In banking, as it is in any enterprise, managing risks constitutes a very important aspect of the business. The longevity and even survival of the organisation depends on how well are risks managed. There are instances of otherwise well run organisations with long vintage facing bankruptcy due to misses in this important domain. And yet, we see many organisations treating this important subject with surprisingly low attention and priority.
This blog is no thesis on risk management and is rather a introduction to the subject. The objective of this blog is to create awareness and ensure due weightage is given to this important subject in the course of managing ones business.
There is a story of a man who once fell inside a well and was shouting for help. One good Samaritan, who was passing by, came to the well and offered to throw down a rope and pull the man up. The man who had fallen down asked the following questions:
1. What if the rope is not strong enough to bear my weight?
2. What if it slips off your hand when I am on my way up?
3. What if you are unable to lift me up due to lack of strength?
4. What if you too fall inside attempting to rescue me?
Obviously, he would have made a good risk manager. A good risk manager always thinks of the risks of any plan, process or strategy. He is always obsessed with failure possibilities. Besides thinking of known risks, he should also ponder about unknown risks. His objective, of course, is only to ensure success and come up with a fool proof plan. Under no circumstances should he keep thinking risks without offering solutions. Otherwise he risks staying inside the well !!
Risk management is covered under the following broad heads:
a) Operations Risk - Risks arising out of the operations of the bank due to failures in the design of the processes or in the execution of the same.
b) Market Risk - Risks arising out of changes in the market place which are beyond the control of the bank - for e.g. change in the interest rates or changes in share prices which can impact profitability of the book or reduce the security cover for credit lines.
c) Credit risk - Risks arising out of failure of the borrower to repay due to a variety of reasons like business failure or wilful default.
Each of the above needs to be managed differently and I will cover them at length in future blogs.
Every bank needs to have a structure in place to manage risks and I cover some of the key elements of a good structure below:
1. Well established process for creating and approving products, policies and processes.
2. Clear guidelines on trigger events which can cause alarm.
3. Systematic and objective analysis of data and periodic reviews of each product / portfolio.
4. Strong system of internal checks and controls including audit at regular intervals.
5. A proper system of delegation of authority and empowerment.
6. A process of reporting - frequency based on type and significance of transactions.
7. Fraud management processes.
8. An effective recovery system and process.
9. Good documentation and custodial function.
10. An overall control in form of limits.
11. A strong culture in the organisation which prevents problems.
The operative word for effective risk management is to have independence and objectivity in the process. Also, risk management needs to have independent reporting to the board to ensure that issues are highlighted to the appropriate level. Sufficient empowerment in form of veto rights may also be considered to prevent disasters from occurring.
Risk management is one of the pillars which give a solid foundation to any organisation and its importance cannot be belittled. An organisation which cultivates a strong risk culture will be able to deliver a steady and profitable growth with no surprises. At the same time, risk management should not forget the prime objective of the organisation - which is to do business.
To reach a port, we must sail – sail, not tie at anchor – sail, not drift – Franklin Roosevelt
I would love to hear your views on this blog. Please feel free to leave a comment on the blog or send me a mail at vish.sesh@gmail.com and I will quickly respond.
Subscribe to:
Post Comments (Atom)
In your example of a man in the well you have said that his objective is to ensure success and come up with a full proof plan..
ReplyDeleteI agree with his objective but I dont think there can be a full proof plan in business. Risk is associated with business growth- To grow you have to be prepared to take calculated risks.….
Apart from the above risks as mentioned by you a banking institution is faced with other risks like Fraud Risk, Reputation Risk (Risk arising out of rumors against the bank or change in share value of bank shares) and Legal Risk ( arising out of governments change in legal framework which can affect the bank )
Great points, Sonal. Yes indeed there is no fool proof plan and one has to take calculated risks as you have pointed out.
ReplyDeleteFraud risk and reputation risk are real indeed and can cause much damage to an organisation. Perhaps, they could be grouped under the broad head of operation risks while legal risks can come under market risks.
Thanks for your inputs.