Pushing the Pace in
a Resurgent Sri Lanka
a Resurgent Sri Lanka
As a provider of banking and financial services, risk is at the core of our day-to-day activities. The Bank’s risk philosophy is that the risk should be taken in line with the Bank’s risk appetite and it should fit in with the Bank’s business strategy, assist the decision-making process and enhance management effectiveness and also optimize capital utilization.
Business of banking naturally entails assuming ‘Risks’ in all business transactions. As a result, ‘Risk Management’ remains to gain prominence as a key strategic focus in managing banks effectively in today’s impulsive financial markets. The vision of Risk Management is to proactively assist the business in delivering superior shareholder value by ensuring an optimal trade-off between risks and rewards whilst upholding strong liquidity and adequate capital positions at all times combined with a robust asset quality. The operating model within the Bank ropes this vision and cascades the actions to fulfil same.
The changing nature of today’s business world is increasing the scope and potential impact of the risks faced. The ability of a bank to take strategic initiatives within pre-defined and consistent risk framework can be considered as a speciality that can make a distinction for a bank to ensure safety to all stakeholders in today’s competitive market scenario. Hence, the Bank has recognised the risk management capabilities as a ‘journey’ rather than a destination and is committed to maintain and continuously improve its risk management framework and capabilities through a number of initiatives including substantial investments in IT, training and development of human resources. The management of the risks inherent in the loan portfolio remained a focal point for the Bank in the current year, even as the Bank continued its strategy to expand the loan book to greater levels.
The objectives of the risk management framework are:
In addition to the main risks, the Bank has considered twelve other risks which are material to it. The decision is based on directions given by the Central Bank of Sri Lanka (CBSL) and self-assessment of most important risk categories which need a separate mention from an ICAAP perspective. These risk categories include, Liquidity Risk, Interest Rate Risk in the Banking Book, Underestimation of Credit Risk in Standardized Approach, Residual Credit Risk, Concentration Risk, Compliance Risk, Legal Risk, Strategic Risk, Model Risk, Group Risk, Settlement Risk and Reputational Risk.
Our risk culture is fundamental to the delivery of the Bank and Group’s strategic priorities. It may be characterised as conservative, control-based and organized supported by a robust risk governance structure. The Bank’s risk management framework is employed at all levels of the organization, and is instrumental in aligning the behaviour of individuals with the overall attitude to assuming and managing risk and ensuring that our risk profile is aligned to our risk appetite. In an attempt to cultivate risk-based decision-making by the business lines, the Group Risk Department plays an active role as a mentor and facilitator by instigating new ways of knowledge transfer, and it is one of the core values of the department’s culture.
Keeping abreast with risk management concepts and having a broader view by various business lines have been understood as of pivotal importance by the Bank. When equipped with such knowledge the business lines become sounder in their credit decisions. The Bank believes in grooming its own people by its own people. Therefore in order to broaden the business lines exposure to risk related areas the Group Risk Department has initiated a quarterly news bulletin. The bulletin titled ‘Risk Analyst’ was launched in September 2014 and has been published twice for the year 2014. For each periodical, the staff members contribute articles covering various aspects of risk such as new and emerging developments in risk management, clarifications on risk concepts, policies and procedures, case studies etc. The newsletter is accessible in the Bank’s e-library and in the intra-net. This initiative has enabled the Group Risk Department to grow personally and professionally and build fulfilling careers.
As an integral part of disseminating knowledge among staff, continuous training, advice and awareness programmes have also been considered as an element of the Group Risk Department. Throughout the year the staff members volunteered as resource persons for Bankwide trainings across all business lines at Head office and also at Regional offices.
| Highly diversified and short tenor portfolio |
|
| Strong capital and liquidity position |
|
| Robust risk governance structure and experienced senior management team |
|
Details of risk management initiatives undertaken during the year and planned for the next three years are summarised below:
Risk appetite is defined as the level and the nature of risk that the Bank is willing to take in order to pursue its articulated mission on behalf of its shareholders subject to constraints imposed by other stakeholders such as lenders, regulators and customers.
In the event, the risk appetite threshold has been breached, risk management and business controls are implemented to bring the exposure level back within the accepted range. Risk appetite, thus, translates into operational measures such as limits or qualitative checkpoints for the dimensions of capital, earnings volatility and concentration risk etc.
In order to effectively implement risk appetite the Bank has defined quantitative indicators (e.g., capital adequacy level and risk limits) or qualitatively embedded same in the policies and procedures (e.g., underwriting criteria).
The Bank has taken into account the following factors when defining its risk appetite:
The Bank assesses its risk appetite against both the internal & external environment it is facing. The risk appetite is not only consistent with business strategy and growth targets but is also in line with the interests of external stakeholders such as shareholders and regulators.
| Internal Inputs Considered when Defining its Risk Appetite | External Inputs Considered when Defining its Risk Appetite |
| The Bank’s overall business strategy | The interest of the regulatory agencies |
| The Bank’s business growth target | The credit rating agencies |
| Stakeholder return objectives | Equity analysts |
| Cost of capital | Shareholders |
| Other capital providers |
The Bank has formulated its risk appetite covering the following categories:
The risk appetite framework and risk tolerance limits have been defined with the consultation and engagement of Board and the Senior Management of the Bank in line with the Bank’s overall business strategy, providing clear direction to the business units for on-going operation and risk management.
The risk appetite is assessed at monthly intervals to check for any breaches and reported to the Senior Management and to the Board. In the event of a breach, appropriate management action is drawn to bring down the risk level within the risk appetite set.
Aggregating the risks of Group Companies remains a challenge due to their diverse business models and risk profiles. The Group Companies are engaged in investment banking, capital market activities, unit trust management and property management activities. However, the Bank believes the ‘Group Risk’ is greatly mitigated as;
As part of our regular risk and cross-risk analysis, sensitivities of the key portfolio risks are reviewed through a bottom-up risk assessment and through a top-down macro-economic and regulatory scenario analysis. These approaches allow us to capture risks that have an impact across our risk inventories and business divisions or those that are relevant only to specific portfolios.
We are also focused on ensuring that we act proactively to identify potential macro-economic and regulatory changes and assess the possible impact on our business model or processes.
| Risk | Risk Level | Description | Mitigants |
| Regulatory changes and compliance | Low |
|
|
| Financial markets instability | Moderate |
|
|
| Exchange rate movements | Low |
|
|
| Risk of adverse movements in interest rates | Moderate |
|
|
| Geopolitical events | Moderate |
|
|
| Risk of fraud | Moderate |
|
|
| Risk of Natural Disasters | Moderate |
|
|
| Active Share market operations | High |
|
|
| Risk arising from inability to meet maturing deposit liabilities | Low |
|
|
The strategy of the Bank is ensuring sustained profitability through good times and bad times. The need of the economy is, resilient banks which create shareholder value. BASEL regulations have been introduced worldwide to ensure resilience of the individual banks as well as the banking system as a whole.
