Sie sind auf Seite 1von 8

Risk Management Framework for Indian Banks

Risk management is relatively new and emerging practice as far as Indian banks are concerned
and has been proved that it’s a mirror of efficient corporate governance of a financial institution.
Globalisation and significant competition between foreign and domestic banks, survival and
optimizing returns are very crucial for banks and financial institutions. However, selecting the
efficient customer and providing innovative and value added financial products

and services are another paramount factors. In a volatile and dynamic market place for achieving
sustainable business growth and shareholder’s value, it is essential to develop a link between
risks and rewards of all products and services of the bank. Hence, the banks should have efficient
risk management framework to mitigate all internal and external risks.


The objective of this article is to envisage ideal framework of bank-wide risk management for
Indian Banks. The presence of accurate measures of bank-wide risk management practice
increase shareholder’s returns and allows the risk-taking behavior of bank to be more closely
aligned with strategic objectives. Bank-wide risk management practice should aim to enhance
the drivers of shareholder’s value such as: -

• Growth
• Risk adjusted performance measurement
• Consistency of earnings and
• Quality and transparency of management

The important steps of the efficient framework of banking concern should ensure all risks are
identified, prioritized, quantified, controlled and managed in order to achieve an optimal risk-
reward profile. This entails ideal and dedicated coordination of risk management across the
bank’s various business units. However, the approach to monitoring and enforcing the adherence
of business units within the bank may vary. The factors that influence this decision are: -

• The feasibility decisions of the business unit.

• The regulatory requirements in respect of the business unit.
• The cost of effective monitoring and controlling steps.

Benefits of Bank-wide risk management

Risk management is a line function that needs to be addressed by each individual cost center and
business unit. However, a centralized bank-wide risk management framework has certain
advantages for the Bank. The advantages are: -

• Improving capital efficiency by

1. providing an objective basis for allocating resources

2. reducing expenditures on immaterial risks and
3. exploring natural hedges and portfolio effects

• Supporting informed decision making by

1. uncovering areas of high potential adverse impact on drivers of share value, and
2. identifying and exploiting areas of risk-based advantage context.

• Building investor confidence by

1. establishing a process to stabilize results by protecting them from disturbances, and

2. demonstrating proactive risk stewardship

• Define cost and profitability centers

1. Profitability and cost allocation on customer, product, services and branch wide

Current state of Risk management practices in Indian banks

Most of the banks do not have dedicated risk management team, policy, procedures and
framework in place. Those banks have risk management department, the risk manager’s role is
restricted to prefact and postfact analysis of customer’s credit and there is no segregation of
credit, market, operational and strategic risks. There are few banks have articulated framework
and risk quantification. However, the outputs are far from the stressed or actual losses due to
usage of un-compatible implications.

The traditional lending practices, assessment of credits, handling of market risks *, treasury
functionality and culture of risk-rewards are hauls of public sector banks. Where as private sector
banks and financial institutions are some-what better in this context.
(* Market risk includes all derivative products such as interest rate, foreign exchange, equity,
liquidity and commodity risk.)

The sheer size and wide coverage of banks is a big hurdle to integrate and generate a cost
effective real time operational data for mapping the risks. Most of the financial institutions
processes are encircled to ‘functional silos’ follows bureaucratic structure and yet to come up
with a transparent and appropriate corporate governance structure to achieve the stated strategic

Steps to achieve stated objective

1. Corporate governance

Establishment of dedicated risk management department * with the articulation of roles and
responsibilities pertaining to identifying, measuring, controlling, monitoring and managing bank-
wide risks and a comprehensive articulation of risk management framework comprising the
following: -

ultimate accountability of the board of directors to the shareholders for management of all risks;

• risk committee comprising of CEO, one or two non executive board member, and senior
management from business units; and
• delegation of responsibility to risk committee.

The key responsibilities of the Board of Directors should be: -

• assess risks and maintain a sound system of internal control and risk management by
adopting a suitable framework;
• setting the risk management policies in place; and
• establishment of comprehensive system of control to ensure that the bank’s risk are
mitigated and objective of shareholders and stake holders are attained.

The key responsibility of the Risk Committee should be: -

• oversee the risk management function, review and recommendation of policies of the
• approving limits and evaluating the overall effectiveness of bank’s control and risk
management infrastructure;
• assess risk-reward profile with respect to risk appetite and recommendation of strategies;
• evaluation of risk profile for any new product, service, project, strategic investments and
bank’s plan of mergers and acquisitions.

(* Schematic diagram of ideal Risk Management Framework for Indian Banks.)

2. Qualitative measures and risk reporting

Qualitative measures ensure that all risk types are properly identified and may not take account
of risk quantification. The bank should place a formalized risk-reporting framework and should
have appropriate escalation procedures between risk takers to risk managers. Qualitative
measures cover the issues relevant to identifying quality of customer, compliance risks,
operational risks, money laundering, control and assurance profiles.

The consolidated risk reporting are classified as follows: -

• Reporting by Head of Risk Management Department * to CEO and Risk Committee.

• Reporting by risk managers to Head of Risk Management Department.
• Reporting by business units and support function to Risk Management Department.

