establishing a modern risk management department sponsor: central bank of libya presenter: financial...
TRANSCRIPT
1
Establishing a ModernRisk Management
Department
Sponsor: Central Bank of Libya
Presenter: Financial Services Volunteer Corps
January 19 - 22, 2009
22
Establishing a Modern Risk Management Department
FSVC Presenters:
Howard Stein – New York, NY
Garrett R. Glass – Chicago, IL
33
Agenda
January 19 Opening Remarks by Central Bank of Libya
The Principles of Bank Risk Management
(Howard Stein)
Organizing Your Bank Using Risk Management
(Garrett Glass)
End of Day 1
44
Agenda
January 20 Managing Different Types of Risk Market and Credit Risk (Garrett Glass)
Managing Different Types of Risk – Operational risk and Payment Systems risk (Howard Stein)
Reputation Risk (Howard Stein)
End of Day 2
55
Agenda
January 21 Basel 2 and Bank Risk Management (Garrett Glass)
Case Study (Howard Stein and Garrett
Glass)
Summary of Course (Howard Stein)
End of Day 3
66
Day One
Organizing Your Bank Using Risk Management
Garrett Glass
Period 9:50 to 11:00 AM
January 19, 2009
77
• Risk Management in Banking– Bank functions can be divided into two risk
categories: risk taking functions, and risk managing/facilitating functions
• Risk taking functions are the responsibility of line managers
• Risk managing/facilitating functions are the responsibility of staff managers
Organizing Your Bank Using Risk Management
88
• Risk Management Roles
– Line functions initiate and manage risk– Staff functions control and facilitate risk
management– Individuals, not departments or groups, are the
primary risk managers
Organizing Your Bank Using Risk Management
9
Risk Management Model
By Function•Organization•Policies/Procedures•Planning/Training•Communications/ Reporting•Risk Analysis•Risk Controls•Portfolio Valuation•Oversight/ Monitoring
By Function•Wholesale Banking •Retail Banking•Asset Management•Capital Markets•Cash Management•Payments/Settlements
By Risk•Credit•Market •Operational•Other Economic
Risk ManagementDepartment
Senior ManagementSets Objectives/Manages Processes
LineManagement
•Line Responsibility
•Staff Independence
•Transparency
•Integrity
Shared Corporate Risk Values/
Risk Culture
1010
Risk Management Model
Risk Management
Functions
Relationship to Business Management
Organization Risk Management Department is organized by risk areas
Policies/Procedures Policies written by risk, procedures written by function
Planning/Training Upgrade systems, enhance technical skills of staff, etc.
Communications/Reporting Upward reporting to senior management, outward to regulators
Credit Market Operational Other
Risk Analysis Credit Exposure Positions Settlement
Amount, etc.
Unexpected
Loss
Risk Controls Lines of Credit Trading Limits
Payment Limits, Back-up Systems
Capital
Allocation
Portfolio Valuation Default and
Loss Probability
Value at
Risk
Error/Failure
History of Loss
Capital at
Risk
Oversight/Monitoring Loan Review Daily Review
Audit Sr. Management
Organizing Your Bank Using Risk Management
Risk Management Model
1111
The Risk Management function is a staff function
M odern Banking O rganizational S tructure
L ine M a na ge m e nt S ta ff M an ag e m e nt
R eta i l B an king C h ie f F in a nc ia l O ff ice r
M idd le M a rke t B a n king H u m a n R e so urces
C om m e rc ia l B a n king T e ch no log y/C IO
A sse t M a n ag e m e nt L e ga l D ep a rtm e nt
C a sh M a n ag e m e nt
M a rke t R isk O p era tio na l R isk
C re d it R isk
C h ie f R isk O ff ice r
P resid ent
Organizing Your Bank Using Risk Management
1212
• Risk Management Organization
Chief Risk Officer (CRO)
Chief Credit Officer Chief Market Risk Officer Chief Operational Risk Officer
Technology Officer
Organizing Your Bank Using Risk Management
13
Organizing Your Bank Using Risk Management
Policies and Procedures
Risk management professionals write and maintain policies and procedures governing risks undertaken in the line of business
Risk management is expected to work with the line of business when drafting policies and procedures, but ultimately risk management professionals take final responsibility for these policies and procedures
14
Organizing Your Bank Using Risk Management
• Risk policies should focus on explaining to employees what risks are to be managed and why they are to be managed
• Policies are general guidelines for the what and why questions; policies therefore should be brief and simple, and not include a large amount of detail
15
Organizing Your Bank Using Risk Management
• Risk procedures are more detailed than policies, and explain how risks are to be managed
• A procedure might provide information on the approval process for a typical loan or settlement transfer, e.g.; the method of booking and documenting the exposure; the reporting requirements; and risk management or hedge specifications
16
Organizing Your Bank Using Risk Management
• Skills and Training
• Risk managers must have skills equal to those line managers they review
• On-going training is critical to maintain skills
• The best practice for the risk management function is to ensure that all line managers spend some part of their career as a risk manager
17
Organizing Your Bank Using Risk Management
• Risk managers should:
– Be paid at the same level as line managers– Have the same promotional opportunities– Have the same officer title– Receive bonuses from the general bonus pool,
not from the line of business bonus pool– Avoid close friendships with the line of
business managers
18
Organizing Your Bank Using Risk Management
Communication
• A critical responsibility of any risk manager is to understand the business risks thoroughly, and be able to explain them to management simply, accurately, and without technical terms
• When communicating with senior management, it helps to remember that senior management may not know what questions to ask, or they may not want to show they do not understand something
19
Organizing Your Bank Using Risk Management
• Risk Management communicates about risk to management, regulators, auditors, and investors
• Communications are critical because Risk management must decide:
– Which are the important risks to highlight– Which risk exposures are “outsized” or violate limits– How frequently risks should be reported– Which surprise events might occur
2020
7 Risk Management Warning Signs
1. An employee is considered a “superstar” 2. An employee is allowed to use abusive behavior
3. The bank employs a black box to manage risk
4. Risk takers value the portfolio
5. Line management controls staff employees
6. Managers do not understand what their employees are doing
7. No independent evaluation of profit/loss
Organizing our Bank Using Risk Management