Capital helps protect individual banks from insolvency, thereby promoting safety and soundness in the overall banking system. Minimum regulatory capital requirements under Pillar 1 establish a threshold below which a sound bank’s regulatory capital must not fall. The Pillar 2 (Supervisory Review Process - SRP) requires banks to implement an internal process, called the Internal Capital Adequacy Assessment Process (ICAAP), for assessing their capital adequacy in relation to their risk profiles as well as a strategy for maintaining their capital levels. The Pillar 2 also requires the supervisory authorities to subject all banks to an evaluation process/Supervisory Review Process (SRP) and to initiate such supervisory measures on that basis, as might be considered necessary.
The ICAAP would be in addition to a bank’s calculation of regulatory capital requirements. The Bank has put in place an Internal Capital Adequacy Assessment Process and has adhered to same from January 2013. The Bank’s ICAAP process strengthens the risk management practices and capital planning process.
The Bank is fully compliant with the BASEL II regulatory requirements. The Bank identifies and measures all material risks faced in its business and ensures that the Bank has adequate capital to support all risks at all times. The Bank also ensures that its capital is adequate to absorb losses even under stressed conditions. These details are disclosed to all stakeholders of the Bank to ensure awareness among them on how the Bank manages its risks.
The Bank has already embarked on its journey towards advanced approaches of minimum capital computation under Pillar I in order to optimize on capital allocation. Thinking ahead, the Bank is in the process of automating its capital computation process in terms of Credit and Market Risk. This pioneering strategic move will help the Bank to optimize usage of shareholder capital, which will be critical in the next few years for all banks. The automation of manual processes will ensure accuracy and better conformance to guidelines.
Credit Risk - The Bank is currently using the Standardized Approach for the capital computation for Credit Risk. With the intention of moving to Internal Rating Based approaches, the Bank has rolled out rating models with the assistance of CRIISIL Risk and Infrastructure Solutions Ltd., India. The system supports the Probability of default (PD) and Loss given default (LGD) computations.
Market Risk - The Bank uses The Standardized Approach for the capital computation for Market Risk. the Bank has already rolled out its Value at Risk (VaR) models and is awaiting guidelines from the regulator to move to advanced approach of capital computation for Market Risk.
Operational Risk - The Bank is currently using the Basic Indicator Approach for the operational risk capital computation. The Bank has also commenced the parallel computation of capital requirements as per The Standardized Approach(TSA) as well as Alternative Standardized Approach (ASA).
BASEL III is the new global regulatory standard on managing capital and liquidity of banks. With the introduction of BASEL III the capital requirements of banks will increase with an aim to raise the quality, quantity, consistency and transparency of capital base and improve the loss absorbing capacity.
The BASEL III implementation Road Map for Sri Lanka is given below:
With the implementation of BASEL III the Banks will be required to increase and also improve the quality of capital. Considering the requirements, the Bank initiated steps to automate its capital computation process in terms of Credit and Market Risks which would help to optimize usage of shareholder capital. From a liquidity point of view, the Bank computes required the Liquidity ratios as per the BASEL III guidelines.
The Bank’s Board of Directors has the overall responsibility for risk management and sets the tone at the top for an effective management of risks through its risk appetite. In discharging its governance responsibility, it operates through two key committees, namely the Integrated Risk Management Committee (IRMC) and the Board Audit Committee (BAC) which have been formed in compliance with the CBSL Direction No. 11 of 2007 on Corporate Governance. The Bank believes in combining the specialized knowledge of the business units and risk professionals in forming sub-committees for the management of risks.
The relationships between the risk management and other sections of the Bank and external parties are highlighted below:
The Group Risk Management Department is independent of the business units. It monitors and reports directly to the Integrated Risk Management Committee and the CEO. Several units within the Group Risk Department contribute to the management of risk and co-ordinates across the business lines to guarantee risk management is impeccably integrated into the Bank’s corporate culture.
Credit risk is the risk of a financial loss if a customer or counterparty to a financial instrument fails to meet a payment obligation under a contract. It arises principally from direct lending, trade finance and leasing business, and also from Off-balance sheet products such as letters of credit and guarantees. Credit risk generates the largest regulatory capital requirement of the risks we incur. The Bank manages the Credit Risk in the entire portfolio as well as individual credits or transactions.
At the Bank, credit risk management is considered to be a value addition activity rather than being confined only to a regulatory compliance function.
The Bank has a well-defined credit policy approved by the Board of Directors. It defines the
Depending on the nature of the project/product standardized formats have been designed and evaluations are carried out by competent staff. There are clear guidelines set to ensure that;
Final authority and responsibility for all activities that expose the Bank to credit risk rests with the Board of Directors and the Board of Directors has delegated approval authority to the CEO, with authority to re-delegate limits to the Executive Credit Committees and the Business Lines. All approval limits are name specific and are based on the individual experience, facility type, collateral in order to ensure accountability and to mitigate any judgmental errors.
The credit portfolio of the Bank is risk-rated using an internally-developed system that takes into account quantitative as well as qualitative factors. The rating scale ranges from Triple A to B4 and the ratings of every obligor is reviewed at least annually or more frequently if required. This rating system is used as a guide for account monitoring, provisioning/collective impairment, granting delegated authority and pricing.
During the year the Bank invested and rolled out the new Internal Risk Rating system which runs on a sophisticated work flow based software and hosts obligor risk rating, facility risk rating and retail score cards to suit the diverse client portfolios of the Bank. This move facilitates accurate quantification of the expected loss of Bank’s portfolio, and also complies with the Central Bank Direction No. 07 of 2011 on IRMC.
The Bank has deployed varying models to gauge the default risk associated with Large Corporate, Mid Corporate, SME and Non-Banking Financial Institutes. All of these models are structured in a manner incorporating both quantitative and qualitative parameters which contributes and reflects realistic probabilities of default in respective models. These models are structured broadly to measure risks arising out of industries the obligors are engaged with, financial position of the obligor, management capacity and specific business related risks. These models are fine tuned to reflect the underlying credit risks of the loan book. The ratings derived from different models are then mapped to a Bankwide single point indicator rating scale based on the underlying probability of default and various other factors including risks inherent to specific model population. The risk rating model implemented facilitates both obligor and facility rating. Whilst obligor rating will indicate the expected probability of default (PD), the facility rating indicates the expected loss given default (LGD). The expected probability of default takes into account the characteristics of the obligor assessed via industry, business, management and financial risk silos, whilst facility rating takes into account the type of the facility, nature of the collateral and realisability as well. Using the expected probability of default and the loss given default calculated via obligor rating and facility rating models, the system facilitates arriving at an expected loss for a specific credit.
The Bank deploys custom made scorecards to underwrite consumer assets. These scorecards were developed using Bank’s own data and re-weighted to align them for more recent economic conditions. Such scorecards take in to account the customer demographics together with credit worthiness of individuals and disposable income in deciding the level of accommodation of credit. In addition to above, the Bank also carries out a pre-screening of employers of salaried employees who seek consumer credit from the Bank in order to ensure that their level of income generation will not get interrupted in the foreseeable future. In this way the Bank acts more responsibly as such an approach would negate possibility of overspending by consumers based on uncertain future income.
The Bank also views pricing for risk as fundamental to credit risk management. Thus steps have been taken to price the credit risk using more scientific methods and blending it with prevailing market sentiments to contain off-market operations. The newly implemented Internal Risk Rating system facilitates calculation of Risk Adjusted Return on Capital (RAROC). This enables the Bank to link capital to expected losses.
