Managing Risk: An Overview
Effective risk management is at the core of the Bank’s value creation model as we accept risk in the normal course of business. Our stability and profitability are determined by how we manage risk. Significant resources are devoted to this critical function to ensure that it is well articulated, communicated and understood by all employees of the Bank as it is a shared responsibility. It is a dynamic and disciplined function increasing in sophistication and subject to stringent oversight by regulators and other stakeholders. The overarching objectives are to ensure that risks accepted are in line with the Bank’s risk appetite and strategic priorities and that there is an appropriate trade-off between risk and reward enabling delivery of value to key stakeholders.
Risk Management Framework
An organisation-wide risk management framework ensures that responsibility for managing risk is shared across the Bank for identifying, measuring, monitoring and managing risk at all levels across all types of risks. A strong risk management culture reinforces the key elements of the risk management framework which comprise risk governance, risk appetite and risk management tools.
The Bank’s risk management framework is based on the three lines of defence model which is the industry standard.
A disciplined risk management culture and framework facilitates oversight of and accountability for risk at all levels of the organisation and across all risk types. The Board of Directors exercises oversight and provides guidance to an experienced Senior Management team who works closely with their teams in managing risk. Understanding the highly specialised nature of managing risk, decision-making is highly centralised through a structure of senior and executive risk management committees.
The rich risk culture, which seamlessly flows through not only within the Bank, but across the Group accentuates more on two financial subsidiaries, Serendib Finance Ltd (SFL) and Commercial Bank of Maldives (CBM).
A Group risk assessment, with a view to pass on best practices across all institutions, is being carried out on a continuous basis to replicate and embrace the same.
Board of Directors
Responsibility for oversight of risk management rests with the Board of Directors which determines the risk appetite, review governance structures, policy frameworks, risk management processes and other matters related to the effective management of risk on a regular basis. Consequently, the Board evaluates the Bank’s risk management framework, policies, processes and positions on a regular basis. The BIRMC, comprising four Independent Directors and one Executive Director, has oversight responsibility for the risk management function of the Bank and reports to the Board on its activities. Both the Board and the BIRMC receive reports, explanations, clarifications and presentations from Management in this regard. They are empowered to commission investigations and initiate appropriate remedial action in instances where the Bank has incurred significant losses, breached risk appetite or fines imposed by regulators. The Board Committees with oversight responsibility for risk management or specific aspects are given below and their composition and objectives are given in the Corporate Governance Report on pages 126 to 129.
- Board Integrated Risk Management Committee
- Board Credit Committee
- Board Audit Committee
Executive management responsibility for managing risk is spearheaded by the EIRMC and the composition and objectives of the Management Committees with responsibility for risk management or specified aspects of risk management are given on page 130 of the Corporate Governance Report.
- Asset and Liability Committee
- Credit Policy Committee
- Executive Committee on Monitoring NPAs
- Business Continuity Management Steering Committee
- Information Security Council
These committees carry out independent risk evaluations using both quantitative and qualitative criteria with the assistance of the Integrated Risk Management Department (IRMD) of the Bank. Decisions and discussion points arising from review of regular and ad hoc reports received by these committees are shared with Line Managers and Senior Management to ensure effective communication of material issues and initiate deliberation and necessary action. The EIRMC co-ordinates communication with the BIRMC and ensures that risk is managed within the defined risk appetite in accordance with the risk management policies and procedures approved by the Board.
A Risk Appetite Statement (RAS) is in place clearly defining the aggregate quantum of risk the Bank is willing to assume in different aspects of business in achieving its strategic objectives. Regulatory requirements, strategic goals, capital adequacy and other prudential factors are incorporated into the RAS to facilitate sustainable value creation to stakeholders whilst ensuring compliance in an efficient manner. The RAS is reviewed and approved by the Board annually.
