|
RISK MANAGEMENT |
| |
 |
In compliance of the Basel II requirements,
in 2005 Futurebank established an independent Risk Management Function embracing the all major risks. |
 Credit Risk |
|
Market Risk,
Liquidity Risk, FX Risk
|
|
Operational Risk |
|
Within a span little more than of six years the
Bank has managed to cover various areas of Risk
Management. The overall Risk Management
framework is enunciated through a
Risk
Charter
which lays down the overall framework of
strategies, infrastructure, policies and
procedures. It also summarizes the committee
structure adopted by the Bank for Management of
Risk.
The
Risk Management Committee
(RMC)
set
up with the representation of Senior Management,
reports to the Board of Directors. The RMC is
chaired by the CEO and is responsible for
implementation, interpretation and follow up of
the Risk Policies. The Terms of reference of the
Committee broadly include the implementation of
all policies relating to management Credit,
Market liquidity and Operational Risk on an
ongoing basis. There are three sub committees to
specifically monitor Operational Risk Credit
Risk ( Performing Loans ) and SAM ( Special
Asset Management for Non Performing Loans )
respectively. All sub committees report to the
main Risk committee. The Head of Risk reports to
the CEO with a dotted line to the Board.
During 2009, based on Central Bank of Bahrain’s
(CBB) guidelines, a risk profiling audit of the
Bank was conducted by an independent external
auditor and the report was sent to the CBB.
Based on the gaps identified in the report, the
Bank had submitted a time bound action plan to
the CBB. The RMD followed up on this action plan
and all gaps pointed out in the report since
stand closed. During 2010 the organization
structure was modified in order to elevate the
role of the Risk Management in the Credit
approval process. In addition the credit
analysis function was shifted from front office
to Credit Department in order to ensure
independence of the appraisal function.
The
Risk
Management Department (RMD)
is responsible for day to day management of Risk
which includes monitoring of portfolio based
limits, reporting all excesses and anomalies to
RMC and follow up with respective front office
representatives for regularization.
Internal audit assesses whether the policies and
procedures are complied with and if necessary,
suggest ways of improving internal controls. A
separate internal control function in place
under the Finance Department and looks after
various internal control issues
The entire initiative and road map of Risk
compliance with Basel II guidelines is being
monitored by a
Basel Steering Committee,
chaired by CEO, which oversees progress of
various projects undertaken for the purpose.
|
|
|
|
|
The Risk Management
framework is enunciated through the
Risk Charter
which lays down the structure of strategies,
policies and procedures. It also summarizes the
committee structure adopted by the Bank for
Management of Risk. The Risk Management
Department is responsible for day to day
management of Risk.
The Risk
Management Committee
has been operational to oversee the
implementation, interpretation and follow up of
the Risk policy of the Bank as enunciated in the
Risk Charter.
The Risk Management Committee is chaired by the
CEO and reports to the Board. Its principal
responsibilities are as follows:-
|
|
|
to oversee implementation of various components of the Credit , Operational and ALM Policy , including revision to existing policies and procedures. |
|
|
to establish a sound structure of Risk Management |
|
|
to establish guidelines for all lending activities
|
|
|
to establish and monitor limits for Country exposure, product, sector, and review them on Annual basis. |
|
|
to conduct portfolio reviews on
quarterly basis to track various risk
concentrations and suggest remedial
measures in case of deviations. |
|
|
to review all exception reports on
regular basis to identify new weal list
and watch list
accounts and recommend appropriate
actions to prevent slippage in ratings. |
|
|
to review Special Assets including
criticized assets at regular intervals
and suggest appropriate remedial
measures to management including work
out or exit. |
|
|
to consider and recommend legal action
against defaulting borrowers based on
assessment of the recovery prospects |
|
|
to consider all
proposals for provisioning globally and
in specific cases |
|
|
to review and assess on Annual basis, the
process and quality of decision-making
carried out by various delegates. |
|
|
to implement established policies and
procedures for liquidity , market and
operational risk management.
|
|
|
|
The
risk appetite of the Bank is defined in the
Risk
Strategy
document approved by the Board. Risk Strategy
defines the risk categories to which bank is
willing to expose itself and the levels up to
which it is willing to expose ( limits ) while
undertaking its business, defined under overall
business strategy and the Credit and funding
strategy. |
|
|
Credit Risk is
managed through a set of
Credit Risk Policy
guidelines and the procedures as laid down in
the Credit Risk Policy.
The Credit Risk policy is derived in accordance
with the Risk
strategy of the
Bank which defines the Risk appetite of the
Bank. The purpose of Credit Policy is to provide
a framework to achieve the Strategic objectives
set by the Board. It provides the guidelines for
approving credit risk (limits) and, the
prudential norms for managing concentration risk
and the mechanism for monitoring and control as
part of overall self regulation.
The Credit Risk policy document covers all
credit activities undertaken by the business
segments including non-strategic investments
(counterparty risk)
|
|
|
In addition to liquidity Risk Future Bank is
currently exposed to Market Risk only in the
Banking Book since it is not engaged in any
trading activities.
|
|
Interest Rate Risk (risk of
loss due to changes in interest rates)
|
|
Exchange Rate Risk
(risk of loss due to changes in exchange rates)
|
|
Liquidity Risk
(risk of Bank failing to meet its financial
commitments due to funding mismatch.)
|
|
Limits have been
set up to manage liquidity, interest rate and FX
(open position ) risk.
The Treasury Department
is currently utilizing these limits and
RMD
monitors them through the mechanism of ALCO
based on the
ALM policy.