Post sanction review and monitoring is carried out to ensure quality of credit is not compromised. Any deteriorating credits with emphasis on internal and external early warning signals are identified and such accounts are ‘Watch Listed’. The watch listed clients are monitored closely with quarterly reports submitted to the Executive Credit Committees. Further, based on the watch lists the Bank assesses the Portfolio at Risk in the event, such accounts deteriorate further. Non-performing assets are identified at an early stage, enabling management to take action as appropriate.
The industry and portfolio limits are set by the Board of Directors on the recommendation of the Group Risk Department. Credit Risk Management monitors compliance with approved limits. Desired diversification is achieved by setting maximum exposure limits on;
Credit portfolio management is an important function within the overall credit risk management function. Need for such critical and objective portfolio management emanates from the need to optimize the benefits associated with diversification. It also helps the Bank to identify and address potential adverse impact of concentration of exposures. The Bank has a well-structured portfolio management mechanism which evaluates exposures on the basis of industry concentration, rating quality, internally established pre-specified early warning indicators apart from regulator imposed quantitative ceiling on single borrower and aggregate exposure. Based on the feedback from the credit portfolio management, the credit origination criterion is amended prudently to insulate portfolios from further deterioration. The portfolio management team also undertakes, apart from regular portfolio reviews, stress tests and scenario analysis when the external environment, both local and global, undergoes swift changes. Credit portfolio management envisages mitigating credit risks to a great extent by stipulating prudential risk limits on various risk parameters. As such, the Bank has established single borrower limit, limits for related party borrowings and aggregate limit for large exposures as prescribed by the regulators. Moreover the Bank has also established maximum exposure limits to different industry segments. Such limits are clearly spelt out in the credit policy and the authority for permitting any deviations on an exceptional basis is also clearly documented. The Bank adopts a similar mechanism to assess the risks associated with Off-balance sheet exposures. As part of the credit portfolio management and monitoring procedures, the exposures in off-balance sheet products such as forward exchange contracts, guarantees and letters of credit are treated with utmost care.
KRIs supplement the overall portfolio management system, by providing a view of the credit risk of the portfolio as well as acting as an early warning system. Some of the KRIs monitored and reported to Board Integrated Risk Management Committee are given below:
| Portfolio of the Bank Industry Portfolio | To assess the trends in comparison with industry and measure performance against budgets/risk appetite |
| Market Share | |
| NPLs of the Bank Industry NPLs | |
| NPL ratio of the Bank Industry NPL ratio | |
| Provision Cover of the Bank Industry Provision Cover | |
| Open Loan Position | |
| ROE % | |
| TIER I % | To assess compliance with regulatory limits and the Bank’s risk appetite |
| TIER II % |
The Bank adopts various mechanisms to mitigate the credit risk of the loans book.
Ways out analysis - the primary source is established through a conservative evaluation of whether the borrower’s realistic projected cash flows will be sufficient to repay their debts. This is further mitigated by a second way out in the event of unforeseen adverse circumstances and availability of collateral alone does not make an unacceptable proposal viable. Exemptions on collateral are allowed in the event the borrower demonstrates strong and reliable financial performance.
Documentation of credit transactions with adequate terms, conditions and covenants in a comprehensive and legally enforceable basis.
Obtaining of collateral in line with the Bank’s policy and ensuring it is supported by enforceable documentation. Collateral policy differs from business line to business line according to the products offered.
The main types of collateral taken by the Bank are
It is the Bank’s policy to be on a pari passu status with other lenders. A decision to the contrary may be acceptable only where a non pari passu position is accepted due to unavailability of security as a result of the Bank being a late entrant to the relationship or is supported by strong financial position of the entity financed. Facilities under product programmes are governed by guidelines given in such individual programmes.
In instances where facilities are granted without collateral, the Bank ensures that its position will not be subordinated to other creditors’ interests. In such instances, the Bank generally requires either a negative pledge agreement not to encumber any assets without permission of the Bank or a pari pasu clause, whereby the debtor will treat the Bank equally with respect to collateral with all current and future lenders.
The Bank has a panel of valuers who have been selected based on the criteria set out by the Central Bank of Sri Lanka. The Bank ensures that the valuations are carried out and reviewed as following:
Facilities in NPL:
Performing facilities:
No value is considered if valuations are not in line with the time frames set out as per the CBSL Guidelines.
The Bank has in place a detailed impairment policy approved by the Board of Directors.
For accounting purposes, the Bank uses an incurred loss model for the recognition of losses on impaired financial assets. At each reporting date the Bank and the Group assesses whether there is objective evidence of a specific loss event. This means that losses are recognized when objective evidence of a specific loss event has been observed.
Triggering events include the following:
The Bank determines the allowances appropriate for each individually significant loan or advance on an individual basis if there is any objective evidence of a loss based on the above. Items considered when determining allowance amounts include
Impairment allowances are evaluated monthly.
Allowances are assessed collectively for losses on loans and advances that are not individually significant (including credit cards, residential mortgages, Government debt and unsecured consumer lending) and for individually significant loans and advances that have been assessed individually and found not to have been impaired.
The Bank generally bases its analyses on historical experience and economic factors. These factors include
| Economic Factors | Historical Experience |
| Unemployment rates | Historical losses on the portfolio |
| Changes in laws | Levels of arrears |
| Changes in regulations | Credit utilisation |
| Other relevant consumer data | Loan to collateral ratios |
The Bank may use the aforementioned factors as appropriate to adjust the impairment allowances. Allowances are evaluated separately at each reporting date with each portfolio.
The graphical analysis given below depicts the extent of analysis and the quality of the portfolio.
Portfolio distribution based on internal rating is as follows:
The portfolio continue to be concentrated on A rated clients and the composition was within the risk appetite of the Bank.
Bank analyses sector-wise NPL ratios and rating wise distribution of Borrowers in various Sectors to identify sector stresses in advance. Bank was also in compliance with the minimum lending requirement of 10% to the Agricultural sector.
Concentration measured using Herfindahl-Hirschman Index (HHI).
Based on the economic activity highest concentration is in Western Province though the branch network is spread throughout the country. Concentration in Western Province declined during the year due to disbursement to infrastructure and power projects funded by the Bank.
With the evolvement of Risk Management in Banks the management of Market Risk has become an important and a vital area. The Credit risk which was the main concern of risk managers/supervisors in the past have now changed the perception with increasing attention on Market Risk Management functions. The main reasons to focus the attention on Market Risk could be highlighted as follows:
In broader terms Market Risk is defined as the risk of losses in both On and Off-balance sheet positions caused by movements in prices or rates of foreign exchange, interest rates, equity, commodity, and credit spreads. When talking about Market Risk we cannot talk about it in isolation as Management of Liquidity Risk goes hand in hand with Market Risk Management.
The primary objectives of Market Risk Management is to ensure that the Business lines of a Bank optimise the risk-reward relationship within the Bank’s pre-defined risk appetite and do not expose the Bank to unacceptable losses.
The establishment and monitoring of MRM/ALM exposures against limits is a key control function from the perspective of ensuring that the Bank keeps within the overall risk appetite set out by the Board and Senior Management.