Our risk appetite remains unchanged from the previous year reflecting our commitment to commensurate pricing of risk and rewards and maintaining financial stability.
|Aspect||Measure||Risk Appetite 2016||Risk Appetite 2015|
|Credit risk – Asset quality downgrade||Gross NPA ratio||4% – 5%||4% – 5%|
|Operational risk||Operational loss tolerance limit||3% – 5%||3% – 5%|
|Foreign exchange risk||Exchange rate shock of||Maximum of Rs. 150 Mn.||Maximum of Rs. 150 Mn.|
|Liquidity risk||Statutory Liquid Asset Ratio||22%||22%|
|Interest rate risk||Repricing gaps||1.5 times||1.5 times|
Overall risk profile of the Bank remained stable evinced by Fitch Ratings Lanka Ltd. (Fitch) affirming a long-term national rating of AA(lka) with a stable outlook which is the highest rating given to a domestic bank in Sri Lanka without sovereign support. Enhanced resilience to a forecast volatile operating environment would have a positive impact on our rating as cited in the 2016 Bank Peer Review issued by Fitch while sensitivities include ability to withstand cyclical asset quality deterioration, changes in deposit franchise and measured risk appetite.
Asset quality improved significantly during the year with the gross NPL ratio improving from 2.74% in 2015 to 2.18% in 2016 amidst growth in the advances portfolio as we continued to focus on maintaining a conducive risk culture and well-honed credit approval processes to manage credit risk acceptance. This was supported by disciplined credit monitoring processes with early warning communications to relationship owners facilitating timely action. Impairment charges declining from Rs. 3.91 Bn. in 2015 to Rs. 1.51 Bn. in 2016 reflects the improvements in asset quality. We remain confident regarding our ability to continue to manage asset quality within the Bank’s risk appetite of 4% to 5%.
As a Bank, managing capital is a key priority to ensure availability of funds to act as a buffer sufficient to absorb negative outcomes arising out of stressed scenarios. The Internal Capital Adequacy Assessment Process (ICAAP) Framework which complies with Basel requirements sets out the process for assessing total overall capital adequacy in relation to its risk profile. Internal limits which are more stringent than the regulatory requirement provide early warnings with regard to capital adequacy. Thus the ICAAP ensures that the Bank possesses adequate capital resources in the long run to cover its material risks.
Whilst maintaining the highest standards in risk management in compliance with regulatory requirements, the Bank is vigorously exercising inward focused self-assessment in risk management through ICAAP. Frequent deliberations at Management and Board Subcommittee levels and Risk Control Self Assessment (RCSA) processes adopted by the Bank provide a clear overview of the risk management controls in place.
|Bank Capital Ratios||Regulatory Requirement (%)||Goal (Internal Limit) (%)||2016 (%)||2015 (%)|
|Tier I||5||> 8||11.56||11.60|
|Total capital||10||> 13.5||15.89||14.26|
|Liquidity coverage ratio||60 -100||> 100||241.35||187.62|
The Bank’s total capital ratio has improved from 14.26% in 2015 to 15.89% in 2016. However, Tier I ratio has shown a slight decline from 11.60% in 2015 to 11.56% in 2016 during what is believed to be a challenging year. Asset growth was 15.05% and returns grew by 21.92% reflecting our resilience, agility and ability to deliver performance.
As per the Banking Act Direction No. 01 of 2016 on Capital requirements under Basel III for Licensed Commercial Banks, the banks are required to implement the specified capital planning on a staggered basis commencing July 01, 2017 and to be fully implemented by January 01, 2019. Whilst appreciating the challenges associated with increasing the capital base in line with the CBSL Roadmap, a comparison of the Bank’s capital base as at December 31, 2016 as against expected capital levels by July 01, 2017 is given in page 403 which shows that the Bank is on a comfortable footing in the present context.
Going a step further beyond the regulatory requirements and the inward looking self-assessments of risks, stress tests conducted by the Bank encompassing plausible scenarios identify and evaluate vulnerability to potential effects of an exceptional risk event and/or movement in a set of fixed variables that could have negative impact on the Bank’s financial position. The adverse unexpected losses simulated through scenario analysis assist the Bank to visualise additional capital that is required to absorb such losses in an event such shock is to materialise and proactively work towards mitigation of such risk events. The portfolio based credit risk stress scenarios such as deterioration of credit quality, portfolio concentration, adverse macroeconomic factors, large borrower defaults etc. at varying severity levels indicated that the Bank can remain steadfast even at severe stress levels to withstand a negative shock arising from such events.