Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Risk Management System
Transcript of Risk Management System
ELEMENTS OF THE SARC
Policy credit risk management.
Process credit risk management.
Or internal reference to estimate or quantify the expected loss models.
System provisions to cover credit risk.
Internal control processes.
Policy credit risk management
Defining the criteria under which an entity should evaluate, qualify, assume control and cover credit risk (Board).
Process credit risk management
Defining processes for identifying, measuring and controlling credit risk (should define the responsibilities of each of the agencies involved officials).
Models for estimating or quantifying expected losses
The SARC must estimate or quantify the expected loss of each type of credit (internal or reference models).
Internal control processes
Verification of implementation of methodologies and procedures within SARC entities.
External Circular 011 March 05 200 :
Issuance of the new standard replaces SARC Chapter II of the Basic Accounting and Financial Circular.
Circular 031 March 5, 2002:
Definition of the stages for the definition and implementation of the SARC (three phases).
Circular 059 May 6, 2002 :
Determining the timing of Phase I for the definition and implementation of the SARC.
External Circular 030 June 20, 2003:
Postponement of Phase III.
Risk Management System Credit Card (SARC)
The SARC is the set of policies and procedures from which the criteria by which financial institutions evaluate, take, qualify, control and cover their credit risk are defined.
With the SARC, institutions must adopt policies and special arrangements for the sound management of credit risk, both from its covering (provisioning system) or from the administration of the lending process and ongoing monitoring of the same.
RISK MANAGEMENT SYSTEM
The SARC should have an outline of provisions to cover credit risk, which must be calculated based on expected losses calculated by application of the internal model or reference.
Rules on Classification and Rating Credit Risk
Commercial loan contracts should be classified under the following categories of credit risk:
Category AA (no arrears).
Category A (30 ≤ dwelleth <60 days).
Category BB (60 ≤ dwelleth <90 days).
Category B (90 ≤ dwelleth <120 days).
Category CC (dwells ≤ 120 <150 days).
Category Default (greater than or equal to 150 days delinquent).
Credit risk can be defined as the potential loss from the failure of the counterparty in a transaction that includes a commitment to pay.
Market risk is the possibility that an entity incurs losses and
see diminished the value of its assets as a result of changes in
price of financial instruments in which the entity holds
positions in and out of balance. These changes may occur
resulting from changes in interest rates, exchange rates and other
CHAPTER XXI THE SUPERINTENDENT OF FINANCIAL AND RULES RELATING TO MARKET RISK MANAGEMENT
Is the risk management system that must be implemented controlled entities, for the purpose of identifying, measuring, controlling and monitoring market risk to which they are exposed to carry out its operations authorized, including cash, taking its structure and size.
VALUE AT RISK
(Value at Risk) is a statistical measure that represents the maximum loss expected within a time horizon and confidence interval. It is the main tool for measuring market risk.
It is a necessary but not sufficient for risk control tool, but. It controls must accompany limits, as well as independence of the areas of risk management.
STAGES OF MARKET RISK MANAGEMENT
should allow controlled entities identify market risk to which they are exposed, depending on the type of positions assumed by them in accordance with the authorized operations.
Where applicable,consider the following market risks:
a. interest rate in domestic currency
b. interest rate on foreign currency
c. interest rate transactions agreed in UVR
d. exchange rate
e. share price
f. investments in collective portfolio
SARM should allow supervised institutions to measure and quantify the expected losses from exposure to market risk.
Methodology for measuring market risk
Credit institutions, special government institutions, cooperative bodies Degree:
These entities should measure the market risk arising from their positions in the cash book and cash operations.
b) Companies securities brokerage firms
For brokerage firms stock exchange should be measured market risk arising from its proprietary trading of its operations with its own resources and cash transactions.
d) or collective portfolios managed by brokerage firms securities funds
The collective portfolio or administered by brokerage firms of stock market funds must measure the market risk arising from their positions in the cash book and cash operations
e) Trust companies, fund management companies and unemployment pension, investment management companies, insurance companies and capitalization companies
These entities should measure the market risk arising from their positions in the cash book and cash operations. Additionally, they must measure the market risk for those collective funds and funds it manages
ELEMENTS OF MRMS
policy -Policies limits -Policies for Staff
Board, board or body that replaces it
Unit or area of risk management
The Risk Management Process
Risk Management is defined as "the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analyzing, assessing, treating, monitoring and communicating".