The activities of the Market Risk Management are not directed purely at loss mitigation but also assist towards analysing the inter-relationship of risk, reward and capital. Thus, the focus is not on restricting the Business Units from taking risk, but assuring that risks are taken where it is most optimal given the rewards and capital consumption.
Risk monitoring is guided by a well-defined policy framework and limit structure designed to suit the business model and the balance sheet structure reflecting the risk appetite of the Bank. The Board supported by Integrated Risk Management Committee (IRMC) approves the risk parameters as recommended by the Asset and Liability Management Committee (ALCO) and Market Risk Management to support the business need.
Bank’s comprehensive risk management framework covers the Market, Liquidity, Asset and Liability Risks and proactively manages the exposures against the pre-defined risk parameters. Prudential internal limits have been defined for liquidity risks, price risks, exchange risks and asset/liability risks for close monitoring of exposures. All exposure limits are linked to the Bank’s capital base to ensure adequate and efficient capital allocation/planning. These limits are subject to annual review and are monitored on a daily, weekly and monthly basis. Where limits are exceeded, Market Risk Management is responsible for identifying and escalating those excesses to the senior management on a timely basis.
Market Risk Management defines and implements a framework to systematically identify, assess, monitor and report our Market Risk and support management and mitigation. Market Risk managers identify existing and potential future Market Risks through active portfolio analysis and engagement with the business areas.
The key functions of Market Risk Management will include Policy formulation, Risk Measurement methodologies, systems and control, reporting and communication.
Market Risk Management aims to accurately measure all types of market risk by a comprehensive set of risk metrics reflecting economic and regulatory requirements.
In accordance with economic and regulatory requirements, we measure market and related risks by using key risk metrics such as:
Selected KRIs are highlighted below which provide a view of the market risk indicators which are monitored and reported to Board Integrated Risk Management Committee:
| Indicator | Limit | Position |
| Price Sensitivity of the balance sheet (LKR million) - P/L impact for a 1% change in interest rate | (500) | 177 |
| Mark to Market of Debt Trading Portfolio (LKR million) | (60) | 5.18 |
| Bank’s Net Open Position +/- (USD million) | 8 | (0.73) |
| Stress testing results on Net Open Position (LKR million) | (170) | (5.11) |
These measures are viewed as complementary to each other and in aggregate define the Market Risk Framework, by which all businesses can be measured and monitored.
Daily foreign exchange (FX) open positions are monitored to ensure that the Bank is operating within the regulatory limits as well as internal prudential limits on open exposures. Bank’s FX net open position is subject to daily stress testing to assess the ability to withstand adverse impacts to the exchange rate variations and is managed within the set parameters.
Position as at 31.12.2014 (USD ’000)
| Foreign Exchange Transaction Categories | |||||||||
| Item | Cash | Tom | Spot | Forward | Options | Other Derivative Transactions | Receivables/ Payables | Other Transactions | Total |
| Overall net position at the closing of the normal working hours of the previous day, Long (+)/Short(-) | -15,579 | -31,249 | -6,572 | 53,095 | -305 | ||||
| Adjustment entries | |||||||||
| Overall net position at the beginning of the day, Long(+)/ Short(-) | -15,579 | -31,249 | -6,572 | 53,095 | 0 | 0 | 0 | 0 | -305 |
| Transactions during the day | |||||||||
| Purchases/Receivables from | 3,139 | 2,000 | 300 | 5,439 | |||||
| Central Bank of Sri Lanka | |||||||||
| Licensed Commercial Banks | 2,000 | 2,000 | |||||||
| Other Customers | 3,139 | 0 | 0 | 300 | 0 | 0 | 0 | 0 | 3,439 |
| Against Exports | 292 | 292 | |||||||
| SIA & Government Securities by Non-Resident Customers | 17 | 17 | |||||||
| Other | 2,830 | 300 | 3,130 | ||||||
| Sales/Payables to | 5,515 | 0 | 0 | 409 | 0 | 0 | 0 | 0 | 5,924 |
| Central Bank of Sri Lanka | 0 | ||||||||
| Licensed Commercial Banks | 2,000 | 2,000 | |||||||
| Other Customers | 3,515 | 0 | 0 | 409 | 0 | 0 | 0 | 0 | 3,924 |
| Against Exports | 2,155 | 2,155 | |||||||
| SIA & Government Securities by Non-Resident Customers | 101 | 101 | |||||||
| Others | 1,259 | 409 | 1,668 | ||||||
| Net Position Long(+)/Short(-) | -2376 | 2000 | -109 | 0 | 0 | 0 | 0 | -485 | |
| Central Bank of Sri Lanka | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| Licensed Commercial Banks | -2,000 | 0 | 2,000 | 0 | 0 | 0 | 0 | 0 | 0 |
| Other Customers | -376 | 0 | 0 | -109 | 0 | 0 | 0 | 0 | -485 |
| Overall net position at the closing of the day, Long(+)Short(-) | -17,955 | -31,249 | -4,572 | 52,986 | 0 | 0 | 0 | 0 | -790 |
| Applicable Net Open Position Limit Long(+)/Short(-) | 9,000 | ||||||||
Daily sensitivity analysis is carried out on major foreign currency Net Open Positions (NOP) giving positive and negative shocks to the spot rates to determine the impact of the profit or loss to the Bank’s Statement of Profit or Loss. Bank’s Statement of Financial Position too is subject to sensitivity analysis based on the duration of its interest sensitive assets and liabilities which is carefully managed within the set limit.
Exchange Rate Sensitivity of Major Foreign Currency Net Open Positions as at 31.12.2014
| LKR Depreciate | LKR Appreciate | |||||||||
| Spot Rate Shocks | -5% | -2.5% | -1% | Spot rate | 1% | 2.5% | 5% | |||
| Currency | Net Open Position | |||||||||
| USD | 924,352 | 6,100,724 | 3,050,362 | 1,220,145 | 132.00 | (1,220,145) | (3,050,362) | (6,100,724) | ||
| GBP | 28,032 | 287,942 | 143,971 | 57,588 | 205.44 | (57,588) | (143,971) | (287,942) | ||
| EUR | 68,560 | 550,456 | 275,228 | 110,091 | 160.58 | (110,091) | (275,228) | (550,456) | ||
| JPY | (119,351,485) | (6,594,916) | (3,297,458) | (1,318,983) | 1.11 | 1,318,983 | 3,297,458 | 6,594,916 | ||
| AUD | 3,924 | 21,245 | 10,622 | 4,249 | 108.27 | (4,249) | (10,622) | (21,245) | ||
| Total | 365,450 | 182,725 | 73,090 | (73,090) | (182,725) | (365,450) | ||||
The possible impact of exchange rate movements on the major NOP of major Foreign Currency Positions is monitored to evaluate the impact on the P/L and ensure it is within acceptable levels.
The price sensitivity of the Balance Sheet was managed within the pre-defined risk parameters whilst maximizing the market potential on interest sensitive assets and liabilities.
