Rating risk

26
Electronic copy available at: http://ssrn.com/abstract=1446264 Banking Risk Management in India and RBI Supervision Diksha Arora 1 PG Candidate, Class of PGDM-2010 BIMTECH, India Ravi Agarwal 2 Associate Professor of Finance BIMTECH, India This Draft: August 2009 JEL classification: E58, G21, G28 Keywords: Banking supervision, Bank risks, Risk management 1 www.dikshaarora.com , Birla Institute of Management Technology (BIMTECH), Greater Noida, India 2 Corresponding author, [email protected] , Birla Institute of Management Technology, Greater Noida, India. First author has developed a C++ program to arrive at a final risk matrix of a bank. Authors are grateful to the management and staff of Reserve Bank of India, New Delhi Regional office for their suggestions and support. All the errors are of authors. Kindly do not quote without permission.

Transcript of Rating risk

Page 1: Rating risk

Electronic copy available at: http://ssrn.com/abstract=1446264

Banking Risk Management in India

and RBI Supervision

Diksha Arora1

PG Candidate, Class of PGDM-2010

BIMTECH, India

Ravi Agarwal2

Associate Professor of Finance

BIMTECH, India

This Draft: August 2009

JEL classification: E58, G21, G28

Keywords: Banking supervision, Bank risks, Risk management

1 www.dikshaarora.com, Birla Institute of Management Technology (BIMTECH), Greater Noida,India

2 Corresponding author, [email protected], Birla Institute of Management Technology,Greater Noida, India.

First author has developed a C++ program to arrive at a final risk matrix of a bank. Authors aregrateful to the management and staff of Reserve Bank of India, New Delhi Regional office for theirsuggestions and support. All the errors are of authors. Kindly do not quote without permission.

Page 2: Rating risk

Electronic copy available at: http://ssrn.com/abstract=1446264

I. IntroductionThe etymology of the word "Risk" can be traced to the Latin word "Rescum" meaning Risk at Sea orthat which cuts. Risk is inherent in every walk of life. Banks are, by definition, in the business oftaking and managing risk. With growing competition and fast changes in the operating environmentimpacting the business potentials, banks are compelled to encounter various kinds of financial andnon-financial risks. Risk is associated with uncertainty and reflected by way of charge on thefundamental/ basic i.e. in the case of business it is the Capital, which is the cushion that protects theliability holders of an institution.

The various risks that a bank is bound to confront is divided into two categories namely business risksand control risks. Business risk involves the risks arising out of the operations of the bank, thebusiness it is into and the way it conducts its operations. It consists of 8 types of risks namely capital,credit, market, earnings, liquidity, business strategy and environmental, operational and group risk.Control risk measures the risk arising out of any lapses in the control mechanism such as theorganizational structure and the management and the internal controls that exist in the bank. Controlsrisk further consists of internal controls, management, organizational and compliance risk. These risksare highly interdependent and events that affect one area of risk can have ramifications for a range ofother risk categories. Thus, top management of banks should attach considerable importance toimprove the ability to identify measure, monitor and control the overall level of risks undertaken.

The three main categories of risks which have a mention in the capital accord are: Credit Risk, MarketRisk and Operational Risk. Credit risk, a major source of loss, is the risk that customers fail to complywith their obligations to service debt. Major credit risk components are exposure, likelihood ofdefault, or of a deterioration of credit standing, and the recoveries under default. Modelling defaultprobability directly with credit risk models remains a major challenge, not addressed until recentyears. Market Risk may be defined as the possibility of loss to bank caused by the changes in themarket variables. Market risk management provides a comprehensive and dynamic frame work formeasuring, monitoring and managing liquidity, interest rate, foreign exchange and equity as well ascommodity price risk of a bank that needs to be closely integrated with the bank's business strategy.Operational risk involves breakdown in internal controls, personnel and corporate governance leadingto error, fraud, and performance failure, compromise on the interest of the bank resulting in financialloss. Putting in place proper corporate governance practices by itself would serve as an effective riskmanagement tool. The practical difficulties lie in agreeing on a common classification of events andon the data gathering process.

Risk management in banking designates the entire set of risk management processes and modelsallowing banks to implement risk-based policies and practices. They cover all techniques andmanagement tools required for measuring, monitoring and controlling risks. The spectrum of modelsand processes extends to all risks: credit risk, market risk, interest rate risk, liquidity risk andoperational risk, to mention only major areas. For centuries bankers as well as their regulators haveassessed and managed risk intuitively, without the benefit of a formal and generally acceptedframework or common terminology. No longer is it sufficient to understand just the primary risksassociated with a product or service. They have to constantly monitor and review their approach tocredit, the main earning asset in the balance sheet.

Regulators make the development of risk-based practices a major priority for the banking industry,because they focus on ‘systematic risk’, the risk of the entire banking industry made up of financialinstitutions whose fates are intertwined by the density of relationships within the financial system.Banking failures have been numerous in the past, both in India and internationally. Banking failuresmake risk material and convey the impression that the industry is never far away from majorproblems. Regulators have been very active in promoting pre-emptive policies for avoiding individualbank failures and for helping the industry absorb the shock of failures when they happen. To achieve

Page 3: Rating risk

these results, regulators have totally renovated the regulatory framework. They are promoting andenforcing new guidelines for measuring and controlling the risks of individual players.

From the banks point of view risk based practices are so important, because banks being ‘riskmachines’, they take risks, they transform them, and they embed them in banking products andservices. Banks take risk-based decisions under an ex-ante perspective and they do risk monitoringunder an ex-post perspective, once the decisions are made. There are powerful; motives to implementrisk based practices to provide a balanced view of risk and return from a management point of view;to develop competitive advantages, to comply with increasingly stringent regulations. It is easy tolend and obtain attractive revenues from risky borrower. The price to pay is a risk that is higher thanthe prudent bank’s risk. The prudent bank limits risk and therefore both future losses and expectedrevenues by restricting business volume and screening out risky borrowers. It might avoid losses but itmight suffer from lower market share and lower revenues. However, after a while, the risk-takermight end with an ex-post performance lower than the prudent bank due to higher lossesmaterializing. Risks remain intangible and invisible until they materialize into losses. Simplesolutions simply do not really help to capture risks. All these factors led to the commencement of thisstudy.

II. Literature ReviewKaminsky and Reinhart (1996) in their well-known paper on twin-crises study about 25 episodes ofbanking crises and 71 balance of payments crises in the period 1970-1995. Regarding the influence ofbusiness cycle on the episode of financial instability and the possibility to identify macro-variablesthat act as early warning, they find that recessionary conditions such as economic activity decline,weakening of the export sector, high real interest rates, falling stock market, usually precede bankingas well as currency crises. They also find that Credit expansions, an abnormally high money growthand the decline in the terms-of-trade anticipate many of the banking crises.

Berger and Deyoung (1997) address a little examined intersection between the problem loan literatureand the bank efficiency literature. They employ Granger-casualty techniques to test four hypothesesregarding the relationship among loan quality, cost efficiency, and bank capital. The data suggest thatthe intertemporal relationships between problem loans and cost efficiency ran in both directions forU.S. commercial banks between 1985 and 1994. The data suggest that high levels of nonperformingloans Granger-cause reductions in measured cost efficiency, consistent with the hypothesis that theextra costs of administering these loans reduces measured cost efficiency ('bad luck'). The data alsosuggest that low levels of cost efficiency Granger-cause increases in nonperforming loans, consistentwith the hypothesis that cost-inefficient managers are also poor loan portfolio managers ('badmanagement').

In the paper by Mario Quayliariello (1997), the relationship between bank loan quality and businesscycle indicators is studied for Italy. A distributed lag model (which is estimated using ordinary leastsquares) and bivariate Granger-causality tests are used in order to evaluate the importance of macro-economic factors in predicting the quality of bank loans measured by the ratio of non-performingloans to total loans. The main target of the research is to understand the contribution that macro-datacan offer in capturing the evolution of credit quality and to select a reasonably manageable set ofindicators which can act as early warning signals of the banking system fragility.

Demirguc-Kunt and Detragiache (1998) estimate a logit model of banking crises over the period1980-1994 in order to understand the features of the economic environment in the periods preceding abanking crisis and, therefore, to identify the leading indicators of financial distress.

The 1998 study by Demirgue-Kunt and Huizinga (DKH) is a cross-country study of variations in bankperformance, using two performance indicators separately regressed on a set of explanatory factors;the interest spread (used as an efficiency indicator) and bank profitability. The data set is at bank-level for 80 countries over the period 1988-95. The most important finding pertains to the differencesin the impact of foreign ownership between developed and developing countries. In developingcountries foreign banks have greater interest margins and profits than domestic banks. In industrial

Page 4: Rating risk

countries, the opposite is true. The first finding bears out the better NPA performance by foreignbanks in India by country of origin. Among the macro variables reported by DKH that affect bankprofitability positively although not net interest margins (the efficiency indicator), is per capita GDP.These results suggest that per capita GDP may be less a correlate of banking efficiency or superiorbanking technology, and more a correlate of banking opportunities and the operating environmentgenerally.

The Sarkar, Sarkar and Bhaumik (1998) cross-bank study for India regresses two profitability andfour efficiency measures (one of which is the net interest margin) on pooled data for two years, 1993-94 and 1994-95, for a total of 73 banks, using single-equation OLS estimation for each. The studyfocuses exclusively on an examination of the prediction from the property rights literature about thesuperiority of private ownership in terms of performance. Private banks are divided into traded andnon-traded categories; the control variables include the (log of) total bank assets, the proportion ofinvestment in government securities, the proportion of loans made to the priority sector, theproportion of semi-urban and rural branches and the proportion of non interest income to totalincome.

Ajit and Bangar (1998) present a tabulation of the performance of private sector banks vis-à-vis publicsector banks over the period 1991-1997, using a number of indicators: profitability ratio, interestspread, capital adequacy ratio, and the net NPA ratio. The conclusion is that Indian private banksoutperform public sector banks. What is of interest, however, is that they find Indian private bankshave higher returns to assets in spite of lower spreads.

Survey on the “Implementation of the Capital Adequacy Directive” by the Banking Federation of theEuropean Union, April 1998 (covering 17 countries) revealed that very few banks are usingsophisticated models for managing their risks. Most banks which use it at first place use it for internalrisk management purposes only.

Shaffer (1998) shows that adverse selection has a persistent effect on the banks which are newentrants in a market. Salas and Saurina (1999b) have modelled the problem loans ratio of Spanishbanks in order to gauge the impact of loan growth policy on bad loans. According to their empiricalestimation results (which were achieved using a panel data of commercial and savings banks from1985-1997), the cycle (measured through the current and lagged-one-year GDP growth rates) has anegative and significant impact on problem loans. The current impact is much more important. It isalso shown that problem loans ratio differs by type of loan. Households and firms have differentlevels of bad loans. On an average, the former is lower than the latter. Among households, mortgageshave very low delinquency levels compared to consumer loans, credit loans or overdrafts.

