risk management in banking

Risk Management in Banking Sector- Part-1

Syllabus section- RBI Grade B , Phase II- Finance – Risk Management in Banking.

As per a report from EY: “Financial risks will always be cause for concern in banking. But, today banks are much better positioned in terms of capital and liquidity. They have greatly de-risked and de-leveraged their balance sheets and pruned back non-core assets and operations that were amassed in the years before the financial crisis.” 

What is risk?

Risk is defined in financial terms as the chance that an outcome or investment’s actual gains will differ from an expected outcome or return.

Types of risk

Liquidity risk:

Liquidity is a bank’s ability to meet its cash and collateral obligationswithout sustaining unacceptable lossesLiquidity risk refers to how a bank’s inability to meet its obligations. It threatens its financial position or existence. Institutions manage their liquidity risk through effective asset liability management (ALM).

Liquidity risk can be categorised as – Funding risk, time risk and call risk

  • Funding Risk– This is the risk of being unable to replace net outflows due to unanticipated withdrawal/ non-renewal of deposits
  • Time Risk: This is the risk of being unable to compensate for non-receipt of expected inflows of funds (e.g. performing assets turning into non-performing assets)
  • Call Risk: It arises due to any future contingency resulting in payment offines by the bank. E.g. a bank may be asked to pay hefty sum of fine due to breach of cyber security.

Liquidity risk management and ALM encompasses the processes and strategies a bank uses to:

  • Ensure a balance sheet earns a desired net interest margin, without exposing the institution to undue risks from the interest rate volatility.
  • Plan and structure a balance sheet with a proper mix of assets and liabilities, to optimize the risk/return profile of the institution going forward.
  • Assess its ability to meet its cash flow and collateral needs (under both normal and stressed conditions) without having a negative impact on day-to-day operations or its overall financial position.
  • Mitigate that risk by developing strategies and taking appropriate actions designed to ensure that necessary funds and collateral are available when needed.

NII (Net Interest Income): The difference between interest earned and interest paid. Net interest margin = (investment returns –  interest paid) /  average assets

Interest rate risk:

Interest rate risk in the banking book (IRRBB) refers to the current or prospective risk to the bank’s capital and earnings arising from adverse movements in interest rates that affect the bank’s banking book positions. When interest rates change, the present value and timing of future cash flows change. This in turn changes the underlying value of a bank’s assets, liabilities and off-balance sheet items and hence its economic value. Changes in interest rates also affect a bank’s earnings by altering interest rate-sensitive income and expenses, affecting its net interest income (NII).

Three main sub-types of IRRBB are as follows:

  • Gap risk arises from the term structure of banking book instruments, and describes the risk arising from the timing of instruments’ rate changes. (The extent of gap risk depends on whether changes to the term structure of interest rates occur consistently across the yield curve (parallel risk) or differentially by period (non-parallel risk))
  • Basis risk describes the impact of relative changes in interest rates for financial instruments that have similar tenors but are priced using different interest rate indices.
  • Option risk arises from option derivative positions or from optional elements embedded in a bank’s assets, liabilities and/or off-balance sheet items, where the bank or its customer can alter the level and timing of their cash flows.

Market risk

The Basel Committee on Banking Supervision defines banks’ market risk as “the risk of losses in on- and off-balance sheet risk positions arising from movements in market prices.”

The major components of a bank’s market risk include:

  • Interest rate risk
  • Equity risk
  • Foreign exchange risk
  • Commodity risk

Default risk or credit risk

It occurs when borrowers or counterparties fail to meet contractual obligations. An example is when borrowers default on principal or interest payment of a loan.

Credit risk can be classified as counterparty risk and country risk

  • Counterparty Risk:This arises when the counterparty is unable to perform its side of transaction.
  • Country Risk: This is the risk of non-performance a counterparty due to restrictions imposed by a country

Operational Risk:

Operational risk is the risk of loss due to errors, interruptions, or damages caused by people, systems, or processes. E.g. Losses that occur due to human error include internal fraud or mistakes made during transactions. Employee embezzlement is an example of operational risk.

Important terms:

Banks’ reputational risk

Reputational risk is the risk of damage to a bank’s image that occurs due to some dubious actions taken by the bank. Sometimes reputational risk can be due to perception or negative publicity against the bank, without any solid evidence of wrongdoing. Reputational risk leads to the public’s loss of confidence in a bank.

Systematic Risk and Financial stability:

As per European Central Bank, Systemic risk is the risk wherein “the provision of necessary financial products and services by the financial system will be impaired to a point where economic growth and welfare may be materially affected”. It is the risk inherent in the entire market, also known as un diversifiable risk.

A build-up of systemic risk leads to financial instability. Systemic risk arises due to the inter-connectedness of institutions, balance sheet entanglements, common exposures, and, sometimes, even common business models. It is also affected due to the procyclicality issues in the financial system. Objectives of financial stability can be achieved by establishing a framework broadly divided under three categories, viz.,

(1) establishing an institutional and governance structure for financial stability;

(2) measuring and monitoring systemic risk;

(3) implementing macro prudential policies to mitigate identified systemic risks.

Risk identification:

Risk identification is the process of taking stock of an organization’s risks and vulnerabilities and raising awareness of these risks in the organization. It is the starting point for understanding and managing risks – activities central to effective management of financial institutions.

Step In Risk

“Step-in risk” is the risk that a bank decides to provide financial support to an unconsolidated entity that is facing stress, in the absence of, or in excess of, any contractual obligations to provide such support. The main reason for step-in risk might be to avoid the reputational risk that a bank might suffer were it not to provide support to an entity facing a stress situation. The financial crisis provided evidence that a bank might have incentives beyond contractual obligation or equity ties to “step in” to support unconsolidated entities to which it is connected.

