1 Advancing Risk Management by Financial Institutions The Case of Japanese Banks Tsuyoshi Oyama Bank...
-
Upload
anthony-george -
Category
Documents
-
view
214 -
download
0
Transcript of 1 Advancing Risk Management by Financial Institutions The Case of Japanese Banks Tsuyoshi Oyama Bank...
1
Advancing Risk Management
by Financial Institutions
The Case of Japanese Banks
Tsuyoshi Oyama
Bank of Japan
Workshop on Risk Management in Banking Sector
Shanghai, December 21, 2005
2
Agenda
Background of Banks’ Efforts to Enhance Risk Management and the BOJ’s Initiatives to Encourage These Efforts
Topics from the Sound Practices Papers and Discussions in the Seminars “Advancing Credit Risk Management through Internal Rating Sys
tems” “Advancing Operational Risk Management” “Advancing Integrated Risk Management”
3
Background of Banks’ Efforts
The experience of overcoming NPL problems since the 1990s…
Enhance the risk management of Japanese financial institutions particularly in the area of credit risk management
Entail stability of financial system, which led to the lifting of blanket deposit insurance in April, 2005
In this new environment, financial institutions are expected to develop further creative business services that meet the needs of customers through…
Assessing various risks not only in a conservative way but also in an accurate way.
In other words, financial institutions are expected to grasp effectively the various risks inherent in their business (e.g. economic value and its volatility of all the assets they possess and transactions they engage in), and also to establish a framework that manages these risks in an integrated way.
In addition, Basel II implementation surely pressures banks to intensify the above efforts.
4
Advancing Risk Management---Means What?
Our understanding of “advancing risk management”
Enhancing the communication tools among stakeholders (senior managers, risk managers, shareholders, regulators, etc.) to reach a consensus view of risk profile and amounts.
Not necessarily indicating a more use of Greek letters and math formula
What banks need is more objective and more persuasive tools to assess risks
Objective and persuasive risk assessments lead to higher transparency of risk management process and thereby clarify the responsibility associated with risk taking activities help ensure the direction toward improving risk management.
There are no best practices of banks’ risk management, which could differ depending on their facing environments need to establish the incentive mechanism to ensure the direction toward improving risk management.
5
The Bank of Japan released the following three papers at the end of July, 2005.
Advancing Credit Risk Management through Internal Rating Systems
Advancing Operational Risk Management
Advancing Integrated Risk Management
HP : http://www.boj.or.jp/en/set/05/set_f.htm
These papers draw on the issues and measures, on which the Bank of Japan intends to use to start in-depth discussions of risk management with financial institutions at the time of our on-site examinations and off-site monitoring.
Main subjects of the three papers roughly correspond to the issues of implementing IRB, AMA and Pillar II under the Basel II
BOJ’s Initiative (1) -- Publication of Sound Practices Papers
6
The Bank of Japan established the Center for Advanced Financial Technology in July, 2005.
One major mission of this new organization is to develop the third channel, besides on-site examinations and off-site monitoring, to communicate with banks about the risk management framework and methods.
Using the three sound practice papers as the main subjects, the Center has already hosted:
2 seminars for the large number of financial institutions focusing on overall risk management issues that are dealt with by three papers, and
12 seminars for regional banks (20—30 banks for each) focusing on the issues that are dealt with by one paper for each seminar.
BOJ’s Initiative (2) -- Hosting a Series of Seminars for Banks
7
BOJ’s Organizational Changes and Setting up the Center for Advanced Financial Technology
< Before > < After July 8th >
Financial Systems Dept.
Policy Planning
International Issues
Bank Examination and Surveillance Dept.
Policy Implementation
On-site Examination
Off-site Monitoring
Financial Systems and Bank Examination Dept.
Center for Advanced Financial Technology(Newly Established)
Planning and Implementation
International Issues
On-site Examination
Off-site Monitoring
8
Advancing Risk Management---Its Relation with Basel II
The concept of “advancing risk management” is in line with “successfully implementing Basel II”
The concept of Basel II that strongly pushes banks toward the direction of assessing risks “more precisely” and “transparently” in a “self-disciplined” manner is completely shared by us when advocating for the need of advancing risk management.
Our strategy is to capitalize on, to the maximum, the implementation of Basel II and its accompanying momentum of advancing risk management among banks.
The greatest challenge for us is how to convince banks of the need and usefulness of advancing risk management “by themselves” in “a flexible manner” and thereby avoid the case where banks seek for an excessively detailed “one-size-fits-all” type guidance.