Gambera (2000), using bivariate VAR systems, tries to understand how economic developmentaffects bank loan quality. He points out that, since systemic financial conditions help predict thesoundness of the single intermediaries; it may be interesting to predict the systemic financialconditions themselves. In particular, he uses the ratio of delinquencies to total loans and the ratio ofnon-performing loans to total loans as alternative dependent variables and he estimates a bivariatesystem for each series of macro-economic variables.

Eichengreen and Arteta (2000) carefully analyse the robustness of the empirical results on bankingcrises using a sample of 75 emerging markets in the period 1975-1997 and considering a huge rangeof explanatory variables mentioned in previous works. Their findings confirm that unsustainableboom in domestic credit is a robust cause of financial distress; macro-economic policies leading torapid lending growth and financial overheating generally set the stage for future problems. Domesticinterest-rate liberalization often accompanies these excessive lending activities. On the other hand,they point out that there is little evidence of any particular relationship between exchange-rateregimes and banking crises; the role of the legal and regulatory framework is also uncertain.

Meyer and Yeager (2001) employ a set of county macro-economic variables to test if rural bankperformance is affected by the local economic framework. They fit an OLS model when the return on

Page 5: Rating risk

assets and the net loan losses are the dependent variables and a tobit specification for the non-performing loans. They find that none of the county-level coefficients is significant, suggesting thatcounty economic activity does not have a relevant effect on bank performance; in contrast, state-leveldata are significant.

Arpa et al., (2001) study the effects of the business cycle on risk provisions and earnings of Austrianbanks in the 1990s. They conclude that risk provisions increase in period of falling real GDP growth,confirming the pro-cyclical tendencies in bank behaviour. Moreover, rising real estate prices lead tohigher provisions, whereas falling inflation depresses them. They also find that some macro-economicvariables such as interest rates, real estate and consumer prices are useful in explaining theprofitability of Austrian banks.

In 2001 Boston Consulting Group study confirmed the general impression that North American bankshave a clear lead on most of their European and Asian competitors. Institutions in the U.S. and inAustralia too for that matter were pursuing risk management not to comply with regulatoryrequirements but to enhance their own competitive positions.

The relationship between problem loans and the economic cycle is also analysed by Salas and Saurina(2002). Using panel data, they report that the business cycle (proxied by the current and laggedgrowth of GDP) has a negative and significant impact on bad loans. They also find that credit risk wassignificantly influenced by individual bank level variables, after controlling for macro-economicconditions.

III. Objective of the Present StudyRisk, in one kind or the other, is inherent in every business. Furthermore, risk taking is essential toprogress, and failure is often a key part of learning. Although some risks are inevitable, it does notmean that attempting to recognize and manage them will harm opportunities for creativity. Risks posenew challenges to every company. From employment practices to electronic commerce, from socialand political pressures to the vagaries of the weather, the hazards that exist in today's business climateare as diverse as the companies that face them. Like any other business organization, banks too facerisks inherent to the company and the industry in which they exist. This paper has been undertakenwith the objective to critically examine the current risk management practices as directed by RBI andsupervision process undertaken by RBI.

IV. Data and MethodologyThe current study covers 3 banks and their names have been masked. Judgement sampling method hasbeen used to collect the data. The study required both primary and secondary data. Primary data wascollected with the help of questionnaires* and series of interview schedules. Secondary data has beencollected through published reports, RBI circulars and bulletins.

V. Analysis and FindingsRisk management: According to the RBI circular issued on risk management by the RBI the broadparameters of risk management function should encompass: organisational structure comprehensive risk measurement approach risk management policies approved by the Board which should be consistent with the broader

business strategies, capital strength, management expertise and overall willingness to assume risk guidelines and other parameters used to govern risk taking including detailed structure of

prudential limits strong MIS for reporting, monitoring and controlling risks well laid out procedures, effective control and comprehensive risk reporting framework

* Authors can be sent requests for an unabridged version of the questionnaire.

Page 6: Rating risk

separate risk management framework independent of operational Departments and with cleardelineation of levels of responsibility for management of risk

Periodical review and evaluationThe banking industry recognizes that an institution need not engage in business in a manner thatunnecessarily imposes risk upon it; nor should it absorb risk that can be efficiently transferred to otherparticipants. Rather, it should only manage risks at the firm level that are more efficiently managedthere than by the market itself or by their owners in their own portfolios. It has been argued that risksfacing all financial institutions can be segmented into three separable types, from a managementperspective. These are: Risks that can be transferred to other participants, Risks that can be eliminatedor avoided by simple business practices, Risks that must be actively managed at the firm level

The management of the banking firm relies on a sequence of steps to implement a risk managementsystem. These can be seen as containing the following four parts:

Figure: Steps for implementation of risk management systems

The banking industry has long viewed the problem of risk management as the need to control four ofthe given risks which make up most, if not all, of their risk exposure, viz., credit, interest rate, foreignexchange and liquidity risk. While they recognize counterparty and legal risks, they view them as lesscentral to their concerns. Accordingly, the study of bank risk management processes is essentially aninvestigation of how they manage all these risks. Irrespective of the nature of risk, the best way forbanks to protect themselves is to identify the risks, accurately measure and price it, and maintainappropriate levels of reserves and capital, in both good and bad times. However, this is often easiersaid than done, and more often than not, developing a holistic approach to assessing and managing themany facets of risks remains a challenging task for the financial sector.

Capital Adequacy in relation to economic risk is a necessary condition for the long-term soundnessof banks. Aggregate risk exposure is estimated through Risk Adjusted Return on Capital (RAROC)and Earnings at Risk (EaR) method. Former is used by bank with international presence and theRAROC process estimates the cost of Economic Capital & expected losses that may prevail in theworst-case scenario and then equates the capital cushion to be provided for the potential loss.

The Economic Capital is the amount of the capital (besides the Regulatory Capital) that the firm hasto put at risk so as to cover the potential loss under the extreme market conditions. In other words, it isthe difference in mark-to-market value of assets over liabilities that the bank should aim at or target.As against this, the regulatory capital is the actual Capital Funds held by the bank against the RiskWeighted Assets. After measuring the economic capital for the bank as a whole, bank's actual capitalhas to be allocated to individual business units on the basis of various types of risks.

Credit risk management: Credit risk management enables banks to identify, assess, manageproactively, and optimise their credit risk at an individual level or at an entity level or at the level of acountry. The credit risk models are intended to aid banks in quantifying, aggregating and managingrisk across geographical and product lines. The outputs of these models also play increasinglyimportant roles in banks' risk management and performance measurement processes, customerprofitability analysis, risk-based pricing, active portfolio management and capital structure decisions.The commonly used techniques are econometric technique, neural networks, optimisation models,rule based and hybrid systems. The domains to which they are applied are credit approval, credit

Standards andreports,

Position limits orrules,

separate risk management framework independent of operational Departments and with cleardelineation of levels of responsibility for management of risk

Periodical review and evaluationThe banking industry recognizes that an institution need not engage in business in a manner thatunnecessarily imposes risk upon it; nor should it absorb risk that can be efficiently transferred to otherparticipants. Rather, it should only manage risks at the firm level that are more efficiently managedthere than by the market itself or by their owners in their own portfolios. It has been argued that risksfacing all financial institutions can be segmented into three separable types, from a managementperspective. These are: Risks that can be transferred to other participants, Risks that can be eliminatedor avoided by simple business practices, Risks that must be actively managed at the firm level

The management of the banking firm relies on a sequence of steps to implement a risk managementsystem. These can be seen as containing the following four parts:

Figure: Steps for implementation of risk management systems

The banking industry has long viewed the problem of risk management as the need to control four ofthe given risks which make up most, if not all, of their risk exposure, viz., credit, interest rate, foreignexchange and liquidity risk. While they recognize counterparty and legal risks, they view them as lesscentral to their concerns. Accordingly, the study of bank risk management processes is essentially aninvestigation of how they manage all these risks. Irrespective of the nature of risk, the best way forbanks to protect themselves is to identify the risks, accurately measure and price it, and maintainappropriate levels of reserves and capital, in both good and bad times. However, this is often easiersaid than done, and more often than not, developing a holistic approach to assessing and managing themany facets of risks remains a challenging task for the financial sector.

Capital Adequacy in relation to economic risk is a necessary condition for the long-term soundnessof banks. Aggregate risk exposure is estimated through Risk Adjusted Return on Capital (RAROC)and Earnings at Risk (EaR) method. Former is used by bank with international presence and theRAROC process estimates the cost of Economic Capital & expected losses that may prevail in theworst-case scenario and then equates the capital cushion to be provided for the potential loss.

The Economic Capital is the amount of the capital (besides the Regulatory Capital) that the firm hasto put at risk so as to cover the potential loss under the extreme market conditions. In other words, it isthe difference in mark-to-market value of assets over liabilities that the bank should aim at or target.As against this, the regulatory capital is the actual Capital Funds held by the bank against the RiskWeighted Assets. After measuring the economic capital for the bank as a whole, bank's actual capitalhas to be allocated to individual business units on the basis of various types of risks.

Credit risk management: Credit risk management enables banks to identify, assess, manageproactively, and optimise their credit risk at an individual level or at an entity level or at the level of acountry. The credit risk models are intended to aid banks in quantifying, aggregating and managingrisk across geographical and product lines. The outputs of these models also play increasinglyimportant roles in banks' risk management and performance measurement processes, customerprofitability analysis, risk-based pricing, active portfolio management and capital structure decisions.The commonly used techniques are econometric technique, neural networks, optimisation models,rule based and hybrid systems. The domains to which they are applied are credit approval, credit

Steps forimplementation ofRisk Mangement

systems

Position limits orrules,

Investmentguidelines or

strategies,

Incentive contractsand compensation.

separate risk management framework independent of operational Departments and with cleardelineation of levels of responsibility for management of risk

Periodical review and evaluationThe banking industry recognizes that an institution need not engage in business in a manner thatunnecessarily imposes risk upon it; nor should it absorb risk that can be efficiently transferred to otherparticipants. Rather, it should only manage risks at the firm level that are more efficiently managedthere than by the market itself or by their owners in their own portfolios. It has been argued that risksfacing all financial institutions can be segmented into three separable types, from a managementperspective. These are: Risks that can be transferred to other participants, Risks that can be eliminatedor avoided by simple business practices, Risks that must be actively managed at the firm level

The management of the banking firm relies on a sequence of steps to implement a risk managementsystem. These can be seen as containing the following four parts:

Figure: Steps for implementation of risk management systems

The banking industry has long viewed the problem of risk management as the need to control four ofthe given risks which make up most, if not all, of their risk exposure, viz., credit, interest rate, foreignexchange and liquidity risk. While they recognize counterparty and legal risks, they view them as lesscentral to their concerns. Accordingly, the study of bank risk management processes is essentially aninvestigation of how they manage all these risks. Irrespective of the nature of risk, the best way forbanks to protect themselves is to identify the risks, accurately measure and price it, and maintainappropriate levels of reserves and capital, in both good and bad times. However, this is often easiersaid than done, and more often than not, developing a holistic approach to assessing and managing themany facets of risks remains a challenging task for the financial sector.