The maturity gap analysis of interest sensitive assets and liabilities distributed into a number of pre-defined time bands according to their residual time to maturity is given below:
|
Up to 1
Month LKR ’000 |
1-3 Months LKR ’000 |
3-6 Months LKR ’000 |
6-12 Months LKR ’000 |
1-3 Years LKR ’000 |
3-5 Years LKR ’000 |
Over 5 LKR ’000 |
Non
Sensitive LKR ’000 |
Total LKR ’000 |
|
| Assets | |||||||||
| Cash | 1,844,434 | – | – | – | – | – | – | – | 1,844,434 |
| Due from Banks | 10,061,424 | 659,500 | – | – | – | – | – | – | 10,720,924 |
| Investments - Current | 14,023,109 | 27,939,933 | 1,019,261 | 13,969,801 | 2,834,673 | 4,076,310 | 18,667 | 4,439,675 | 68,321,428 |
| Investments - Non-performing | – | – | – | – | – | – | – | – | – |
| Loans and receivables - current | 56,317,364 | 29,513,274 | 11,244,174 | 11,449,579 | 31,537,502 | 18,309,530 | 15,329,869 | – | 173,701,292 |
| Loans and receivables - Non-performing | – | – | – | – | – | – | – | 2,171,671 | 2,171,671 |
| Fixed Assets | – | – | – | – | – | – | – | 2,180,626 | 2,180,626 |
| Other Assets | – | – | – | – | – | – | – | 3,905,410 | 3,905,410 |
| Total Assets | 82,246,331 | 58,112,707 | 12,263,435 | 25,419,380 | 34,372,174 | 22,385,840 | 15,348,536 | 12,697,382 | 262,845,785 |
| Liabilities | |||||||||
| Total Capital Fund | – | – | – | – | – | – | – | 22,298,046 | 22,298,046 |
| Deposits | 56,498,436 | 25,425,108 | 25,473,599 | 35,443,021 | 4,822,831 | 1,466,951 | – | – | 149,129,946 |
| Borrowings | 18,812,446 | 17,463,664 | 4,625,680 | 6,707,433 | 3,704,154 | 9,256,654 | 18,592,143 | – | 79,162,174 |
| Other liabilities | 483,164 | 636,735 | 756,219 | 571,848 | 259,035 | 74,707 | – | 9,473,910 | 12,255,618 |
| Total liabilities | 75,794,046 | 43,525,506 | 30,855,498 | 42,722,303 | 8,786,020 | 10,798,312 | 18,592,143 | 31,771,956 | 262,845,784 |
| Period Gap | 6,452,284 | 14,587,201 | (18,592,063) | (17,302,923) | 25,586,154 | 11,587,528 | (3,243,607) | (19,074,574) | – |
Trading portfolios of Securities (Treasury Bills/Bonds), Equity and Foreign Currency Options are subject to mark to market exercise on a daily basis and are monitored against the set stop loss limits. Prompt management action is taken where necessary ensuring minimum loss situations to the portfolios.
Liquidity risk is the risk that the Bank is unable to meet its financial obligations in a timely manner at reasonable prices. Financial obligations include liabilities to depositors, payments due under derivative contracts, settlement of securities borrowings and repurchase transactions, lending and investment commitments.
Effective liquidity-risk management is essential to maintain the confidence of depositors and counterparties as well as to ensure that the Bank’s core businesses continue to generate revenue, even under adverse conditions.
The objective of our liquidity framework is to ensure that all anticipated funding commitments can be met when due and allow us to withstand liquidity stresses whilst maintaining our business profile. It is designed to be adaptable to changing business models, market and regulations.
The liquidity position of the Bank further strengthened in 2014 with the funding from the Multi National funding agencies and inflows of customer deposits during the year which resulted in an advance to core funding ratio of 98.0% as at 31 December 2014 reflecting the strong liquidity profile of the Statement of Financial Position. The Bank will continue to focus on liability generation, which will be a necessary pre-condition for significant asset growth.
The Bank maintains well-articulated liquidity risk management policies and procedures, which drive the level of liquidity risk exposures and determine the business size and maturities which ensure that it has at all times sufficient liquidity to meet its financial obligations at a fair market price.
The responsibility for the liquidity risk management of the Bank is carried out by ALCO. The Bank’s Treasury/ALM units are responsible for executing the day-to-day liquidity management of the Bank within the parameters set by ALCO.
Also the Bank monitors key liquidity metrics on a regular basis, both on local currency and foreign currency balance sheets and prudential limits are set to better manage the liquidity profile of the Bank.
Liquidity measurement could be measured through Stock approach or flow approach. Under the stock approach liquidity is measured in terms of key ratios which portray the liquidity stored in the Statement of Financial Position. In flow approach a statement of Maturities of Assets and Liabilities will be prepared placing all cash flows in time bands according to the residual time to maturity.
A satisfactory trade-off between liquidity and profitability is maintained by categorizing liquidity shortfalls in the Statement of Financial Position into suitable time buckets, placing exposure limits on each time bucket to monitor the liquidity mismatch gaps. These limits correspond to the liquidity available to the Bank through various fund providers, at an agreed level of confidence.
We have carefully assessed and revised our Statement of Financial Position maturity mismatch limits in order to optimize market opportunities which are being effectively managed by our Asset Liability Management Desk. Separate gap limits are set for the local currency and foreign currency Statement of Financial Position based on the size and the nature of the Bank’s Statement of Financial Position.
The Bank is equipped with a comprehensive Liquidity Contingency Funding Plan (LCFP) linked to the Business Continuity Plan, which is in line with the regulatory guidelines. The LCFP clearly defines the responsibilities of the Liquidity Management Team and ensures the business continuity through close monitoring of the Bank’s liquidity position against the pre-defined liquidity risk trigger points. Trigger points have been defined taking into consideration the Bank specific and systemic triggers which would cause a liquidity crisis. Action Plans are set out under each level of liquidity crisis (Mild, Moderate, Severe) with responsibilities assigned to a Liquidity Management Team nominated from all areas of business to ensure that all stakeholders of the Bank are safeguarded. We have also entered into reciprocal liquidity funding agreements with identified counterpart bank to ensure stability.
Our principal mechanism for implementation of the liquidity policy is to maintain the Bank’s liquid assets to liabilities ratio above the regulatory defined ratio of 20%. The internally set prudential liquidity limits/ratios would give us early warnings of any areas of concern. The Bank has maintained a healthy Liquid Asset Ratio throughout the year.
| As at 31 December 2014 | 2014 | 2013 |
| Domestic Banking Unit | 23.85 | 26.22 |
| Foreign Currency Banking Unit | 25.10 | 26.06 |
This is defined as the ratio of total loans and advances to customers relative to deposits available which has been maintained within the set parameters. The increasing trend in customer deposits in line with the advances has proven the positive trend in Statement of Financial Position growth.
Healthy MTF ratio throughout the year represents the stable funds available for the Bank to fund the long-term assets of the Statement of Financial Position.
The consistency in the net loans to total assets ratio of the B ank reflects that the Bank has maintained the share of loans and advances in total asset base focusing mainly on loans and advances.
The statutory liquid asset ratio has been maintained above the regulatory requirement at all times. Hence the Liquid Assets to Short-term liabilities (< one year) would definitely result a higher ratio than the statutory level. The Bank maintained this ratio at a prudent level whilst meeting the commitments on a daily basis.
The Bank has maintained the purchased funds to total assets ratio below 30% throughout the year. The ratio has increased in relation to the expansion of the Asset base during the period.
