CRISL Certified Financial Analyst (CCFA) Program

Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
Financial Institutions and Risk Management
What is risk?

1. In General:
A probability or threat of damage, injury, liability, loss, or any other negative occurrence that is
caused by external or internal vulnerabilities, and that may be avoided through preemptive
action.

2. Finance:
The probability that an actual return on an investment will be lower than the expected return.
Financial risk is divided into the following categories: Basic risk, Capital risk, Country risk, Default
risk, Delivery risk, Economic risk, Exchange rate risk, Interest rate risk, Liquidity risk, Operations
risk, Payment system risk, Political risk, Refinancing risk, Reinvestment risk, Settlement risk,
Sovereign risk, and underwriting risk.

3. Insurance:
A situation where the probability of a variable (such as burning down of a building) is known but
when a mode of occurrence or the actual value of the occurrence (whether the fire will occur at
a particular property) is not. A risk is not an uncertainty (where neither the probability nor the
mode of occurrence is known), a peril (cause of loss), or a hazard (something that makes the
occurrence of a peril more likely or more severe).

4. Securities trading:
The probability of a loss or drop in value. Trading risk is divided into two general categories: (1)
Systemic risk affects all securities in the same class and is linked to the overall capital-market
system and therefore cannot be eliminated by diversification. Also called market risk. (2)
Nonsystematic risk is any risk that isn't market-related or is not systemic. Also called nonmarket
risk, extra-market risk, or unsystemic risk.

What is Risk Management?

Risk management is a process for identifying, assessing, and prioritizing risks of different kinds.
Once the risks are identified, the risk manager will create a plan to minimize or eliminate the
impact of negative events. A variety of strategies is available, depending on the type of risk and
the type of business.

Risk management is the deliberate acceptance of risk for profit-making. It requires informed
decisions on the tradeoff between risk and reward, and uses various financial and other tools to
maximize risk-adjusted returns within pre-established limits.
Risk-taking is an inherent element of the banking business and, indeed, profits are in part there
ward for successful risk taking in business.

Page 1 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
Definition of risk appetite
Risk appetite is the level and type of risk a Financial Institution is able and willing to assume in its
exposures and business activities, given its business objectives and obligations to stakeholders
(depositors, creditors, shareholders, borrowers, regulators). Risk appetite is generally expressed
through both quantitative and qualitative means and should consider extreme conditions,
events, and outcomes. It should be stated in terms of the potential impact on profitability,
capital, and liquidity.

Risk appetite framework

The science of developing and adopting a risk appetite framework (RAF) is still evolving at banks
all over the world. Some banks have adopted a high-level, brief, and qualitative statement of
RAF, while others make it complex, lengthy, and quantitative.

Some rudiments for an effective RAF are mentioned below:

a) RAFs discuss the desired business mix and composition of the balance sheet, risk
preferences (which risks are embraced, tolerated, and avoided), the acceptable tradeoff
between risk and reward, tolerances for volatility, capital thresholds, tolerance for post-
stress loss, optimum liquidity ratios, and others;
b) It should focus on the bank's key strengths and competitive advantages;
c) It should enable the Board to challenge business proposals outside of the bank's traditional
product and service lines;
d) It should make forward-looking discussions of risk easier;
e) It should codify the types of risk the bank is willing to bear and under what conditions, as
well as which risks the bank is unwilling to assume.

Risk appetite is the cornerstone of a successful risk management framework. Risk appetite can be fitted
into the risk management framework in the following manner:

Elements of risk Linkage to risk appetite

management framework
Risk governance
Risk assessment
Risk quantification and
aggregation
Monitoring and reporting
Risk and control
optimization
Clear risk appetite statement approved by the board and embodied in risk
policy and delegated authorities. This sets the 'tone from the top and the
foundation for the risk culture.
Frequent risk assessment process to identify new and changing risk landscape
in context to risk appetite.
Regular quantification and aggregation of risk to prioritize focus of risk
management and control.
Monitoring and reporting of performance against risk-based limits based on
risk appetite.
Framework of controls calibrated in line with risk appetite to optimize
cost/benefit.

Core Risk in Financial Institutions.

Page 2 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
The most important risks we are assume specific in banking risks and reputation risks, as well as
risks arising from the general business environment. Risk management process has identified six
types of specific banking risks determined by Central Bank which are known as core risk in
banking. They are:

i) Credit Risk
ii) Asset Liability Management Risk
iii) Internal Control and Compliance Risk
iv) Foreign Exchange Risk
v) Money Laundering Risk
vi) Information & Communication Technology Security Risk

Credit Risk Management

Credit risk is the possibility that a borrower or counter party will fail to meet its obligations in
accordance with agreed terms. Credit risk, therefore, arises from the bank’s dealings with or
lending to corporate, individuals, and other banks or financial institutions.