Capital Adequacy in relation to economic risk is a necessary condition for the long-term soundnessof banks. Aggregate risk exposure is estimated through Risk Adjusted Return on Capital (RAROC)and Earnings at Risk (EaR) method. Former is used by bank with international presence and theRAROC process estimates the cost of Economic Capital & expected losses that may prevail in theworst-case scenario and then equates the capital cushion to be provided for the potential loss.

The Economic Capital is the amount of the capital (besides the Regulatory Capital) that the firm hasto put at risk so as to cover the potential loss under the extreme market conditions. In other words, it isthe difference in mark-to-market value of assets over liabilities that the bank should aim at or target.As against this, the regulatory capital is the actual Capital Funds held by the bank against the RiskWeighted Assets. After measuring the economic capital for the bank as a whole, bank's actual capitalhas to be allocated to individual business units on the basis of various types of risks.

Credit risk management: Credit risk management enables banks to identify, assess, manageproactively, and optimise their credit risk at an individual level or at an entity level or at the level of acountry. The credit risk models are intended to aid banks in quantifying, aggregating and managingrisk across geographical and product lines. The outputs of these models also play increasinglyimportant roles in banks' risk management and performance measurement processes, customerprofitability analysis, risk-based pricing, active portfolio management and capital structure decisions.The commonly used techniques are econometric technique, neural networks, optimisation models,rule based and hybrid systems. The domains to which they are applied are credit approval, credit

Incentive contractsand compensation.

Page 7: Rating risk

rating determination and risk pricing. The various models covering these techniques and domainare Altman's Z-score model (1968), KMV model for measuring default risk, CreditMetrics,CreditRisk+ and Logit & probit models. Some examples of credit risk are: In August of 1999, Iridium, the satellite telecom company, defaulted on two syndicated loans of

$1.5 billion that it had borrowed to launch the satellites, but could not repay due to unexpectedlow earnings.

In 1974, a small German bank, Bankhaus Herstatt, had a string of losses in forex dealings. It wentbankrupt at the end of a trading day in Germany. Because, it was the end of the trading day inGermany, it had already received $620 million worth of forex payments from its US tradingcounter parties, but because the US markets were still open, Herstatt had not yet been required todeliver $620 million for its side of the trades. At the time that it went bankrupt, it stopped allpayments, and US banks lost virtually all of the $620 million.

Drivers of effective credit risk management: These are effective credit risk management as a value-enhancing activity, consolidating credit lines, efficient use of economic and regulatory capital,ensuring that the bank has a safe level of capital, pricing loans to earn attractive risk-adjusted profits,applying economic capital’s trio of core decision making criteria, use of derivatives to reshape creditprofile and technology.

Market risk management: Market risk is defined as the uncertainty in the future values of theGroup’s on and off balance sheet financial items, resulting from movements in factors such as interestrates, equity prices, and foreign exchange rates. The drivers of market risk are equity andcommodities prices, foreign exchange rates, interest rates, their volatilities and correlations. Marketrisk can be classified into directional and non-directional risks. Market risk can be measured andmanaged through the use of Maturity gap analysis, Duration analysis, Convexity, Value-at-Risk(VAR), Stress Testing and the Greeks. In Indian market, being an emerging market, liquidity andinefficiency are the major concerns in the forex, debt and stock markets. Panic and knee jerk reactionsare also common (e.g. effect on stock markets during Indo-Pak tension and the recent Governmentchange). All these factors contribute to the market risk of the bank. Some examples of market riskexposure are: On March 31, 1997 the BSE SENSEX had lost 302.64 points, one of the biggest losses in a single

day. In October 5, 1998 the BSE SENSEX fell a whopping 224 points and undoubtedly this day is the

Black Monday in the history of Indian stock exchanges.

To analyze the market risk management techniques, an exercise of informal discussion andunstructured questionnaire was conducted at the banks under study. Few highlights are given as: The banks have been making progress in the area of Asset Liability Management. But they are

still far from achieving the level, which has been attained in banks abroad. All of the banks have set up ALM function and established the requisite organizational framework

consisting of the ALCO and the support groups. The composition, scope and functions of thesebodies are in accordance with the guidelines.

Banks have also made an attempt to integrate ALM and management of other risks to facilitateintegrated risk management.

Banks are complaint with the regulatory requirements of the RBI regarding the preparation ofstatements. They have also laid out policies and maintain records as required by the guidelines.Many of them have also achieved 100% coverage of business by ALM.

Private Banks and foreign banks have made the most progress. Some of them had a head start inALM. They have not made the progress that could possibly have been made considering that theirproblems are not of the magnitude of some other banks.

Factors affecting the effective implementation are: Lack of timely, accurate information. The number of branches in banks are huge and the level of computerization is low

Page 8: Rating risk

Limited use of advanced techniques of ALM and the adoption of sophisticated ALM specificsoftware. Such

Absence of a good control framework for ALM Banks have also not established any way of measuring the performance of ALM function or

conducted any studies about impact of ALM. Training of staff is inadequate.. Articulation of the interest rate view is quite difficult. Many of the banks have instituted ALM in order to comply with RBI guidelines and have not

adopted the spirit of the guidelines. Some of the banks have not laid down clear policies and have failed to establish a hierarchy of

objectives. Some of the banks also provide their ALCO with a large amount of information rather than

specific analytical reports.

Asset liability management: ALM is concerned with strategic balance sheet management involvingrisks caused by changes in the interest rates, exchange rates and the liquidity position of the bank. Inrecent years in India, most of the interest rates have been deregulated; government securities are soldin auctions and banks are also, with a few exceptions free to determine the interest rates on depositsand advances. Hence the ALM function is not simply about risk protection. It should also be aboutenhancing the net worth of the institution through opportunistic positioning of the balance sheet. Themore leveraged an institution is, the more critical the ALM function within the enterprise. The ALMprocess allows an institution to take on positions, which are otherwise deemed too large without sucha function. There are various techniques of risk management to address the different types of risk.ALM primarily aims at managing interest rate risk and liquidity risk.

Operational risk management: Many banks have defined operational risk as any risk notcategorised as market or credit risk and some have defined it as the risk of loss arising from varioustypes of human or technical error. The majority of banks associate operational risk with all businesslines, including infrastructure, although the mix of risks and their relative magnitude may varyconsiderably across businesses. Indeed, the acquisition of meaningful data, cleared of market andcredit factors, is providing a major stumbling block to the overall application of risk managementapproaches to operational risk. Operational risk management techniques come in two basic varieties—bottom –up or top down approaches take aggregate targets such as net income or net asset value, toanalyse the operational risk factors and loss events that cause fluctuations in the target. Someexamples of operational risk are: A US government bond trader at the New York branch of a Japanese bank was able to switch

securities out of customers’ accounts to cover credit losses which mounted to over $1 billion in10years.

In 1997, Nat West lost $127 million and had to greatly reduce its trading operations because itsoptions traders had been using the wrong data for implied volatility in their pricing models, andwas therefore taking risks that they did not see.

Study of risk management system at banks under studyMost of the banks do not have dedicated risk management team, policy, procedures and framework inplace. Those banks have risk management department, the risk manager’s role is restricted to pre factand post fact analysis of customer’s credit and there is no segregation of credit, market, operationaland strategic risks. There are few banks which have articulated framework and risk quantification.The traditional lending practices, assessment of credits, handling of market risks, treasuryfunctionality and culture of risk-rewards are bane of public sector banks. Whereas private sectorbanks and financial institutions are somewhat better in this context.

The sheer size and wide coverage of banks is a big hurdle to integrate and generate a cost effectivereal time operational data for mapping the risks. Most of the financial institutions processes areencircled to ‘functional silos’ follows bureaucratic structure and yet to come up with a transparent and

Page 9: Rating risk

appropriate corporate governance structure to achieve the stated strategic objectives. The majorconclusions as listed below have been arrived on the basis of the documents supplied and informaldiscussion held with the officials of the bank.

Since the year 1998 RBI has been giving serious attention towards evolving suitable andcomprehensive models for Risk-management. It has laid stress on integrating this new discipline inthe working systems of the Banks. In view of this, the risk management division in most of the bankswas established in or after 1998 only. All the details regarding the risk management framework ispresented by the bank in a policy document called ICAAP.

The risk management structure followed at all banks is a combination of centralized and decentralizedform. Though risk department forms the heart of the organisation because if it fails the bank will gaspfor breath. But this department is a victim of ignorance in today’s scenario. After conducting the studyit was found that the banks have lowest number of workforce assigned to this department. Within thedepartment, maximum stress is given to credit risk and other risks are still neglected. The bank doesnot have sufficient skill set for driving risk management function.

The benefits in the next two years, on account of maintaining a separate “risk management function”include following: Improvement in productivity Enabling risk adjusted performance Improved assessment of product profitability Use of risk sensitive approach in business processes Better pricing of products and consumer segments Developing skills for risk transfer products Competitive advantage Fraud reduction/deduction Better understanding and scrutiny of all functionalities of the bank.

Apart from those risks mentioned under the Basel accord, banks hardly pay attention to othercategories of risks. Some of the risks not addressed by most of the banks are: Interest rate risk in the banking book Settlement risk Reputational risk Strategic risk Legal and compliance risk Risk of under estimation of credit risk under the standardized approach Model risk Residual risk of securitizationThe bank can also be exposed to a different category of risk apart from the financial risks called theenvironmental risk. For example, if a major portion of their credit concentration loans are inMumbai’s central suburban area. If some calamity or unforeseen event happens in that area likeextensive rainfall incident that took place in 2006-07, it would certainly affect their loan portfolio.

Separate IT division exists in most of the banks to support Risk Management Department. CompleteIT based implementation of risk management system will take atleast 1 or 2 more years. Datacollection is the biggest challenge faced. The banks still depend heavily on manually prepared returnsfor its MIS. The returns for other departments are prepared through different software and this causesdifficulty in integration. But on the other side, banks have always looked at technology as a keyfacilitator to provide better customer service and ensured that its ‘IT strategy’ follows the ‘Businessstrategy’ so as to arrive at “Best Fit”. Many banks have made rapid strides in this direction andachieved almost 100% branch computerisation. A pioneering effort of the bank in the use of IT is theimplementation of Core Banking Solution (CBS) which facilitates “anytime, anywhere” banking.Also, on account of CBS, the bank faces a technology risk. The private sector banks and the foreign

Page 10: Rating risk

banks have relatively fewer branches. They achieve greater levels of computerization and coverage ofbusiness. This helps them in better asset liability management where the decisions should be based ontimely accurate information. The public sector banks have also made progress in the area ofcomputerization but have not achieved complete coverage of business. Further, while coverage ofbusiness is high, the number of branches covered is still low. It may therefore mean that the publicsector banks will take more time to achieve complete coverage of business by computerization as thenumber of branches to be covered will be high whereas the percentage of business covered will belower.

