Basel II and Risk Mgmt

7/31/2019 Basel II and Risk Mgmt

1/6

254 The Chartered Accountant August 2006

B a n k i n g & F i n a n c e

Basel II and Risk Management

Bank or International Settlements (BIS), abank created in the 1930s to manage andmonitor the repatriation rom the war in

Europe would have hardly thought that it wouldgo on to provide guidelines or the risks thatbankers ace the world over. BIS is, today, one othe most ormidable institutions in economicsand nancial sector.

In June 2004, the BIS nalised Basel II, ater veyears o industry and regulatory consultation.

The objective behind this regulation is to alignregulatory capital measures with the inherentrisk prole o a bank considering credit, market,operational and other risks.

First Step

Basel I recommendation was the frst among theseries o reorms suggested. The greatest drawbacko the Basel I proposal was that it prescribed a one-fts-all solution or all circumstances and ocusedon single risk to measure credit and market riskcapital adequacy ratio. It does not cover themain risk element Operational Risk. BIS defnesoperational risk as, the risk of loss resulting from

inadequate or failed internal processes, people andsystem or from external events.In short, operationalrisk identifes:

a. Why loss has happened, and

b. A breakdown o the causes into:

People

Process

System, and

External events

Basel II and Its Basic Architecture

Even though India has one o the strongestbanking systems compared to many peer groupcountries, our credit, market and operationalrisk measurement and management system islagging behind the banks o many developedcountries. Basel II implementation willcertainly improve the working eciency and

competitiveness o Indian banks.Basel II provides a more comprehensive and

exible approach or measuring and managingrisk. It adds a new dimension called operationalrisk and encourages the banks internal riskmanagement methodologies. The new accordis based on three pillars:

Pillar 1: Minimum Capital Requirement:The minimum capital requirement is still kept at8% o risk weighted assets. This lays emphasis

on regulatory requirement or credit, marketand operational risk.

Globalisation is the most important actor shaping todays world. India is no excep-

tion. The nancial segments are gearing up to ace the global competitive environ-ment by initiating reorms by adopting prudential norms, best practices in corporategovernance, internal control and risk-based auditing. There is a sea change in theworking o banks. Risk management has become a new emerging tool used by banksor their sustainability. Basel II compliance and risk management in banks go hand-in-hand. The industry is gearing up to implement the standard. This article ofers aninsight into the concept o Basel II and the challenges involved.

(*The author is the Associate Professor, Depart-

ment of Economics, Jamia, New Delhi.

**The author is working as Company Secretary

with Engineers India Ltd. They can be reached

at [email protected])

- Dr. Halima Sadia Rizvi*

- R. Soundara Rajan**


2/6

The Chartered Accountant 255August 2006


To deal with the credit risk, Basel II suggests

the ollowing approaches:

a. Standardised Approach

b. Foundation Internal Rating Based (IRB)approach

c. Advanced Internal Rating Based (IRB)approach

The rst approach requires allocation orisk weight to each o the assets. Bank mayuse external credit assessment institutionsor determining risk weights. The latter twoapproaches require assessment by banksinternally using sophisticated models.

Pillar 2: Supervisory Review: Thesupervisory review process needs to ensurethat each nancial institution adopts efectiveinternal processes or risk management. The

supervisory process is based on the ollowingprinciples. Banks to have:

a. A process or assessing the capital adequacybased on the risk prole,

b. Strategy or maintaining the capital levels,

c. A system to evaluate and monitor the capitalrequirement and ensure compliance,

d. Mechanism to intervene, prevent at early

stage, the capital rom alling below theminimum levels.

Pillar 3: Market Discipline: This pillar

emphasises the basic need o corporategovernance and efective use o market disciplineby enhanced disclosure. The comparison oBasel I with the enhanced Basel II standard isgiven in the ollowing table 1.

Operational Risk

The key diference o the new accord is the

introduction o operational risk. This is not anew practice. However, the growing number ooperational loss events worldwide has orced themanagement o the banks to look into this aspectmore critically to prevent any rauds, reduce errorsby implementing controls as a part o operatingprocess. Evolving banking practices suggest thatthe risk other than credit and market risks canbe substantial. The importance o operationalrisk has increased due to the ollowing changes

in operation and introduction o sophisticatedmethods and technology.

a. Highly automated technology, iuncontrolled can cause system ailure. Theloss may be much more as compared tomanual system.

b. Emergence o E-banking and E-commercehas potential or internal, external raud andsystem securities issues. This needs soundinternal controls and back up systems.