Risk is defined as 'the chance of something happening that will have an impact on objectives'. It is, therefore, important to understand what the objectives of the company are, prior to attempting to analyze the risks.
WHAT IS RISK
Southern Cross University
Risk treatment involves identifying the range of options for treating risk, assessing those options, preparing risk treatment plans and implementing them.
If, after controls are put in place, the remaining risk is deemed acceptable to the organization, the risk can be retained. However, plans should be put in place to manage/fund the consequences of the risk should it occur.
Retain/accept the risk -
By preventative maintenance, audit & compliance programs, supervision, contract conditions, policies & procedures, testing, investment & portfolio management, training of staff, technical controls and quality assurance programs etc.
Reduce the Likelihood of the risk occurring
Through contingency planning, contract conditions, disaster recovery & business continuity plans, off-site back-up, public relations, emergency procedures and staff training etc.
Reduce the Consequences of the risk occurring
This involves another party bearing or sharing some part of the risk by the use of contracts, insurance, outsourcing, joint ventures or partnerships etc.
Decide not to proceed with the activity likely to generate the risk, where this is practicable.
Avoid the risk
Transfer the risk
Operational risk is "the likelihood of a change in value caused by the fact that actual losses, incurred for inadequate or failed internal processes, people and systems, or from external events (including legal risk), differ from the expected losses".
It can also include other classes of risk, such as fraud, security, privacy protection, legal risks, physical (e.g. infrastructure shutdown) or environmental risks.
Operational risk management
The term Operational Risk Management (ORM) is defined as a continual cyclic process which includes risk assessment, risk decision making, and implementation of risk controls, which results in acceptance, mitigation, or avoidance of risk. ORM is the oversight of operational risk, including the risk of loss resulting from inadequate or failed internal processes and systems; human factors; or external events.
Four principles of ORM
The U.S. Department of Defense summarizes the principles of ORM as follows:
> Accept risk when benefits outweigh the cost.
> Accept no unnecessary risk.
> Anticipate and manage risk by planning.
> Make risk decisions at the right level.
Three levels of ORM
Three levels of ORM
Three levels of ORM
In depth risk management is used before a project is implemented, when there is plenty of time to plan and prepare. Examples of in depth methods include training, drafting instructions and requirements, and acquiring personal protective equipment.
Deliberate risk management is used at routine periods through the implementation of a project or process. Examples include quality assurance, on-the-job training, safety briefs, performance reviews, and safety checks.
Time critical risk management is used during operational exercises or execution of tasks. It is defined as the effective use of all available resources by individuals, crews, and teams to safely and effectively accomplish the mission or task using risk management concepts when time and resources are limited. Examples of tools used includes execution check-lists and change management. This requires a high degree of situational awareness.
ORM process Deliberate
ORM process Time critical
>Monitor and review
>Make risk decisions
>Supervise (and watch for changes)
1. Assess the situation.
The three conditions of the Assess step are task loading, additive conditions, and human factors.
>Task loading refers to the negative effect of increased tasking on performance of the tasks.
>Additive factors refers to having a situational awareness of the cumulative effect of variables (conditions, etc.).
>Human factors refers to the limitations of the ability of the human body and mind to adapt to the work environment (e.g. stress, fatigue, impairment, lapses of attention, confusion, and willful violations of regulations).
ORM process Time critical
2. Balance your resources.
This refers to balancing resources in three different ways:
>Balancing resources and options available. This means evaluating and leveraging all the informational, labor, equipment, and material resources available.
>Balancing Resources verses hazards. This means estimating how well prepared you are to safely accomplish a task and making a judgement call.
>Balancing individual verses team effort. This means observing individual risk warning signs. It also means observing how well the team is communicating, knows the roles that each member is supposed to play, and the stress level and participation level of each team member.
ORM process Time critical
3. Communicate risks and intentions.
>Communicate hazards and intentions.
>Communicate to the right people.