At Indian banks securitization occurs at a very low level. Unlike US based banks the approaches usedin Indian banks are less advanced and more conservative in nature due to stringent RBI guidelines.Therefore there has not been a drastic impact of the subprime crisis on the Indian banking industry.Attention has been drawn towards liquidity risk management which has emerged to be one of themost crucial risk management forms. Sooner or later the banks expect Basel III that will includeliquidity risk under pillar 1. Banks do not feel any risk fatigue. In fact high degree of realisation existswhere it is believed that a control from a number of regulatory bodies has protected the system fromthe failures like that of subprime crisis. But on the other hand banks do not carry the exercise offorensic audit also.

Banks are also striving hard to develop framework for estimating LGD (Loss Given Default) andEAD (Exposure At Default) and also the framework for identifying concentration risk. A datawarehouse is being established for effective data management and use of application tools forquantification of risks. In addition to default rating, facility rating is also being implemented at someof the banks. Collaterals are used as risk mitigants generally by the banks. They comprise of thefinancial collaterals (i.e. bank deposits, govt. /postal securities, life policies, gold jewellery, units ofmutual funds etc.), various categories of movable and immovable assets/landed properties etc. Therisk attached to use of such mitigants include the loss due to change in value of the collateral used.Most banks do not use credit derivatives for credit risk mitigation. Also, Insurance is not used as theprime risk management tool to hedge against risk by all the banks. They use their own techniques formanaging each category of risk. For example, all the banks have adopted hedging strategies to hedgeagainst forex risk. Some of the prominent ones are ECGC cover and forward cover. The banks arealso in the practice of using Forward contract, swap and options.

Basel II compliance efforts have led to improvement in their risk management system. The bank isnow able to measure residual risks. With Basel-II compliance the bank was able to articulate the needfor external ratings and data integrity.

Asset Liability Committee focuses mainly on the asset and liability management of the bank. Thecommittee decides the key drivers of market risk management keeping in view the dynamic externalenvironment. One of the major objectives of ALCO is to maximize the shareholder’s value and toprotect the bank from the impact arising from changes in interest rate. ALCO overall manages theliquidity risk and interest rate risk by analyzing the following reports: Statement of structural liquidity Statement of interest rate sensitivity Statement of dynamic liquidity reports Analysis of earnings at risk Impact of interest rate movements on market value of equity through duration gap analysis Contingency funding plan Interest rate and bucket wise reports of total advances portfolio and bulk deposits.

The main challenges faced by the operational risk management department are: Quantification of operational risk Reporting of the near miss events. Less stress on operational risk by the top management

Page 11: Rating risk

Less available manpower in operational risk management department

The customer profile of all banks consists mainly of individuals and Corporate. For a large scale banknumber of corporate clients is more. The top revenue earners of all banks are Corporates. All thebanks use all the tools like feedback, service control and they satisfy customer complaints to achievecustomer satisfaction. Also, the competitive advantage of banks can range from Human Resource baseto its marketing abilities. Banks make use of a diversified media for advertisements which helps themto reach out to the masses more effectively and efficiently.

The threats Exposed to the Banks consists of: Competition Less of customers Volatility in the market share Attention Threat of new entrantsIt is seen that competition is exposed to all the banks equally and is the most important threat that theyare exposed to.

Strategies adapted by banks to overcome risks include: Integrative growth Intensive growth Downsizing older business Diversification

Banks have given following as reasons for high incidence of NPAs Improper Loan Appraisal System by Banks Poor Risk Management Techniques as a Contribution to NPA's Lack of Strong Legal Framework to initiate action Incorrect Evaluation of the Credit Worthiness of the borrower Poor Loan Monitoring Poor Recovery Mechanisms

Analysing the reasons that has led to loans becoming unpopular with the banking industry: High Incidences of Non - Performing Assets High Costs of Servicing Greater Political Interference Stricter Formalities to be compiled with Falling demand & the Pressure on the Banks

The reason as why targets set for loans have not reached by banks include: Projects Placed were not Feasible or Risky in the Respective Category Inadequate Security Provided by the Borrowers Large No. of Borrowers Whose Credit Worthiness is not Satisfactory Fear of NPA's

Opinion of Banks for the Trend towards Investments in government securities include: Large Availability of Government Securities in the Market. Possible fall in the Interest rates in Future and thus building up a better portfolio as of tomorrow Investments give maximum contend, as Risk is reduced very much as compared to that of loans

and Advances There is at least an amount of satisfaction that some Income may be leaped with least or no risk at

all Regulating requirement: SLR

Page 12: Rating risk

In the note attached with the guidelines it is mentioned that with liberalization, the risks associatedwith banking operations has increased requiring 'strategic management'. Management strategydepends on the corporate objective. The objective can be deposit mobilization, branch expansion,long-term viability etc. Some of these may be conflicting. For instance profitability may have to besacrificed for branch expansion. Each of these objectives would affect asset liability management.Unless the hierarchy of objectives is clear, any rational asset liability management and pricingdecisions would be difficult. The banks under study have mentioned a definite objective in their ALMpolicy. The banks, which adopted ALM before the issue of the guidelines, had done so in a periodranging from 2 years to 3 months ahead of the issue of guidelines. These banks have therefore had theopportunity to make more progress in the implementation of ALM. Having taken the initiative tointroduce ALM, it is assumed that the asset liability management function must have plenty ofsupport from the management. All the banks under survey adopted ALM after the issue of guidelines.In fact, all the public sector banks introduced ALM in compliance with the guidelines and thereforehave had less time compared to the others to evolve their systems. The foreign banks had theadvantage of guidance from their head offices abroad where ALM systems were already in place.Stress testing framework based on scenario and simulation techniques which is based on historicaldata to ensure plausibility is applied at few banks but not all.

The guidelines outline the possible scope of ALM in banks which include Liquidity RM, Interest rateRM, Management of other risks, Funding and capital planning; Profit planning and growth projectionand Trading RM. The ALM in most banks has this scope. Certain banks do not have a trading bookand therefore do not have trading risk management. Since all of these activities have come under thepurview of ALM, the asset liability management function assumes greater importance. Not all bankshave clearly defined policies for management of other risks apart from those under pillar 1. Profitplanning and growth projection found place in none of the bank’s policy. All of the banks surveyedhave an ALCO in conformity with the guidelines. The RBI guidelines state that the ALCO should beheaded by the CEO/Managing Director of the bank. This is to ensure top management support to theALM function. All the banks under study had this principle in place. The guidelines state that that theheads of Credit, Investment, Fund Management/ Treasury, International Banking and EconomicResearch can be members of the ALCO. The head of IT should be included in the committee. Thebanks while adhering to this composition have also included other departments' representatives. Oneof the banks has also adopted a system where other departments are invited based on the agenda of themeeting. By involving various departments in the ALCO, the banks have ensured that the ALMfunction has large coverage extending over their many operational areas. ALCO support groups arealso in existence in almost all the banks surveyed whereas the composition of the support groupsvaries.

Functions of ALCO include determining product pricing, decide on maturity profile, set risk levelsand ensure adherence, decide on business strategy, review results and progress of decisions, articulatecurrent interest rate view, and determination of PLR. The functions of the ALCO in all the bankscomply with those specified in the guidelines. But the effectiveness of the performance of the ALCOwill depend on various other factors such as the information collected, the coverage of business, andthe ability to adapt to the changing environment quickly. Therefore while the banks may be compliantwith the guidelines in relation to functions of the ALCO, it may have no bearing on the effectivenessof the ALM function. But none of the banks have instituted any system for the appraisal of the ALMfunction. Empirical studies have not been conducted by any of the banks though one bank hasindicated its intention to conduct such a study soon. Such studies would help in improving the ALMfunction. Many of the banks have prioritised the move to newer techniques of ALM. But establishingappraisal and control frameworks would improve the current functioning of ALM. All of the bankshave conducted training programmes on ALM. Many have been internally developed and conducted.Some banks have opted to train all of their officers in this field. But while such training as has beenimparted would raise the awareness among the staff about what ALM is, knowledge of the details ofthe ALM process and requirements in their own bank is lacking. Raising the level of such awareness

Page 13: Rating risk

would help in better data collection at the branch level and especially help those banks where fullcomputerisation has not been achieved. RBI had asked banks to achieve 100% coverage of assets andliabilities by April 1st 2002. Some of the banks have achieved this target. Some of these banks consistof those using the ABC approach. Given the difficulty in forecasting, the coverage while compliantwith RBI guidelines, would not result in much accuracy. The majority of the banks have opted forspecific software for ALM. Such software can greatly assist in scenario analysis and simulation aswell as generation of statements. This type of software would require far more frequent datacollection than exists currently. It would also necessitate the building of a database. Informationrequirements: The banks are trying to upgrade the frequency of the data collection. It is probably themain factor in the ALM. Until the banks are able to achieve daily data collection, the ALM functionwill not be very effective. Decisions will continue to be made on stale data and the bank'smanagement will not be able to adapt quickly to changes in the external environment.

The guidelines outline analysis, monitoring and reporting of the risk profile, preparation of forecastsshowing effects of possible changes in market conditions and recommending action to ALCO (AssetLiability committee) as the functions of the ALCO support groups. While many of the banks claim toinclude these as functions of the Support Groups, it is seen that these are handled by individuals incharge of the ALCO function in the Treasury/Investment Department. Also the preparation offorecasts for the ALCO is bound to be limited in a situation where none of the banks conduct scenarioanalysis or simulation. The forecasts' accuracy would be limited and they are probably based onbehavioral profiles of various assets and liabilities than possible market conditions. All of the banksexhibit integration between ALCO and other risk management functions. In all of the banks themembers of the ALCO also constitute the Risk Management Committee. This implies that there is co-ordination between the management of various risks and there is no conflict in risk managementpractices. In all of the banks the ALCO reviews all of the statements that are prepared. In some banksthe ALCO is guided by the recommendations of the Support Groups and is not inundated byinformation that has not been analysed. Also since the statements are based on data collected on afortnightly basis at best, they do not facilitate the most effective decision making.

