Strengthening financial stability through effective risk and capital management
Monday, 30 September 2013 00:25
-
- {{hitsCtrl.values.hits}}
By Kinita Shenoy
In today’s relatively volatile economic environment, there is a necessity for tools and mechanisms to control risk and capital. In this vein, the Sri Lanka Banks’ Association, together with KPMG in Sri Lanka as the technical partner and the Association of Chartered Certified Accountants (ACCA) Sri Lanka recently conducted a session on “Strengthening Financial Stability through Effective Risk and Capital Management”. The event aimed to outline the potential methods of risk management for the financial services sector.
Basel II and ICAAP
KPMG Management & Risk Consulting Executive Director and Head of Financial Risk Management Services Eckart Koerner presented the first section, which covered various aspects of Basel II, Basel III, ICAAP and the upcoming Basel III.
Koerner opened his session with an overview of what bothers banks the most in terms of ICAAP and Basel implementation and application. The three pillars of Basel II- banks have to start action. Basel I, introduced in 1988, created an international framework that globally active banks had to recognize in terms of the three pillars: 1. Minimum capital requirements 2. Supervisory review process, and 3. Disclosure requirements of market discipline.
Basel II stipulates that banks must maintain a minimum requirement of 8% of capital to risk-weighted assets. Credit risk, market risk and operational risk can be measured via a variety of standardised approaches, depending on the bank and its level of sophistication.
Unlike Pillar 1, the SRP (supervisory review process) of Pillar 2 requires both the banks and the regulator or supervisor to maintain constant dialogue while allowing the supervisor to challenge the assumptions and results in deriving the bank’s internal capital. Koerner described it as a principle based, not rule-based approach, adding that discussing and challenging the process with the supervisory body is necessary.
The ICAAP framework (Internal Capital Adequacy Assessment Program) consists of board and management oversight to understand the nature and level of material risk, set risk tolerance, as well as to ensure capital adequacy and decide overall strategy, policy and procedures with regards to capital resources and expenditure. Sound capital assessment involves the identification, measurement and reporting and relation of capital to the level of risk, in addition to stating adequate capital adequacy goals with risk and a business plan.
The Comprehensive Risk Assessment looks at credit risk, market risk, operational risk, liquidity risk, and interest rate risk in banking book. The monitoring and reporting however evaluates the level and trend of material risk and its impact on capital, while the internal control and independent review considers internal and external audits, as well as a period review of the risk management process. Through these, KPMG assesses, measures, reports and plans risk management.
The Pillar 1+ approach is based on an “add-on” approach to computing internal capital, where the risk capital for Pillar 1 risks are computed in accordance to the regulator’s requirements. Additional risk capital for material Pillar 2 risks, identified by the bank, is then added on to the computed Pillar 1 risk capital to arrive at the internal capital needs of the bank. Pillar 1 (regulated risk capital) plus Pillar 2 (add on risk capital) equals internal capital.
In terms of capital measurements, the risks are aggregated firm-wide, and all risks must be consistently defined by considering factors such as measures of volatility and confidence levels. The internal capital target level of the bank needs to be set on projections.
Koerner stated that “as far as Pillar 2 is concerned, most banks and regulators seem to be in a state of experiment. Whether and when this will give way to a commonly accepted good practice for the implementation of the Pillar 2 rules is yet unclear. However, some key points to consider through the ICAAP implementation are coverage of risks under Pillar 2, quality of risk management process and the stability of the business model, sufficiently severe stress scenarios as part of ICAAP, and generally increased capital requirements.”
Other areas, in terms of higher sophistication include the acceptance of a certain reliance on economic capital models by the regulator, the decomposition of available financial resources, the correlation and diversification effects between different mitigations. An integrated risk management framework includes addressing all dimensions of risk, linking risk to capital, defining a control structure to mitigate inappropriate claims against capital, integrate technology into the process to provide timely and accurate risk management information and provide continuous assessment.