With the expansion of the Statement of Financial Position the Bank’s total loan portfolio has increased during the year. A parallel shift in the Commitments and the Commitments to total loans ratio has been evident during the period.
Selected KRIs are highlighted below which provide a view of the Liquidity Risk indicators where regulatory/internal limits are set and monitored on pre-defined intervals, which provides early warning signals on liquidity position of the Bank.
| Indicator | Limit | Position |
| Statutory Liquid Asset Ratio | 20 | 25.91 |
| Advances to Deposit Ratio | 111 | 98.0 |
| Medium-term Funding Ratio | 110 | 85.11 |
| Commitment Limit - LKR billion | 100 | 93.93 |
The gap analysis of foreign currency denominated assets and liabilities will provide the cash flow obligations which will assist in managing the foreign exchange liquidity in a prudential manner.
Liquidity Gap Analysis for Foreign Currency Denominated Assets and Liabilities - as at 31 December 2014.
| In USD 000 |
Up to 1 Month |
1 - 3 Months |
3 - 6 Months |
6 - 12 Months |
1 - 3 Years |
3 - 5 Years |
Over 5 Years |
Total |
| Total Assets | 154,478 | 100,140 | 34,123 | 17,281 | 80,469 | 37,707 | 136,875 | 561,072 |
| Total Liabilities | 56,703 | 156,500 | 46,369 | 111,583 | 24,365 | 46,426 | 119,124 | 561,071 |
| Net Liquidity Gap | 97,774 | -56,360 | -12,246 | -94,302 | 56,104 | -8,719 | 17,750 | 0 |
Clear segregation of duties has been established between different business units ensuring prudent control and monitoring mechanisms. The Treasury Front Office reports to the Chief Executive Officer and Treasury Back Office reports to Head of Operations. The Market Risk Unit reports directly to the Head of the Group Risk Department who is a member of Bank’s Assets and Liabilities Committee (ALCO). All senior level staff attached to the Market Risk Unit, the Treasury Front Office and the Treasury Back Office have obtained the internationally recognised ACI qualification offered by the Financial Markets Association, as required by the CBSL directives and are competent in their job profile.
The ALCO comprising the senior management from the Treasury, Risk Management, Finance and all business units of the Bank together with the Market Risk Management Unit is responsible for the supervision and management of market risks. The ALCO meets on a monthly basis and whenever circumstances demand. Its main responsibilities are:
ALCO is the governing body for market risk, liquidity risk and asset liability risk management and the implementation of the Bank’s risk management policies, procedures and systems is delegated to the Head of Market Risk Management who reports to the Head of the Group Risk Department. Market and liquidity risks are addressed at ALCO on a monthly basis and at the Board IRMC level on a monthly and quarterly basis.
The market risk management in the Bank is evolving very fast and there is greater emphasis on strengthening systems and people with adequate training and system support.
Risk reporting creates transparency on the risk profile and facilitates the understanding of the core market and liquidity risk drivers to all levels of the organisation. The Board, Senior Management and Risk Management Committees receive regular reporting, as well as ad hoc reporting as required, on market risk, liquidity risk, regulatory capital and stress testing. Senior Risk Committees receive risk information at a number of frequencies, including weekly, monthly or quarterly.
Additionally, Market Risk Management produces daily and weekly market risk specific reports and daily limit excess reports for management review and action. Such reports include:
The risk management is ever evolving and demands greater transparency and increased accountability when it comes to risk measures, risk management processes and their underlying systems. The banks should always try to stand ahead on those areas in order to win competitive advantages.
Operational risk consists of losses incurred due to the inadequacy or failure of the internal processes, human errors, systems or external events such as natural disasters including legal risk. The Bank has developed frameworks, management tools and a control infrastructure to enhance the management and control of the operational risks that are inherent to its various activities across the Group.
The Operational Risk Management Unit (ORMU) is established within Group Risk Management Department and works towards the following objectives:
Staff at all levels is accountable for directing and controlling the operational risks in his/her area of responsibility. Board of Directors is responsible for the overall risk levels and in ensuring risks are managed appropriately and the management is vested with the required authority to implement the related control framework. The IRMC submits regular operational risk assessments to the Board, seeking its views, concurrence or specific directions.
The Operational Risk Policy Committees headed by the CEO, which has been set up at Bank level provide a forum for the discussion and management of all aspects of operational risks/losses and control lapses, monitor and ensure that appropriate operational risk management frameworks are in place, adhering to the policies of the Bank.
Business Operational Risk Sounding Boards (BORSB) have been setup at key business function and support function levels to discuss operational risk matters encompassing responsibilities such as:
While the ORMU functions as the command and control centre in managing operational risks, Operational Risk Managers (ORMs) have also been appointed in the Business and Supporting units under the authority of the Bank’s Head of Operational Risk. The ORMs operate from the respective business units/support functions, collaborating closely with the business/support function heads and responsible for implementing the Bank’s procedures and guidelines, monitoring and managing operational risks, with the support of the staff. The Bank has implemented a software-based solution to assist in the management of operational risk.
The Operational Risk Management Unit is notably responsible for:
The Bank has been guided by the Basel II Regulations (the Capital Requirements Directive and ‘sound practices for the effective management and supervision of operational risk) in the design and implementation of the broad framework to manage operational risks. This is a comprehensive end-to-end process encompassing risk identification, assessment, reporting, management and control.
Sound frameworks, techniques and toolsets have been implemented to ensure the effectiveness of the above process. They notably include:
Risk and Control Self-Assessment (RCSA) is a framework designed to identify, estimate and assess the Bank’s exposure to operational risks arising out of routine adherence to procedure and processes inherent to the various business lines and functional units of the Bank. Controls and mitigants that adequately counteract the risks are introduced thereby minimizing the impact and incidence of losses.
Its objectives are as follows:
As part of this exercise, major risks of a given scope are described using a double scale of impact and probability.
KRIs supplement the overall operational risk management system, by providing a dynamic view of changes in business line risk profiles as well as an early warning system to identify potential events that affect the day-to-day business activities and consequently have an impact on the entire Bank.
Some of the KRIs monitored are given below:
| System | Core Banking System Downtime |
| ATM Downtime | |
| No. of cyber attacks | |
| HR | Staff turnover |
| No. of disciplinary actions | |
| Finance | Reconciliations not submitted |
| Compliance | Issues raised by external professional bodies |
| Operational losses | Severity of losses |
| Number of fraud incidents |
KRIs that may have a significant impact on the entire Bank is reported to the Operational Risk Policy Committee and the Board Integrated Risk Management Committee.
The Bank has been compiling a database of risk events and loss data reported since 2010 and maintained centrally to supplement the effectiveness of the operational risk management function. It has served to:
Risk events reporting by the business units and support functions indicates the inculcating of a strong Operational risk culture through the line ORMs well-supported by the respective heads of units.
The operational loss recognition follows a formal approval process defined in the Operational Risk Policy where both Gross and Net losses are recorded in the General Ledger and such losses above the value of LKR 100,000/- are reported to the Board Integrated Risk Management Committee on a monthly basis and losses over LKR 500,000/- are reported to the regulator on a quarterly basis.