Techniques used for managing interest rate exposure are Gap Analysis, Duration Analysis, Value atRisk, simulation and sensitivity analysis. For the management of liquidity risk exposure, banks rely onthe preparation of the various statements mandated by the RBI. Analysis of these statements as well asthe gap statements is done. But the effectiveness is constrained by the lack of timely information.Recognizing the limited capabilities of the banks in terms of MIS, computerisation etc. at the time ofissue of the guidelines, RBI had advocated the use of gap analysis. But RBI expected the banks toadopt more advanced techniques as their capabilities improved. It is now found that many of thebanks including those that had a head start are still using the simpler techniques. Inspite of havingachieved 100% coverage of business through computerisation, many banks have not moved on tomore complex techniques. The primary reason is that even with computerisation, banks have not beenable to collect required information at more frequent intervals - a prerequisite for effective scenarioanalysis.

The guidelines issued by RBI state that the establishment of a scientifically evolved internal transferpricing mechanism would enhance the management of margin and interest rate risk. It would alsoprovide a rational framework for pricing assets and liabilities. Most of the banks surveyed hadevolved a system of transfer pricing. The most rational system would involve multiple transfer priceson the basis that all deposits are lent to the head office and funds needed to fund advances areborrowed from the head office. For example each type of liability at a branch would have a differenttransfer price depending on its total cost - interest, non-interest and reserves. Such a sophisticated andrational transfer pricing mechanism would be very difficult to use in the absence of bank widecomputer systems so that all data are centrally available and the needed calculations are madeelectronically. This is especially mammoth task for public sector banks but given their low return oncapital employed and volatility of interest rates, they would have to evolve their systems to such alevel.

Page 14: Rating risk

Another set of guidelines had put forth the need to analyse the impact of embedded options. This wasto be supported by behavioural analysis of maturities and empirical studies. Many of the banks haveundertaken such analysis but the Indian banking may not have reached a level of stability that willpermit past correlation to be used reliably for estimating the present and forecasting the future.Therefore while banks are conducting behavioural analysis of maturities of time deposits, etc. theymay be far from accurate.

Indian banks have a very significant proportion of assets and liabilities with no fixed maturity. On theassets side this includes practically all of the working capital finance. Much of this contractuallyrepayable on demand but in practice it is subject to more or less automatic rollovers, even when in theform of loans. On the liabilities side the principal items with no fixed maturity are the current andsavings bank accounts. Now the banks approach this problem through behavioural analysis. It is theprocess of capturing the assets and liabilities as per the buckets given by RBI. As on March 31, 2008,for the scheduled banks together current account and savings bank deposits formed about 28% ofexternal liabilities: again the bulk of the loans and advances (40% of assets) was probably workingcapital finance. This is a large and significant proportion of the assets and liabilities. All of the bankssurveyed follow the classification of assets and liabilities recommended by the RBI. They use thematurity gap model.

After studying the credit risk models of various banks following recommendations are proposed:1. Banks which have been using a credit risk model should move towards RORAC based pricing.2. Credit derivatives though still not common Indian, offer immense opportunity to Indian banks to

take control of their NPAs and reduce exposure to certain sectors. However, certain regulatoryquestions need to be addressed here. Exposure through CD should be included for calculation of Company / Group / Sector

exposure limits. If the reference asset is priority sector lending / export financing, then the protection seller

should be eligible for all the benefits that are available under these special categories ofassets.

Taking into consideration the maturities and pricing the CD appropriately can address theproblem of maturity mismatch of the CD and the reference asset.

Insurance companies and mutual funds should also be included as protection sellers. Disclosure of CD transactions should be made mandatory for listed companies. Securitization is fast gaining acceptance in Indian markets. CDs can be coupled in some

securitization deals, whereby the growth of securitization could possibly signal the entry ofthe related credit derivative products.

3. For unlisted SMEs: For them the Pragmatic Altman’s Z-Score model wherein the estimatedfigures for the following year are considered and a tentative Z-Score is calculated. Otherindigenous models, like the one developed by CRISIL can also be used.

4. For private sector banks: For the Indian private sector banks, which have a credit ratingmethodology in place should move towards credit risk modeling. In this context, the KMV’s EDFcalculator could be an ideal choice because: It makes use of equity value and market capitalization of the company, which are real time

indicators of the firm’s value and can be tracked easily for publicly, listed companies. It is widely deployed by multinational banks across the globe, which is an indicator of its

worthiness.5. For public sector banks: The Indian experience informs us that there are such public sector banks,

which don’t even have a credit rating system in place and disburse corporate loan on a randombasis, adding to the NPA problem. For such novices, a credit rating system and its uses arementioned below.

Page 15: Rating risk

The diagram gives a schematic representation of the risk rating process. To begin with, thefactors considered in assigning the credit ratings are aggregated, for instance the financial data,industry analysis, facility, etc. After this, fixed weights can be assigned to each of theseparameters and a rating criteria can be decided based on subjective and objectiveconsiderations. Now the relationship manager assigns a preliminary credit rating and the loanapproval finalizes the credit rating. The Credit rating should be constantly reviewed by therelationship manager (one who assigns the credit rating) so that any downgrade would lead toadequate action being taken on the part of the bank. Adequate action could manifest itself in theform of a higher interest rate or non-renewal of loan.

Opportunities for Banks from Basel II Measuring, Managing and Monitoring Risk in a scientific manner Align risk appetite and business strategy Risk Based Pricing Effective Portfolio Management Optimum utilization of Capital Enhance shareholders’ value by generating risk adjusted return on capital

Benefits of moving to advanced approaches Relief in Capital Charge Risk based Pricing – focus on identified business areas. Competitive pricing in niche areas. Image/Prestige International recognition/benefits in dealing with Foreign banks Risk Control

Assignment of Ratings Uses of Ratings

Ratingcriteria

Written/formalelements

Subjective/informalelements

Rater’sownexperience andjudgment

Preliminaryrating proposedfor loanapprovalprocessRelationshipmanager andcredit staff

Approval processassign-sfinalrating

CreditRating

Loan pricing andprofitability analysis

Portfolio monitoring Assessing attractiveness

of customer relationship Evaluating rater

effectiveness Internal capital

allocation and return oncapital analysis

Frequency of loanmonitoring

Loan credit review Ongoing review by

initial rater Periodic review of

each customerrelationship

Aimed at reviewingprofitability/desirability

Generally conductedby the same authoritythat approves loan

Watch processes Quarterly process

focused on loans thatexhibit current orprospective problems

Aimed at identifyingbest Path to improveor exit credit atlowest cost

Conducted by sameauthorities to improveloan

Loan review Review of adequacy of

underwriting &monitoring fromrandom sample

Sample weightedtowards higher riskloans

Loan review judgmentis final say

Factorsconsidered inrating

Financialanalysis

Industryanalysis

Quality offinancial data

Analyticaltools/models

External ratings Firm size/value Mngmnt Terms of

facility Other

considerations

Page 16: Rating risk

Action Points for Effective Implementation Grooming and Retaining Talent Percolating risk culture across the organization through frequent communications, organizing

seminars and training. Setting up of Data Warehouse to provide risk management solutions. Integrating risk management with operational decision making process by conducting periodic

use tests. Periodic back testing and stress testing of the existing models to test their robustness in the

changing environment and make suitable amendments, if required. Putting in place a comprehensive plan of action to capture risks not captured under Pillar I,

through ICAAP framework Handling interrelationship between businesses. Linkage needs to be established between Funds

Transfer Pricing, Asset and Liability Management, Credit risk, Market risk and Operational riskso that cost allocation can be done in a scientific manner.

For Pillar III requirements, banks should disclose information that are easily understood by themarket players and gradually move to disclosure of information requiring advanced concepts andcomplex analysis.

Adopting RAROC framework and moving from regulatory capital to economic capital.

Challenges faced by banks1. General issues

Guidance, motivation and support from senior management is essential to help ensure successof Basel II project.

Good risk management involves a high degree of cultural changes. Embedding good riskmgmt practices into day to day business will be difficult.

Sophisticated risk management techniques require human resources with appropriate skill setsand training.

The models under advanced approaches require lot of historical data, collection of data is aformidable task.

Banks to customize and tailor make the risk products2. Legal& Regulatory infrastructure

Steps required for adoption of internationally accepted accounting standards, consistent,realistic and prudent rules for asset valuation and loan loss provisions reflecting realisticrepayment expectations.

Legal systems will require changes for speedier and effective liquidation of collaterals The laws governing supervisory confidentiality and bank secrecy would require modifications

to permit disclosure envisaged under pillar III. Operational autonomy, corporate governance etc needs to be addressed.

3. Derivatives& mitigation products Credit derivative products yet to be introduced in India. Evolution of developed market for

credit derivative is required to mange credit risk effectively and to get full benefit of riskmitigation.

Rigorous legal and regulatory framework and less developed secondary market for bonds/loans etc is a major impediment in development of credit derivative markets.

4. MIS and IT 100% internal IT development is costly System integration, dedicated software for risk assessment, enterprise wide integrated data

warehouse pose challenge. Lack of data driven culture: Historical issues in getting reliable data, only data that was

necessary to ease operational processes was captured, structured, data-backed decision-making has not been very prevalent.

Page 17: Rating risk

Short data history and lesser no. of data points in LGD, EAD and high impact low frequencyevents in operational risk may give distorted results.

5. Credit rating agencies Limited no of agencies and insignificant level of penetration At present default rates are disclosed by CRISIL only and other agencies are yet to declare,

which may create difficulties in mapping and compliance with disclosure criterion if theywant to be accredited by RBI.

In India banks/ FI’s are having stake in rating agencies that may impact their independence. Banks are awaiting detailed guidelines from the regulator involving regulatory discretion

under IRB approach.

Risk based supervision: The Basel Committee on Banking Supervision has advocated a risk-basedsupervision of banks as stability of the financial system has become the central challenge to bankregulators and supervisors throughout the world. This has been put into practice in various countries.This is a robust and sophisticated supervision with adoption of the CAMELS/CALCS approachessentially based on risk profiling of banks. The focus of RBS is on the assessment of inherent risks inthe business undertaken by a bank and efficacy of the systems to identify measure, monitor andcontrol the risks. In pursuance of that risk profile, RBI prepares a customized supervisory program. Itis a systems based inspection approach.

CAMELS: (Applicable to all domestic banks) Capital Adequacy, Asset Quality, Management,Earnings, Liquidity and Systems & Controls.CALCS: (Applicable to Indian operations of banks incorporated outside India) Capital Adequacy,Asset Quality, Liquidity, Compliance and Systems.

The objective of prudential regulation and supervision is a banking system that is safe and sound.Safety and soundness are difficult to define because there are no limits to how safe or sound a bankcan be. Banks may fail due to any of the following reasons: run out of liquidity, run out of capital orrun out of both.

