Risk Management Policy

1. Introduction

As per RBI guidelines, Banks in India are required to implement effective Risk Management
System in the area of credit, market and operational risks and provide adequate capital to meet
them. NABARD, expressing the concerns about increasing risks in the functioning of Banks, has
advised to constitute a Risk Management Committee and formulate a Risk Management Policy.

This Policy seeks to lay down the Bank’s approach to the management of risk and to put in
place a comprehensive framework for identification, assessment, monitoring, management and
reporting of risk in a timely and efficient manner. Risk Management must necessarily operate
within the framework of the Bank’s corporate vision and mission, risk appetite, concomitant with
prudential controls and should be in line with the regulatory compliance needs. The policy also
seeks to create systems and procedures to actively mitigate Risks, optimize resources primarily
to protect the Bank against the downside and at the same time provide an appropriate and
reasonable return commensurate with the risk profile adopted. Bank in the process of financial
intermediation are confronted with various kinds of financial and non-financial risks viz., credit,
interest rate, liquidity, legal, regulatory, reputational, operational, etc. These risks are highly
interdependent and events that affect one area of risk can have ramifications for a range of
other risk categories. Thus, top management of Banks should attach considerable importance to
improve the ability to identify measure, monitor and control the overall level of risks.

The broad parameters of risk management function should encompass:

i) Organizational structure;
ii) Comprehensive risk measurement approach;
iii) Risk management policies approved by the Board which should be consistent with the
broader business strategies, capital strength, management expertise and overall
willingness to assume risk;
iv) Guidelines and other parameters used to govern risk taking including detailed structure of
prudential limits;
v) Strong MIS for reporting, monitoring and controlling risks;
vi) Well laid out procedures, effective control and comprehensive risk reporting framework;
vii) Periodical review and evaluation.

2. Risk Management Structure

A major issue in establishing an appropriate risk management organization is choosing between

a centralised and decentralised structure. The trend is towards centralizing risk management
with integrated benefit from information on aggregate exposure, natural netting of exposures,
economies of scale and easier reporting to top management. The primary responsibility of
understanding the risks run by the Bank and ensuring that the risks are appropriately managed
should clearly be vested with the Board of Directors. The Board should set risk limits by
assessing the bank’s risk and risk bearing capacity. At organizational level, overall risk
management should be assigned to an independent Compliance & Risk Management
Committee consisting of the top executives that reports directly to the Board of Directors. The
purpose of this top level committee is to empower one group with full responsibility of evaluating
overall risks faced by the Bank and determining the level of risks which will be in the best
interest of the bank. At the same time, the Committee should hold the line management more
accountable for the risks under their control and the performance of the Bank in that area. The

Page 1 of 20
functions of Compliance & Risk Management Committee should essentially be to identify,
monitor and measure the risk profile of the bank whereas Risk Management Committee shall
develop policies and procedures, verify the models that are used for pricing complex products,
review the risk models as development takes place in the markets and also identify new risks.
The trend is towards assigning risk limits in terms of portfolio standards or Credit at Risk (credit
risk) and Earnings at Risk and Value at Risk (market risk). The Committee should design stress
scenarios to measure the impact of unusual market conditions and monitor variance between
the actual volatility of portfolio value and that predicted by the risk measures. The Committee
should also monitor compliance of various risk parameters by operating Departments.

As per RBI guidelines, Bank shall formulate a Risk Management Committee (RMC) to monitor
the risk management system of the bank with the approval of the Board. Further, Sponsor Bank
has advised to have Risk Management Committee at Board Level and Compliance & Risk
Management Committee at Management level. Accordingly, the Structure of committee will be
as follows:

Risk Management Committee at Board Level

Name of
Risk Management Committee
Committee
Chairman Nominee Director from Sponsor Bank (Corporate Centre)

Nominee Director from Sponsor Bank (LHO)

Members Nominee Director from RBI
Nominee Director from NABARD

3 (Three) Members out of which any one Director from Sponsor Bank will
Quorum
be mandatory.

RMC will meet on a quarterly basis. However, meeting may be convened

Frequency
on a more frequent basis as and when the need arises.
General Manager (P & D) shall act as convener and Minutes of Risk
Convener Management Committee meetings will be recorded by the Desk officer -
BIP department

The key roles & responsibilities of the Risk Management Committee shall be as follows:

i. Recommend and periodical updation of policies, strategies and frameworks for the
management of risk to the Board for their review/approval.
ii. Monitor and review of non-compliance, limit breaches, audit / regulatory findings and policy
exceptions with respect to risk management.
iii. To ensure that the procedures for identifying, measuring, monitoring and controlling risks
are in place.
iv. Approval of the agenda put up by the Compliance & Risk Management Committee of the
Bank.
v. Review of minutes of the Compliance & Risk Management Committee of the Bank.

Page 2 of 20
Compliance & Risk Management Committee at Management Level

Name of
Compliance & Risk Management Committee
Committee
Chairman Senior General Manager
General Manager (2)
HOD – Credit (will also act as convener)
HOD – F & A
Members
HOD – Technology
HOD – Personnel
Compliance Officer
Minimum 4 members present out of which one General manager (acting
Quorum as Chairman) is compulsory and three members (out of them one must
be from credit department)

CRMC will meet on a quarterly basis. However, meeting may be convened

Frequency
on a more frequent basis as and when the need arises.
HOD-Credit shall act as convener. Convener will arrange for meetings
Convener
whenever warranted and shall record minutes of the meetings.

The Board has delegated authority to the Compliance & Risk Management Committee for
oversight and review of the risk management in the Bank. The key responsibilities of the
Compliance & Risk Management Committee relating to overall risk management of the Bank
include:

i. Approve the risk appetite and any revisions to it with proper reasoning.
ii. Ensure appropriate risk organization structure with authority and responsibility clearly
defined, adequate staffing, and the independence of the Risk Management function
iii. Provide appropriate and prompt reporting to the Board of Directors in order to fulfill the
oversight responsibilities.
iv. To ensure that principles, policies, strategies, process and controls are being
communicated throughout the Bank.
v. Review reports from various departments concerning changes in the factors relevant to the
Banks’ projected strategy, business performance or capital adequacy.
vi. Review reports from various departments concerning implications of new and emerging
risks, legislative or regulatory initiatives and changes, organizational change and major
initiatives, in order to monitor them.
vii. Ensure adherence to the extant internal policy guidelines and also regulatory guidelines if
any published time to time.
viii. Oversee statutory / regulatory reporting requirements related to risk management.
ix. Monitor and review capital adequacy computation with an understanding of methodology,
systems and data.
x. Approve the stress testing results / analysis and monitor the action plans and corrective
measures periodically.
xi. The committee shall be responsible for reviewing and confirming orders/decisions of
identification of willful defaulters given by credit department.