The Bank’s classification of operational losses in seven Basel event categories is the cornerstone of its risk modelling, ensuring consistency throughout the system and enabling analysis across the Bank.
Operational Losses reported were pertaining to Retail Banking, Payment and Settlements and Trading and Sales.
Operational Losses reported were pertaining to Retail Banking, Commercial Banking, Payment and Settlements and Trading and Sales.
Losses reported under business lines, Commercial Banking and Payment and Settlement fall under ‘Business Disruption and System Failures’ while Trading and Sales losses fall under ‘Execution, Delivery and Process Management’.
All losses reported under business lines, Payment and Settlement and Trading and Sales fall under Basel loss category ‘Execution, Delivery and Process Management’.
In order to cover the risks of crisis that threaten the safety of staff, customers and service providers, the security of assets, the continuity of operations and confidence in the Bank’s reputation, the Bank’s Business Continuity Management Policy requires that a full set of up-to-date and exercised plans be in place encompassing a minimum of: Crisis Management Plan (CMP), Business Continuity Plan (BCP) and IT Disaster Recovery Plan (IT DRP) amongst other relevant plans including a Pandemic Plan.
These plans are drawn upon integrating Enterprise Risk Management (ERM) Framework and effective Business Impact Analysis (BIA) processes and methodologies which anticipates all forms of threats and/or crisis that are inherent in the Business Environment.
Communications, Security and Safety and other Emergency Response Teams and exercised plans are all part of the Banks’ business continuity management commitment that is showcased undoubtedly within this framework.
The Governance of business continuity management is steered through the Crisis Management Team comprising of senior most management and co-ordinated by the Banks’ Business Continuity Manager.
BCP Drills are carried out on a predetermined schedule which includes minimum of two full functional drills which includes all critical business units which is over and above the stipulated guidelines by the Central Bank of Sri Lanka. The statuses of drills are monitored at the Operational Risk Policy Committee and the Board Integrated Risk Management Committee.
The Bank has a comprehensive insurance policy as a measure to mitigate risks. This falls within the framework of risk mitigation and control which in turn is an integral component of the risk management framework of the Bank. This policy will be reviewed and further enhanced in the near future.
Building and their contents, including IT equipment, are insured at their replacement value. Liability other than professional liability (i.e., relating to operations, Directors, vehicles, etc.) is covered by insurance policies.
Insurance is only one of the measures to offset the consequences of the risks inherent in the Bank’s activity. It complements the risk monitoring policy led by the Bank and also by its internal controls.
These risks are included in the ‘Bankers Indemnity Cover’ policy that insures all the Bank’s financial activities around the country. Fraudulent actions by an employee or by a third party acting on its own or with the aid of an employee with the intent to obtain illicit personal gain or through malice are covered.
The consequences of any legal action against staff or managers as a result of their professional activity are insured under the Bank’s Bankers Indemnity Policy (BID).
The consequences of any accidental interruptions to activity are insured under a Bank wide policy. This policy supplements the business continuity plans. The amounts insured are designed to cover losses incurred between the time of the event and the implementation of an emergency solution.
The adverse consequences surfacing while using computer systems and software are covered by the Bank’s BID policy. The policy covers fraudulent input and modification via computer systems, electronic computer programmes, electronic data and media, computer viruses, electronic and telefacsimile communications, electronic transmissions, electronic securities and voice incinerated transfers.
The Bank is concerned and committed to ensuring that the outsourced parties continue to uphold and extend the high standard of customer care and service excellence that has become synonymous with the Bank. Hence due diligence tests are routinely carried out to assess the performance of these outsourced parties through a sub-committee established to monitor outsourced activities for the Bank.
Since 2009, the Bank has used the Basic Indicator Approach (BIA) as proposed by the Capital Requirements Directive, to measure operational risk. This approach notably makes it possible to:
The Bank holds capital for operational risk equal to the average over the previous three years of a 15% of positive annual gross income.
The Bank’s regulatory capital requirements for operational risks within the scope of BIA (Basic Indicator Approach) requirements are calculated using the above stated formula. The Bank’s capital requirements for operational risks were LKR 15.48 billion. at the end of 2014. The Bank has been conducting parallel computation of capital in terms of The Standardised Approach (TSA) with effect from December 2011 in line with the Draft Guidelines.
With the issuance of new direction in 2014, Central Bank of Sri Lanka has awarded Banks that use BIA the option of moving to either the Standardized Approach (TSA) or the Alternate Standardised Approach (ASA) in order to improve the quality of operational risk management and to enhance the effectiveness of internal capital adequacy requirements.
As such, Bank has evaluated all 3 approaches in terms of relevance, economy and appropriateness to the risk profile. We remain committed to embrace any change that will serve the organization well in terms of improved quality of operational risk capital calculation and reporting.
Circular/Instructions issued by the Ministry of Health on Ebola Virus Disease (EVD) have been circulated to all staff to educate them on transmission, symptoms, diagnosis and prevention even though any alerts pertaining to EVD outbreak for South Asian region has not been announced by the World Health Organization or any other Government institution. However, from Business Continuity Management perspective a ‘Pandemic Plan’ which consists of detailed response phases based on alerts from relevant authorities providing internal information and guidelines was drafted.
There may be other risks such as model risk, settlement risk and group risk, which may be relevant to the Bank but not captured in the risk appetite framework. The reasons for non-inclusion of same for the risk appetite framework are as follows:
Strategic risk is the most fundamental of business risks and at its very basic, can be defined as the current and prospective risk to earnings and viability arising from,
Strategic risk for a bank like NDB can manifest itself through lack of well-defined long-term strategy but more importantly because of failure to appropriately communicate and implement the strategy or due to unforeseen changes in the socio-political, economic or business environment. Drawing of appropriate response plans to tweak the strategy to suit the changes in the business environment is essential to management of strategic risk.
The Bank has a well-formulated 5-year strategic plan, which is articulated by the Board and the corporate management. The strategic plans are drawn at various level of granularity e.g. a branch level strategy will detail the growth targets at branch level whereas a department level strategy will feature the achievement metrics at that level. The implementation of strategy is checked through monthly meetings where variances from the growth targets are analyzed and corrective actions recommended.
The strategic plan is also linked to individual employee performance through a goal setting process and periodic performance reviews are carried out to motivate employees and create a performance culture to ensure that business goals and objectives are achieved, thus mitigating strategic risk.
Reputation risk is risk of indirect loss (current or prospective) arising from one or multiple stakeholders adverse experience while dealing with the institution or which resulted in an adverse perception of the institution. It can also be understood as the potential that negative publicity regarding the Bank’s business practices, whether true or not, will cause a decline in customer base, costly litigation or revenue reduction.
Reputation risk management and mitigation aspects are embedded in the Bank’s policies and procedures, training programmes, the business continuity plan and through the Audit and Board Risk Management Committees.
The Bank monitors its reputation risk profile through a set of early warning indicators based on the reputation risk drivers and the factors within the reputation risk scorecard ensure that the overall reputation risk profile remains low. The risk mitigation and control processes for reputation risk at the Bank are designed to consider appropriate response actions to address the risks identified. A Customer Complaint Handling Process has been established under which the customers have a range of options through which they can forward their grievances to the Bank, by way of letters, using our public help line that is manned on a 24 - hour basis, through the Bank website or social media.