RBS, would use a range of tools to prepare the risk profile of each bank including CAMELS rating,off-site surveillance and monitoring (OSMOS) data, prudential returns and market intelligencereports, ad-hoc data from external and internal auditors, information from other domestic and overseassupervisors, on-site findings, sanctions applied, structured meetings with bank executives at allvarious levels, inter face dialogue with the auditors etc. A monitorable action plan (MAP), to mitigaterisks to supervisory objectives posed by individual banks would be drawn up for follow-up. RBI isalready using MAPs to set out the improvements required in the areas identified during the current on-site and off-site supervisory process. If actions and timetable set out in the MAP is not met, RBIwould consider issuing further directions to the defaulting banks and even impose sanctions andpenalties.

Objectives of risk based supervision: RBI follows a carrot and stick system for implementation of Risk Management and Supervisory

controls in Banks. The approach is expected to optimize utilisation of supervisory resources. It is to minimise impact of crisis situation in the financial system. Construction of a Risk Matrix for each institution. Continuous monitoring & evaluation of risk profile of the supervised institutions. Facilitates implementation of new capital adequacy frame work

Benefits of RBS: The RBS holds out a package of benefits of the supervisor, the supervised entitiesand the depositor as shown below:1. Supervisor

Deeper understanding of the risks associated with the banks and

Page 18: Rating risk

Facilitate optimum use of scarce supervisory resources and direct supervisory attention tothose banks and those areas within the banks, which cause more supervisory concern

2. Supervised entity it will enhance the bank’s own capability for risk management and risk control it will provide a built-in incentive of lesser supervisory intervention for the good performer

3. Depositor The increased attention to risk factors both by the supervisor and the bank itself will reduce

the risk of insolvency and provide for greater comfort for deposit protection.

Comparison of Traditional Supervision and Risk-Based Supervision: At the risk of oversimplifying the differences in approaches to supervision, traditional supervision

focuses more on quantifying problems and minimizing risks in individual banks, while risk-basedsupervision focuses more on the quality of risk-management systems and the recognition ofsystemic risks to the banking system caused by the economic environment.

The traditional approach tends to limit a bank's ability to serve the economic community's needsby limiting the risks a bank can take, whereas risk-based supervision allows banks to take risks solong as the banks demonstrate the ability to manage and price for risks.

Traditional supervision tends to apply a cookie-cutter approach to supervision in which all banksare treated alike, often at the lowest common denominator. Risk-based supervision treats banksdifferently depending on each bank's demonstrated ability to manage risks. It does not penalizewell-managed banks by making them operate under standards designed to keep weak, poorlymanaged banks solvent.

There are appropriate places for each approach. When bank supervisors are dealing withinstitutions that are known, or thought, to have serious problems that may threaten solvency, thereis then a need to quantify problems, which can best be accomplished using traditional forms ofsupervision. However, the worse the condition of a bank, the greater the need to quantify theproblems with precision. In healthy banks, where the likelihood of failure is not an issue, there isless need to quantify problems with great precision hence RBS used.

The CAMELS approach uses supervisory tools such as on-site inspection and off-site surveillancefor all banks and is broad based whereas RBS involves preparing the risk profile of each bank andthe scope of supervision is determined by the risk that the supervisory authority associates witheach bank.

While the supervisory cycle is annual in the case of the current approach it is again dependent onthe risk perception of the authorities in the case of RBS.

RBS focuses on the bank not only from the transaction point of view but also in terms of thepolicies and procedures designed and the effectiveness of their implementation. There would begreater need to pay attention to the correctness and integrity of the data and information suppliedby the banks, which go into the compilation of the risk profile.

The inspection under the current approach is generally conducted with reference to the auditedbalance sheets of the banks while it is not necessary to do so in the case of RBS.

Effectiveness of RBI supervision: For the purpose of study, impact of supervision on bank’sperformance has been assessed in terms of a few parameters Level of NPAs: The trend of improvement in the asset quality of banks continued during the

period of study. Moreover, gross NPAs (in absolute terms) of nationalised banks and old privatesector banks have continued to decline. A reason for this progress can be the stringent andconservative approach by RBI. The following graph shows the movement of NPAs.

Page 19: Rating risk

Source: Basic Statistical Returns of Scheduled Commercial Banks in India

Bringing improvement in weak banks: Here, the cases of four public sector banks (IndianBank, United Bank of India, UCO Bank and Dena Bank) have been taken for study. The problemin the first three banks started in the 1996-97, when they began showing very poor performance interms of profits. Supervisory and regulatory actions were taken to arrest the deterioration of thesebanks and through a process of recapitalization, enough capital was also infused. Narrow bankingwas recommended for these banks, wherein all advances are stopped and the investments arelimited to those in G-Securities, which assure safe returns. Currently these banks are undercontrol. Similarly, problems cropped up in Dena Bank in 2000, which were brought under controlimmediately. The bank’s internal management and controls contributed to the success.Supervision was also one of the qualifiers for the same. Other evidences showing the CRARlevels, the Operating Profit / Working Funds, Net NPAs / Net Advances and Return on Assets ofthe three banks indicate a gradual improvement in the overall health of the three banks (thoughthe improvement in the case of Indian Bank is marginal).

Profitability of Banks: To judge the effect of profitability of banks Net Profit / Loss as apercentage of Total Assets has been taken for study. The following table shows the figures for thescheduled commercial banks. Reflecting the buoyant growth in noninterest income on the onehand and a relatively subdued growth in operating expenses on the other, operating profits ofSCBs have increased over the years. Though the operating profits increased across all bankgroups, the increase was more pronounced in respect of new private sector and foreign banks.This increase in profitability can be attributed to efficient operations of banks along with goodRBI supervision.

Improvement in Capital Adequacy: The CRAR data of all the banks (private, public andforeign) provided in the Reports on Trend and Progress of banking in India of the last few yearsshow that there is a considerable improvement in the capital adequacy of the banks. Theimprovement was, however, more pronounced in respect of new and old private sector banks,followed by SBI and associates. As at end-March 2008, the CRAR of nationalised banks at 12.5per cent was below the industry average (13.0 per cent), while that of all other groups was abovethe industry level.

Improvement in Inspection and Supervision Method: There has been an improvement in theperiodicity of the inspections. Earlier the private and foreign banks were inspected once in twoyears, but now they are inspected annually. Similarly, the public sector banks were inspected oncein four years (besides the Annual Financial Reviews), but now, they are also being inspectedevery year. Quarterly visits are being made to the weak banks and also the new banks. Thesupervisory process has acquired a certain level of robustness and sophistication with the adoptionof the CAMELS / CALCS approach to supervisory risk assessments and rating.

0100002000030000400005000060000

70000

80000

2003 2004

7031364897

9.1

Net NPA

Source: Basic Statistical Returns of Scheduled Commercial Banks in India

Bringing improvement in weak banks: Here, the cases of four public sector banks (IndianBank, United Bank of India, UCO Bank and Dena Bank) have been taken for study. The problemin the first three banks started in the 1996-97, when they began showing very poor performance interms of profits. Supervisory and regulatory actions were taken to arrest the deterioration of thesebanks and through a process of recapitalization, enough capital was also infused. Narrow bankingwas recommended for these banks, wherein all advances are stopped and the investments arelimited to those in G-Securities, which assure safe returns. Currently these banks are undercontrol. Similarly, problems cropped up in Dena Bank in 2000, which were brought under controlimmediately. The bank’s internal management and controls contributed to the success.Supervision was also one of the qualifiers for the same. Other evidences showing the CRARlevels, the Operating Profit / Working Funds, Net NPAs / Net Advances and Return on Assets ofthe three banks indicate a gradual improvement in the overall health of the three banks (thoughthe improvement in the case of Indian Bank is marginal).

Profitability of Banks: To judge the effect of profitability of banks Net Profit / Loss as apercentage of Total Assets has been taken for study. The following table shows the figures for thescheduled commercial banks. Reflecting the buoyant growth in noninterest income on the onehand and a relatively subdued growth in operating expenses on the other, operating profits ofSCBs have increased over the years. Though the operating profits increased across all bankgroups, the increase was more pronounced in respect of new private sector and foreign banks.This increase in profitability can be attributed to efficient operations of banks along with goodRBI supervision.

Improvement in Capital Adequacy: The CRAR data of all the banks (private, public andforeign) provided in the Reports on Trend and Progress of banking in India of the last few yearsshow that there is a considerable improvement in the capital adequacy of the banks. Theimprovement was, however, more pronounced in respect of new and old private sector banks,followed by SBI and associates. As at end-March 2008, the CRAR of nationalised banks at 12.5per cent was below the industry average (13.0 per cent), while that of all other groups was abovethe industry level.

Improvement in Inspection and Supervision Method: There has been an improvement in theperiodicity of the inspections. Earlier the private and foreign banks were inspected once in twoyears, but now they are inspected annually. Similarly, the public sector banks were inspected oncein four years (besides the Annual Financial Reviews), but now, they are also being inspectedevery year. Quarterly visits are being made to the weak banks and also the new banks. Thesupervisory process has acquired a certain level of robustness and sophistication with the adoptionof the CAMELS / CALCS approach to supervisory risk assessments and rating.

2004 2005 2006 2007 2008

6489757546

51243 50296 55843

7.2 4.9 3.5 2.7 2.4

Net NPA % of Advances

Source: Basic Statistical Returns of Scheduled Commercial Banks in India

Bringing improvement in weak banks: Here, the cases of four public sector banks (IndianBank, United Bank of India, UCO Bank and Dena Bank) have been taken for study. The problemin the first three banks started in the 1996-97, when they began showing very poor performance interms of profits. Supervisory and regulatory actions were taken to arrest the deterioration of thesebanks and through a process of recapitalization, enough capital was also infused. Narrow bankingwas recommended for these banks, wherein all advances are stopped and the investments arelimited to those in G-Securities, which assure safe returns. Currently these banks are undercontrol. Similarly, problems cropped up in Dena Bank in 2000, which were brought under controlimmediately. The bank’s internal management and controls contributed to the success.Supervision was also one of the qualifiers for the same. Other evidences showing the CRARlevels, the Operating Profit / Working Funds, Net NPAs / Net Advances and Return on Assets ofthe three banks indicate a gradual improvement in the overall health of the three banks (thoughthe improvement in the case of Indian Bank is marginal).

Profitability of Banks: To judge the effect of profitability of banks Net Profit / Loss as apercentage of Total Assets has been taken for study. The following table shows the figures for thescheduled commercial banks. Reflecting the buoyant growth in noninterest income on the onehand and a relatively subdued growth in operating expenses on the other, operating profits ofSCBs have increased over the years. Though the operating profits increased across all bankgroups, the increase was more pronounced in respect of new private sector and foreign banks.This increase in profitability can be attributed to efficient operations of banks along with goodRBI supervision.

Improvement in Capital Adequacy: The CRAR data of all the banks (private, public andforeign) provided in the Reports on Trend and Progress of banking in India of the last few yearsshow that there is a considerable improvement in the capital adequacy of the banks. Theimprovement was, however, more pronounced in respect of new and old private sector banks,followed by SBI and associates. As at end-March 2008, the CRAR of nationalised banks at 12.5per cent was below the industry average (13.0 per cent), while that of all other groups was abovethe industry level.