A prerequisite for establishment of an effective risk management system is the existence of a

robust MIS, consistent in quality. The existing MIS, however, requires substantial upgradation
and strengthening of the data collection machinery to ensure the integrity and reliability of data.

Page 3 of 20
The risk management is a complex function and it requires specialized skills and expertise.
Bank should use sophisticated models for measuring and managing risks. As the domestic
market integrates with the international markets, the Banks should have necessary expertise
and skill in managing various types of risks in a scientific manner. It should, therefore, be the
endeavor of Banks to upgrade the skills of staff.

The design of risk management functions should be Bank specific, dictated by the size,
complexity of functions, the level of technical expertise and the quality of MIS. The proposed
guidelines only provide broad parameters and Bank has put in place own systems compatible to
the risk management architecture and expertise.

A committee approach to risk management is being adopted. While the Asset - Liability
Committee (ALCO) deal with different types of market risk, the Credit Committees oversees the
credit /counterparty risk and country risk. Thus, market and credit risks are managed in a
parallel two-track approach in banks.

Currently, while market variables are held constant for quantifying credit risk, credit variables
are held constant in estimating market risk. The economic crises in some of the countries have
revealed a strong correlation between unhedged market risk and credit risk. The volatility in the
prices of collateral also significantly affects the quality of the loan book. Thus, there is a need for
integration of the activities of both the ALCO and the Credit Committees and consultation
process should be established to evaluate the impact of market and credit risks on the financial
strength of Bank. Therefore Bank has considered integrating market risk elements into their
credit risk assessment process by having a common member in ALCO and Credit Committees.

3. Risk Culture

The Bank seeks to promote a strong risk culture throughout the organization. A strong risk
culture is designed to help reinforce the Bank’s efforts by encouraging a holistic approach to the
management of risk and return throughout the organization as well as the effective management
of the Bank’s risk, capital and reputation. The Bank shall be involved in risks in connection with
its businesses and the following principles underpin risk culture within the organization:

 Every risk taken needs to be approved or within the risk management framework.
 Risk is taken within a defined risk appetite.
 Risk should be continuously monitored and managed.
 Each business vertical is responsible for the development and execution of business plans
that are aligned with the company risk’s management and are accountable for the risks they
incur.
 Management team ensures that the inherent risks in each business vertical are
comprehensively evaluated, mitigating controls built into the underwriting process and
remedial measures put in place.
 Documented policies and procedures along with regular training programs and reviews
ensures that these are uniformly understood by all employees across the organization.

Employees at all levels are responsible for the management and escalation of risks. SGB
expects employees to exhibit behaviours that support a strong culture to mitigate risk. To
promote this, it will strive towards incorporating risk management culture across all levels in the
organisation.

Page 4 of 20
The risk management culture of SGB will be supported by the following aspects:

 Tone at the top: Tone at the top refers to the senior management’s communication of risk
appetite statements, risk limits and risk strategy and using them to identify and prioritize
appropriate risk behaviors required for building desired risk culture.

 Accountability: Accountability refers to clear and transparent communication of roles and

responsibilities to committees and staff members across the three Lines of Defence (LOD)
essential for effective risk governance, i.e., front office functions, risk management &
oversight and Internal Audit (IA) roles are played by functions independent of one another
with clearly defined responsibilities.

4. Risk Governance

The Bank has set up a robust risk governance framework based on the following key principles:

i. While the Board of Directors will be responsible for overall governance and oversight of
core risk management activities, execution strategy will be delegated to the Compliance &
Risk Management Committee which will be approved by the board.
ii. Risk strategy is approved by the Board and reviewed on an annual basis and is defined
based on the Bank’s risk appetite in order to align risk, capital and performance targets.
iii. All major risk classes are managed through focused and specific risk management
processes; these risks include credit risk, market risk, operational risk and liquidity risk. As
the Bank gains sophistication in risk management, it shall put in place advanced risk
management models to commensurate with the size, scale and complexity of its business.
iv. Policies, processes and systems shall be put in place to enable the risk management
capability.
v. The Risk function shall have appropriate representation on management committees of
the Bank and its respective businesses to ensure risk view is taken in to consideration in
business decisions.
vi. Risk monitoring, stress testing tools and escalation processes shall be established to
monitor the performance against approved risk appetite.

5. Scope of policy
A. Credit Risk

Lending involves a number of risks. In addition to the risks related to creditworthiness of the
counterparty, the Banks are also exposed to interest rate, forex and country risks. Credit risk or
default risk involves inability or unwillingness of a customer or counterparty to meet
commitments in relation to lending, trading, hedging, settlement and other financial transactions.

The Credit Risk is generally made up of transaction risk or default risk and portfolio risk. The
portfolio risk in turn comprises intrinsic and concentration risk. The credit risk of a bank’s
portfolio depends on both external and internal factors. The external factors are the state of the
economy, wide swings in commodity/equity prices, foreign exchange rates and interest rates,
trade restrictions, economic sanctions, Government policies, etc. The internal factors are
deficiencies in loan policies/administration, absence of prudential credit concentration limits,
inadequately defined lending limits for Loan Officers/Credit Committees, deficiencies in
appraisal of borrowers’ financial position, excessive dependence on collaterals and inadequate
risk pricing, absence of loan review and post sanction surveillance, etc.

Page 5 of 20
Another variant of credit risk is counterparty risk. The counterparty risk arises from non-
performance of the trading partners. The non-performance may arise from counterparty’s
refusal/inability to perform due to adverse price movements or from external constraints that
were not anticipated by the principal. The counterparty risk is generally viewed as a transient
financial risk associated with trading rather than standard credit risk. The management of credit
risk should receive the top management’s attention and the process should encompass:

 Measurement of risk through credit rating/scoring;

 Quantifying the risk through estimating expected loan losses i.e. the amount of loan losses
that Bank would experience over a chosen time horizon (through tracking portfolio behavior
over 5 or more years) and unexpected loan losses i.e. the amount by which actual losses
exceed the expected loss (through standard deviation of losses or the difference between
expected loan losses and some selected target credit loss quintile);
 Risk pricing on a scientific basis
 Controlling the risk through effective Loan Review and portfolio management.

I. Instruments of Credit Risk Management

Credit Risk Management encompasses a host of management techniques, which help the
Banks in mitigating the adverse impacts of credit risk.

a) Credit Approving Authority:

Bank should have a carefully formulated scheme of delegation of powers. The Banks should
also evolve multi-tier credit approving system where the loan proposals are approved by a
‘Committee’. The credit facilities above a specified limit may be approved by the ‘Committee’,
comprising at least 3 or 4 officers and invariably one officer should represent the committee,
who has no volume and profit targets. Banks can also consider credit approving committees at
various operating levels i.e. large branches (where considered necessary), Regional Offices,
Head Offices, etc. Banks could consider delegating powers for sanction of higher limits to the
‘Committee’ for better rated / quality customers. The spirit of the credit approving system may
be that no credit proposals should be approved or recommended to higher authorities, if
majority members of the ‘Committee’ do not agree on the creditworthiness of the borrower. In
case of disagreement, the specific views of the dissenting member/s should be recorded.

