Changing Paradigms in Risk Management
The world of finance has always had an intuitive understanding of risk. The risks that emerge from the increased variety and complexities of banking business, as well as from the various new drivers of growth has pushed the contours of risk management in banks much beyond what would probably have existed in the more traditional forms of banking activity of accepting deposits and lending in relatively stable environments. Internationally, the last two decades or so have witnessed significant changes in the profile of the banking sector, as well the nature of risk management in banks. What perhaps has changed the nature of risk management, particularly are, inter-alia, advances in technology that have aided quantitative approaches to risk management, like models etc., and the increasing volumes of transactions in derivatives and other structured products that are so complex that they are often labeled “exotic”. India too has responded to this change, tempered with a gradualist, non disruptive approach, that has stood us in good stead over the years.
In my brief remarks today, I intend to first, highlight few of the broader and more general issues currently engaging the financial risk management fraternity and then, move to the Indian context in this regard.
I. Some general perspectives on risk management
Quantification of risk and model risk: As mentioned earlier, significant developments in the area of quantification of risk, has shifted focus to statistical aspects of risk management, especially to risk modeling and other computational techniques of risk measurement. During the last decade there has been a proliferation of academic research on the use of VaR for market risk assessment. Such models have to be used with some care and serious examination of the data used, especially the use of historical data for forecasting future scenarios, the assumptions behind the models, estimation errors etc. Further, if intraday positions are not captured it would expose banks to such risks.
Similarly in respect of Credit Risk, there is no single ‘‘best practice’’ model for credit risk capital assessment, although the Basel 2 ‘‘Internal Rating Based’’ methodology provides a portfolio model. Bank managements will have to focus on the determinants of credit risk factors, the dependency between risk factors, the integration of credit risk to market risk, data integrity issues like consistency of data over long periods, accuracy and so on.
Institutions are already mapping events to operational loss categories and building warehouses of operational risk data for implementation of Advanced Measurement Approaches. Many data availability and reliability issues still need resolving. An internal loss experience for the important (low frequency, high severity) operational risk types is rare and any relevant data are likely to be in the form of risk self-assessments and/or external loss experiences.
Extreme events and stress testing: One of the key roles of the risk management process is to manage extreme events, such as those associated with the tails of statistical distributions and could have probability of occurrence as low as one percent. These are low probability but high loss instances associated with extreme operational events such as rogue trading or accounting fraud. The importance of stress testing to assess the impact of not only these events but also the impact of various scenarios is engaging the attention of risk management personnel, academicians and bankers alike
Risk based capital and back-testing: An important reason as to why the quantitative techniques have received so much attention, is not because of the intellectual satisfaction it can give to the academician but a rather mundane reason that it can be used to convince the regulator that given the risks as measured by these techniques the amount of capital required could be far less than that may be stipulated under broad brush, standardized techniques. An immediate linkage between the risk models, the quantum of risk that is measured by use of these models and the capital that is required to support these risks immediately emerge. Estimates of capital being sufficient to meet the risk can be only as good as the models are and the credibility of the models would ultimately depend upon their actual performance. Back testing the models to gauge and reduce the variance between the deviations of the actual numbers from those projected are largely relied upon to give a degree of comfort to both management of banks and supervisors alike.
II. Indian Perspective
Internationally, there has been a continuous coordinated effort under the aegis of institutions like the BIS to evolve best practices in risk management in banks and these have gradually come to be accepted as some sort of international standards for banks across the world to benchmark themselves to. At the regulatory and supervisory level also, there has been an effort to achieve convergence to the best practices set out by the BCBS after duly allowing for national characteristics and feasibility. Banks have responded to this initiative with varying levels of effectiveness.
It was in October 1999, that the Reserve Bank issued guidelines on Risk Management in banks setting out its expectations from banks; the guidelines adopted an integrated approach to risk management. Even earlier, in February 1999, banks were advised to set up an asset liability management framework to manage liquidity and interest rate risk. In this context, I would like to make following observations:
a) The need to accelerate the speed at which banks have been moving towards establishment of risk management systems
b) The need to achieve convergence with regulatory and supervisory expectations/requirements while deciding on the sophistication of methods to be adopted.
c) Developing appropriate risk management architecture, MIS and skill enhancement
d) The need to integrate risk management process with capital planning strategies
The current business environment, with its pointed emphasis on corporate governance, is making it critical for banks to explain their risk profiles publicly with greater clarity and detail than ever before. Risk is still a complex and technical subject, so achieving transparency will not be easy. Internal constituents, analysts, ratings agencies, investors, and regulators all have varying levels of understanding of advanced risk measurement techniques. All will require continuing education before the market as a whole reaches a common understanding of risk. In particulars, direct stakeholders in any transaction need to be aware of the risks involved. For the third pillar of Basle II (Market Discipline) to be efficacious, it is important that the stakeholders are aware of the risks involved in the banks’ transactions and the systems in place to manage the risks. In this context, the importance of an appropriateness policy for banks offering various products to the corporate clients can't be over-emphasised.