Improvement in Inspection and Supervision Method: There has been an improvement in theperiodicity of the inspections. Earlier the private and foreign banks were inspected once in twoyears, but now they are inspected annually. Similarly, the public sector banks were inspected oncein four years (besides the Annual Financial Reviews), but now, they are also being inspectedevery year. Quarterly visits are being made to the weak banks and also the new banks. Thesupervisory process has acquired a certain level of robustness and sophistication with the adoptionof the CAMELS / CALCS approach to supervisory risk assessments and rating.

Page 20: Rating risk

Internal Control and Management: A strong internal control mechanism has been developed inthe banks, wherein RBI has taken up special in-house monitoring of certain areas of weakness inthe banks, viz. Inter-branch / Inter-bank reconciliation and balancing of books. The quantum ofoutstanding entries has been brought down drastically, thus reducing the fraud prone areas.Besides this, the emphasis laid down by the supervisors on the computerization of the variousbranches has been successful as a number of branches of both public and private sector bankshave been computerized.

Disclosure Norms: With stricter disclosure norms, more and more information is being broughtout to the public. This has not only helped the shareholders, who are now in a better position toassess the performance of the banks, but has also helped in keeping the management under a kindof check.

Comparison of different approaches taken by some selected countries: Just as approaches tobanking regulation and supervision differ from country to country, approaches to supervisory riskassessment and early warning also differ in various respects depending upon country-specific factors.These include the extent, scope and frequency of on-site supervision; the off-site monitoringmechanism; the extent, nature and reliability of regulatory reporting; the availability of other reliablesources of information; the availability of historical data on bank distress and failure; the level oftechnological advancement; and the availability of necessary budgetary and human resources. Thevarious risk based supervision approaches used by various developed countries are shown below:

Country SupervisoryAuthority

System System Type

France BankingCommission

ORAP (Organisation andReinforcement of PreventiveAction)

Off-site Supervisory bankrating system

SAABA(Support System forBanking Analysis)

Early Warning model-Expectedloss

Germany German FederalSupervisoryOffice

BAKIS (BAKred InformationSysteme)

Financial ratio and peer groupanalysis system

Italy Bank of Italy PATROL Off site Supervisory bank ratingsystem

Early Warning System Early Warning model- failureand timing to failure prediction

Netherlands NetherlandsBank

RAST (Risks Analysis SupportTool)

Comprehensive bank riskassessment system

Observation System Financial ratio and peer groupanalysis system

UnitedKingdom

FinancialServicesAuthority

RATE (Risk assessment, Toolsof Supervision and Evaluation)

Comprehensive bank riskassessment system

Bank ofEngland

TRAM (Trigger RatioAdjustment Mechanism)

Early Warning model

UnitedStates

All threesupervisoryauthorities

CAMELS On site examination rating

Federal ReserveSystem

Individual Bank MonitoringScreens

Financial ratio and peer groupanalysis system

SEER Rating (System forestimating Exam Ratings)

Early warning model-RatingEstimation

SEER Risk Rank Early warning model-Failureprediction

FDIC CAEL Off site Supervisory bank rating

Page 21: Rating risk

system

GMS (Growth MonitoringSystem)

Simple Early warning model-tracking high growth banks

SCOR (Statistical CAMELSOff-site Rating)

Early warning model-Ratingdowngrade estimation

OCC Bank Calculator Early warning model-Failureprediction

Figure: Table showing supervision process at different countries

Initiatives required in case of RBI supervisory process: Technological upgradation- Information technology can be used to improve the supervision

method and also to reduce costs, increase volumes and speed and facilitate customized products.The financial system is being strengthened with the introduction of Delivery vs. Payment (DvP)system, Electronic Clearing Systems, etc. Still pro-active measures, like OSMOS returns frombanks on a real time basis need to be taken to further strengthen the supervision method.

Human Resource Development and Manpower Planning- The core function of HRD is tofacilitate performance improvement measured not only in terms of financial indicators ofoperational efficiency, but also in terms of the quality of financial services. Skills, attitudes andknowledge of the personnel need continuous upgradation.

Greater Vigilance - Though the financial sector is being increasingly deregulated and greaterautonomy is being given to the various participants, yet it is important to ensure that there isincreased vigilance over their adherence to the norms.

Legal reforms - Legal reforms, without delay is required in the areas of insolvency, breach ofcontract, defaults, and enforcement of security. Certain amendments (e.g. in the Stamps Act assuggested by Narsimham Committee II), which have been suggested by various committees, needto be made at the earliest.

NPAs - As at the end of June 1997, out of 1100 cases filed and transferred to DRTs involving Rs.8866.67 crore, 1045 cases had been decided and a meagre amount of Rs. 178.08 crore wasremoved. The number of Debt Recovery Tribunals (DRTs) must be increased and they must begiven more powers so that they can expedite the recovery process. If feasible a time frame shouldalso be designed, within which the DRTs have to settle a specified number of cases.

Relation between the regulated and the regulator - Greater transparency and mutual andfrequent consultation between the regulated and the regulator are required. An important step inthis direction has been the proposed introduction of the Prompt Corrective Action (PCA). ThisPCA will establish a rule-based system for taking corrective actions to arrest deterioration ofbanks and financial institutions beyond a certain point.

Teamwork - A dedicated and strong team of supervisors is required to ensure proper delivery ofthe supervisory responsibilities. Individuals need to be assigned greater responsibility, as is thecase with Financial Services Authority, United Kingdom.

The capital charge on operational risk as given by the new Basel accord should besubstantiated as to how it is arrived at especially given the fact that the type of operational risk inIndia is different form that in the European or American banks.

Risk Based Supervision (RBS) - It is learnt that RBI is moving towards a system of Risk BasedSupervision, wherein, RBI would focus its supervisory attention on the banks in accordance withthe risk each bank poses to itself as well as to the system. The successful implementation of theprocess of RBS entails adequate preparation, both on the part of the Reserve Bank and thecommercial banks.

Consolidated Supervision - Keeping up with the international trends, it is important to introducea consolidated approach to supervision. For this, RBI needs to equip the commercial banks withthe required infrastructure and skills.

Monthly Returns - Under the OSMOS system, presently data are called for from the banks on aquarterly basis. As a step ahead of this, returns should now be made monthly at least for data, likeimportant financial ratios, CRAR, NPAs, etc. In future, this reporting system should graduate tobecome a system on a real time basis, wherein data should be made available on-line.

Page 22: Rating risk

Universal Banking - India needs to get prepared for the phenomenon of universal banking. SinceICICI has already made a move it is necessary that RBI ensure whether all the specifiedguidelines, issued in the circular specifying norms for all entities desiring to venture into universalbanking are being complied with or not.

These suggestions once implemented will go a long way in improving the overall system ofsupervision over the financial sector.

Risk management scenario in the futureRisk management activities will be more pronounced in future banking because of liberalization,deregulation and global integration of financial markets. This would be adding depth and dimensionto the banking risks. As the risks are correlated, exposure to one risk may lead to another risk,therefore management of risks in a proactive, efficient & integrated manner will be the strength of thesuccessful banks. The standardized approach was to be implemented by 31st March 2007, and theforward-looking banks placed their MIS for the collection of data required for the calculation ofProbability of Default (PD), Exposure at Default (EAD) and Loss Given Default (LGD). The banksare expected to have at a minimum PD data for five years and LGD and EAD data for seven years.Presently most Indian banks do not possess the data required for the calculation of their LGDs. Alsothe personnel skills, the IT infrastructure and MIS at the banks need to be upgraded substantially if thebanks want to migrate to the IRB Approach

Major finding: Devising a model for calculation of bank’s rating based on its risk managementpracticesModels exist for assigning credit rating to borrowers. This helps the bank to identify potentialborrowers by determining their credit worthiness. But there are times when banks also fail to perform.Potential customers find it difficult to determine in which bank they should deposit their money ortake loan from. Hence, it is also desired that bank should also be assigned a rating so that it comes tothe rescue of the borrowers. RBI is also practicing the same but it does not publish the ratings of thesebanks. It assigns the ratings to all the banks under its jurisdiction but keeps it for the discussion withthe top management. Here, in this section, an attempt has been made to give the various banks arating which would help to determine healthiness of the bank. Due to the limited scope of the study,the rating model suggested henceforth, is purely based on a bank’s risk management framework. Forthis purpose a model has been proposed using which a bank will be assigned such a rating. This ratingwould describe how successful a bank is as compared to its peer banks. It is a multicriteria decisionproblem. Two possible ways of solving it are: analytical hierarchy process (AHP) and goalprogramming. Here, AHP has been used and formulated in MS-Excel*. Further a dot net program*has been developed to make it more user friendly. This software will enable the regulator to just enterthe rating of individual risks and the final risk rating of the bank would be generated.

The multiple criterions faced in this problem are with regards to various risks faced by banks. Butsome risks are important than the others. So a comparison of all risks has been made to come to a setof criterions. These criterions should be met and suffice to one solution. AHP can be done in threeways- arithmetic mean transformation method, geometric mean transformation and Eigen valuetransformation. The same solution for each verifies the integrity of the model proposed. Bankingindustry faces two categories of risks namely business risk and controls risk. In this problem, thecriterion/goals are:In case of business risk category Capital risk is the most crucial type of risk faced by banks. Credit and operational risk are at second level and are equally important. Next most crucial risk faced after capital credit and operational risk is market risk. Earnings risk

is also equally important as market risk. Liquidity risk is the next most important risk Least important/ crucial risks are business and group risk.In the case of controls risk category: Internal controls risk the most crucial risk faced.

Page 23: Rating risk

Management and compliance risk are the next most important risks. Risk associated with organization is the least important of all.

Suggestions by banks to RBI: Some suggestions were given by the bank officials through the modeof an informal discussion. They are: Banks are of the opinion that it would ease the processes if regulator comes up with industry wise

correlation. RBI guidelines are broader in nature. They should be more indicative. The document requirement for complying by the guidelines of RBI and Basel are highly centered

according to international banks. Some scenarios are not at all relevant to Indian markets. Hencethere is a need to revise the framework of guidelines with an Indian perspective so that the fatigueof writing so many documents can be done away with.

RBI has modified the CRAR from 8% to 9%. This makes capital a limiting factor. Hence itrestricts the natural growth of the bank. Hence the regulator should reconsider this.

The terms used in the guidelines issued are directly picked from the documents in Basel or thosefinding implementation in foreign countries. The terms should be explained more correctly to allthe banks.