Financial institutions need to establish a structured and holistic risk management framework which is best represented as a pyramid. Risk strategy is at the very top of the pyramid, based on governance and policy, which is based on measuring, monitoring and stress testing, which relies on reporting and IT.
Koerner moved on to the limit system, explaining that whilst establishing or updating the limit system for various risks, there are a number of key questions, starting with querying what the bank’s current and past limit measurement is. Other questions include; “How does a bank limit measurement compare with its peers?” The speaker added that while peer data will give some relative perspective, it will not necessarily inform a bank whether it is wrong or right. “What is the process for dealing with limit exceptions?” Limit utilisation is the amount of risk being taken as measured by the risk statistic. If utilisation exceeds the limit, it is defined as a limit exception, breach or violation. This creates the requirement for the hard and soft limits to be in place.
Furthermore, what is the bank’s risk appetite? Meaningful thresholds are necessary to secure business for the bank and optimise the appropriate allocation of resources. Risk appetite can be specified in terms of capital and this needs to be broken down into limits, which are either allocated to the different risk type and/or business units with buffers allowing for business growth.
The integrated approach of capital management to risk capital and return management can be explained via what Koerner described as the “magic triangle”, a challenging balance to achieve between capital and risk taking capacity, risk and economic capital, and return and economic performance.
RAROC (risk adjusted return on capital) helps pinpoint the most efficient utilisation of limited capital. A holistic and integrated stress testing framework under review should be in line with Basel II requirements. Koerner clarified that stress testing is a means to an end, not an end in itself.
He also added that there are some main challenges to using the more advanced approaches of Basel II. The further use and recognition of risk measures derived from the advanced models remain subject to significant methodological, implementation and business challenges including the potential gaps in the coverage of risks, and shortcomings of dependency modelling and transparency and meaningful of economic capital measures and operational risk related challenges such as a lack of specialised systems and personnel.
Implementing Basel III
Koerner explained that Basel III is essentially an enhancement on the existing three Basel II pillars. The key areas of consideration include improvement of the quality of capital base, building up capital buffers, introducing a leverage ratio, strengthening risk coverage for counterparty credit risk (CCR), and a minimum liquidity standard. Basel II’s shortcomings allowed a number of banks prior to the 2008 financial crisis to report high Tier I capital (T1) ratios, but with low levels of common equity net of regulatory adjustments. It aimed to overcome the flaws of the existing definition of capital. The minimum capital levels under Basel III have also been raised from 8% to 10.5%. In addition to this, Basel III’s minimum capital levels have an additional 2.5% countercyclical capital buffer that will be dependent on national discretion.
Banks will need to meet the leverage ratio requirements, which can be calculated by dividing capital by total exposure. LR will function metaphorically as a safety net for the rest of the Basel III requirements o ensure better risk management practices. The liquidity framework consists of the liquidity coverage ratio, the net stable funding ratio and a common set of monitoring metrics. Koerner explained that the liquidity risk management framework’s purpose is to control liquidity risk from different perspectives including identification and protection and preparation.
He added that the capital buffer now has a regulatory stipulation called the conservation and counter cyclical buffer. ICAAP will be subject to the new leverage ratio which is volume-based rather than risk-adjusted, to cap the extent of leverage which a bank can achieve. 2019 is the date on which they aim to have Basel III implemented. The impact will first be felt by individual banks, but will then subsequently flow to the financial system and real economy.
Explaining that individual banks are all different in terms of sophistication and strategy, Eckart stressed that the impact on bank’s business models should be considered. The management team should take note of capital management, liquidity management and general capital planning.
Even before Basel III is implemented, Basel IV may be “emerging from the mist” as some countries impose requirements that go beyond Basel III such as the US’ requirement for minimum capital ratios even after the impact of severe stress, and minimum leverage ratio at above 3% in Switzerland, US, and UK. In KPMG’s perspective, Basel III has tighter limits and less reliance on internal models and enhanced disclosure requirements to aid comparability. The implications for banks are lower risk sensitivity and use of internal models, but higher capital and liquidity requirements.