Legal risk is understood more from its consequences, which is incurrence of penalties, fines and sometimes loss of reputation due to the institution being on the other side of law. Legal risk may vary from institution to institution depending on the manner in which it conducts its business and the documentation it follows and is closely related to compliance and regulatory risk.
Legal risk in the Bank can manifest itself through:
Legal risk is owned and managed by the Legal Department and the Legal Department is assisted by third party lawyers as and when necessary to obtain an independent opinion.
Very closely related with reputation and legal/regulatory risk, compliance risk is defined as the risk of legal or regulatory sanctions, material financial loss, or loss to reputation and integrity an institution may suffer as a result of its failure to comply with laws, regulations, rules, related self-regulatory organizational standards, and codes of conduct applicable to its business activities. Bank is compliant with all CBSL regulations and thus the compliance risk is minimal.
The Bank has a well laid out Board approved Compliance Charter, which defines the fundamental principles, roles and responsibilities of the compliance function within the organisation as well as its relationship with senior management, the Board of Directors and the business and operational functions.
The Bank has just rolled out the new rating models for all business lines at both obligor and facility level and is in the process of rating the clients using the models. The Bank has also automated computation of Value at Risk (VaR) numbers for Market Risk. Similarly, the Bank intends to migrate to an Operational Risk VaR computation system in the future. Hence, with time, measures will be adopted to validate the models. Based on the above, the Bank would, assess the model risks once the Bank starts using models and advanced approaches in the future.
Settlement Risk refers to the risk arising on account of failed trades with counterparty banks in the foreign currency transactions. Settlement Risk arises from possible losses when the Bank is in a foreign exchange transaction pays the currency it sold but does not receive the currency it bought. Forward Contract settlement failures can arise from counterparty default, operational problems, and other factors. Settlement risk exists for any traded product. Currently, the Bank has a procedure for regular monitoring of limit utilisation, failed trades & excess monitoring. Settlement Risk is currently controlled by way of prudent allocation and monitoring of counterparty limits including Maximum Daily Delivery Risks (MDDR) limits for counterparts.
| Item |
Amount LKR million |
| Regulatory Capital | |
| Core Capital | 19,888 |
| Capital Base | 28,932 |
| Calculation of Risk-weighted Amount | |
| Credit Risk | 172,070 |
| Market Risk | 9,596 |
| Operational Risk | 15,481 |
| Calculation of Capital Adequacy Ratios (%) | |
| Core Capital | 10.09 |
| Total Capital Ratio | 14.68 |
| Stressed Capital Ratio | 12.30 |
Stress testing is the process of determining the effect of a change to a portfolio due to extreme realistic events. Management reviews the outcomes of the stress tests and where necessary determines, appropriate mitigating actions such as reviewing and changing risk appetite in order to manage the risks identified by potential stresses.
The Bank has implemented stress tests to measure the resilience of its lending portfolio to adverse movements by applying low, moderate and high impact shocks on hypothetical scenarios.
| Scenario 1 | Scenario 2 | Scenario 3 | |
| 1. An increase in the NPLs in the loan book | |||
| 5% Increase | 10% Increase | 20% Increase | |
| Revised CAR % | 14.6 | 14.5 | 14.3 |
| 2. A negative shift in NPL categories on the Bank’s credit portfolio | |||
| 50% Increase | 80% Increase | 100% Increase | |
| Revised CAR % | 14.5 | 14.4 | 14.4 |
| 3. Fall in FSV of mortgaged collateral in credit portfolio | |||
| 10% Decline | 20% Decline | 40% Decline | |
| Revised CAR % | 14.7 | 14.6 | 14.6 |
Losses beyond the confidence level are not captured by certain models, which therefore gives no indication of the size of unexpected losses in these situations. This is complemented by regular stress testing of market risk exposures to highlight the potential risk that may arise from extreme market events that are rare but plausible.
Stress testing is an integral part of the market risk management framework and considers both historical market events and forward-looking scenarios. A consistent stress testing methodology is applied to trading and non-trading books. The stress testing methodology assumes that scope for management action would be limited during a stress event, reflecting the decrease in market liquidity that often occurs. Stress scenarios are regularly updated to reflect changes in risk profile and economic events. ALCO considers the results of stress tests as part of its supervision of risk appetite. Regular stress test scenarios are applied to interest rates, liquidity ratios, exchange rates, commodity prices and equity prices. Ad hoc scenarios are also prepared reflecting specific market conditions and for particular concentrations of risk that arise within the businesses.
Bank’s net foreign currency position is tested on a daily basis under four stressed scenarios giving adverse shocks of 5%, 10%, 15% and 25% to the exchange rate to arrive at the maximum loss scenarios the Bank is exposed to and is monitored against the limits set.
Limit is set at the minimum level of shock (Scenario 1) as an early warning where the Bank will take action to ensure that it does not surpass the first level of shock and reach worse case scenarios.
As at 31 December 2014
| Net Position | Scenario 1 | Scenario 2 | Scenario 3 | Scenario 4 | |
| Magnitude of Shock (adverse) | 5% | 10% | 15% | 25% | |
| Spot Rate movement | 132.00 | 138.60 | 145.20 | 151.80 | 165.00 |
| Position Profit/loss (LKR) | (774,327) | (5,110,556) | (10,221,112) | (15,331,668) | (25,552,781) |
The stress results of the Bank’s Overnight Net Open Position is managed well within the risk limit and monitored on a daily basis.
Liquidity stress testing is carried out under three different scenarios which covers Bank specific and system specific conditions, where different magnitudes of shocks are given to individual and or total Liquid Liabilities. The results are monitored against the limit and the minor level of result (at 5%) will be considered as the management action point.
The Bank managed to maintain a healthy Liquid Asset Ratio well above the internal limit which is more stringent than the regulatory limit even under the stressed scenarios.
| Stress Testing for Liquidity Risk - December 2014 | ||||
| Banks average Liquid Asset Ratio for the month | 25.91 | |||
| Stress testing on Liquid Asset Ratio | ||||
| Magnitude of Shocks on Liquid Asset Ratio. | ||||
| Scenario No. | Stress Scenarios | 5% | 10% | 15% |
| Revised LAR. after relevant shocks. | ||||
| 1. | Adverse impact on MM and Institutional Borrowings/Drop in Market Liquidity | 24.99 | 24.04 | 23.08 |
| 2. | Run down on CASA and Time Deposits | 23.24 | 20.37 | 17.28 |
| 3. | Impact on Total Liquid Liabilities | 22.25 | 18.21 | 13.73 |
Scenario analyses primarily serve the purposes of contributing towards the capital calculation to cover operational risks and informing the Bank about potentially significant areas of risk. For the calculation of capital requirements, the Bank uses stress tests to measure its exposure to potential losses.
The Bank does its operational risk stress testing using two approaches:
This is calculated based on the Bank’s internal loss data and using the Monte-Carlo simulation; however, the capital requirement based on OpVaR is less than operational risk capital calculated based on BIA approach. Hence, no additional capital is allocated.
Stress scenario considers that 18% of stress has been applied on gross income and while comparing the same with BIA capital, 3% of additional stressed capital is required.