FINANCIAL RISK MANAGEMENT

Broadly speaking, risk management can be defined as a discipline for “Living with the
possibility that future events may cause adverse effects”. In the context of risk
management in financial institutions such as banks or insurance companies these adverse
effects usually correspond to large losses on a portfolio of assets. Specific examples
include: losses on a portfolio of market-traded securities such as stocks and bonds due to
falling market prices (a so- called market risk event); losses on a pool of bonds or loans,
caused by the default of some issuers or borrowers (credit risk); losses on a portfolio of
insurance contracts due to the occurrence of large claims (insurance- or underwriting
risk). An additional risk category is operational risk, which includes losses resulting from
inadequate or failed internal processes
fraud or litigation.
In financial markets, there is in general no so-called “free lunch” or, in other words, no
profit without risk. This is the reason why financial institutions actively take on risks. The
role of financial risk management is to measure and manage these risks. Hence risk
management can be seen as a core competence of an insurance company or a bank: by
using its expertise and its capital, a financial institution can take on risks and manage
them by various techniques such as diversification, hedging, or repackaging risks and
transferring them back to markets, etc.

When financial prices change dramatically, it can increase costs, reduce revenues, or
otherwise adversely impact the profitability of an organization. Financial fluctuations
may make it more difficult to plan and budget, price goods and services, and allocate
capital.

There are three main sources of financial risk:

1. Financial risks arising from an organization’s exposure to changes in market prices,

such as interest rates, exchange rates, and commodity prices

2. Financial risks arising from the actions of, and transactions with, other organizations
such as vendors, customers, and counterparties in derivatives transactions
3. Financial risks resulting from internal actions or failures of the organization,
particularly people, processes, and systems.

Financial risk management is a process to deal with the uncertainties resulting from
financial markets. It involves assessing the financial risks facing an organization and
developing management strategies consistent with internal priorities and policies.
Addressing financial risks proactively may provide an organization with a competitive
advantage. Organizations manage financial risk using a variety of strategies and products.
It is important to understand how these products and strategies work to reduce risk within
the context of the organization’s risk tolerance and objectives.

RISK MANAGEMENT PROCESS

The process of financial risk management is an ongoing one.Strategies need to be
implemented and refined as the market and requirements change. Refinements may
reflect changing expectations about market rates, changes to the business environment, or
changing international political conditions, for example. In general, the process can be
summarized as follows:

• Identify and prioritize key financial risks.

• Determine an appropriate level of risk tolerance.
• Implement risk management strategy in accordance with policy.
• Measure, report, monitor, and refine as needed.

Risk management needs to be looked at as an organizational approach, as management of

risks
independently cannot have the desired effect over the long term. This is especially
necessary as
risks result from various activities in the firm and the personnel responsible for the
activities do
not always understand the risk attached to them. The steps in risk management process
are:

1.Determining objectives: - determination of objectives is the first step in the risk

management function. The objective may be to protect profits, or to develop competitive
advantage. The objective of risk management needs to be decided upon by the
management. So that the risk manager may fulfill his responsibilities in accordance with
the set objectives.

2.Identifying Risks :- Every organization faces different risks, based on its business, the
economic, social and political factors, the features of the industry it operates in – like the
degree of competition, the strengths and weakness of its competitors, availability of raw
material, factors internal to the company like the competence and outlook of the
management, state of industry relations, dependence on foreign markets for inputs, sales
or finances, capabilities of its staff and other innumerable factors.

3.Risk Evaluation: - Once the risks are identified, they need to be evaluated for
ascertaining their significance. The significance of a particular risk depends upon the size
of the loss that it may result in, and the probability of the occurrence of such loss. On the
basis of these factors, the various risks faced by the corporate need to be classified as
critical risks, important risks and not-so-important risks. Critical risks are those that may
result in bankruptcy of the firm. Important risks are those that may not result in
bankruptcy, but may cause severe financial distress.
4.Development of policy: - Based on the risk tolerance oevel of the firm, the risk
management policy needs to be developed. The time frame of the policy should be
comparatively long , so that the policy is relatively stable. A policy generally takes the
form of a declaration as to how much risk should be covered.

5. .Development of strategy: - Based on the policy, the firm then needs to develop the
strategy to be followed for managing risk. A strategy is essentially an action plan, which
specifies the nature of risk to be managed and the timing. It also specifies the tools,
techniques and instruments that can be used to manage these risks. A strategy also deals
with tax and legal problems. Another important issue that needs to be specified by the
strategy is whether the company would try to make profits out of risk management or
would it stick to covering the existing risks

6.Implementation: - Once the policy and the strategy are in place, they are to be
implemented for actually managing the risks. This is the operational part of risk
management. It includes finding the best deal in case of risk transfer, providing for
contingencies in case of risk retention, designing and implementing risk control programs
etc.