9
I. “Advancing Credit Risk Management
through Internal Rating Systems”
10
SPP-I: “Advancing Credit Risk Management through Internal Rating Systems”
Contents
Architecture of internal rating system
Rating process and rating models
Estimation of risk components
Uses of internal rating systems
Validation of internal rating systems
Quantification of credit risk
The paper tries to show our thinking of sound practices, being compared with current practices of major banks and thereby facilitate small banks to consider them as the real world cases.
11
Framework of Advancing Credit Risk Management
Migration matrix
Probability of default(PD)
Internal use
Ris
k C
omp
one
nts
Loss given default(LGD)
Exposure at default(EAD)
CorrelationC
alcu
latio
n
of
cre
dit
risk
am
ou
nt
Exp
ect
ed
lo
ss (
EL
)U
nexp
ect
ed
lo
ss (
UL
)
Stress testingPortfolio
monitoring
Provisioning
Pricing
Profit management
Capital allocation
Quantification of credit risk
Reporting tothe Board
Internal ratingQuantitative evaluation
Financial data
Qualitative evaluation
<Internal rating systems>
(Major discussion points in the seminars) Definition of default, consistent treatment of counterparty risks of market transactions, data integrity required for estimating risk components, concentration risk control measures using UL outcome, etc .
12
Assessing Ratings
Quantitative rating model
Borrower’s financial
data
123456789
10
123456789
10
123456789
10
Final Rating
Rating mitigation after 1 year
PD per rating grade
Initial evaluation (tentative)
・・・・
・・・・
Process of internal Ratings
Estimation of PD
Needs attention
Bankrupt
default
Quantitative evaluation Qualitative evaluation
Borrower’s qualitative information
Normal
1. Model estimating PDs of obligors (Logit or Probit model ) 2. Model estimating external ratings 3. Hybrid model of 1. and 2.
<Statistical model>
0%
20%
40%
60%
80%
100%
-5 -4 -3 -2 -1 0 1 2 3 4 5
PD
Score based onfinancial information
13
Quantitative and Qualitative Information Used for Rating Assignment
Type of factor Example
Size of operation Amount of capital and net assets
Safety Current ratio, capital adequacy ratio, and current account balance ratio
Profitability Return on assets, operating profit on sales, years required to pay back interest-bearing liabilities, and interest-coverage ratio
Others Rate of growth in sales and profits
Type of factor Example
Industry Growth potential, size of market fluctuation, and entry barriers
Firm Relationship with parent companies or firms with capital tie-ups, management ability, and existence of external audit
Examples of Quantitative Factors Examples of Qualitative Factors
Type of factor Real estate finance Project finance
Quantitative factors
Credit-extension period, LTV, and DSCR
Credit-extension period and DSCR
Qualitative factors
Characteristics of real estates (e.g., locational conditions), adequacy of cash flow schedule, and risks attached to the sponsor of the project
Risk attached to the project (e.g., risks attached to the sponsor and operator of the project, and the risk of being unable to complete the project) and transfer risk
Examples of Factors Determining Facility Ratings
14
What Factors Determine the Ratings?
One dimensional system bases facility ratings on borrower ratings and makes upward or downward adjustments to the grades as necessary to reflect the characteristics of the loan transaction concerned.
A two‑dimensional system combines borrower ratings with evaluation of the features of individual loan transactions independent of borrowers (e.g., ratings based on LGD).
Grade
1
2
3
…
…
9
10
Grade
1
2
3
…
…
9
10
Grade
A
B
C
…
…
I
J
Borrower ratings (1 to 10) Facility ratings (A to J) (One-dimensional system)
Bor
row
er
ratin
gs
Facility ratings (A to J) (Two‑dimensional system) Ratings based on LGD
Grade 1 2 3 … 7 8 1 A 2 B 3 C … D
… …
I
9 I J 10
Bor
row
er
ratin
gs
(Major discussion points in the seminars) The need and usefulness of facility rating given the widespread use of unique pledge system in lending, i.e. “pooled collateral system” where each collateral is not linked to each transactions but to each borrower.
15
How to Validate Rating Model?