What is risk management?

Risk management is the process of identifying, assessing and controlling threats to an organization’s capital and earnings. These threats, or risks, could stem from a wide variety of sources, including financial uncertainty, legal obligations etc.It aims to minimise risk. (It does not eliminate risk)

Forex Risk Management Tools:

VaR : Value at Risk- It estimates how much a set of investments might lose, given normal market conditions) approach to measure the risk associated with exposures. The Reserve Bank of India has introduced two statements viz. Maturity and Position (MAP) and Interest Rate Sensitivity (SIR) for measurement of forex risk exposures.

Risk Management Frameworks

Role of RBI in Risk Management in Banks-

A body called Board for Financial Supervision (BFS), which works under the control of RBI, supervises all the financial institutions except Stock Markets (regulated by SEBI) and Insurance (regulated by IRDA).

Following are the Risk Management Frameworks

  1. BFS has been using CAMELS rating to evaluate the financial soundness of the domestic banks. The CAMELS Model consists of six components namely

Capital Adequacy

Asset Quality– determines the quality of loans given by the bank

Management– whether an institution is able to properly react to financialstress

Earnings Quality– ability to create appropriate returns


Sensitivity to Market risk– an institution’s sensitivity to a particular risk

This framework was recommended by Basel Committee on Banking Supervision of the Bank for International Settlements (BIS)

CALCS model (capital adequacy, assets quality, liquidity, compliance and systems) refer to the supervision norm of the RBI for foreign banks. CALCS is similar to CAMELS in supervision. Periodical on-site inspection of banks that is supported by off-site monitoring and surveillance.

2. Basel norms (Basel 1, Basel 2 and Basel 3) are being implemented for Risk Management.

3. PCA (Prompt Corrective Action) to take corrective actions

Basel Norms

BIS- Bank for International Settlements (BIS)

The mission of the BIS is to serve central banks of different nations in their pursuit of monetary and financial stability, to foster international cooperation in those areas and to act as a bank for central banks. The Basel Committee is theprimary global standard setter for the prudential regulation of banks and provides a forum for cooperation on banking supervisory matters

The BASEL norms have three aims: Make the banking sector strong enough to withstand economic and financial stress; reduce risk in the system, and improve transparency in banks.


Basel I is a set of international banking regulations put forth by the Basel Committee on Bank Supervision (BCBS) that sets out the minimum capital requirements of financial institutions with the goal of minimizing credit risk.

  • The Bank Asset Classification System classifies a bank’s assets into five risk categories on the basis of a risk percentage: 0%, 10%, 20%, 50%, and 100%.
  • Basel I primarily focuses on credit risk and risk-weighted assets (RWA).
  • It classifies an asset according to the level of risk associated with it. Classifications range from risk-free assets at 0% to risk assessed assets at 100%.
  • The framework requires the minimum capital ratio of capital to RWA for all banks to be at 8%.
  • Tier 1 capital refers to capital of more permanent nature. It should make up at least 50% of the bank’s total capital base. Tier 2 capital is temporary or fluctuating in nature.
  • As per RBI norms (for Basel I,II, III): Minimum CRAR = 9%

Capital Adequacy Ratio =  (Tier 1 capital + tier 2 capital) / Risk weighted assets

• Tier 1 includes equity capital plus disclosed reserves minus goodwill

• Tier 2 includes asset revaluation reserves, undisclosed reserves, general loan loss reserves, hybrid capital instrument and subordinated term debt, preference share capital instruments and share premium resulting from the issue of instruments included in tier 2 capital.

• The denominator of the Basel I formula is the sum of risk-adjusted assets. There are five credit risk weights: 0 per cent, 10 per cent, 20 per cent, 50 per cent and 100 per cent.

Basel 2:

In June 1999, the Committee issued a proposal for a new capital adequacy framework to replace the 1988 Accord. This led to the release of the Revised Capital Framework in June 2004. Generally known as ‟Basel II”, the revised framework comprised three pillars, namely minimum capital, supervisory review and market discipline.

  • Minimum capital is the technical, quantitative heart of the accord. Banks must hold capital against 8% of their assets, after adjusting their assets for risk. It is also called as capital adequacy requirement. (Remember, In India minimum capital requirement is 9%)
  • Three approaches- basic indicator, standardized approach (SA) and advanced
  • measurement approach (AMA) had been used for estimating capital for risk.
  • Supervisor review is the process whereby national regulators ensure their home country banks are following the rules. If minimum capital is the rule book, the second pillar is the referee system.
  • Market discipline is based on enhanced disclosure of risk.
  • An important outcome of pillar 2 is ICAAP. It stands for Internal Capital Adequacy Process. It is an umbrella activity that encompasses the governance, management and control of all risk and capital management functions and the linkages therein. It strengthens the governance and organizational effectiveness around risk and capital management.

Basel 3:

The banking sector had entered the financial crisis with too much leverage an inadequate liquidity buffers. Responding to these risk factors, the Basel Committee issued Principles for sound liquidity risk management and supervision in the same month that Lehman Brothers failed.

After the 2008 financial crisis, there was a need to update the BASEL norms to reduce the risk in the banking system further. Until BASEL III, the norms had only considered some of the risks related to credit, the market, and operations. To meet these risks, banks were asked to maintain a certain minimum level of capital and not lend all the money they receive from deposits. This acts as a buffer during hard times. The BASEL III norms also consider liquidity risks.

Basel III proposes two types of disclosures namely Core and Supplementary. Core disclosures are those which convey vital information for all institutions while Supplementary disclosures are those required for some institutions.