7.Review: - The function of risk management needs to be reviewed periodically,

depending
on the costs involved. The factors that affect the risk management decisions keep
changing, thus necessitating the need to monitor the effectiveness of the decisions taken
previously.
 FINANCIAL RISK MANAGEMENT
Broadly speaking, risk management can be defined as a discipline for “Living with the
possibility that future events may cause adverse effects”. In the context of risk
management in financial institutions such as banks or insurance companies these adverse
effects usually correspond to large losses on a portfolio of assets. Specific examples
include: losses on a portfolio of market-traded securities such as stocks and bonds due to
falling market prices (a so- called market risk event); losses on a pool of bonds or loans,
caused by the default of some issuers or borrowers (credit risk); losses on a portfolio of
insurance contracts due to the occurrence of large claims (insurance- or underwriting
risk). An additional risk category is operational risk, which includes losses resulting from
inadequate or failed internal processes
fraud or litigation.
In financial markets, there is in general no so-called “free lunch” or, in other words, no
profit without risk. This is the reason why financial institutions actively take on risks. The
role of financial risk management is to measure and manage these risks. Hence risk
management can be seen as a core competence of an insurance company or a bank: by
using its expertise and its capital, a financial institution can take on risks and manage
them by various techniques such as diversification, hedging, or repackaging risks and
transferring them back to markets, etc.

Risk Management in INDIAN BANK

Risk faced by the bank can be segmented into three separable types from the management
perspective viz.
a. Risks that can be eliminated or avoided by simple business practices

Risk Management & Basel II are the top priorities for banks in India- Mr. Anurag Khanna

(Extract from Welcome address by Mr Anurag Khanna, Managing Director & CEO, Banknet India at the Second CTO Summit at Taj Lands End, Mumbai
on May 10, 2006)

Banknet India's First CTO Summit in 2005 was held in February 2005. Speakers and panelists at summit were of
consensus that technology will be the key for banks in their effort to implement the Basel II norms.

They also agreed that data collection; networking and risk management will be the key areas where banks will need to
implement technology, in their efforts to achieve standardization.
 It was concluded that a centralized IT infrastructure, customized software solutions, personnel training and seamless
integration of multi-channel strategies are the vital for management of credit, market and operational risks.

In year 2006, after a year, issues remain more or less the same, with changes only in the level of priorities, due to
regulatory or business compulsions.

Banknet India, therefore, conducted an online survey in February 2006 to find out about the order of priorities for banks.
764 respondents to the survey listed Risk Management & Basel II as the top priority for banks followed by Core Banking
Implementation.

ATMs, E-Banking &. Payment Systems came as a close third & fourth. Other priority areas highlighted by respondents
were- Data Mining, Business Intelligence, CRM, Anti Money Laundering, Information Security and Business Continuity.

We have accordingly decided to cover these areas in this edition of CTO Summit.

Due to integration of business and IT within financial institutions, all aspects of an institution are reliant upon some form of
technology and impact all. Therefore the theme of the second CTO Summit is ‘Transforming through Technology’

Session 1 is on Risk Management, Basel II, Business Continuity & Anti Money Laundering. Session 2 will focus on Data
Mining, Business Intelligence & CRM

It is important to mention here that Banknet India and IIM Ahmedabad have decided to form a Think Tank, which will play
a positive role to sophisticate the use of IT and the application of various intelligent systems in the Indian banking sector
by conducting research, undertaking Project/ Case Studies, discussing the related issues with the industry at Banknet
India Conferences and Forum Meets and Publishing research reports, books, etc.

Prof. Rajanish Dass, from IIM, Ahmedabad will talk in this session on Data Mining & Business Intelligence in Banking and
Finance.

Session 3 is on Payment Systems & Multi Channel Strategies. 4th session will focus on managing implementation
challenges in core banking solutions

As you are aware, Banknet India is focused on Banking Knowledge & Research and disseminates related information
Online through our Banking & Technology Portal www.banknetindia.com , publications and conferences.

Today, Banknet India is launching “CONTRIBUTIONS – A Collection of Papers on Banking, Insurance, Finance and
Technology”... Read more

For more on the CTO Summit... Click here

For Press Coverage ... Click here

For more Press releases ... Click here

Banknet India is focused on banking knowledge, research and conferences. Banknet India is one of the largest
organizers of Banking Industry Conferences from India. Conferences organized by Banknet India are premier banking
technology events with topical and relevant agenda with senior level participation from the banking, finance & technology
industry
Banknet Conferences is one of the largest organiser of Banking Industry
Conferences from India. Being part of "Banknet Group" it has access to relevant
industry research, information and large database of professionals. Banknet
Conferences maintains the standards by organizing only 3 major annual
conferences and select few seminars/briefings focused on topical issues. It
organizes the CTO Summit, Bank Tech Summit, Conference on Payment
Systems every year. It plans to shortly launch tele-briefings and organise events
outside India.

