Risk Management Dimensions
The Project analyses the current situation of risk management
in the bank and develops a sound risk management system,
according to the following criterias:
Organization;
Process
Tool-set
The first dimension is the banking organizational
structure: organizational chart, job descriptions,
responsibilities and authorities.
The second dimension is, the risk management
process, which has two aspects.
The Strategic level encompasses the risk management
functions of senior management and BoD.
The Risk management policy describes strategic level
objectives in the bank including risk management, risk
tolerance and required return on capital, general
descriptions of each type of risk, such as definition,
strategy, main methods of measuring risk exposure, limit
structure, hedging strategy, reporting and monitoring
of risk exposure.
Operational level includes risk management within business
area or across business lines. Partly measuring, managing,
monitoring and controlling performed by middle management
or units devoted to risk reviews belong to this category.
Partly it involves ‘On-the-line’ risk management where risks
are actually produced. These are the risk management activities
performed by individuals who take risk on the organization’s
behalf such as front office and loan origination functions.
The risk management in those areas is confined to guidelines
set by management.
The third dimension is tool-set that more or less belongs
to the operational level, because the guidelines contain it.
The tool-sets contain methods of risk measuring, limit setting,
documents and IT namely data ware house, systems, etc...
At diagnostic’s core are two questions:
1) Where are we? and
2) Where do we want to be?
The purpose of diagnostic is to compare current actual activity
performance to the target. In the case of risk management
system, we should compare the system that bank use to best
practice. The diagnostic phase tools that can be used by
the bank as follows:
- Questionnaire for Analysis of Risk Management Operations
of Medium Sized Banks.
Full version of Questionnaire is available upon e-mail request.
Please contact to Yulia Afrakova at YAfrakova@ifc.org
- Personal interviews inside of the bank
- BoD, Audit/Risk Committee
- CEO
- Chairman of Credit Committee
- Chairman of ALCO
- Head of Risk (CRO)
- Head of Finance (CFO)
- Head of Treasury
- Head of Internal Control
- Head of Business lines
- Head of IT
- Head of Market risk
- Head of Credit risk
- Head of Operational Risk
- Head of Back office
- Compliance officer
- Others
- Research and material collection about the methodology.
- Plan (strategy and business).
- Policy (risk management policy, ALM, investment, treasury, credit).
- Capital plan and internal capital adequacy assessment documentation.
- Risk management internal regulation, procedure: Descriptions for different type of risks (credit, market, operational, ALM, etc...).
- Reports: internal audit reports, risk report to Board, Committees, management etc.
- Risk limits: (credit, market, etc.)
- Organization: Charts Description of roles and responsibilities of management bodies, risk management units
- IT: IT system description, structure, IT security policy and instructions.
- Continuity: Contingency plans.
- Business line’s process descriptions.
- Study potential IT support that can help to work.
At decision making‘s core is the question:
Should the bank have the best practice in all dimensions in the near future?
There is set of the best practice based on the Basel principles and other methods (The Basel Committee on Banking Supervision).
There are several books and consultant companies that give detailed description of the theory and of advanced methodology.
The following questions could help the decision maker to choice between alternatives:
- From where does the bank collect the data to measure the exposure?
- How often does the bank monitor the limit utilization?
- Does the bank need or want to develop present system?
- How much human resources does the bank need for using this technique?
- How many technical resources does the bank need for using this technique?
- When the decision maker(s) makes the best choice available at the time, they have to make a plan for the
future, how the bank can employ the advance methodology if they want to develop the activity in that direction when
they need the advanced techniques.
The final product of the diagnostic phase should be
the Proposal that contains the findings namely the
difference between target and current situation, how the
bank can reach best practice, what is the cost of best
practice implementation.
Once the decision has been made, implementation stage should be performed.
Implementation requires some additional planning time as well as the understanding and cooperation of
involved people.
The bank has to found a Project for implementation.
Information system implementation
Communication
The result of the Risk management implementation
is a
sound risk management system, that contains
reasonable organization, and responsibility structure, sound
risk management policy and internal regulation that contain
measuring, monitoring and controlling process and appropriate
tools, such as methodology for measuring risk exposure,
limit system, report system and IT.