0
100
CAP curve of a perfect model
CAP curve of random model(no discriminatory power)
CAP curve of a model being evaluated
(%)
A
B
A model has more accuracy as the curve moves to the upper left
Rat
io o
f cu
mul
ativ
e nu
mbe
r of
defa
ulte
d fir
ms
100 (%)
Score
Non-defaulted firmsDefaulted
firms
Numberof firms
Area (B)Area (A) + Area (B)AR =
14.8 74.7 3.8 2.6 2.1 1.6 0.4 0.0 0.0 8
3.2 20.0 47.8 18.9 6.8 2.8 0.5 0.0 0.0 7
1.1 9.5 16.0 43.9 20.4 7.5 1.5 0.1 0.0 6
0.5 4.5 6.0 15.7 44.0 24.5 4.4 0.4 0.0 5
0.3 1.9 2.5 4.4 13.1 63.1 13.3 1.4 0.0 4
0.0 0.8 1.0 1.5 4.2 13.9 66.5 11.9 0.2 3
0.1 0.2 0.2 0.3 0.7 3.3 15.1 75.4 4.7 2
0.0 0.5 0.5 0.3 0.4 0.3 2.1 12.8 83.1 1
テ ブォルト8 7 6 5 4 3 2 1
14.8 74.7 3.8 2.6 2.1 1.6 0.4 0.0 0.0 8
3.2 20.0 47.8 18.9 6.8 2.8 0.5 0.0 0.0 7
1.1 9.5 16.0 43.9 20.4 7.5 1.5 0.1 0.0 6
0.5 4.5 6.0 15.7 44.0 24.5 4.4 0.4 0.0 5
0.3 1.9 2.5 4.4 13.1 63.1 13.3 1.4 0.0 4
0.0 0.8 1.0 1.5 4.2 13.9 66.5 11.9 0.2 3
0.1 0.2 0.2 0.3 0.7 3.3 15.1 75.4 4.7 2
0.0 0.5 0.5 0.3 0.4 0.3 2.1 12.8 83.1 1
テ ブォルト8 7 6 5 4 3 2 1
Rating at the end of the year
Rat
ing
at
the
begi
nnin
g of
the
year
Check the order of migration rate from rating 1 to other ratings
Check the order of default rates
Check the order of migration rate to rating 7 from other ratings
Default
(Example 1)
(Example 2)
Many banks including major ones are still seeking for the appropriate validation methods of internal rating systems and risk components.
16
Use of Internal Rating Systems
Use of Internal rating systems
(Loan Origination)
Setting upper credit limits based on rating grades
Setting authority ranks for loan approval by rating grade
Simplifying the loan review process for higher‑graded borrowers
(Monitoring)
Monitoring individual borrowers based on rating grades
Monitoring the overall loan portfolio
Uses of PD for each rating grade
Quantification of credit risk and allocation of capital
Pricing of loan rates reflecting credit risk
Evaluating the economic value of loans
Many banks have already used the internal rating systems as indicated in the above with some exceptions such as facility rating.
17
II. Advancing Operational Risk
18
SPP-II: “Advancing Operational Risk Management ”
Contents Characteristics of op risk and the need to advance op risk management Overview of efforts to advance op risk management and the establishment
of an op risk management section Quantifying op risk Approaches to identifying and assessing op risk other than quantification
The paper tries to strike the right balance between the importance of advancing op risk management using e.g. risk quantification methods and the need to maintain the conventional op risk management by emphasizing their complementary characteristics.
19
Advancing Op. Risk --- Why Now?
Changes in the environment surrounding FIs’ operations Business diversification, more sophisticated financial technologies, widely used I
T and outsourcing.
The introduction of Basel II ( allocation of capital for op. risk)
Major disaster such as earthquakes, terrorist attacks and uncovering of serious corporate scandals (society is increasingly aware of the need for the firms’ management of op. risk).
New challenges
Need to manage op. risk more efficiently by identifying op. risk profile in a firm-wide manner and thereby putting some priority on their management.
Need to establish structures that can quickly detect heightened risk and respond appropriately before the risk materializes.
Need to create mechanisms for autonomous risk management in all sections of their operations.
20
Characteristic of Op. Risk
Forms of risk materialization
Direct loss, indirect loss or impact incurred to third parties
High frequency and low severity or low frequency and high severity
Causes of risk materialization
It is normally difficult to narrow down the factors causing such risk to materialize, and quite often, it only emerges when several factors come into play simultaneously.