Banknet India Conferences provide a platform for knowledge sharing and

networking for the professionals from banking, financial & technology industry.
Participants attend these conferences in order to be informed, to interact, listen
and exchange views with industry experts, to network with decision makers and
to expand business relationships and opportunities

Summary

- Indian banking companies are required to ensure full implementation of Basel II guidelines by March 31,
2009. The first phase of Basel II was implemented in India with foreign banks operating in India and Indian
banks having operational presence outside India complying with the same effective end of March 2008. With
Basel II norms coming into force in 2009, maintaining adequate capital reserves will become a priority for
banks.

Basel II mandates Capital to Risk Weighted Assets Ratio (CRAR) of 8% and Tier I capital of 6%. The RBI
has stated that Indian banks must have a CRAR of minimum 9%, effective March 31, 2009. All private sector
banks are already in compliance with the Basel II guidelines as regards their CRAR as well as Tier I capital.
Further, the Government of India has stated that public sector banks must have a capital cushion with a
CRAR of at least 12%, higher than the threshold of 9% prescribed by the RBI.

- We carried out a study to understand which Indian banks meet the tier I capital norm of 6%. There are 4
banks viz. Bank of Maharashtra, Central Bank, UCO Bank and Vijaya Bank, whose tier I capital as on March
31, 2008 was below the stipulated norm of 6%.

- Failure to adhere to Basel II can attract RBI action including restricting lending and investment activities.
Since fund raising has been difficult in the recent turbulent times, the question was whether the full
implementation of Basel II norms would be deferred. However, the implementation is unlikely to be deferred
with the Government taking steps to recapitalize some public sector banks. The Government announced 1st
round of recapitalization for 3 banks, viz., Central Bank, UCO Bank and Vijaya Bank.

- Further for public sector banks, the Government prescribed CRAR of at least 12%. There are 5 banks
which have CRAR less than 12% as of December 31, 2008, viz., Bank of Maharashtra, Central Bank, Dena
Bank, IDBI Bank and Vijaya Bank. Since the Government's stake in public sector bank cannot be allowed to
go below 51 %, these banks cannot take recourse to equity funding for Tier I capital. Of these banks,
government holding in Dena Bank is very close to 51%; it is therefore not possible for it to raise further
equity capital (without diluting the Government's stake to below 51 %).
- The Government, in the Interim Budget, embarked approx. Rs200bn for re-capitalizing public sector banks
whose CRAR is less than 12%, as well as for other public sector banks for future business growth. The first
round of recapitalization has already been announced, via a Rs38bn recapitalization package for 3 banks,
viz., Central Bank, UCO bank and Vijaya Bank whose tier I capital was less than 6%.

- The Government has announced that there will be 2nd round of recapitalization. We believe Bank of
Maharashtra will have to be recapitalized soon with detailed plan, since its Tier I capital is below 6%. Its
government stake is 76%, which is much above the needed 51 %, indicating scope for an equity dilution.
However, the current market conditions may render an equity issue difficult.

- In such times, recapitalization by the Government is the only recourse for public sector banks since:
(i) Primary market dried out, FPO and private placements too are difficult
(ii) Internal sources of funding remains a problem, as increasing provisions are hitting bottom lines

- The recapitalization move by the Government seems to be a precautionary measure to avoid any kind of
risk during the times of a global financial turmoil. We believe the recapitalization will increase the
Government's stakes in the public sector banks, so that they will be able to opt for fund raising in the future,
when credit off-take picks up momentum.

The Terminology

Capital to Risk Weighted Assets Ratio (CRAR) is also known as Capital Adequacy Ratio which indicates
a bank's risk-taking ability. The RBI uses CRAR to track whether a bank is meeting its statutory capital
requirements and is capable of absorbing a reasonable amount of loss.

CRAR = (Tier I capital + Tier II capital) / Risk-Weighted Assets

Capital funds are broadly classified as Tier 1 and Tier 2 capital. Two types of capital are measured: Tier one
capital, which absorbs losses without a bank being required to cease trading, and Tier two capital, which
absorbs losses in the event of winding-up and so provides a lesser degree of protection to depositors.

Tier I capital (core capital) is the most reliable form of capital. The major components of Tier I capital are
paid up equity share capital and disclosed reserves viz. statutory reserves, general reserves, capital
reserves (other than revaluation reserves) and any other type of instrument notified by the RBI as and when
for inclusion in Tier I capital. Examples of Tier 1 capital are common stock, preferred stock that is
irredeemable and non-cumulative, and retained earnings.

Tier II capital (supplementary capital) is a measure of a bank's financial strength with regard to the second
most reliable forms of financial capital. It consists mainly of undisclosed reserves, revaluation reserves,
general provisions, subordinated debt, and hybrid instruments. This capital is less permanent in nature.

The reason for holding capital is that it should provide protection against unexpected losses. This is different
from expected losses for which provisions are made.