VI. ConclusionWorldwide, there is an increasing trend towards centralizing risk management with integrated treasurymanagement to benefit from information synergies on aggregate exposure, as well as scale economiesand easier reporting to top management. Keeping all this in view, the Reserve Bank has issued broadguidelines for risk management systems in banks. This has placed the primary responsibility of layingdown risk parameters and establishing the risk management and control system on the Board ofDirectors of the bank. However, it is to be recognized that, in view of the diversity and varying size ofbalance sheet items as between banks, it might neither be possible nor necessary to adopt a uniformrisks management system. The design of risk management framework should, therefore, be orientedtowards the bank's own requirement dictated by the size and complexity of business, risk philosophy,market perception and the existing level of capital. While doing so, banks may critically evaluate theirexisting risk management system in the light of the guidelines issued by the Reserve Bank and shouldidentify the gaps in the existing risk management practices and the policies and strategies forcomplying with the guidelines.

Credit risk management: Risk management has assumed increased importance of regulatorycompliance point of view. Credit risk, being an important component of risk, has been adequatelyfocused upon. Credit risk management can be viewed at two levels—at the level of an individual assetor exposure and at the portfolio level. Credit risk management tools, therefore, have to work at bothindividual and portfolio levels. Traditional tools of credit risk management include loan policies,standards for presentation of credit proposals, delegation of loan approving powers, multi-tier creditapproving systems, prudential limits on credit exposures to companies and groups, stipulation offinancial covenants, standards for collaterals, limits on asset concentrations and independent loanreview mechanisms. Monitoring of non-performing loans has, however, a focus on remedy rather thanadvance warning or prevention. Banks assign internal ratings to borrowers, which will determine theinterest spread charged over PLR. These ratings are also used for monitoring of loans. Recently, RBIhas taken measurable steps for sound Credit Risk Management but there is still long way to go. Amore scientific & Quantitative approach is the need of the hour.

Market risk management: Asset Liability Management as a risk management technique is gainingin popularity as banks are beginning to recognize the need for proper risk management. The challengefor the banks therefore is to put in place the necessary infrastructure that can help them derive theutmost benefit from ALM. The banks’ progress in Asset Liability Management will depend on theinitiatives of their management rather than on RBI supervision. Given the existing hurdles, theevolution of ALM in commercial banks will be a slow process. ALM has evolved since the early1980's. Techniques of ALM have also evolved. The growth of OTC derivatives markets has facilitated

Page 24: Rating risk

a variety of hedging strategies. A significant development has been securitization, which allows firmsto directly address asset-liability risk by removing assets or liabilities from their balance sheets. Thus,the scope of ALM activities has widened. Today, ALM departments are addressing (non-trading)foreign exchange risks as well as other risks. Corporations have adopted techniques of ALM toaddress interest-rate exposures, liquidity risk and foreign exchange risk. Thus it can be safely said thatAsset Liability Management will continue to grow in future and an efficient ALM technique will go along way in managing volume, mix, maturity, rate sensitivity, quality and liquidity of the assets andliabilities so as to earn a sufficient and acceptable return on the portfolio.

Operational risk management: The best defense against operational risk is to have effective systemsand controls. These need to be appropriate to the risks and as easy as possible to understand,implement and monitor. There is a strong common interest here between the regulator and a bank’ssenior management. An intensified interest by the latter in everyday operational losses is likely toreduce the possibility of large losses, improve general risk awareness in a company and the regulatorwill feel that the interests of the consumer are being better safeguarded. When considering operationalrisk, the regulator faces a similar dilemma to the bank: where are the main risks, how can they best becontrolled, and what level of capital can reasonably be required? In future, it is likely these questionswill become even more pertinent. This is not least because regulators, in line with some banks, arecarving out capital to be held specifically against market, credit and operational risk. But it is alsobecause regulators have come to think that operational risk may not be significantly correlated witheither of the other two types of risk categories. However, as was the case with the original regulatorycapital ratio set by the Basle Committee, the only real touchstone for this is some sort of reference tocurrent aggregate capital. Another option for the regulator would be to refer to benchmark lossexperiences. The problem here is that the data are often not obtainable – availability differs fromcountry to country and business to business – and may not be suitable for operational risk throughoutthe bank. The regulator could, alternatively, rely on internal economic capital allocation. Perhaps whatis needed most is time. One thing is clear, and it is that there are more questions than answers aroundoperational risk for both banks and regulators. Consequently, both parties will need, in the immediatefuture, to enter into an open and technical discussion of the way forward.

Supervision process: Before 1950s regulation and supervision by RBI was not that stringent as thebanking activity was limited to collection of deposits and issue of loans. Moreover, there was noseparate comprehensive enactment for the banking sector. With the introduction of the BankingCompanies Act, 1949, (later Banking Regulations Act, 1949) the scope of RBI supervision broadenedover the years, necessary changes in the supervisory system have been made to meet with the newchallenges emerging in the financial sector. In the wake of rapid changes in the financial sector suchas emergence of Universal Banking, introduction of Securitization, integration of various markets, etc.a lot of preparations for further strengthening the supervisory mechanism is required, not only on thepart of RBI but by individual banks also. World over the way financial markets are integrating day byday, risk is continuously increasing. RBI, keeping in view international best practices has alreadytaken certain initiatives in this regard and there is a proposal to introduce shortly, the system ofConsolidated Supervision too, along with Risk Based Supervision. The impact on bank’s key ratiosdue to banking supervision reveals good results and walking on the same continuum few issues can bestressed upon like technology upgradation, corporate governance, market intelligence etc.

Page 25: Rating risk

References Ajit, D. and Bangar, R.D (1998): The Role and Performance of Private Sector Banks in India-

1991-92 to 1996-97, Political Economy Journal of India 7:1 and 2, 7-20 Arpa M., Giulini I., Ittner A. and Pauer F.(2001), The Influence of Macro-economic Developments

on Austrian Banks: Implications For Banking Supervision, BIS Papers, n. 1, Basel Bessis, Joel (2002), Risk Management in Banking, Wiley; 2nd edition Berger, A.N. and DeYoung, R. (1997), Problem Loans and Cost efficiency in Commercial Banks.

Journal of Banking and Finance 21, 849-870 Berger, A. N. and Udell, G. F.(1998), The Economics of Small Business Finance: The Roles of

Private Equity and Debt Markets in The Financial Growth Cycle, Journal of Banking andFinance, 22, pp.613-673

Berger, A. N. and Udell, G. F. (1993), Securitization, Risk, and the Liquidity Problem in Banking,Structural Change in Banking, M. Klausner and L. White editors, Irwin Publishers, Illinois

BIS Publication (2001), The Second Consultative Document, The New Basel Capital Accord _______(2001), Standardised Approach to Credit Risk, Supporting Document to the New Basel

Capital Accord BCBS (2001), Working Paper on the Regulatory Treatment of Operational Risk _______(2000) Principles for Management of Credit Risk _______(1996) Amendment to the Capital Accord to incorporate Market risks _______(2000) Range of practice in Banks’ Internal Ratings Systems, Discussion Paper _______(2001) Potential Modifications to the Committee’s Proposal Caouette, John B. (1998), Altman Edward I. & Narayan, Paul Managing Credit Risk, The Next

Great Financial Challenge, Wiley Coyle, Brian (2000), Credit Risk Management: Measuring Credit Risk, Global Professional

Publishing, USA Demirguc-Kunt, A., Detragiache E. and Gupta, P. (2000), Inside the Crisis: An Empirical

Analysis of Banking Systems in Distress, IMF Working Paper No. 156, Washington D.C Demirguc-Kunt A. and Detragiache E. (1998),The Determinants of Banking Crises in Developing

and Developed Countries, in IMF Staff Papers, Vol. 45, n. 1, Washington D.C. Demirguc-Kunt, Asli and Huizinga, Harry (1998), Determinants of Commercial Bank Interest

Margins and Profitability: Some International Evidence, World Bank, WPS 1900 Eichengreen B, and Arteta C. (2000), "Banking Crises in Emerging Markets: Presumptions and

Evidence". in Haas School of Business, University of California Berkeley, Center forInternational and Development Economic Research, Workign Papers, n.115

Elmer Funke Kupper (2000), Risk Management in Banking, Discussion Paper Gambera M.(2000), "Simple Forecasts of Bank Loan Quality in the Business Cycle", in Federal Reserve Bankof Chicago, Supervision and Regulation Department, Emerging Issues Series SandR-2000-3,Chicago, www.chicagofed.org

Gleason, James T. (2000), Risk: The new management imperative in finance, Bloomberg Press Kaminsky G.L., and Reinhart C.M. (1996), "The Twin Crises: the Causes of Banking and

Balance-of-Payments Problems", in Board of Governors of the Federal Reserve System,International Finance Discussion Papers, n.544, March, www.federalreserve.gov

Mays, Elizabeth (1998), Credit Risk Modelling: Design and Application, CRC Mario Quagliariello, Are Macro-economic Indicators Useful in Predicting Bank Loan Quality?

Evidence from Italy Meyer A.P. and Yeager T.J. (2001), "Are small Rural Vulnerable to Local Economic

Downturns?”, in Federal Reserve Bank of St. Louis Review, St. Louis, (March-April) Rajaraman, I., S.Bhaumik and N.Bhatia (1999) NPA Variations across Indian Commercial Banks:

Some Findings, Economic and Political Weekly, 34: 3 and 4, 16-23 RBI Guidance note on Credit risk Management (September 2001). RBI Guidelines, Risk Management Systems in Banks (October 1999) RBI Master Circular, Prudential Norms on Capital Adequacy (August 2001).

Page 26: Rating risk

RBI Master Circular, Exposure Norms Salas, V. and Saurina, J. (1999a), Deregulation, Market Power and Risk Behaviour in Spanish

Banks", (1999a) _______(1999b), Credit Risk in Two Institutional Regimes: Spanish Commercial and Savings

Banks _______(2002), Credit Risk in Two Institutional Regimes: Spanish Commercial and Savings

Banks, Journal of Financial Services Research, 22, 203-224 Sarkar, Jayati, Subrata Sarkar and Bhaumik, Sumon K. (1996), Does Ownership Always Matter?

Evidence from the Indian Banking Industry, Journal of Comparative Economics, 26:2, June, 262-81

Saunders, Anthony (1998), Credit Risk Measurement: New approaches to Value at Risk and otherparadigms, Wiley, USA

Shaffer, S. (1998), The Winner's Curse in Banking, Journal of Financial Intermediation, 7, pp.359-392

www.rbi.org.in, for various reports, guidance notes, circulars and other publications, accessedbetween 15th April 2009 and 10th June 2009

www.bis.org, for various reports, working papers and other publications, accessed between 15th

April 2009 and 10th June 2009 www.caalley.net, accessed between 15th April 2009 and 10th June 2009 www.riskglossary.com, for terminology on risk and risk management, accessed between 15th

April 2009 and 10th June 2009 www.economictimes.indiatimes.com, for accessing various news articles and data, accessed

between 15th April 2009 and 10th June 2009