c. Large-scale acquisitions, mergers andconsolidations test the viability o integrated

Capital adequacy ratio = Total Regulatory capital Tier I + Tier II + Tier III

Risk weighted assets (Credit + Market + Operational)

Basel I Basel II

Focused on Single risk Measure More emphasis on banks own internal risk managementmethodologies, supervisory review and market discipline

One-size-ts- all Flexibility; Menu o approaches; Capital incentive or better

risk management; Granularity in the valuation o assets andtype o business and in the risk prole o their systems andoperations

Broad Brush structure More risk sensitive; multi-dimensional; ocus on all operationalcomponents o banks

Table 1: Comparison o Basel I and Basel II standardsSource: The new Basel capital accord: an explanatory note, BIS


3/6



system and HR practices.

Basel committee has identied the ollowingtypes o operational risks:

People Risk connected with place-ment, competency, work environmentand motivation

Process Risk connected with errorsin processing, complexity o process,documentation and contract, violationo controls, money laundering, rauds,model and methodology errors

Regulatory risk connected with ailingto comply with laws

Technology risk connected with sys-tem and technology ailure

Event Risk unanticipated changes inexternal environment.

Reputation Risk

Steps or Implementing Risk Management

Broadly the ollowing steps are ollowed toimplement the risk management system.

Study the existing process organisation-wide and identiy the risk that matters.

Classiy the risk according to criticality

Set up systems and controls or monitoringand reporting to management

The rst step towards the risk assessmentis to identiy the risk elements. Normally the

organisations appoint risk consultants tostudy and identiy the various risks pertainingto the diferent processes. This step involvesinteraction with various groups by organisingworkshops/meetings. Risk events are associatedwith people, process, and technology. They arerecognised by experience, judgment, intuitionand regulatory requirement. Diferent types orisk exposures thus identied are listed in matrixorm in which risk/ exposures are categorisedaccording to event/process in a business line.

Each risk element is classied according to itsrequency and severity as given below:

o High requency High Severity

o High requency Low Severity

o Low requency High Severity

o Low requency Low Severity

For this purpose, each risk isassociated with the probability orisk. This may require expertise, pastdata and judgment in the event oloss, and a methodology or ndingthe value to be established. This iscalled Value at Risk (VAR).

Next, internal controlsor averting the loss is to beimplemented. The existing internalcontrol is studied and a gapanalysis is perormed. Monitoring

risk should be an integral part othe process. Senior managementshould regularly receive risk and internalcontrol weakness and it has to be put up tothe board ater review by audit committee.As per the proposed listing agreement withstock exchanges, it is mandatory or the CFOand CEO to certiy annually in the inancialstatements that the organisation has a riskmanagement system. Normally, InternalAudit plays a key role in surveillance unction.

The risk management system should have aprocess or mitigation o risk.

Operational Risk

People Risk

Process Risk

System Risk

Event Risk

Reputation Risk

Legal Risk

Fig 1: Types o Operational Risk


4/6



Basic Requirement or SoundImplementation

Basic requirement or efective implemen-tation starts rom identiying risk that mattersand documenting the policies and procedures.

The next important requirement is the struc-ture that identies, tracks, and measures therisk, and reports it to senior management. Theabove ramework should be validated periodi-cally. A sound database has to be developed ortracking and analysis. The basic requirement orimplementation is given in Fig 2 below:

The backbone o Basel II implementation

is the strong internal control system andsupervisory control. It is essential to have a soundinternal control or efective implementation.

The basic reasons or the breakdown o internal

control is given in Fig 3.

Basel II Drivers

The rst and most important driver isthat implementation has to cover all areas obusiness processes and operations. Programmegovernance is the next important driver. Thisrequires that the role and responsibilities oeach individual has to be dened clearly. Thethird important driver o the Basel II accord is

to upgrade data and existing IT systems orconsistency across the organisation. It should be

compatible with existing system architecture.

Challenges and Issues

There are no two opinions on the purpose

and useulness o the proposed new accord.The techniques and methods suggested maypose certain challenges or the banks, speciallyin a developing country like India. Fig. 4 broadlyoutlines the challenges and issues.

Capital Requirement

The capital requirement will almost invariablyincrease in all banks. Although capital requirement

or credit risk may go down due

to adoption o more risk sensitivemodelssuch an advantage willbe more than ofset by additionalcapital charge or operational riskand increased capital requirementor market risk. This partly explainsthe current trend o consolidation inthe banking industry.

Architecture, Supervisory

Framework, TechnologyThe new standard is based on

international best practices andcalls or introduction o advancedrisk management system withwider application throughout the

organisation. It would be a Challenging taskto create the required level o technologicalarchitecture and human skill across theinstitution.

