key Differences between Market Risk vs. Credit Risk
http://Independentaudit.com
Risk Management
Challenges in Credit and Market Risk Areas
• The front office has sometimes breach assigned limits – this is particularly important because banks and large financial institutions have historically operated some proprietary trading or principal trading businesses which required close supervision given the risks being taken.
• Losses in the US structured credit business suggest that the business did not fully assess the risk taken on (although the market volatility was unusually high).
• The real estate portfolio in certain business units, for example, in Portugal, Ireland, Greece, and Spain, became overly leveraged and concentrated in property and construction.
• Missing the appropriate monitoring and escalation process for timely alerts and awareness of the potential limit breaches to senior management.
• Lack of senior management oversight and governance over market risk stress testing.
• Incomplete review of stress methodologies, including VaR and Non-VaR type.
• Data integrity and manual intervention processing.
http://dilbert.com
Risk Management
How management should address Credit and Market Risks?
Reinforcing the risk culture and business ownership of risk and embedding the risk appetite
Define the process for managing the control environment (e.g. create an internal control and assurance framework and key risk policies)
Provide a common language of risk terminology
Assign accountability for risks
Focus on ensuring the framework covers all risk types and articulates responsibilities
Strengthening the control functions
Audit Considerations on Credit and Market Risks
Development of a formal risk appetite process for financial risks The establishment of authorities, limits and governance (e.g. policies
and procedures) Develop credit portfolio analytics Joint sign-off between market and credit risk Integrated daily Value at Risk (VaR) production Stress testing Reporting/Escalation
Risk Management: Challenges and Opportunities
• Internal Audit Resources‒ Training the auditors‒ Recruiting subject matter expertise, e.g., model risk experts, quants, actuaries‒ Using Data Analytics
• Increasing and changing regulatory expectations
• Blurring of the 1st and 2nd Line – Risk Management as a process owner
• Risk Management as an assurance partner
• Risk Convergence vs. Auditor Independence
• Beyond looking at the controls
• Internal Audit as the 3rd Line of Defense - Effective Challenge
• Be relevant