Small‑scale problems occurring at relatively high frequency
Problems that do not occur
often but have severe consequences when they do occur
[Distribution of Losses Arising from the Materialization of Op. Risk]
Frequency
Amount of loss of losses
Frequency
[Distribution of Profits/Losses (Losses/Gains) Arising from the Materialization of Market Risk]
Amount of profits/losses
Profits/losses are distributed more or less symmetrically around the mean (close to zero)
21
Conventional Operational Risk Management Methods
Category Method
Multilevel checks and balances system
Reexamination and multiple signatory system
Segregation of duties
In‑house inspections
Insistence on record‑keeping
Standardization and streamlining of business procedures
Establishment of P&P
Institution‑wide guidance on business operations
Strengthening systems support
Discipline and motivation Human resource (HR) management and performance evaluations
Response to accidents and other problems
Implementation of measures to prevent recurrences
Internal audits Auditor section audits
22
Considerations of Op. Risk Management
The need to cover a wide range of events and activities
It is difficult to break down risk into the categories of exposure and risk factors.
The need for risk control in all sections within the institution
Op. risk exists in all sections throughout the institution.
The importance of risk management based on qualitative information
It is not always easy to manage them in a quantitative manner.
Reputational and systemic risk
It is necessary to take into consideration of the indirect loss and the effect on financial system.
(Major discussion points in the seminars) The need and merits of advancing op. risk management with risk quantification for regional banks, degree of independence of op risk control function, how to quantify op risk when facing lack of internal data and no external data, level of granularity of operational processes to be examined by CSA.
23
Establishment of an Operational Management Section
Functions of Operational Management Section
① Plan the op. risk management framework for the entire institution.
② Collect and analyze information on accidents and other problems, computer system malfunctions, and clerical errors arising in each section, then report to the management.
③ Examine the adequacy and consistency of processes and procedures (P&P).
④ Evaluate and guide the operational risk management situation.
Structure of Operational Management SectionIntegrated Risk Management Section
( system risk)IT System Planning SectionSystem Risk Management Section
Operational Management Section
Compliance Management Section
( operational ) ( compliance)
Computer CenterHead Office, Branch Office
①②
①②④
①②③
④
①④
○number: function weak relationship
Operations Planning Section
24
Quantification of Op. Risk
Considerations Appropriate collection, classification and update of loss data. Selection of model which is able to identify cases of losses with low
frequency but high severity. Setting group units for quantification. Introducing hypothetical data based on external data or scenario analyses
into quantitative models. Using qualitative data to revise the quantification results.
Loss amount per loss event
Number of loss events occurring per year
Frequency
Frequency distribution of loss events (per year)---e.g. Poisson distribution
Op. risk amount ((99.0%VaR)
Op. risk amount (99.9%VaR)
Annual cumulative loss amount
③ Cumulative loss amount distribution for one year
④
①
②
Frequency
Frequency
Distribution of loss amount per loss event---e.g. log‑normal distribution
25
Control of Self-Assessments and Key Risk Indicators
Control of Self-Assessments Individual sections or business lines within a financial institution evaluate inherent risk
and internal control conditions on their own ⇒ Results are coordinated and shared within the entire organization
Selecting multiple indicators that contribute to early detection of heightened risk
⇒ Monitoring of their movements, and reacting preemptively as necessary
▽ Example of indicator Operations : Business volumes, customers’ waiting time, number of clerical
errors, number of complaints received, etc. Computer systems : Number of malfunctions, number of steps in developing programs, utilization ratio of system devices such as CPUs, storages, network traffics, etc.
Key Risk Indicators
26
III. Advancing Integrated Risk Management
27
SPP-III: “Advancing Integrated Risk Management”
• Contents– Overview of integrated risk management at financial institutions– Integrated risk management for use: Issues to be addressed with high
priority– Other issues to be discussed for further enhancing the effectiveness of
integrated risk management– Use of integrated risk management in corporate management
• Some risks are very important for Japanese banks to address, but the methods for identifying them have not yet been established, and thus they are managed differently from one banks to another. The paper emphasizes the importance of incorporating these risks into banks’ integrated risk management framework as well as other traditionally well identified risks.
• Some good examples of the unique risks to Japanese banks are risk associated with preferred stock, risk associated with deferred tax assets and risk associated with loans to borrowers with strong relationship.
28
Framework of Integrated Risk Management
Risk is quantified using the statistical method based on the past data such as VaR.
Allocating hypothetical capital for internal control purposes to each section within the scope of total capital. Each section then manages the risk so that it does not exceed the allocated capital.
The profitability of each section is assessed in terms of return against risk.
・・・-
--・・・
---
Risk capital Quantified risk
Allocation of risk capital
Risk capital commensurate with credit risk
Regulatory capital
Credit risk
Market risk
Op. risk
Profits made by department each
section
Securing adequate capital relative to risk Assessing profitability of each department section in terms of
return against risk
Risk taking within the scope of risk capital
Risk capital commensurate with op. risk
Risk capital commensurate with market risk
29
Organizational Frameworks
Risk management section and treasury section have co-jurisdiction over integrated risk management.