The risk management systems developed by banks would include a lot of attention of top management to the suitability of IT structure including issues of connectivity, designing an MIS format that is risk focused, setting up an organization to manage risk that ensures segregation of risk assessment from operations, frequent review of risk management systems to ensure there is no slippage and last but not the least, to develop appropriate skills within the organization. In this context, it must be kept in view that risk management is not the sole concern of the risk management department but rather a culture that pervades the whole organization with specific support from the top management.
III. Recent initiatives in risk management
In India, over the years various steps have been taken to strengthen the Risk Management Architecture, both at the bank specific level as well as a broader systemic level.
ALM Guidelines: Most banks have put in place an ALM framework. However there is lot to be done to internalize this framework as a part of the overall risk perceptions of the bank and the capital planning strategy of the bank. Issues in data infirmity still remain to some extent. In many cases, the ALCO’s role remains confined to deciding on interest rates of the bank. This is partly due to lack of decision support system available to the ALCO. Availability of impact and scenario analysis of changes in yield structures would be a significant enabling factor.
The Reserve Bank has recently issued draft guidelines to banks with the objective of graduating from the current maturity ladder approach prevalent in most banks to a duration gap approach. The later approach makes it possible for banks to calculate the modified duration of assets and liabilities, the duration gap and duration of equity. The concept of duration of equity gives banks, subject to certain limitations, a single number indicating the impact of a one per cent change of interest rate on its capital, captures the interest rate risk and thereby helps move a step forward towards assessment of risk based capital/economic capital.
Credit risk: Another important issue is that bank resources and supervisory resources have concentrated on credit risk modeling of commercial and industrial portfolios, with relatively fewer resources devoted to risk quantification in the retail credit area . The possible reasons could be (i) from a systemic perspective, it makes economic sense to devote more resources to evaluating the risk factors of larger loans (ii) there is a long history of ratings agency evaluations for publicly traded firms which , along with the extensive data available for publicly traded firms, provided an extremely useful benchmark for the development of quantification methods for commercial portfolios.
However, despite this commercial side emphasis, retail credit is a substantial part of the risk borne by the banking industry, and can not be ignored. Recognizing this, over the last decade or so, the industry and academia have devoted significant resources to developing more sophisticated credit-scoring models for measuring this risk. Like their counterparts on the commercial side, these models also rely heavily on quantitative analysis.
Derivatives: There has been a spurt of derivatives exposures in the off balance sheet exposures. The composition of derivatives portfolio of the banking system has also undergone a significant transformation. Forward foreign exchange contracts which accounted for around 80% of total derivatives in March 2002 declined steadily and stood at almost 43% in March 2006 while the share of interest rate contracts went up from 19% to 54% during the same period. Foreign currency options have recorded noticeable increase during the last year. The share of single currency interest rate swaps in total derivatives of the banking system has risen sharply from 15% in March 2002 to 53% in March 2006.
The risks arising on account of OBS activities of banks are controlled through a combination of both banks’ internal risk management and control policies and risk mitigation mechanism imposed by the regulators. The board approved internal control policies covering various aspects of management of risks arising both on and off balance sheet exposures constitute the first line of defence to the bank. Holding of minimum defined regulatory capital for all OBS exposures, collection of periodic supervisory data and incorporating transparency and disclosure requirements in bank balance sheet are some of the major regulatory initiatives undertaken to control and monitor OBS exposures of the banking system.
The rapid proliferation of derivatives exposures inevitably poses a challenge on account of the downside risks associated with them, if not managed properly. There are issues relating to use of structured products, valuation, counterparty related issues, risk management and reporting issues and last but not the least, training and skill development. While derivatives facilitate risk hedging and risk transfer to institutions more willing to bear the risks, the tendency of participants to use derivatives to assume excessive leverage, and lack of prudential accounting guidelines are matters of concern.
One of the features of in the Indian derivative market relates to concentration risk in respect of both the market makers (banks) and the corporates. The combined share of top 15 banks has steadily grown from around 74% in March 2002 to 82% of total OBS exposures of the banking system in March 2006, of which 62% is accounted for by foreign banks. Concentration of knowledge is another risk which results in the concentration of derivative activity among few players.
RBI has been stressing on the need to carry out due diligence regarding customer appropriateness and suitability of products before offering derivative products to their customers. There is need to use risk mitigation techniques such as collaterals and netting to reduce systemic risks and evolve appropriate accounting guidelines.