Bank has formulated two High levels Credit committee at Head office level and one committee
at Regional office level as below to deal with issues relating to credit policy and procedures and
to analyze, manage and control credit risk on a Bank wide basis. The Committee will be headed
by the Chairman, General Manager and will comprise other senior officials. The Committee will,
inter alia, formulate clear policies on standards for presentation of credit proposals, financial
covenants, rating standards and benchmarks, delegation of credit approving powers, prudential
limits on large credit exposures, asset concentrations, standards for loan collateral, portfolio
management, loan review mechanism, risk concentrations, risk monitoring and evaluation,
pricing of loans, provisioning, regulatory/legal compliance, etc. Bank to lay down risk
assessment systems, monitor quality of loan portfolio, identify problems and correct
deficiencies, develop MIS and undertake loan review/audit. The Department should undertake
portfolio evaluations and conduct comprehensive studies on the environment to test the
resilience of the loan portfolio.

Page 6 of 20
 Sr. No. Name of Committee Placed at
1 Head Office Credit Committee – I Head office
2 Head Office Credit Committee – II Head office
3 Regional Office Credit Committee (ROCC) All Region offices

The Banks should also evolve suitable framework for reporting and evaluating the quality of
credit decisions taken by various functional groups. The quality of credit decisions should be
evaluated within a reasonable time, say 3 – 6 months, through a well-defined Loan Review
Mechanism.

b) Prudential Limits: In order to limit the magnitude of credit risk, prudential limits are to be
laid down on various aspects of credit:
i.) Stipulate benchmark current/debt equity and profitability ratios, debt service coverage
ratio or other ratios, with flexibility for deviations. The conditions subject to which
deviations are permitted and the authority therefore should also be clearly spelt out in
the Loan Policy;
ii.) Single/group borrower limits, which may be lower than the limits prescribed by Reserve
Bank to provide a filtering mechanism;
iii.) Substantial exposure limit i.e. sum total of exposures assumed in respect of those
single borrowers enjoying credit facilities in excess of a threshold limit, say 10% or 15%
of capital funds. The substantial exposure limit may be fixed based on capital funds,
depending upon the degree of concentration risk the Bank is exposed;
iv.) Maximum exposure limits to industry, sector, etc. should be set up. There must also be
systems in place to evaluate the exposures at reasonable intervals and the limits
should be adjusted especially when a particular sector or industry faces slowdown or
other sector/industry specific problems. The exposure limits to sensitive sectors, such
as, advances against equity shares, real estate, etc., which are subject to a high
degree of asset price volatility and to specific industries, which are subject to frequent
business cycles, may necessarily be restricted. Similarly, high-risk industries, as
perceived by the bank, should also be placed under lower portfolio limit. Any excess
exposure should be fully backed by adequate collaterals or strategic considerations
v.) Banks may consider maturity profile of the loan book, keeping in view the market risks
inherent in the balance sheet, risk evaluation capability, liquidity, etc.

c) Risk Rating: Bank should have a comprehensive risk scoring / rating system that serves
as a single point indicator of diverse risk factors of counterparty and for taking credit
decisions in a consistent manner. To facilitate this, a substantial degree of standardization
is required in ratings across borrowers. The risk rating system is to be designed to reveal
the overall risk of lending, critical input for setting pricing and non-price terms of loans as
also present meaningful information for review and management of loan portfolio. The risk
rating, in short, should reflect the underlying credit risk of the loan book. The rating
exercise should also facilitate the credit granting authorities some comfort in its knowledge
of loan quality at any moment of time.

The risk rating system should be drawn up in a structured manner, incorporating, inter
alia, financial analysis, projections and sensitivity, industrial and management risks. The
Bank may use any number of financial ratios and operational parameters and collaterals
as also qualitative aspects of management and industry characteristics that have bearings
on the creditworthiness of borrowers. Bank can also weigh the ratios on the basis of the

Page 7 of 20
 years to which they represent for giving importance to near term developments. Within the
rating framework, Bank can also prescribe certain level of standards or critical
parameters, beyond which no proposals should be entertained. Bank may also consider
separate rating framework for large corporate / small borrowers, traders, etc. that exhibit
varying nature and degree of risk. The overall score for risk is to be placed on a numerical
scale ranging between 1- 10 on the basis of credit quality. For each numerical category, a
quantitative definition of the borrower, the loan’s underlying quality, and an analytic
representation of the underlying financials of the borrower should be presented. Further,
as a prudent risk management policy, Bank should prescribe the minimum rating below
which no exposures would be undertaken. Any flexibility in the minimum standards and
conditions for relaxation and authority therefore should be clearly articulated in the Bank’s
Loan Policy. Bank has adopted Credit Risk Assessment (CRA) model which is prevailing
in sponsor Bank.

The credit risk assessment exercise should be repeated biannually (or even at shorter
intervals for low quality customers) and should be delinked invariably from the regular
renewal exercise. The updating of the credit ratings should be undertaken normally at
quarterly intervals or at least half-yearly intervals, in order to gauge the quality of the
portfolio at periodic intervals. Variations in the ratings of borrowers over time indicate
changes in credit quality and expected loan losses from the credit portfolio. Thus, if the
rating system is to be meaningful, the credit quality reports should signal changes in
expected loan losses. In order to ensure the consistency and accuracy of internal ratings,
the responsibility for setting or confirming such ratings should vest with the Loan Review
function and examined by Credit Committees. The Banks should undertake
comprehensive study on migration (upward – lower to higher and downward – higher to
lower) of borrowers in the ratings to add accuracy in expected loan loss calculations.

d) Risk Pricing: Risk-return pricing is a fundamental tenet of risk management. In a risk-

return setting, borrowers with weak financial position and hence placed in high credit risk
category should be priced high. Thus, Bank has framed Risk Based Pricing Model, which
should have a bearing on the expected probability of default. The pricing of loans normally
should be linked to risk rating or credit quality. The probability of default could be derived
from the past behavior of the loan portfolio, which is the function of loan loss
provision/charge offs for the last five years or so. Bank should build historical database on
the portfolio quality and provisioning / charge off to equip themselves to price the risk. But
value of collateral, market forces, perceived value of accounts, future business potential,
portfolio/industry exposure and strategic reasons may also play important role in pricing.
Flexibility should also be made for revising the price due to changes in rating / value of
collaterals over time. There is, however, a need for comparing the prices quoted by
competitors for borrowers perched on the same rating /quality. Thus, any attempt at price-
cutting for market share would result in mispricing of risk and ‘Adverse Selection’. So, it
shall be taken up only selectively.

e) Portfolio Management: The existing framework of tracking the Non-Performing Loans

around the balance sheet date does not signal the quality of the entire Loan Book. Bank
should evolve proper systems for identification of credit weaknesses well in advance. The
Credit department, set up at Head Office should be assigned the responsibility of periodic
monitoring of the portfolio. The portfolio quality could be evaluated by tracking the
migration (upward or downward) of borrowers from one rating scale to another. Data on
movements within grading categories provide a useful insight into the nature and
Page 8 of 20
 composition of loan book. The Bank could also consider the following measures to
maintain the portfolio quality:
 Stipulate quantitative ceiling on aggregate exposure in specified rating categories, i.e.
certain percentage of total advances.
 Evaluate the rating-wise distribution of borrowers in various industry, business segments,
etc.
 Exposure to one industry/sector should be evaluated on the basis of overall rating
distribution of borrowers in the sector/group. In this context, Bank should weigh the pros
and cons of specialization and concentration by industry group. In cases where portfolio
exposure to a single industry is badly performing, the Banks may increase the quality
standards for that specific industry.
 Target rating-wise volume of loans, probable defaults and provisioning requirements as a
prudent planning exercise. For any deviation/s from the expected parameters, an exercise
for restructuring of the portfolio should immediately be undertaken and if necessary, the
entry- level criteria could be enhanced to insulate the portfolio from further deterioration.
 Undertake rapid portfolio reviews, stress tests and scenario analysis when external
environment undergoes rapid changes (e.g. economic sanctions, changes in the
fiscal/monetary policies, general slowdown of the economy, market risk events, extreme
liquidity conditions, etc.). The stress tests would reveal undetected areas of potential
credit risk exposure and linkages between different categories of risk. In adverse
circumstances, there may be substantial correlation of various risks, especially credit and
market risks. Stress testing can range from relatively simple alterations in assumptions
about one or more financial, structural or economic variables to the use of highly
sophisticated models. Stress tests could also include contingency plans, detailing
management responses to stressful situations.
 Introduce discriminatory time schedules for renewal of borrower limits. Lower rated
borrowers whose financials show signs of problems should be subjected to renewal
control more often. Bank has evolved suitable framework for monitoring the market risks
and should watch the loan portfolio’s degree of concentrations and exposure to
counterparties. For comprehensive evaluation of customer exposure, Bank may consider
appointing Relationship Managers to ensure that overall exposure to a single borrower is
monitored, captured and controlled. The Relationship Managers have to work in
coordination with the Credit Department. The Relationship Managers may service mainly
high value loans so that a substantial share of the loan portfolio, which can alter the risk
profile, would be under constant surveillance. Further, transactions with affiliated
companies/groups need to be aggregated and maintained close to real time. The Bank
has also put in place formalized systems for identification of accounts showing
pronounced credit weaknesses well in advance and also prepare internal guidelines for
such an exercise and set time frame for deciding courses of action.

Bank has adopted credit risk models prevailing in sponsor Bank for evaluation of credit
portfolio. The credit risk models offer Bank’s framework for examining credit risk
exposures, across geographical locations and product lines in a timely manner,
centralizing data and analyzing marginal and absolute contributions to risk. The models
also provide estimates of credit risk (unexpected loss) which reflect individual portfolio
composition.

f) Loan Review Process and Monitoring: The Bank has in place comprehensive post-
sanction processes aimed at enabling efficient and effective credit management. Review
of Advances is an effective tool for constantly evaluating the quality of loan book and to
Page 9 of 20
 bring about qualitative improvements in credit administration. Each and every sanction is
reported for control to the next higher authority/ designated authority. Quarterly review of
High value advances by the designated authority is in place.

The main objectives of Loan Review Process could be:

 To identify promptly loans which develop credit weaknesses and initiate timely corrective
action
 To evaluate portfolio quality and isolate potential problem areas
 To provide information for determining adequacy of loan loss provision
 To assess the adequacy of and adherence to, loan policies and procedures, and to
monitor compliance with relevant laws and regulations; and
 To provide top management with information on credit administration, including credit
sanction process, risk evaluation and post-sanction follow-up.
 Comparing the account outstanding to the assets level on a continuing basis.
 Compliance with all internal and external reporting requirements for credit discipline.

Accurate and timely credit grading is one of the basic components of an effective
monitoring. Credit grading involves assessment of credit quality, identification of problem
loans, and assignment of risk ratings. A proper Credit Grading System should support
evaluating the portfolio quality and establishing loan loss provisions. Given the importance
and subjective nature of credit rating, the credit ratings awarded by Credit Department
should be subjected to review.

The loan reviews should focus on:

 Approval process
 Accuracy and timeliness of credit ratings assigned by loan officers
 Adherence to internal policies and procedures, and applicable laws / regulations
 Compliance with loan covenants
 Post-sanction follow-up
 Sufficiency of loan documentation
 Portfolio quality
 Recommendations for improving portfolio quality

The findings of Reviews should be discussed at appropriate level and the corrective
actions should be elicited for all deficiencies. Deficiencies that remain unresolved should
be reported to top management.

II. Credit Risk and Investment Banking

Significant magnitude of credit risk, in addition to market risk, is inherent in investment banking.
The proposals for investments should also be subjected to the same degree of credit risk
analysis, as any loan proposals. The proposals should be subjected to detail appraisal and
rating framework that factors in financial and non-financial parameters of issuers, sensitivity to
external developments, etc. The maximum exposure to a customer should be bank-wide and
include all exposures assumed by the Credit and F&A Departments. The Bank should exercise
due caution, particularly in investment proposals, which are not rated and should ensure
comprehensive risk evaluation. There should be greater interaction between Credit and F&A
Departments and the portfolio analysis should also cover the total exposures, including
investments. The rating migration of the issuers and the consequent diminution in the portfolio
quality should also be tracked at periodic intervals. As a matter of prudence, Bank should
Page 10 of 20
stipulate entry level minimum ratings/quality standards, industry, maturity, duration, issuer-wise,
etc. limits in investment proposals as well to mitigate the adverse impacts of concentration and
the risk of illiquidity.

III. Credit Risk in Off-balance Sheet Exposure

The current and potential credit exposures may be measured on a daily basis to evaluate the
impact of potential changes in market conditions on the value of counterparty positions. The
potential exposures also may be quantified by subjecting the position to market movements
involving normal and abnormal movements in interest rates, liquidity conditions, etc. As we do
not have any off-balance sheet exposure except Bank Guarantee, Bank may implement risk
mitigating factors for the same.

B. Market Risk:
Market risk signifies the adverse movement in the market value of trading portfolio during the
period required to liquidate the transaction. This risk results from adverse movements in the
level or volatility of the market prices of interest rate instruments, equities, commodities and
currencies. It is also referred to as Price risk.

Controlling market risk means the variations in the value of portfolio should be kept within the
approved boundary/ tolerance limits.

I. Non- Financial Risks: Non- financial risks to which Banks are exposed to are the Business
Risk or Reputation Risk and Strategic Risk.
a) Business Risk: It pertains to the product market in which the Bank operates and
includes technological innovations, marketing and product decisions. Superfluous
marketing techniques could prove very costly and cause negative public opinion causing
reputational risk which may also result in financial loss or decline in customer base. A
Bank with pulse on the market and driven by technology as well as high degree of
customer focus, could be relatively protected against this risk.

b) Strategic Risk: It is the risk arising from adverse business decisions, improper
implementation of decisions or lack of responsiveness to industry changes. In order to
avoid the risk, the Bank has to redesign policies suiting to changed environments,
increase market image, do proper budgeting and by way of creating necessary
awareness among staff by imparting training, succession planning etc.,

C. Liquidity Risk: Liquidity risk arises when the Bank is unable to meet a financial
commitment arising out of a variety of situations.
a) Funding Risk: Funding liquidity risk is defined as the inability to obtain funds to meet
cash flow obligations. This arises with the need to replace net outflows due to
unanticipated withdrawal/ non- renewal of deposits.
b) Time Risk: Time risk arises from the need to compensate for non- receipt of expected
inflow of funds i.e. performing assets turning into non-performing assets.
c) Call Risk: Call risk arises due to crystallization of contingent liabilities i.e. the Bank being
unable to undertake profitable business opportunities when they arise.
d) Investing liquidity Risk: Not able to exit on investment either on account of credit risk,
price risk etc. or absence of market. ill managed liquidity could cost in terms of losing a
good customer or loss due to sale of good investments or raising high cost resources.
Such a situation may invite wrath of regulators as also penalties.

Liquidity risk management can be effectively done either through policy or through well-
defined norms. Forming strategies, Liquidity planning, prudential norms, review etc. shall be
key ingredients of managing liquidity risk

Page 11 of 20
 Addressing liquidity risk entails building capacity to raise resources at reasonable cost
during the trying /opportune times. It reflects the capability to have alternate sources of
funds in place for such eventualities. These aspects have to be taken care of by ALCO.

The first step towards liquidity management is to put in place an effective liquidity
management system, which, inter alia, should spell out the funding strategies, liquidity
planning under alternative scenarios, prudential limits, liquidity reporting / reviewing, etc. as
a part of Investment policy. Liquidity measurement is quite a difficult task and can be
measured through stock or cash flow approaches. The key ratios, adopted across the
banking system are:

 Loans to Total Assets

 Loans to Core Deposits
 Large Liabilities (minus) Temporary Investments to Earning Assets (minus) Temporary
Investments, where large liabilities represent wholesale deposits which are market
sensitive and temporary Investments are those maturing within one year and those
investments which are held in the trading book and are readily sold in the market
 Purchased Funds to Total Assets, where purchased funds include the entire inter-bank
and other money market borrowings, including Certificate of Deposits and institutional
deposits; and
 Loan Losses/Net Loans.

For measuring and managing net funding requirements, the use of maturity ladder and
calculation of cumulative surplus or deficit of funds at selected maturity dates is recommended
as a standard tool. The format prescribed by RBI in this regard under ALM System should be
adopted for measuring cash flow mismatches at different time bands. The cash flows should be
placed in different time bands based on future behavior of assets, liabilities and off-balance
sheet items. In other words, Bank should have to analyze the behavioral maturity profile of
various components of on / off-balance sheet items on the basis of assumptions and trend
analysis supported by time series analysis. Bank should also undertake variance analysis, at
least, once in six months to validate the assumptions. The assumptions should be fine-tuned
over a period which facilitate near reality predictions about future behavior of on / off-balance
sheet items. Apart from the above cash flows, Bank should also track the impact of
prepayments of loans, premature closure of deposits and exercise of options built in certain
instruments which offer put/call options after specified times. Thus, cash outflows can be ranked
by the date on which liabilities fall due, the earliest date a liability holder could exercise an early
repayment option or the earliest date contingencies could be crystallized.

The difference between cash inflows and outflows in each time period, the excess or deficit of
funds becomes a starting point for a measure of a bank’s future liquidity surplus or deficit, at a
series of points of time. The Bank should also consider putting in place certain prudential limits
to avoid liquidity crisis:

 Cap on inter-bank borrowings, especially call borrowings;

 Purchased funds vis-à-vis liquid assets;
 Core deposits vis-à-vis Core Assets i.e. Cash Reserve Ratio, Liquidity Reserve Ratio
and Loans;
 Duration of liabilities and investment portfolio;
 Maximum Cumulative Outflows. Banks should fix cumulative mismatches across all time
bands;

Page 12 of 20
  Commitment Ratio – track the total commitments given to corporates/banks and other
financial institutions to limit the off-balance sheet exposure;

Bank should also evolve a system for monitoring high value deposits (other than inter- Bank
deposits) say Rs.1 crore or more to track the volatile liabilities. Further the cash flows arising out
of contingent liabilities in normal situation and the scope for an increase in cash flows during
periods of stress should also be estimated. It is quite possible that market crisis can trigger
substantial increase in the amount of drawdown from cash credit/overdraft accounts, contingent
liabilities.

The liquidity profile of the Bank could be analyzed on a static basis, wherein the assets and
liabilities and off-balance sheet items are pegged on a particular day and the behavioral pattern
and the sensitivity of these items to changes in market interest rates and environment are duly
accounted for. The Banks can also estimate the liquidity profile on a dynamic way by giving due
importance to:

 Seasonal pattern of deposits/loans;

 Potential liquidity needs for meeting new loan demands, unavailed credit limits, loan
policy, potential deposit losses, investment obligations, statutory obligations, etc.

I. Alternative Scenarios

The liquidity profile of Bank depends on the market conditions, which influence the cash flow
behavior. Thus, Bank should evaluate liquidity profile under different conditions, viz. normal
situation, Bank specific crisis and market crisis scenario. The Bank should establish benchmark
for normal situation; cash flow profile of on / off balance sheet items and manage net funding
requirements.

Estimating liquidity under Bank specific crisis should provide a worst-case benchmark. It should
be assumed that the purchased funds could not be easily rolled over; some of the core deposits
could be prematurely closed; a substantial share of assets have turned into non- performing and
thus become totally illiquid. These developments would lead to rating downgrades and high cost
of liquidity. The Bank should evolve contingency plans to overcome such situations.

The market crisis scenario analyses cases of extreme tightening of liquidity conditions arising
out of monetary policy stance of Reserve Bank, general perception about risk profile of the
banking system, severe market disruptions, failure of one or more of major players in the
market, financial crisis, contagion, etc. Under this scenario, the rollover of high value customer
deposits and purchased funds could extremely be difficult besides flight of volatile deposits /
liabilities. The Bank could also sell their investment with huge discounts, entailing severe capital
loss.

II. Contingency Plan

Bank should prepare Contingency Plans to measure their ability to withstand bank-specific or
market crisis scenario. The blue-print for asset sales, market access, capacity to restructure the
maturity and composition of assets and liabilities should be clearly documented and alternative
options of funding in the event of Bank’s failure to raise liquidity from existing source/s could be
clearly articulated. Liquidity from the Reserve Bank, arising out of its refinance window and
interim liquidity adjustment facility or as lender of last resort should not be reckoned for
contingency plans. Availability of back-up liquidity support in the form of committed lines of
credit, reciprocal arrangements, liquidity support from other external sources, liquidity of assets,
Page 13 of 20
etc. should also be clearly established. Interest Rate Risk (IRR) The management of Interest
Rate Risk should be one of the critical components of market risk management in banks.
Deregulation of interest rates has, however, exposed Bank to the adverse impacts of interest
rate risk. The Net Interest Income (NII) or Net Interest Margin (NIM) of Bank is dependent on the
movements of interest rates. Any mismatches in the cash flows (fixed assets or liabilities) or
repricing dates (floating assets or liabilities), expose banks’ NII or NIM to variations. The earning
of assets and the cost of liabilities are now closely related to market interest rate volatility.
Interest Rate Risk (IRR) refers to potential impact on NII or NIM or Market Value of Equity
(MVE), caused by unexpected changes in market interest rates. Interest Rate Risk can take
different forms:

III. Types of Interest Rate Risk

 Gap or Mismatch Risk
 Basis Risk
 Embedded Option Risk
 Yield Curve Risk
 Reinvestment Risk:
 Net Interest Position Risk:

IV. Measuring Interest Rate Risk

Before interest rate risk could be managed; they should be identified and quantified. Unless the
quantum of IRR inherent in the balance sheet is identified, it is impossible to measure the
degree of risks to which Bank is exposed. It is also equally impossible to develop effective risk
management strategies/hedging techniques without being able to understand the correct risk
position of bank. The IRR measurement system should address all material sources of interest
rate risk including gap or mismatch, basis, embedded option, yield curve, price, reinvestment
and net interest position risks exposures. The IRR measurement system should also take into
account the specific characteristics of each individual interest rate sensitive position and should
capture in detail the full range of potential movements in interest rates.

There are different techniques for measurement of interest rate risk, e.g. the traditional Maturity
Gap Analysis (to measure the interest rate sensitivity of earnings), Duration (to measure interest
rate sensitivity of capital), Simulation and Value at Risk. Our Bank may adopt any suitable
method out of above to measure IRR.

Generally, the approach towards measurement and hedging of IRR varies with the
segmentation of the balance sheet. In a well-functioning risk management system, Banks
broadly position their balance sheet into Trading and Investment or Banking Books. While the
assets in the trading book are held primarily for generating profit on short-term differences in
prices/yields, the banking book comprises assets and liabilities, which are contracted basically
on account of relationship or for steady income and statutory obligations and are generally held
till maturity. Thus, while the price risk shall be the prime concern of Bank in trading book, the
earnings or economic value changes will be the main focus of banking book.

a) Trading Book: The Banks should lay down policies with regard to volume, maximum
maturity, holding period, duration, stop loss, defeasance period, rating standards, etc. for
classifying securities in the trading book. While the securities held in the trading book should
ideally be marked to market as per RBI guidelines. The stress tests provide management a
view on the potential impact of large size market movements and also attempt to estimate
the size of potential losses due to stress events, which occur in the ’tails’ of the loss
Page 14 of 20
 distribution. In an environment like us where Value at Risk (VaR) is difficult to estimate for
lack of data, Bank can use non-statistical concepts such as stop loss and gross/net
positions can be used.

b) Banking Book: The changes in market interest rates have earnings and economic value
impacts on the banks’ banking book. Thus, given the complexity and range of balance sheet
products, Bank should have IRR measurement systems that assess the effects of the rate
changes on both earnings and economic value.

c) Maturity Gap Analysis: The simplest analytical techniques for calculation of IRR exposure
begins with maturity Gap analysis that distributes interest rate sensitive assets, liabilities and
off-balance sheet positions into a certain number of pre-defined time-bands according to
their maturity (fixed rate) or time remaining for their next repricing (floating rate). Those
assets and liabilities lacking definite repricing intervals (savings bank, cash credit, overdraft,
loans, export finance, refinance from RBI etc.) or actual maturities vary from contractual
maturities (embedded option in bonds with put/call options, loans, cash credit/overdraft, time
deposits, etc.) are assigned time-bands according to the judgment, empirical studies and
past experiences of bank.

A number of time bands can be used while constructing a gap report. Generally, most of the
Bank focus their attention on near-term periods, viz. monthly, quarterly, half-yearly or one
year. It is very difficult to take a view on interest rate movements beyond a year. Banks with
large exposures in the short-term should test the sensitivity of their assets and liabilities even
at shorter intervals like overnight, 1-7 days, 8-14 days, etc. In our Bank, we may focus on
half year to one year period as our exposures in both assets and liabilities are more in that
time band only.

In order to evaluate the earnings exposure, interest Rate Sensitive Assets (RSAs) in each
time band are netted with the interest Rate Sensitive Liabilities (RSLs) to produce a repricing
‘Gap’ for that time band. The positive Gap indicates that Bank has more RSAs than RSLs. A
positive or asset sensitive Gap means that an increase in market interest rates could cause
an increase in NII. Conversely, a negative or liability sensitive Gap implies that the banks’ NII
could decline as a result of increase in market interest rates. The negative gap indicates that
Bank has more RSLs than RSAs. The Gap is used as a measure of interest rate sensitivity.
The Positive or Negative Gap is multiplied by the assumed interest rate changes to derive
the Earnings at Risk (EaR). The EaR method facilitates to estimate how much the earnings
might be impacted by an adverse movement in interest rates. The changes in interest rate
could be estimated on the basis of past trends, forecasting of interest rates, etc. The Bank
should fix EaR which could be based on last/current year’s income and a trigger point at
which the line management should adopt on-or off-balance sheet hedging strategies may be
clearly defined.