It is desirable that risk management section is independent from the front line.
If difficult, it is essential to ensure that such risk management functions in the front line are subject to proper checks and balances through regular assessments by third-party, that is, internal audits.
< Example of an Integrated Risk Management System Using Cross‑Organizational Forums>
Executive committee, integrated risk management committee, etc.
Secretariat: Integrated risk management section, planning & finance section
Integrated risk management section
- Manages quantified risk aggregates- Manages overall market risk- Quantifies op. risk
Credit policy and planning section
- Manages overall credit risk
Operations & systems policy and planning section
- Manages overall op. risk excluding quantification
Compliance section
- Overall Compliance
---・・・
30
Identifying Risk
When identifying risk and risk amounts, it is important to consider the scope of risks to be covered, holding period, confidence interval, correlation between risks, and stress testing.
①Targeting risk: credit risk, market risk, interest risk associated with bonds, op. risk, etc. :
④Correlation between risks ⇒ Needs of verifying the stability of the correlation
frequency
amount of loss
Stress testing ・ Complementing the limit of VaR・ Focus of objectivity vs focus of flexibility
↑
Non-targeting risk ⇒ Needs of considering how to deal with these risks in the integrated risk management framework
③Confidence intervals (e.g. 99%, 99.9%, 99.97%) ⇒ Directly linked to management judgment
②Holding period: consistency with investment policies of assets ( e.g. credit risk and interest risk for 1 year and market risk for 3 months)
⑤Stress
31
Comparing Allocated Capital and Risk
<Sample Comparisons of Capital and Risk>
Reaction to the situation where the risk taken exceeds allocated risk capital is a litmus test of effectiveness of integrated risk management system
(Possible reactions)
• Simply reducing risk, or • Identifying the extent of capital inadequacy to be corrected, and drawing up (and
implementing) a concrete plan to eliminate it.
When the capital adequacy ratio falls to the regulatory minimum level, it is important to compare the part which exceeds minimum level and risk, and thereby identify statistically the probability of capital falling below 8%.
Risk Tier 1 capital
Tier 2 capital
Risk
Risk predicated on a 99% confidence level
Risk predicated on an X% confidence level
⇒Possibility that the capital adequacy ratio will fall below the 8% level with a probability of (100-X)%.
Capital equivalent to the 8% capital adequacy ratio
Total capital minus capital equivalent to the 8% ratio
32
How to Identify the Risk Associated with Loans to Borrowers with Strong Relationship
The issue is how to assess the risk of loan shifting from non-main to main bank at the time of the borrowers’ default due to special relationships between financial institutions and borrowers.
X非メイン先への返済が滞る→ X年後にメイン寄せの傾向
▽Timing of occurring risk associated with loans to borrowers with strong relationship (Image chart)
Credit exposure at non-main bank Credit exposure at main bank
( credit exposure )
With X years’ experience of some delay in repayment to banks, non-main banks tend to withdraw their loans, which has to be replaced by the main bank loans.
(Time)
▽Seniority and timing of repayment
Seniority B /S at credit bank
Borrowers’ rating status which triggers the repayment of each liability
high
Undernormal
Trade payable ( customer )
Cooperate bond (investors)
Needs attention
assetsBank borrowing (non-main bank)
Needs attention--In danger of bankruptcy
Bank borrowing (main bank)
equity low
33
Use of Integrated Risk Management for Business Strategy
Objective identification of risk-return• Estimating and monitoring risk-adjusted profit indicators at major banks.
• Using the profit ratios after credit costs as a part of evaluating performance.
Japanese banks including major ones have not yet reached the stage where they can use the profit after capital cost proactively to assess the performance (risk versus profitability) of individual sections or the efficiency of use of capital for the overall bank for several reasons.
(Major discussion points in the seminars) The need and merits of economic capital allocation for regional banks, factors to be considered when setting the confidence interval for risk quantification, difficulty of using risk/return based performance evaluation when business lines lack the means of proactively controlling risk of loan portfolio, degree of independence of integrated risk control function for regional banks.
Risk-adjusted profit indicators Profit after credit cost = net operating profit - credit cost. Profit ratio after credit cost = profits after credit cost ÷ risk capital. Profit after capital cost = profit after credit cost - risk capital x capital cost ratio.