The ALM Manager
reports to Head of Risk and assists in preparing
ALCO reports.
|
|
|
Operational risk
(OR) is the risk of direct or indirect loss
resulting from failed processes, technology,
people or external events. It includes
reputation risk. The Bank has put in place
Standard Operating procedures which comply with
the high standards of Internal Control. In the
process, the activities have been segregated
into back office and front office in accordance
with international best practices.
The information security policy is supported by
ISO 27001 standard.
The MIS is being strengthened with particular
focus on exception management. The Internal
Audit Department is considered as the final
layer of Internal Control and reports directly
to the Board of Directors.
The Bank has put in place Standard Operating
Procedures (SOPs) which comply with the high
standards of internal control. In the process,
the activities have been segregated into back
office and front office in accordance with
international best practices. During 2010, the
SOPs were re-engineered in order to reflect the
changes required through implementation of a new
Core Banking module. During 2011 an RCSA review
was conducted based on revised SOPs.
A Business Continuity plan is in place to ensure
continuity of essential services to customers in
case of occurrence of any calamity resulting in
disruption of normal business activity.
Similarly, a disaster recovery plan is also in
place. The Bank has set up disaster recovery
site at one of its branches as a back up site in
case of any disaster.
An Operational risk management policy and
procedure framework has been adopted which
defines key operational risk areas, key control
standards and key risk indicators in line with
the Basel II recommendations. The Bank currently
follows the basic indicator approach for
operational risk. The operational risk sub
committee is in charge of implementation of the
OR policy and reports to the RMC. The RMD
implements OR procedures. A dedicated software
is in place to monitor Operational Risk.
|
|
|
The
Bank follows standardized approach for credit
and market risks and the basic indicator
approach for operational risk. A capital
management policy has been approved by the Board
under which the Bank has defined threshold
limits for capital adequacy ratio with a minimum
capital requirement ratio of 12% (same as
required by the CBB) and a maximum threshold
level. Within this range, 3 trigger ratios are
defined i.e. internal target ratio, lower
trigger ratio, and ICAAP capital adequacy ratio
to enable the Bank to assess the adequacy of the
capital to support current and future
activities. Action points are triggered in case
of breach of any of the lower trigger ratios.
The ICAAP capital adequacy ratio represents the
capital position which the Bank will maintain as
buffer over 12% to accommodate any capital
requirements under Pillar II and effects of
stress test on the level of capital required. In
order to manage the Pillar II risks the Bank has
adopted risk diversification policies by
geographic, sector, rating classifications.
Stress tests are performed at quarterly
intervals and reported to the Board.
For example the geographic areas are broken into
six categories under the country risk management
policy based on country ratings. Exposure limits
have been set up on each category. Similarly
sector limits and rating wise limits have been
defined under the credit risk policy to avoid
concentration risk. Currently the geographic
risk is concentrated to one country i.e. Iran
apart from Bahrain.
The Bank follows the CBBs definition of large
exposure limits and all credit approvals are
based on adherence to the maximum limit of 15%
of capital base except those specifically
approved by the CBB. All large exposures are
monitored by the RMD on a daily basis and a
report is presented to the Risk Committee on a
monthly basis. Certain sensitive exposures such
as connected party exposure and Iran exposure
are monitored on a daily basis.
Any credit obligation which remains unpaid on
the due date is considered as past due on the
next succeeding day. All past dues are closely
monitored through daily and monthly reports. The
rating model adopted by the Bank automatically
downgrades an account to weak list (rating E+)
or watch list (rating E) depending upon the
length of the past dues. An account is
downgraded to impaired asset if the past due
status extends beyond 90 days. Provisions are
made based on IAS 39 requirements.
In addition high value NPAs are subjected to
quarterly revaluation of security based on 3
independent valuations and the Net Present Value
(NPV) is based on 4 years discounting of the
lowest value in order to ensure that all
provisions are made on a conservative basis. The
Bank has adopted a policy of minimum 15%
provision on all NPAs irrespective of the
availability of collaterals or cash flows. In
addition, 100% provision is made in respect of
any NPA with a gross exposure up to BD 100
thousand. The Bank also follows a cooling period
of 6 months satisfactory performance before
upgrading any restructured asset to performing
category.
A collective impairment provision is also
maintained as additional cushion based on the
PDs for each rating category. Since the Bank
does not have its own PDs in the absence of
adequate historical data, the PDs of external
rating agencies have been mapped to the Banks
internal rating categories on a best effort
basis. The CIP so arrived at is subject to a
minimum amount of 1% of performing loans
portfolio i.e. higher of the two methodologies.
In order to minimize potential legal risks, the
Bank has adopted best practices in lending
activities especially in the area of consumer
lending which includes dissemination of
information relating to products, tariffs etc.
through various media including website,
literature and documentation, complaint disposal
mechanism, staff training etc. There were no
material legal claims against the Bank as of 31
December 2011. A separate Compliance department
is functional which monitors the compliance
risk.
The Bank has adopted a policy for conducting
stress testing on various portfolios in order to
determine additional capital requirements as
part of its ICAAP. Bank has already stressed its
projected 3 year balance sheet based on 9 stress
scenarios and arrived at the regulatory and
internal capital ratios. The results were in
principle approved by the Board and forwarded
also to CBB
|
|
|
In
line with CBB guidelines the Bank has put in
place a Disclosure Policy approved by its board.
The policy defines a framework for the
disclosure obligations including a committee
established to oversee the entire process. |
|
| |
|
| |
|
|