Credit risk management needs to be a robust process that enables banks to proactively manage
loan portfolios in order to minimize losses and earn an acceptable level of return for
shareholders.

Credit risk management is of utmost importance to Banks, and as such, policies and procedures
should be endorsed and strictly enforced by the MD/CEO and the board of the Bank.

POLICY GUIDELINES
The guidelines contained herein outline general principles that are designed to govern
the implementation of more detailed lending procedures and risk grading systems
within individual banks. Policy Guidelines includes:

a) Lending Guidelines
The Lending Guidelines should provide the key foundations for account
officers/relationship managers (RM) to formulate their recommendations for approval,
and should include the following:

o Industry and Business Segment Focus-Textiles: Grow, Construction: Shrink

o Types of Loan Facilities-Working Capital, Trade Finance, Term Loan, etc.
o Single Borrower/Group Limits/Syndication
o Lending Caps
o Discouraged Business Types-Military Equipment/Weapons Finance, Finance of
Speculative Investments
o Loan Facility Parameters-maximum size, maximum tenor, covenant and security
requirements
o Cross Border Risk-- Synonymous with political & sovereign risk, Third world debt
crisis

Page 3 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam

b) Credit Assessment & Risk Grading

o Credit Assessment- Amount and type of loan(s) proposed, Purpose of loans.
Security Arrangements
 Borrower Analysis.
 Industry Analysis.
 Supplier/Buyer Analysis.
 Historical Financial Analysis.
 Projected Financial Performance.
 Account Conduct.
 Adherence to Lending Guidelines.
 Mitigating Factors.
 Loan Structure.
 Security
 Name Lending.

o Risk Grading- Risk grading is a key measurement of a Bank’s asset quality, and as
such, it is essential that grading is a robust process. All facilities should be
assigned a risk grade. Where deterioration in risk is noted, the Risk Grade
assigned to a borrower and its facilities should be immediately changed.
Borrower Risk Grades should be clearly stated on Credit Applications.

Risk Rating Grade Definition

Superior- Low Risk 1 Facilities are fully secured by cash deposits, government
bonds or a counter guarantee from a top tier
international bank. All security documentation should be
in place.

Good – 2 The repayment capacity of the borrower is strong. The

Satisfactory Risk
borrower should have excellent liquidity and low
leverage. The company should demonstrate consistently
strong earnings and cash flow and have an unblemished
track record. All security documentation should be in
place. Aggregate Score of 95 or greater based on the Risk
Grade Scorecard.

Risk Rating Grade Definition

Acceptable – Fair 3 A borrower should not be graded better than 3 if realistic
Risk audited financial statements are not received. These
assets would normally be secured by acceptable collateral
(1st charge over stocks / debtors / equipment / property).
Page 4 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
An Aggregate Score of 75-94 based on the Risk Grade
Scorecard.

Marginal - Watch 4 These borrowers have an above average risk due to

list strained liquidity, higher than normal leverage, thin cash
flow and/or inconsistent earnings. Aggregate Score of 65-
74 based on the Risk Grade Scorecard.

Special Mention 5 Grade 5 assets have potential weaknesses that deserve

management’s close attention. If left uncorrected, these
weaknesses may result in a deterioration of the
repayment prospects of the borrower. An Aggregate
Score of 55-64 based on the Risk Grade Scorecard.

Substandard 6 Financial condition is weak and capacity or inclination to

repay is in doubt. An Aggregate Score of 45-54 based on
the Risk Grade Scorecard.

Doubtful and Bad 7 Full repayment of principal and interest is unlikely and
(non-performing) the possibility of loss is extremely high. In all cases, the
requirements of Bangladesh Bank in CIB reporting, loan
rescheduling and provisioning must be followed. An
Aggregate Score of 35-44 based on the Risk Grade
Scorecard

Loss 8 The prospect of recovery is poor and legal options have

(non-performing)
been pursued. The proceeds expected from the
liquidation or realization of security may be awaited. The
continuance of the loan as a bankable asset is not
warranted, and the
anticipated loss should have been provided for. An
Aggregate Score of 35 or less based on the Risk Grade
Scorecard

c) Approval Authority
The authority to sanction/approve loans must be clearly delegated to senior credit
executives by the Managing Director/CEO & Board based on the executive’s knowledge
and experience.
It is essential that executives charged with approving loans have relevant training and
experience to carry out their responsibilities effectively. As a minimum, approving
executives should have:
Page 5 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
o At least 5 years experience working in corporate/commercial bank in as a
relationship manager or account executive.
o Training and experience in financial statement, cash flow and risk analysis.
o A thorough working knowledge of Accounting.
o A good understanding of the local industry/market dynamics.
o Successfully completed an assessment test demonstrating adequate knowledge
of the following areas:
 Introduction of accrual accounting.
 Industry / Business Risk Analysis
 Borrowing Causes
 Financial reporting and full disclosure
 Financial Statement Analysis
 The Asset Conversion/Trade Cycle
 Cash Flow Analysis
 Projections
 Loan Structure and Documentation
 Loan Management.

d) Segregation of Duties
Banks should aim to segregate the following lending functions:
 Credit Approval/Risk Management
 Relationship Management/Marketing
 Credit Administration
e) Internal Audit
Banks should have a segregated internal audit/control department charged with
conducting audits of all departments. Audits should be carried out annually, and should
ensure compliance with regulatory guidelines, internal procedures, and Lending
Guidelines and Bangladesh Bank requirements.

PREFERRED ORGANISATIONAL STRUCTURE & RESPONSIBILITIES

a) Preferred Organizational Structure

Credit approval should be centralized within the CRM function. Regional credit centers
may be established, however, all applications must be approved by the Head of Credit
and Risk Management or Managing Director/CEO/Board or delegated Head Office credit
executive.

Page 6 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
The following chart represents the preferred management structure:

MD / CEO

Head of CRM Head of Corporate / Other Direct Reports

Commercial Banking (Internal Audit, etc.)

Credit Administration (May

report separately Relationship
to MD/CEO)
Management /
Marketing (RM)
Credit Approval
(Includes regional credit
Centre’s if applicable)
Business Development

Monitoring / Recovery
(includes regional recovery
centres if applicable)

b) Key Responsibilities
The key responsibilities of the above functions are as follows. Please see the details for
Appendices 2.2A-D of CRM Guide Line of BB Page- 35 to 38

PROCEDURAL GUIDELINES
a) Approval Process

The approval process must reinforce the segregation of Relationship

Management/Marketing from the approving authority. The responsibility for preparing
the Credit Application should rest with the RM within the corporate/commercial
banking department. Credit Applications should be recommended for approval by the
RM team and forwarded to the approval team within CRM and approved by individual
executives.

Delegation of approval limits should be such that all proposals where the facilities are
up to 15% of the bank’s capital should be approved at the CRM level, facilities up to 25%
Page 7 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
of capital should be approved by CEO/MD, with proposals in excess of 25% of capital to
be approved by the EC/Board only after recommendation of CRM, Corporate Banking
and MD/CEO.
The following diagram illustrates the preferred approval process:

Credit Application
Recommended By RM / Marketing

1 2
Zonal Credit Officer (ZCO)

3 4
Head of Credit (HOC) &
Head of Corporate Banking (HOCB)
5 6

Managing Director

Executive Committee/Board

b) Credit Administration

The Credit Administration function is critical in ensuring that proper documentation and
approvals are in place prior to the disbursement of loan facilities.
 Disbursement
 Custodial Duties
 Compliance Requirements

c) Credit Monitoring

To minimize credit losses, monitoring procedures and systems should be in place that
provide an early indication of the deteriorating financial health of a borrower.
 Early Alert process

Page 8 of 9
 CRISL Certified Financial Analyst (CCFA) Program
Course –“S4” Financial Institutions and Risk Management by Md. Jahidul Islam
d) Credit Recovery

The Recovery Unit (RU) of CRM should directly manage accounts with sustained
deterioration (a Risk Rating of Sub Standard (6) or worse). Banks may wish to transfer
EXIT accounts graded 4-5 to the RU for efficient exit based on recommendation of CRM
and Corporate Banking.

The RU’s primary functions are:

 Determine Account Action Plan/Recovery Strategy

 Pursue all options to maximize recovery, including placing customers into
receivership or liquidation as appropriate.
 Ensure adequate and timely loan loss provisions are made based on actual and
expected losses.
 Regular review of grade 6 or worse accounts.

The management of problem loans (NPLs) must be a dynamic process, and the
associated strategy together with the adequacy of provisions must be regularly
reviewed. A process should be established to share the lessons learned from the
experience of credit losses in order to update the lending guidelines.

 NPL Account Management

 Account Transfer Procedures
 Non Performing Loan (NPL) Monitoring
 NPL Provisioning and Write Off
 Incentive Programme

Page 9 of 9