Panel Discussion
With KPMG Sri Lanka Managing Partner Reyaz Muhler as moderator, the panel session covered a range of topics related to ICAAP and the Basel regulations and their implementation and affect on Sri Lankan banks. Eckart Koerner returned to the stage as part of the panellists, along with Central Bank Director of Bank Supervision Yvette Fernando and Commercial Bank Chief Risk Officer Sanath Manatunga.
Presenting the regulator’s view and the Central Bank perspective, Fernando said that capital was extremely important, as the global crisis showed that both quality and quantity are key, adding that the quality aspect is highlighted by Basel III. “In SL we are on a simpler approach of Basel II and a supervisory process via ICAAP”, emphasised Fernando, “the process doesn’t just satisfy the regulator but provides a holistic risk management framework and helps build a good relationship between the banks units and understand the capital process. The law has given the regulator the power to issue a direction, which banks have taken in the right spirit. The next few months should help set up an implementation process for 2014.”
With regards to Basel III, Fernando asserted that the initial capital assessment shows that most Sri Lankan banks are well above the minimum requirements although a few are yet to get on board, and some guidance over timelines and methodologies is required as this is the first uniform global standard on liquidity. She further mentioned that the three pillars too require additional work and information. Capital too cannot be undermined as Sri Lanka is looking toward a fast-track growth path with certain milestones in mind. Adding that the banking sector plays an important catalyst role in this, they depend on necessary capital requirements and additional equity requirements. The country has no choice but to follow certain rules which will serve as the necessary ingredients to the process. Fernando affirmed that the Central Bank would be holding capacity-building sessions locally to provide guidance and assistance.
Commercial Bank Chief Risk Officer Sanath Manatunga took over from the Central Bank representative, explaining that in 2008/9, risk management was a new area. He added that “over the past five years, we have learnt that it mostly consists of common sense and experience to interpret the calculations and not just the calculations themselves. We leverage others’ money and have a responsibility to preserve financial intermediation, ensuring we do not harm the confidence of the investors as it has a massive macroeconomic impact. Basel came in and established some controls, which some bankers found loopholes and ways to get around and so the world economy collapsed. Excessive risk taking must be controlled in order to protect depositors.”
Manatunga insisted that the country needs to proceed through the Basels, which set the minimum standards; whether timelines or percentages. Reaffirming Fernando’s point that most Sri Lankan banks already meet Basel III’s capital requirements, he said that it’s a common theory that only when markets are good can banks raise capital. He recommended that banks reserve capital and work towards liquidity and leverage ratios now rather than waiting till 2019. “The economy needs money for investment and private investors need innovative lending products. SL is in need of these controls sooner rather than later. Nothing can be left out by being termed too difficult or irrelevant. As bankers, it’s better for the industry and the country to have financial stability.”
Institutional stability, market stability, and market infrastructure: All these three components must be addressed to have a stable financial market, according to Manatunga. ICAAP helped identify risk profile and align risk appetite and corporate plan, which benefited businesses. Once all three pillars are completed within Basel II, there will be a composite view of the risk profile which will facilitate continuation of the business plan. This should be seen as a business enabler and a well synchronised process, not a stumbling block.
Koerner, in response to a query about how certain risks are assessed (eg: reputational) and whether the assessment is uniform or whether there is differentiation between banks, said that Basel II is a mix. He elucidated that Pillar 1 is rule-based, whereas the principle base comes into play with Pillar 2 where regulators should give smaller institutions some leeway from sophisticated mechanisms. While the level of sophistication plays a role, Koerner added that no differentiation was made between sizes of institutions. Principle-based mechanisms allow the discretion to decide whether a particular type of risk needs to be measured such as reputational risk. A blanket rule cannot be laid out as every bank is different.
Pix by Krishan Shashika