The Gap calculations can be augmented by information on the average coupon on assets
and liabilities in each time band and the same could be used to calculate estimates of the
level of NII from positions maturing or due for repricing within a given time-band, which would
then provide a scale to assess the changes in income implied by the gap analysis. In case
Bank could realistically estimate the magnitude of changes in market interest rates of various
assets and liabilities (basis risk) and their past behavioral pattern (embedded option risk),
they could standardize the gap by multiplying the individual assets and liabilities by how
much they will change for a given change in interest rate. Thus, one or several assumptions
Page 15 of 20
 of standardized gap seem more consistent with real world than the simple gap method. With
the Adjusted Gap, Banks could realistically estimate the EaR.

d) Duration Gap Analysis: Matching the duration of assets and liabilities, instead of matching
the maturity or reprising dates is the most effective way to protect the economic values of
Banks from exposure to IRR than the simple gap model. Duration gap model focuses on
managing economic value of Banks by recognizing the change in the market value of
assets, liabilities and off-balance sheet (OBS) items. When weighted assets and liabilities
and OBS duration are matched, market interest rate movements would have almost same
impact on assets, liabilities and OBS, thereby protecting the bank’s total equity or net worth.
Duration is a measure of the percentage change in the economic value of a position that will
occur given a small change in the level of interest rates. Measuring the duration gap is more
complex than the simple gap model. For approximation of duration of assets and liabilities,
the simple gap schedule can be used by applying weights to each time-band. The weights
are based on estimates of the duration of assets and liabilities and OBS that fall into each
time band. The weighted duration of assets and liabilities and OBS provide a rough
estimation of the changes in banks’ economic value to a given change in market interest
rates. It is also possible to give different weights and interest rates to assets, liabilities and
OBS in different time buckets to capture differences in coupons and maturities and
volatilities in interest rates along the yield curve.

In a more scientific way, Bank can precisely estimate the economic value changes to
market interest rates by calculating the duration of each asset, liability and OBS position
and weigh each of them to arrive at the weighted duration of assets, liabilities and OBS.
Once the weighted duration of assets and liabilities are estimated, the duration gap can be
worked out with the help of standard mathematical formulae. The Duration Gap measure
can be used to estimate the expected change in Market Value of Equity (MVE) for a given
change in market interest rate. The difference between duration of assets (DA) and
liabilities (DL) is bank’s net duration. If the net duration is positive (DA>DL), a decrease in
market interest rates will increase the market value of equity of the bank. When the duration
gap is negative (DL> DA), the MVE increases when the interest rate increases but
decreases when the rate declines. Thus, the Duration Gap shows the impact of the
movements in market interest rates on the MVE through influencing the market value of
assets, liabilities and OBS.

The attraction of duration analysis is that it provides a comprehensive measure of IRR for
the total portfolio. The duration analysis also recognizes the time value of money. Duration
measure is additive so that Bank can match total assets and liabilities rather than matching
individual accounts. However, Duration Gap analysis assumes parallel shifts in yield curve.
For this reason, it fails to recognize basis risk.

e) Simulation: Many of the Banks are now using balance sheet simulation models to gauge
the effect of market interest rate variations on reported earnings/economic values over
different time zones. Simulation technique attempts to overcome the limitations of Gap and
Duration approaches by computer modeling the bank’s interest rate sensitivity. Such
modeling involves making assumptions about future path of interest rates, shape of yield
curve, changes in business activity, pricing and hedging strategies, etc. The simulation
involves detailed assessment of the potential effects of changes in interest rate on earnings
and economic value. The simulation techniques involve detailed analysis of various
components of on-and off-balance sheet positions. Simulations can also incorporate more

Page 16 of 20
 varied and refined changes in the interest rate environment, ranging from changes in the
slope and shape of the yield curve and interest rate scenario. The output of simulation can
take a variety of forms, depending on users’ need. Simulation can provide current and
expected periodic gaps, duration gaps, balance sheet and income statements, performance
measures, budget and financial reports. The simulation model provides an effective tool for
understanding the risk exposure under variety of interest rate/balance sheet scenarios. This
technique also plays an integral-planning role in evaluating the effect of alternative business
strategies on risk exposures. The usefulness of the simulation technique depends on the
structure of the model, validity of assumption, technology support and technical expertise of
bank

The application of various techniques depends to a large extent on the quality of data and
the degree of automated system of operations. Thus, our Bank may start with the gap or
duration gap or simulation techniques on the basis of availability of data, information
technology and technical expertise. In any case, as suggested by RBI in the guidelines on
ALM System, Bank should start estimating the interest rate risk exposure with the help of
Maturity Gap approach. Once Bank is comfortable with the Gap model, we can
progressively graduate into the sophisticated approaches.

f) Funds Transfer Pricing: The Transfer Pricing mechanism being followed by many Banks
does not support good ALM Systems. Many Banks which have different products and
operate in various geographic markets have been using internal Funds Transfer Pricing
(FTP). FTP is an internal measurement designed to assess the financial impact of uses and
sources of funds and can be used to evaluate the profitability. It can also be used to isolate
returns for various risks assumed in the intermediation process. FTP also helps correctly
identify the cost of opportunity value of funds. Although many Banks have adopted various
FTP frameworks and techniques, Matched Funds Pricing (MFP) is the most efficient
technique. Most of the Banks use MFP. The FTP envisages assignment of specific assets
and liabilities to various functional units (profit centers) – lending, investment, deposit taking
and funds management. Each unit attracts sources and uses of funds. The lending,
investment and deposit taking profit centers sell their liabilities to and buys funds for
financing their assets from the funds management profit centre at appropriate transfer
prices. Transfer prices could, however, vary according to maturity, purpose, terms and other
attributes. In our Bank, we have adopted Transfer Price Mechanism (TPM) as is developed
and provided by the SBI across all RRBs sponsored by SBI.
D. Foreign Exchange (Forex) Risk: This risk is not much perceived in our Bank directly as
we do not have any forex transactions at present.

E. Capital for Market Risk :

The Basel Committee on Banking Supervision (BCBS) had issued comprehensive guidelines to
provide an explicit capital cushion for the price risks to which Bank is exposed, particularly those
arising from their trading activities. The Bank has been given flexibility to use in-house models
based on VaR for measuring market risk as an alternative to a standardized measurement
framework suggested by Basel Committee. The internal models should, however, comply with
quantitative and qualitative criteria prescribed by Basel Committee.

Reserve Bank of India has accepted the general framework suggested by the Basel Committee.
RBI has also initiated various steps in moving towards prescribing capital for market risk. RBI
has suggested that the small Banks operating predominantly in India could adopt the
standardized methodology for measurement of market risk.

Page 17 of 20
 The Basel Committee on Banking Supervision has proposed to develop capital charge for
interest rate risk in the banking book as well for Bank where the interest rate risks are
significantly above average.

F. Operational Risk:
Operational risk is the risk of loss resulting from inadequate or failed internal processes, people
and systems or from external events. The risk often happens on account of omissions in the
work of employees and somewhat difficult to handle. The problem with the risk is difficulty in
identification of the risk. The Bank normally does not come to know the operational risk during
the course of transactions as it is very subjective and time/circumstance dependent. Operational
risk is a continual cyclic process which includes risk assessment, risk decision making and
implementation of risk controls which results in acceptance, mitigation or avoidance of risk. Two
of the most common operational risks are transaction risk and compliance risk.

The Transaction Risk is the risk arising from fraud, both internal and external, failed business
process and the inability to maintain business continuity and manage information by way of
alignment to business strategy making availability of systems, maintaining data integrity,
network security etc.,

The Compliance Risk is the risk of legal or regulatory sanction, financial loss or reputation loss
that Bank may suffer as a result of failure to comply with any or all of the applicable laws,
regulations, code of conduct and standards of good practice. It is also called integrity risk since
a Bank’s reputation is closely linked to its adherence to principles of integrity and fair dealing.

I. Tools for mitigating operational Risk in Bank

Operational Risk can be prevented by good internal checks and balances, effective follow-
up of audit etc. This risk shall be managed through identification of reasons and adopting a
systematic process for reporting risk events, loss events ‘near misses’ and non- compliance
issues relating to operational risks. The Bank has clearly delineated procedures and
processes with inputs on identification, assessment and measurement of operational risk
through Master Circulars, workshops, preventive vigilance activities and trainings etc.
Further, Disaster Recovery Plan & Business Continuity Plans will be ensured to manage
operational risk. Expeditious administrative action on delinquent staff is a very effective tool
for Operational Risk mitigation/control.

II. Measurement: There is no uniformity of approach in measurement of operational risk in the

banking system. Besides, the existing methods are relatively simple and experimental.

Measuring operational risk requires both estimating the probability of an operational loss event
and the potential size of the loss. It relies on risk factor that provides some indication of the
likelihood of an operational loss event occurring.

III. Risk Monitoring

The operational risk monitoring system focuses, inter alia, on operational performance
measures such as volume, turnover, settlement facts, delays and errors. It could also be
incumbent to monitor operational loss directly with an analysis of each occurrence and
description of the nature and causes of the loss.

IV. Control of Operational Risk

Internal controls and the internal audit are used as the primary means to mitigate operational
risk. Bank could also explore setting up operational risk limits, based on the measures of

Page 18 of 20
operational risk. The contingent processing capabilities could also be used as a means to limit
the adverse impacts of operational risk. Insurance is also an important mitigator of some forms
of operational risk. Risk education for familiarizing the complex operations at all levels of staff
can also reduce operational risk. Bank shall strive to educate the staff at all levels and increase
awareness of systems and risks. Risk Focused Internal Audit (RFIA) shall take care of all the
aspects of operational risk.

V. Internal Control

One of the major tools for managing operational risk is the well-established internal control
system, which includes segregation of duties, clear management reporting lines and adequate
operating procedures. Most of the operational risk events are associated with weak links in
internal control systems or laxity in complying with the existing internal control procedures.

The ideal method of identifying problem spots is the technique of self-assessment of internal
control environment. The self-assessment could be used to evaluate operational risk along with
internal/external audit reports/ratings or RBI inspection findings. Bank should endeavor for
detection of operational problem spots rather than their being pointed out by supervisors/internal
or external auditors.

Along with activating internal audit systems, the Audit Committees should play greater role to
ensure independent financial and internal control functions.

Risk Aggregation and Capital Allocation

Most of internally active Banks have developed internal processes and techniques to assess
and evaluate their own capital needs in the light of their risk profiles and business plans. Our
Bank shall also take into account both qualitative and quantitative factors to assess economic
capital. The Basel Committee now recognizes that capital adequacy in relation to economic risk
is a necessary condition for the long-term soundness of banks. Thus, in addition to complying
with the established minimum regulatory capital requirements, Banks should critically assess
their internal capital adequacy and future capital needs on the basis of risks assumed by
individual lines of business, product, etc. As a part of the process for evaluating internal capital
adequacy, Bank should be able to identify and evaluate its risks across all its activities to
determine whether its capital levels are appropriate. Thus, at the bank’s Head Office level,
aggregate risk exposure should receive increased scrutiny. To do so, however, it requires the
summation of the different types of risks. Bank used approach is the Risk Adjusted Return on
Capital (RAROC). The RAROC is designed to allow all the business streams of a financial
institution to be evaluated on an equal footing. Each type of risks is measured to determine both
the expected and unexpected losses using VaR or worst-case type analytical model. Key to
RAROC is the matching of revenues, costs and risks on transaction or portfolio basis over a
defined time period. This begins with a clear differentiation between expected and unexpected
losses. Expected losses are covered by reserves and provisions and unexpected losses require
capital allocation which is determined on the principles of confidence levels, time horizon,
diversification and correlation. In this approach, risk is measured in terms of variability of
income. Under this framework, the frequency distribution of return, wherever possible, is
estimated and the Standard Deviation (SD) of this distribution is also estimated. Capital is
thereafter allocated to activities as a function of this risk or volatility measure. Then, the risky
position is required to carry an expected rate of return on allocated capital, which compensates
the Bank for the associated incremental risk. As per RBI, Given the level of extant risk
management practices, Bank may not be in a position to adopt RAROC framework and allocate
Page 19 of 20
capital to various businesses units on the basis of risk. Risk Management is actually a
combination of management of uncertainty, risk, equivocality and error. Uncertainty (where the
outcomes cannot be estimated even randomly) partially arises due to lack of information and
this uncertainty gets transformed into risk as information gathering progresses.

Risk Management is the act of using lessons from the past to mitigate misfortune and exploit
future opportunities. The underlying foundations for thinking about, discussing and measuring
risk can and should be consistent throughout the various divisions and levels of the Bank.

Measuring and reporting risk in a consistent manner throughout provides substantial benefits.
Although reporting needs to be tailored appropriately, it is important that the foundations- the
way risk is thought of and calculated- be consistent from the granular level up to the aggregate
level.

Risk Management is actually a combination of management of uncertainty, risk, equivocality

and error. Uncertainty (where the outcomes cannot be estimated even randomly) partially arises
due to lack of information and this uncertainty gets transformed into risk as information
gathering progresses. Therefore, the need of the hour is to follow CAMELS (Capital adequacy,
Asset quality, Management, Earnings, Liquidity, and Sensitivity) risk management norms
suggested by RBI & BIS and to have threshold limits/ tolerance limits to various parameters to
mitigate different types of risks.

6. Policy Review:

The Audit & Inspection Department shall put up the policy for review to the Board annually. Risk
mitigating factors and systems may be incorporated in the individual policies like Loan and NPA
Management Policy, Investment policy, IT policy, Fraud risk management policy prepared by
relative departments.

*****

Page 20 of 20