3. Quantitative measures

Bank should design performance measures that align the objectives of business unit managers
and executives with respect to mission and vision of Bank and the shareholders are central to the
value creation process. In order to ensure that value creation remains the ultimate objective of a
business unit, target performance measures (Risk adjusted performance management or RAROC
** approach) should be set. Quantification of bank’s risks includes the maximum acceptable loss
in terms of credit, market risk and operational risk.

(* Chief Risk Officer.

** RAROC = (revenues - expenses-expected loss)/(economic capital).)
Quantification consists of applying value-at-risk (VaR *) and earning-at-risk (EaR) approach for
measuring and controlling quantifiable bank-wide risks (across risk types and business units).
However, quantification does not specifically address the following: -

inadequate corporate governance processes;

• reputational risk;
• regulatory risk and
• long-term strategic risk.

Bottllenecks to establish efficient bank-wide risk management framework

a. Data Adequacy
There are several significant VaR models and techniques available for the banks. However, all
these models require lot of qualitative and quantitative historical data inputs/information related
to credit and facility scoring, probability of customer’s defaults (PD **), articulate information
of different collaterals to evaluate recovery rates (RR ***).

Significant conceptual and practical issues pertaining to resources, technology, data, processes
and culture have to be taken into account when implementing this process. Because risks are
highly interdependent and cannot be segmented and managed solely by independent business
units. Bank should adopt an evolutionary bank-wide risk management, which would add
significantly more value than fragmented risk management process. The objective of bank-wide
risk management should continuously enhance the integration of credit, market, operational and
strategic risks.

b. Lack of efficiency
As stated above most of the employees’ skill set in risk management department are restricted to
verification of documents and related accounting calculations as part of pre and post fact analysis
of the credit. The simple apprehension of our study is most of the banks particularly nationalized
banks does not have appropriate data and efficient people to comprehend and go forward for
advance measurements as per Basel II. Also, risk management seemed as part of corporate
banking. Is this parlance appropriate?

(* VaR is the maximum loss estimated over a given holding period at particular confidence level.
VaR = capital exposure x probability of occurrence x loss in the event of occurrence;

** PD = the likelihood that a loss occurrence takes place. Ex. The probability of customer
default can be estimated from historical data by tracking migration of borrowers from their
previous rating to a default rating.
*** LGD = 1 - recovery rate (i.e., RR).)

So, banks must ensure that risk management is a custodian of overall banking activities to
mitigate the risks. Banks must reengineer the process of executing the risk management function
with young and dynamic professional risk managers who can offer innovative and sustainable
solutions to banks to achieve the stated objectives. Also, need to train the concerned employees
new concepts and market dynamics of risk management.

4. Complliance

a. Internal compliance:
The banks should articulate the fair compliance and set MIS process between all functional units
to risk management department. The MIS includes the reporting of identified risks, controls,
action points, and frequency of risk occurrence etc., should help the risk management to work
out the economic capital requirement for the bank to meet the loss. Strong interaction of
functional units help the risk management to have proactive measures in placing appropriate
controls to mitigate the risks. And, finally it’s the responsibility of risk management to monitor
the risk events and to change the control standards as per the risk eventuality.

b. External compliance:
The regulator might recommend the banks to maintain the required capital adequacy but the
banks must ensure the suggested capital is sufficient to meet any unforeseen circumstances.
Maintaining appropriate capital adequacy is different than optimize the bank’s capital efficiency.
The efficient bank may come up and discuss with regulator (RBI) to minimize the capital
adequacy based on the performance and controlling capacity to mitigate any sort of risks.

To do this the bank requires the transparency of information, fair accounting practice,
appropriate records to justify the argument and efficiency of risk management as well as good
corporate governance.

5. Efficient decision-making

Appropriate decision at right time changes the velocity of risks. In terms of credit the
appropriateness might start from initial interaction of customer seeking credit whereas, market
risk, decision making start from identifying and selecting the right deal, right investment avenue
and for operational risk the process of decision-making starts from evaluation of policy and
procedures of each credit or investment.
Ideally, there should be decentralized decision-making system but the risk evaluation of deal ie,
lending or investment decisions must be with in the risk management, investment and credit
policy framework and procedural structure. Risk management department should have clear
vision and right to suggest the concerned business or functional units to roll back of credits /
investments as per the continuous monitoring of risks and day-to-day business trend.

We must discuss one point in this context ie, accountability of employee - no structure and
system works without the employee accountability and ethics.


There are many banks like HSBC, Citibank, Deutsche bank have bank-wide risk management
practice which contributed in their global success whereas banks and institutions like Sumitomo
Corp, Barings, Bank of America, CSFB and UTI have failed due to lack of efficient bank-wide
risk management practice (compliance and operational risks).

So the above comments emphasis the necessity of having bank-wide risk management to achieve
the stated strategic objectives in a competitive, volatile and dynamic market conditions in an
emerging Indian economy. We believe the above-described bank-wide risk management
framework is easy workable, cost effective and efficient process without any hassles or hurdles
of high-tech tools and techniques.