Supervisory cadre has to be properly trainedor understanding o critical issues or riskproling o supervised entities and validatingand guiding development o complex models.

They are required to prescribe higher than theminimum capital levels or the bank and ensurethat the minimum level is maintained by properinternal control and monitoring. Computationo probability o deault, loss given deault,migration-mapping and supervisory validation

require creation o historical database, which isa time consuming process.

Efective MonitoringAnd Reporting

Policies and procedures

Sound System oInternal Control

Testing and ValidationFrameworkOperational

Risk ProcessNeeds

Eforts to identiyAnd Measure Risk

Fig2: Basic requirements or Implementation


5/6



Corporate Governance Issues

Corporate governance is one o the keyelements in the Basel II Standard. The proposalunderscores the interaction between soundrisk management practices and corporategood governance. It is the responsibility othe board or setting the basic tolerance levels

or various types o risk. It should also ensurethat management establishes a ramework orassessing the risks, develops a system to relaterisk to the banks capital levels and establishesa method or monitoring compliance withinternal policies.

Other Factors

In case o unrated sovereigns,banks and corporates, the

prescribed risk weight is 100%,whereas in case o thoseentities with lowest rating, therisk weight is 150%. This maycreate incentive to remain un-rated.

Huge implementation costmay also impact protabilityor smaller banks

The new ramework providesor alternative approachesor computation o capital

requirement o various risks. Thismay result in high-risk assets owingto banks on standardised approach.Hence, the system as a whole may

maintain lower capital than warrantedand become more vulnerable.

Pillar 3 purports to enorce marketdiscipline through stricter disclosurerequirement. While admitting thatsuch disclosure may be useul orsupervisory authorities and ratingagencies, the expertise and ability othe general public to comprehendand interpret disclosed inormation is

open to question. Moreover, too muchdisclosure may cause inormation

overload and may even damage nancialposition o bank.

The new ramework is very complex anddicult to understand. It calls or revampingthe entire management inormation systemand allocation o substantial resources.

Thereore, it may be out o reach or manysmaller banks.

Basel II - What it Means and How Far theIndustry is Prepared or This

The new accord may bring orth not only theissues o risk measurement but also active riskmanagement. This may require a vast amount o

Absence o ControlStructure

Reasons or ControlBreakdowns

InadequateAssessmentRecognition

o Risk

InadequateCommunicationand Reporting

Inadequateand EfectiveMonitoring

System

Lack o ControlCultures

Fig3: Reasons or Control Breakdown

Risk Management

Issues & Challenges

CorporateGovernance

Incentive toRemain Un-rated

Absence oHistory Database

Capital

Requirement

SupervisoryFramework

Fig 4 : Issues and challenges or Basel II


6/6



historical data and advanced technique. Cost o implementationvaries rom $10 m to $150 m. This may be a huge cost ormedium and small banks.

According to a survey on Basel II A challenge and

opportunities to Indian bankingby FICCI:

a. 87% o respondents are condent o meeting thedeadline set or implementing Basel II guidelines byMarch 31, 2007.

b. The biggest challenge aced by banks is that o datacollection and building database and training thepersonnel.

c. Technology upgrade is perceived as one o thechallenges by banks and is estimated to incur capitalinvestment.

d. 77% are working hard to set the processes and robust

MIS to comply the pillar III requirement.

Conclusion

India has one o the strongest banking systems ascompared to many developing countries, but has to go a longway in technology dissemination and risk management. Theprecondition or Basel II implementation is that there shouldbe a suitably developed national accounting and auditingstandards and ramework, which are in line with the bestinternational practices. A minimum qualiying criteria orrms should be those that have a dedicated nancial services

or banking division and have proven ability to respond totraining and upgrades required o its own staf to completethe tasks adequately. It also calls or a new mindset, anorganisational culture to be developed and requires a loto investment in technology and training o personnel. Thismay be a daunting task or small and medium banks. Thismay trigger mergers and consolidation.

With the gradual implementation o banking reormsin India, Indian banking system has shown a lot oimprovement and has become robust and shown ample

resilience to shocks and turnovers in the economy. It ishoped that by March 31, 2007, we will be comparable tothe banks in developed countries.r

Even though India has one of the strongest

banking systems compared to manypeer group countries, our credit, marketand operational risk measurement andmanagement system is lagging behind thebanks of many developed countries.

Basel II and Risk Mgmt

Documents

Transcript of Basel II and Risk Mgmt