RBI has also issued two separate draft guidelines, one for valuation/accounting of investment portfolio in general and the second relating to derivatives. The proposed guidelines attempt to put in place fair value accounting norms for derivatives broadly in line with IAS 39, the international accounting standard for valuation and accounting for financial instruments. For investments, the proposed framework envisages a symmetrical treatment for unrealized gains and losses, with gains for HFT being reflected in the Profit and loss account. For AFS, however, a gain or loss on subsequent measurement shall be reflected in ‘Unrealised gain/ loss on AFS portfolio’. Similarly for derivatives, all valuation gains and losses are proposed to be routed either through the P&L (for less than 90 days) and or through a new account titled ' Unrealised gains/losses on derivatives' (90 days and more), somewhat similar to AFS portfolio. The idea is to bring all derivative transactions 'on-balance sheet' as against 'off-balance sheet' as is being done currently.
Further, in order to address all issues related to derivatives in a comprehensive manner, we are now in the process of harmonizing the regulatory prescriptions based on generic principles rather than approving specific products.
Stress Testing: The Governor in his Monetary Policy for 2006-07 had stressed the need for banks to have robust stress testing process for assessment of capital adequacy given various possible events like economic downturns, industrial downturns, market risk events and sudden shifts in liquidity conditions. Similarly exposures to sensitive sectors and high risk category of assets would have to be subjected to more frequent stress tests based. Stress tests would enable banks to assess the risk more accurately and, thereby, facilitate planning for appropriate capital requirements.
Subsequently RBI has issued draft guidelines on stress testing. These guidelines cover all major risk areas viz. market risks, credit risks, operational risks and liquidity funding risk. Banks are required to identify an appropriate range of realistic adverse circumstances and events in which the identified risk crystallises and estimate the financial resources needed by it under each of the circumstances to : a) meet the risk as it arises and for mitigating the impact of manifestation of that risk; b) meet the liabilities as they fall due; and c) meet the minimum CRAR requirements. It may be pertinent to note that the banks have been advised to apply stress tests at varying frequencies dictated by their respective business requirements, relevance and cost.
Financial Conglomerates: There is increasingly a need to extend the framework of risk management to the group wide level, particularly among financial conglomerates. The rapid expansion of financial services, both in terms of volumes and variety have, as it is, posed a challenge for financial stability. This is made all the more difficult by the organisational dimension which perhaps provides scope for regulatory arbitrage. While this could appear beneficial to the organisation in the short run, it only hightens systemic risk that in turn exposes the institution to externalities which have a cost. There has been entry of some banks into other financial segments like merchant banking, insurance and several new players have emerged who have a diversified presence across major segments of financial sector. Some of the non-banking institutions in the financial sector can acquire proportions large enough to have a systemic impact. It has, therefore, become necessary not only for the supervisor to have a “conglomerate” approach to regulation and supervision but also for banks themselves to put in place risk management systems at global levels i.e for the whole organizational as a whole, rather than only the bank level. The risks associated with conglomeration may include:
1. The moral hazard associated with the ‘Too-Big-To-Fail’ position of many
financial conglomerates;
2. Contagion or reputation effects on account of the 'holding out' phenomenon;
3. Concerns about regulatory arbitrage, non-arm’s length dealings, etc. arising out of Intra-group Transactions and Exposures (ITEs) both financial and non-financial
It is in this context that the issue of integrated risk management, at the enterprise wide as well as group wide level, acquires significance. RBI has put in place a framework for oversight of financial conglomerates, along with SEBI and IRDA. Half-yearly discussions have also been initiated with the Chief Executive Officers of the designated entities of the conglomerates to address outstanding issues/ supervisory concerns.
IV. To conclude, at the systemic level, efforts have been made to create an enabling environment for all market participants in terms of regulation, infrastructure and instruments. In this context, let me mention about two recent legislative developments that may have far reaching impact on the financial markets in India. One is the promulgation of the RBI (Amendment) Act, 2006. A major issue of concern in the OTC derivatives market in India was the issue of legality. While the Securities Contract Regulation Act, 1956 gave specific legal recognition to derivative instruments traded in the exchanges, there was no explicit legal recognition of OTC derivatives in India. As legal clarity is a basic requirement for the healthy development of any market, legality of OTC derivatives was provided by an appropriate amendment to the RBI Act, with retrospective effect. RBI has also been now empowered to regulate the interest rate and forex OTC derivatives market. The second legislative development pertains to the enactment of Government Securities Bill. The substantive changes brought about in the Government Securities Act are that it provides for hypothecation, pledge and lien of government securities, maintenance of records in electronic form and most importantly, enables STRIPing of Government securities.
Further, during the last few months, few liberalization measures have been introduced in securities market, that would surely have a bearing on the risk management practices in the market, the most important being introduction of 'when issued' trading and short selling in the G-Sec markets in a limited way. Currently the when issued trading is limited to reissuances only. We are examining extending this to new issuances also, as requested by market participants.
What has developed incrementally over the years is now being consolidated and once the regulations, infrastructure and appropriate accounting standards stabilize, several other initiatives like credit derivatives could be considered.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment