CONTENTS

Certificate………………………………………………………………..ii
Declaration……………………………………………………………...iii
Acknowledgement………………………………………………………iv
Executive Summary………………………………….…………………..1
Literature Review…..……………….………………..……………... 2-4
Chapter I INTRODUCTION................................................................5-17
(a) Introduction
(b) Meaning of Risk and Risk Management
(c) Risk management Structure
(d) Risk management Components
(e) Steps for implementing risk management in bank
(f) Types of risks
(g) RBI Guidelines on risk management
Chapter II RESEARCH METHODOLOGY ...................................18-26
(a) Need of Study
(b) Objective of Study
(c) Significance of Study
(d) Scope of Study
(e) Research Design
(f) Data Collection
(g) Techniques of Analysis
(h) Limitations of Study
Chapter III BANKS PROFILE .......................................................27-32
Chapter IV CREDIT RISK MANAGEMENT.................................33-43
a (a) Meaning of Credit Risk
(b) Objectives of Credit Risk Management
(c) Instruments of Credit Risk Management
(d) Methods for Measuring Credit Risk
(e) Strategies for Managing Credit Risk
v
Chapter V MARKET RISK MANAGEMENT...............................44-63
(a) Meaning of Market Risk
(b) Meaning of Liquidity Risk
(c) Methods for measuring Liquidity Risk
(d) Strategies for Managing Liquidity Risk
(e) Meaning of Interest Rate Risk
(f) Methods for measuring Interest Rate Risk
(g) Strategies for managing Interest Rate Risk
Chapter VI OPERATIONAL RISK MANAGEMENT.....................64-70
(a) Definition of Operational Risk
(b) Risk Mapping/Profiling
(c) Measuring Operational Risk
(d) Mitigating Operational Risk
(e) Capital Budgeting for Operational Risk
Chapter VII BASEL II COMPLIANCE............................................71-78
(a) Three pillar approach
(b) Reservation about Basel II
Risk Based Supervision Requirement
(a) Background
(b) Risk based supervision – a new approach
(c) Features of RBS approach
Chapter VIII ANALYSIS OF SURVEY RESPONSES.....................79-86
Chapter IX OBSERVATION AND SUGGESTIONS........................87-92
(a) Major Findings of Study
(b) Suggestions
ANNEXURES AND BIBLIOGRAPHY…………………..…….…93-96

vi
 CHAPTER – VI
OPERATIONAL RISK
MANAGEMENT

65
 Defining operational risks

Basel Committee on Banking Supervision (BCBS; September 2001) defines

operational risk as the risk of monetary loss resulting from inadequate or failed
internal processes, people, systems or from external events. It is an evolving and
important risk factor faced by banks and banks need to hold capital to protect against
losses from it. The recent happenings such as WTC tragedy, Barings debacle etc. has
highlighted the potential losses on account of operational risk.

The key drivers of Operational Risk:

Regulatory pressure (Basel II), Increased awareness, Opportunity for performance

improvement.

Banks are however, still not entirely clear on how to implement the capital
requirements for operational risk.

 Risk Mapping/Profiling

Risk Mapping is a process of breaking down the bank’s business into various
functional lines and assessing the various risk elements involved in each of these
lines. It involves listing out of the existing controls for identified risks. Both the risks
listed and existing controls are graded as low, medium and high categories. It is a
dynamic exercise and subject to continuous review based on experience gained from
various loss events. The operational risk relates to failure of people, technical, legal
and internal processes.

People Risk –
(a) Internal/External Frauds

(b) Inadequate Staff

(c) Hiring Unsuitable Staff

(d) Loss of key personnel

(e) Insufficient training

(f) Insufficient succession

66
Process Risk –
(a) Transaction without proper authority

(b) Erroneous cash movements

(c) Limit Breaches

(d) Unlawful Access

(e) Incorrect recording/reporting of information

Technical Risk –

(a) Programming errors

(b) Incomplete/Inaccurate/Irrelevant MIS

(c) Network failure

(d) Telecommunication failure

(e) Inadequate system protection

(f) Lack of IT support services

(g) Inadequate back-up systems

External Risk –
(a) Natural Disasters (flood, fire etc)

(b) War/terrorism

(c) Sabotage/crime

(d) Collapse in market

Legal, Reputation and Other Risk –

(a) Incomplete Documentation

(b) Breaches of statutory Requirements

(c) Failure to follow regulatory guidelines

(d) Changes in business activities not incorporated

(e) Group Risk

67
 Measuring operational risk

A key component of risk management is measuring the size and scope of the firm’s
risk exposures. As yet, however, there is no clearly established, single way to
measure operational risk. Instead, several approaches have been developed. An
example is the “matrix” approach in which losses are categorized according to the
type of event and the business line in which the events have occurred. The bank
hopes to identify which events have the most impact across the entire firm and which
business practices are most susceptible to operational risk.

Once potential loss events and actual losses are defined, a bank analyze in
constructing databases for monitoring such losses and creating risk indicators, which
summarize these data. Potential losses are categorized broadly arising from “high
frequency, low impact”(HFLI) events such as minor accounting errors or bank teller
mistakes, and “low frequency, high impact”(LFHI) events, such as terrorist attacks or
major fraud. Data on losses arising from HFLI events are generally available from a
bank’s internal auditing systems. However, LFHI events are uncommon and thus
limit a single bank from having sufficient data for modelling purposes. For such
events, a bank needs to supplement its data with that from other firms. Although
quantitative analysis of operational risk is an important input to bank risk
management systems, these risks cannot be reduced to pure statistical analysis.
Hence, a qualitative assessment, such as scenario analysis will be an integral part of
measuring a bank’s operational risks.

 Mitigating operational risk

In broad terms, risk management is the process of mitigating the risks faced by the
bank, either by hedging financial transactions, purchasing insurance, or even
avoiding specific transactions. With respect to operational risk, several steps should
be taken to mitigate such losses. For example, damages due to natural disaster can be
insured against. Losses due to internal reasons, such as employee fraud or product
flaws are harder to identify and insure against, but they can be mitigated with strong
internal auditing procedures. Banks are yet to get clarity on the issues that are to be
included in operational risk but system vendors have identified that proper workflow

68
and process automation can help in reducing and detecting errors. Right levels of
audit and control, good management information systems and contingency planning
is necessary for effective operational risk management.

The framework consists of two general categories. The first includes general
corporate principles for developing and maintaining a banks operational risk
management environment. For example banks governing board of directors should
recognize operational risk as a distinct area of concern and establish internal
processes for periodically reviewing operational. To foster an effective risk
management environment the strategy should be integral to a banks regular activities
and should involve all levels of bank personnel. The second category consists of
general procedures for actual operational risk management. For example, banks
should implement monitoring systems for operational risk exposures and losses for
major business lines. Policies and procedures for controlling or mitigating operational
risk should be in place and enforced through regular internal auditing.

Since, all the banks have introduced internet banking, to mitigate the operational risk
in internet banking multi layer security like digital certification, encryption, two level
passwords have been introduced.

 Capital budgeting for operational risk

Banks hold capital to absorb possible losses from their risk exposures, and the
process of capital budgeting for these exposures, including operational risk, is a key
component of bank risk management. In parallel with industry developments, BCBS
proposed in 2001 that an explicit capital charge for operational risk be incorporated
into the new Basel Capital Accord. The committee initially proposed that the
operational risk charge constitutes 20% of a bank’s overall regulatory capital
requirement, but after a period of review, the committee lowered the percentage to
12%. To encourage banks to improve their operational risk management systems, the
new Basel Accord have also set criteria for implementing more advanced approaches
to operational risk. Such approaches are based on bank’s internal calculations of the
probabilities risk events occurring and the average losses from those events. The use
of these approaches will generally result in a reduction of the operational risk capital

69
requirement, as is currently done for market risk capital requirements and is proposed
for credit risk capital requirements.

TCS (Tata Consultancy Services) has developed a meta model to capture capital
allocation for operational risk in terms of guidelines laid down by New Capital
Accord.

The ultimate goal of Basel proposal is to measure operational risk and computation of
capital charges, but what is to be done at present by all the surveyed banks is to start
implementing the Basel proposal in phased manner and carefully plan in that
direction.

Basel Accord II offers tentative suggestions on the treatment of operational risk

which are expected to be developed more fully in the coming months.

Basel Committee has identified following –10 principles for

successful management of Operational Risk:

 Board of Directors should be aware of major aspects of operational risk of the

organisation as distinct risk category.

 The Board of Directors should ensure that operational management framework of

the organisation provides for effective &comprehensive internal audit.

 Senior management of the organisation should consistently implement approved

operational management framework of the organisation.

 In all material products, activities, processes and systems operational risk contract
should be identified and assessed.

 Regular Monitoring System of operational risk profiles and material exposures to

losses should be in place.

 Policies, processes and procedures to control/mitigate operational risk should be

evolved.

70
 Contingency and business continue plans should be evolved.

 Regulatory Authorities may ensure that appropriate mechanisms are put in place
to allow them to remain apprised of position of operational risk management of
the supervised organisations.

 Regulatory Authorities should review periodically about organisation approach to

identify, assess, monitor, and control/mitigate operational risk.

 Adequate public disclosures to be made to enable market participants to assess

organisations approach to operational risk.

71
 CHAPTER VII
BASEL II COMPLIANCE & RISK
BASED SUPERVISION

72
 BASEL II COMPLIANCE

The 1988 Capital Accord suffered from several drawbacks as it exclusive focus on
credit risk, it does not differentiate between sound and weak banks using “one hat fit
all” approach, it acquire broad brush structure. Hence, in order to remedy the Basel
Committee published a New Accord in Dec 2001, which was implemented by most
countries by 2006.Basel II focuses on achieving a high degree of bank-level
management, regulatory control and market disclosure.

The structure of New Accord – II consists of three pillars approach

which are as follows:

Pillar Focus area

I Pillar Minimum capital requirement

II Pillar Supervisory review

III Pillar Market discipline

 Minimum Capital Requirement

The major change in the first pillar is in measurement of risk weighting. It allows
banks certain latitude in determining their or own capital requirements based on
internal models and focus on credit risk, market risk and operational risk.

The minimal ration of capital assigned to risk is calculated as follows:

Total Capital (unchanged)

Bank’s Capital Ratio (min 8%) = ----------------------------------------------------------
(RBI prescribes 9 %) Credit risk + Market risk + Operational risk
For Credit Risks three alternative approaches are suggested. The first is a
standardised approach in which RWA (risk weighted assets) is determined except
that the risk weights are no longer determined in asset once but are revised depending
upon the ratings of the counter parties by external credit rating agencies (ECRA).
There is also greater differentiation across risk categories. In the second approach

73
called the internal ratings based approach (IRB) banks rates the borrower and results
are translated into estimates of a potential future loss amount which forms the basis
of minimum capital requirement. In Advanced internal rating based approach the
range of risk weights are well diverse.

For Market Risks also a similar twin track approach is followed. Here capital
charges are determined and then multiplied by 12.5 to make them comparable to the
RWA. Secondly a special type of capital (Tier3) is introduced for meeting market risk
only.

For meeting operational risk Accord II has specified three alternative

approaches- basic indicator, standardised and internal measurement approach. For
operational risk capital charges are computed directly and then multiplied by 12.5 to
make it comparable to RWA.

Thus D (denominator of the capital adequacy ratio) is defined as

D =RWA + 12.5 * (Sum of capital charges due to market and operational risk)

The numerator N consists of

N = Tier I + Tier II + Tier III

Subject to the proviso that

Tier I + Tier II > 0.08(RWA +12.5{capital charges on account of operational risk})

To meet market risk special type of capital viz. Tier III capital has been introduced in
the New Accord which consist of short term subordinated debt but with a minimum
original maturity of 2 years. Tier III capital cannot exceed 250% of the Tier I capital
to meet market risk.

The column chart shows the capital adequacy ratios of surveyed banks. Capital
adequacy in relation to economic risk is a necessary condition for the long-term
soundness of banks. The maintenance of capital adequacy is like aiming at a moving
target as the composition of risk weighted assets gets changed every minute on

74
account of fluctuation in a risk profile of bank. Minimum capital adequacy ratio of 8
% implies holding of Rs. 8 by way of capital for every Rs. 100 risk
assets.weighted

Capital Adequacy Ratio (%)

2008 2009
SBI 14 14.4
ICICI 11.1 10.36
HDFC 10.5 12.2
IDBI 9.56 10.4
OBC 12.8 10.9
CBI 9.47 11.3

 Supervisory Review Process

It entails allocation of supervisory resources and paying supervisory attention in

accordance with risk profile of each bank, optimise utilisation of supervisory
resources, continuous monitoring and evaluation of the risk profiles of the supervised
institution and construction of a risk matrix of each institution. The process requires
supervisors to ensure that each bank has sound internal processes in place to assess

75
the adequacy of its capital based on through evaluation of its risk.

 Market Discipline

The potential of market discipline to reinforce capital regulation depends on the

disclosure of reliable and timely information with a view to enable banks counter
parties to make well founded risk assessments. Moreover, banks are encouraged to
disclose ways in which they allocate capital among different activities. In a recent
paper the BIS has elaborated the recommendations of the Basel II concerning the
nature of information to be disclosed:

1) Structure and components of bank capital.

2) The terms and main features of capital instruments.

3) Breakdown of risk exposures.

4) Its capital ratio and other data related to its capital adequacy on a consolidated
basis.

 Reservations about Basel II

 One of the major critiques of the New Basel Accord pertains to the adoption of an
internal rating based (IRB) system as the application of IRB is costly,
discriminates against smaller banks and exacerbate cyclical fluctuations.

 Basel II involve shift in direct supervisory focus away to implementation issues

and that banks and the supervisors would be required to invest large resources in
upgrading their technology and human resources to meet minimum standards.

 Only those banks likely to benefit from IRB will adopt approach, other banks will
hold on to the standardised approach.

 Fears of disintermediation have also been expressed.

76
 RISK BASED SUPERVISION REQUIREMENTS

 Background

RBI Governor in assistance with PriceWaterHouse Coopers (PWC) an international

consultant laid an overall plan for developing Risk Based Supervision. The CAMELS
(capital adequacy, asset quality, management, earnings, liquidity, systems &
controls)/CALCS (capital adequacy, asset quality, liquidity, compliance & systems)
approach to supervisory risk assessments and ratings, tightening of exposure and
enhancement in disclosure standards are all introduced by RBI to align the Indian
banking system to International best practices.

 Current Supervisory Approach

The current on site inspection driven approach of RBI is supplemented by off site
monitoring and surveillance system (OSMOS) and supervisory follow up. It provides
an opportunity to the regulator to monitor banks performance based on
CAMELS/CALCS approach.

The major features of current supervisory are:

 Annual Financial Inspection (AFI) of banks.

 Asset size determines the length of inspection.

 All areas of banks operations are covered.

 Focus remains on transaction and asset valuation, compliance with regulations

and banking laws.

 Focus of follow up remains on rectification rather than prevention.

 Risk Based Supervision (RBS) – A New Approach

RBS looks at how well a bank (supervised) identifies, measures, controls and
monitors risks. It not only tries to identify systemic risks caused by the economic
environment in which banks operate but also management ability to deal with them.

77
Focussed approach under RBS entails allocation of supervisory resources and paying
attention in accordance with the risk profile of supervised (bank) which would further
optimise utilisation of supervisory resources. It involves assessing and monitoring the
risk profile of banks on an on going basis in relation to business and exposures and
prompt banks to develop systems rather than transactions.

RBI decided to switch over to RBS due to autonomy of banks, increased competition,
globalisation, automation and market disclosure / transparency.

 Features of RBS Approach

1) Risk Profiling of Banks: CAMELS rating is one of the core of risk profile
compilation and the risk profiling of each bank draws upon a wide range of
information such as market intelligence reports, onsite findings, adhoc data from
external and internal auditors. Risk profile document contains SWOT analysis,
Sensitivity analysis, Monitorable action plan and banks progress to date.

2) Supervisory Cycle: It varies according to risk profile of each bank, the

principle being higher the risk shorter will be the cycle of supervision. In short
term supervisory cycle remains at 12 months but it can be extended beyond 12
months for low risk banks.

3) Supervisory Programme: It is prepared at the beginning of supervisory

cycle. On site inspection is targeted to specific areas and a MAP (monitorable
action plan) is drawn up for follow up to mitigate risks to supervisory objectives
posed by individual banks.

4) Supervisory Organisation: It is the focal point for main conduit for

information and communication between banks and RBI.

5) Enforcement process and Incentive framework: RBS ensures that the

banks with a better compliance record and a good risk management control
system is entitled to an incentive package like longer supervisory cycle.
Moreover, banks that fails to show improvement in response to MAP is subject to
frequent supervisory examination.

78
The effectiveness of RBS depends on bank preparedness. Hence, RBI
initiates banks to set up Risk Management Architecture, adopts Risk Focussed
Internal Audit (RFIA), strengthen MIS. There should be well-defined standard of
corporate governance, well-documented policies and practices with clear demarcation
of lines of responsibility and accountability. Moreover, for effectiveness of RBS
formation of separate Quality Assurance Team (QAT) should be there where
members are not involved in preparation of Risk Profile Templates (RPTs). RPTs is
defined as a standardized and dynamic document that captures, catalogues, assesses
and aggregate risks that bank are exposed to. It works as a comprehensive guide to
RBI for informed and focussed supervisory action in high-risk areas in banks, fix up
supervisory cycle and supervisory tools.

79
 CHAPTER VIII
ANALYSIS OF SURVEY
RESPONSES

80
There are certain parameters on which bank degree of readiness for risk management
is ascertained.

 Documented Risk Management Policy

All the private sector banks surveyed have 100% documented risk management
policy i.e it covers credit, market and operational risk. Among the PSU it’s only
SBI and Central Bank of India, which covers all the three aspects of risks.
Oriental Bank of Commerce concentrates only on credit risks.

 All the banks follow Integrated Risk Management Practices.

 Internal Credit Rating Models

All the banks follow internal credit rating model. This high percentage among
banks shows an adoption of scientific approach to credit risks in Indian Banking
sector.

 Compilation of Migration and Default Statistics

Its only SBI which track probability of default and rating migration and same is
in case of tracking loss given default. However, there were no comments on this
from other banks. Moreover, all the six banks report that contingent liabilities fall
within purview of their risk management processes.

 On the matter of Exposure Limits all the banks surveyed define it in terms of
counter party, group and industry

 Frequency of Loan account review

In this parameter ICICI, HDFC, IDBI, SBI, OBC review loans after every three
months or six months whereas Central Bank of India still follows 12-month cycle.
As regular analysis of the loans portfolio feed into banks lending strategy.

81
 Evaluating Credit Risk at Portfolio level

To have a comprehensive understanding of credit risk banks evaluate credit risk at

portfolio level. ICICI,IDBI, HDFC banks carries out such analysis whereas in
public sector banks this analysis is carried out only by SBI. Over 85 % of the
corporate credit portfolio is now rated “A” and above in IDBI. HDFC bank is also
termed to be the best in industry in portfolio quality.

 NII (Net Interest Income) Sensitivity Analysis

The surveyed banks are carrying out regular NII Sensitivity Analysis.

 Periodic Review of Liquidity Position

SBI, ICICI, HDFC periodically review their liquidity position under normal and
stress scenarios whereas OBC, IDBI does not review the liquidity position
periodically.

 interest rate shocks Our result shows that in addition to credit risk, interest rate
risk is also important in Indian banking system. The potential impact of upon
equity capital of surveyed banks in system seems to be economically significant.

 Daily Mark-to-Market of Trading Portfolio

In this area a substantial divergence of practices is found between private sector

banks and public sector banks. SBI, OBC, ICICI and IDBI bank are carrying out
daily mark to market trading portfolio whereas Central Bank of India and HDFC
bank didn’t comment on this.

 Daily VaR (Value at Risk ) of Investment Portfolio

IDBI, SBI, ICICI Banks calculate a daily Value at Risk (VaR) of trading portfolio
where as rest of banks have fixed their own timeframe for moving to Value at
Risk and Duration approach for measurement of interest rate risk.

 Limits on Derivative transactions

82
 This is one of the essential components of market risk control. ICICI, SBI,
HDFC, IDBI, OBC, CBI banks have placed limits on derivative transactions This
is all due to strong monitoring and control system that derivative activity takes
place in these banks.

 SBI, IDBI, OBC, ICICI banks maintain a certain level of investment fluctuation
reserve to guard against any possible reversal of interest rate.

 OBC, IDBI Bank stand out as banks, which have large exposures by both,
approaches i.e accounting disclosures and stock market approach.

 Among the six banks in our sample no bank proves to have significant ‘reverse
exposures’ in the sense that they stand to earn profits in event of when interest
rate goes up.

 It is striking to observe that three banks with best stock market liquidity SBI,
ICICI, HDFC bank there is good agreement between the results from two
approaches.

 ICICI Bank, HDFC Bank and SBI seem to fairly hedged w.r.t interest rate risk.

 SBI, ICICI banks have operational risk management system but rest of the
surveyed banks did not have, as it’s the area where structural focus is relatively
nascent.

 While putting the risk management in place HDFC, IDBI, Central bank of India
finds difficult to collect reliable data. The challenge is mainly in the area of
operational risk where there is dearth of reliable historic data and not a great deal
of clarity of the measurement of risk. Banks like Oriental Bank of Commerce and
ICICI bank have sophisticated technologies.

Banks following Score card approach

Scorecard approach is followed for operational risk mitigation. None of the banks
surveyed follow this approach, as they didn’t comment on this.

83
 Bank conducting Risk Based Internal Audit

IDBI, SBI, OBC and ICICI bank conduct Risk Based Internal Audit as per RBI
guidelines whereas central bank of India & HDFC Bank did not comment on this.

 Bank on Inhouse/Outsource software for risk management

All the three surveyed private banks go for readymade solutions since creating in
house system proves to be expensive whereas established public sector banks like
SBI, OBC for whom funds are not constraint thinks of developing in house
software but they still go for outsourcing as the chief benefit of it is the speed of
implementation and it temporarily reduce the load of the back office employees.
If bank has in house software then there is nothing like it in terms of delivery
time since changes can be incorporated in an expeditious manner. Moreover, bank
need to have a separate department of IT professionals working full time on
product design and development. But finally the decision regarding this rest on
efficiency and accuracy in valuation and consequent risk analysis.

 State Bank of India is teaming with KPMG Consulting Pvt. Ltd. (international
consultant) for software solutions. However, other banks did not comment on
this.

 Capture of Risk data on regular basis

Banks such as SBI, ICICI, OBC captures risk data on regular basis whereas other
bank do not capture data on regular basis.

 Information systems for live aggregation of risk parameters

Only SBI and ICICI bank follow the presence of information system, which
aggregate risk parameters on live basis.

84
 Table No. 6
Table showing key performance indicators determining the profitability of banks

Key Performance (Financial) Indicators

SBI ICICI HDFC IDBI OBC CBI
2008 2009 2008 2009 2008 2009 2008 2009 2008 2009 2008 2009
ROA (%) 0.89 1.05 1.2 1.4 0.91 1.5 0.9 1.02 0.86 1.03 0.8 1.2
ROE (%) 18.65 20.16 18.3 21.8 20.1 20.4 21.7 27.5 20.3 22.5 21.5 23.8
Capital Adequacy 14.03 14.4 11.1 10.36 10.5 11.21 9.56 10.36 12.8 10.9 9.47 11.3
Ratio (%)
Net Interest 3.09 3.2 1.4 1.8 3.8 3.9 2.75 3.1 3.9 4.7 3.79 3.79
Margin (%)

Some of the ratios used for analyzing the aspect of risk management
are as follows: -

 Cost of Funds = Total Interest Expense / Interest bearing liabilities

where Interest bearing liabilities = Deposit + Borrowings

On analyzing this ratio we see that all the six banks have the lower cost of funds in
year 2009 as compared to 2008. The reason for this is the larger retail base that result
in being able to raise capital in small lots.

 Net Interest Margin = Net Interest Income/Earning Assets

where Net Interest Income = Total Interest Income - Total Interest Expenses

Earning Assets = All Interest earning assets (Total Assets - Cash Balance - Fixed
Assets - Other Asset)

This figure is critical component of the analysis of the risks faced by banks and
other financial institutions. The impact of volatility on the short-term profits is
measured by Net Interest Margin. It is at level of 3%, 3.7%, 4.7% for SBI, CBI
and OBC bank in year 2009 while it is 1.7%, 2.8%, 3.5% for ICICI bank, IDBI
and HDFC bank. Only Central Bank of India is the bank among all the six banks,

85
 which is able to stabilize short-term profits as net interest margin for year 2008
and 2009 is same (3.79%).

 Spread = Yield – Cost of Funds

where Yield = Total Interest Earned/Earning Assets

The level of spread at which each bank operates is different. The private banks have
narrower spread as compared to the PSU bank. They do not differ significantly and
the difference is in range of 1%.

On having a closer look at the yield curves of the various subdivisions with in each
sector on the basis of size we see that there is clear trend towards convergence over
the period 2008-2009.

 Overhead Efficiency = Non Interest Income/Non Interest Expense

This ratio gives us an idea of the ability of banks from the fee-based activities
undertaken by them. This is becoming a very critical component of the probability of
a bank as the spreads are becoming thinner and thinner over the years as a result of
increased competition. This is a good method of improving their top line as this
increased income can be generate without any significant additions to the fixed assets
as well as without there being the need to raise additional deposits or borrowings
from the market.

 AssetUtilization = Total Revenue/Total Assets

The asset utilization ratio for the public sector banks namely SBI, OBC, and CBI is
around 10% over the two-year period whereas HDFC, ICICI and IDBI bank asset
utilization is of 8%, which is lower than that of the PSU banks. This makes sense that
asset utilization capability of the banks cannot be change rapidly over a short period
of time.

 Burden/Spread

86
Burden is the Net Non Interest Income and Spread is the Net Interest expense. This
gives us an insight into the proportion of income coming from the fee based activities
of banks as against those that are derived from the fund based activities. This in turn
tells us the kind of areas where bank is focusing on a present and the pattern which
they a likely to follow in the future.

87
 CHAPTER – IX
OBSERVATIONS AND
SUGGESTIONS

88
The present chapter is divided into two sections. First part consists of major
observations of study and second part comprises of its suggestions. Observations
initiate further refinements in the existing structure while suggestions provide better
guidelines in the efficient working of the organisation.

Hence, based on the responses to the questionnaire and the personal meetings with
senior risk professionals in banks a few major findings of study are:

 There is much greater awareness across the banking sector about the need for risk
management and the various categories of risk which banks are exposed to. A
separate credit risk department distinct from credit function has been set up in all
the surveyed banks. This implies substantial progress from three years ago when
risk management was new concept for all except the most advanced and
sophisticated banks.

 Degree of readiness for integrated risk management among banks differs widely.
As there are banks which have several years risk data and sophisticated risk
models, there are also other banks, which have started the process of systematic
capturing of risk data. Degree of readiness also differs with regard to the risk
elements covered.

 While putting the risk management in place banks surveyed often find it difficult
to collect reliable data. The challenge is mainly in the area of operational risk
where there is dearth of reliable historic data and not a great deal of clarity on the
measurement of risk.

 Risk Management System is not in line with organisation goals and objective.

 Risk management is review and control exercise which requires independent

functioning in maintaining reporting lines distinct from operating managers of
corresponding departments but its not there within banks. Hence, proper
organisational structure is an essential component of risk management effort.
Implementing the necessary structure is the key task for all the banks surveyed.

89
 With increased awareness there has come about a need to ensure harmony of
understanding and direction across banks. Absence of standardised definition and
measurement divergences lead delays in installing and integrating the
components of an integrated risk management system.

 Regulatory and legal issues are not taken into account while setting up of risk
management system.

 Methodologies for measuring and assessing market risk and credit risks are
inconsistent throughout the banking sector.

 Quarterly progress reports are not made in order to keep the track record for the
progress of bank.

 Moreover each bank going for risk management implementation is faced with
question of whether to outsource and if so how much and to whom. Selection
processes for vendors are long drawn and implementation gets delayed on
account of time taken to freeze requirements and fine-tunes specifications.

 Banks are facing significant challenge in rolling out IT networks. The banks on
the software front could not entail investments in databases, datawarehousing and
in sophisticated statistical models as aggregation and analysis of the vast amount
of data is needed for successful risk management system.

 Procedural Audit reporting risk management is not done.

 There is absence of binding time frame as for measuring and managing risk
comprehensive and credible system is not placed by the specified date. It’s much
longer before sufficient data aggregation could be carried out for the introduction
of sophisticated quantitative approaches demanding sufficient internal
measurements.

 Issues relating to internal audit system, loan review system and timeliness of
internal ratings are not observed in most of the banks.

90
 Training for supervisory cadres is not given in banks for understanding the
critical issues raised under Basel II.

 There is a lack of conceptual clarity in some of the fields of risk management.

 Banks surveyed don’t have expertise in risk modelling. That’s why they seek the
services of global consultants like KPMG, Price house water coopers, TCS and
many more. These consultants identify the gaps in system and help banks in
devising risk return model.

 Selection processes of vendors for outsourcing the software solution are long
drawn.

 The risk management software solutions market is almost nine percent of the
entire IT budget of the global financial industry.

 Risk management solutions have been mainly used to calculate credit risk. It’s in
the area of operational risk that most firms will make fresh investments.

 In recent times much have been done in the area of credit risk management.

 Banks surveyed did not comply with Basel II norms and still follow rudimentary
risk models.

 In the current interest rate environment, banks find more profitable to invest in
government securities.

The following recommendations are worth mentioning:

 Risk Management System should be in place to deal with current and potential
risks.

 The system needs to be developed in line with organisation goals and objective.

 Timeliness is recommended for progress of the components of risk management.

91
 Quarterly progress reports should be made which is an effective way of keeping
track of progress made by each bank.

 There should be an active participation of senior management and main line

functional staff in setting up of risk management system, which will enhance the
acceptability of adopting the risk management measures by the employees.

 Procedural Audit of all banks reporting risk management should be done.

 An efficient asset liability management system should be there which is an

adequate tool to identify and mitigate market risks.

 Appropriate internal controls and audit, risk based supervision, proper manpower
planning, selection training and development and efficient compliance officer
should be there in addressing risk management issues.

 Monitoring and reviewing risk management process with dynamically changing

global environment needs to be undertaken.

 Selection processes of vendors for outsourcing the software solution should not
be long drawn.

 New system calls for skilled expertise sophisticated IT infrastructure and a

comprehensive database.

 Measuring and disclosing various risks requires sound MIS. A technological

application in the form of networking and data warehousing is indispensable.

 Simple handbooks must be published on risk management demystifying the

subject and making it accessible to the line managers who eventually need to
implement and use it.

 Organisation of Seminars and workshops should be conducted for training of risk

management professionals as its important not only in terms of concepts and
methodologies but also to get across vital communication tools and techniques.

92
 Banks should place more emphasis on the cash flow based lending rather than
traditional securities based lending.

 With view to build up adequate reserves too guard against any possible reversal
of interest rate banks should maintain a certain level of investment fluctuation
reserve.

 Banks should comply with Basel II norms

There is no alternative to an efficient risk management system covering all aspects of

risk for healthy growth of the organisation. The regulators must work closely with
banks to ensure that banks take up the issue seriously.

93