>Use the right communication style. Asking questions is a technique to opening the lines of communication. A direct and forceful style of communication gets a specific result from a specific situation.
>Reduction of operational loss.
>Lower compliance/auditing costs.
>Early detection of unlawful activities.
>Reduced exposure to future risks.
Benefits of ORM
The harm stemming from the lack of marketability of an investment that cannot be bought or sold quickly enough to prevent or minimize a loss.
Liquidity risk is typically reflected in unusually wide bid-ask spreads. The rule says that the smaller the size of the security or its issuer, the larger the liquidity risk.
Liquidity is a financial institution’s capacity to meet its cash and collateral obligations without incurring unacceptable losses. Adequate liquidity is dependent upon the institution’s ability to efficiently meet both expected and unexpected cash flows and collateral needs without adversely affecting either daily operations or the financial condition of the institution.
Liquidity risk is the harm to an institution’s financial condition or safety and soundness arising from its inability (whether real or perceived) to meet its contractual obligations.
The primary role of liquidity-risk management is to:
(1) prospectively assess the need for funds to meet obligations, and
(2) ensure the availability of cash or collateral to fulfill those needs at the appropriate time by coordinating the various sources of funds available to the institution under normal and stressed conditions.
The recent crisis that affected large international banks and recognized investment firms help to discover faults in the administration of liquidity risk.
The proper management of the liquidity risk is based in two basic components:
>The internal management
The internal management
Aims for an appropriate culture organizational covering all areas entity, with special emphasis on roles to be played by management, administration and control bodies.
In the measurement section, the entities may have internal models for measuring Liquidity Risk, and clear rules for incorporating extreme scenarios and plans contingency, in line with the international recommendations.
Colombian standard is a step
further, to develop what is called
Liquidity Standard Risk Report
that has to be sent each week to the
This serves a dual purpose: the model for those entities that do not use internal methodologies and serves as a tool of information and monitoring for SFC.
The standard report consists of the construction of Liquidity Risk Indicator (LRI) which is based on the analysis of the main variables that generate cash flows in financial institutions:
net liquid assets (NLA),
mismatches cash flows between assets and liabilities with
and estimated cash flows that obey
no contractual maturity
LRI = NLA + NFCM + NFWCM
Liquidity Risk Indicator (LRI)
The standard itself encourages institutions to develop internal models, using statistical tools and expert qualitative criteria, that reflects the particularities of the business being conducted.
The Basel Committee notes that the best practices in the management of liquidity risk events are to develop internal models to the measure of each institution, involve senior management in decision-making, set limits, establish risk profiles and levels tolerance to it, and provide contingency plans for extreme situations.
Risk of money laundering and terrorist financing
Possibility of loss or damage that may have an entity supervised by their propensity to be used directly or through its operations as an instrument for money laundering and / or channeling resources to carry out terrorist activities, or the concealment of intended assets of such activities.
is the management system that must be implemented by supervised institutions to protect against the risk of ML / FT.
1 Risk identification,
2 Measurement and evaluation
3 Control and
should allow controlled entities identify risks of ML / FT inherent in the development of its activity.
To identify the risk of ML / FT controlled entities should at least:
a) Establish methodologies for segmenting risk factors.
b) Based on the methodologies set forth in the preceding paragraph development, target risk factors.
c) establish methodologies for identifying risk of ML / FT risks and
associated for each one of the risk factors.
d) Based on the methodologies set forth in the preceding paragraph development, identify ways in which they can present the risk of ML / FT.
Generating agents are risk of ML / FT. For purposes of
controlled entities should consider at least the following:
a) Customers / users
c) Distribution Channels and
After the identification stage, the
should allow controlled entities measure the likelihood or probability of the inherent risk of ML / FT against each of the risk factors and the impact should they materialize by the risks associated . These measurements may be qualitative or quantitative.
Measurement and Evaluation
At this stage the supervised institutions must take measures to control the inherent risk to which they are exposed, because of the risk factors and associated risks.
This step should allow controlled entities to track risk profiles and, in general, to SARLAFT and conduct screening unusual and / or suspicious.
4 Organizational Structure.
5 Bodies control.
6 Technology infrastructure.
7 Disclosure of information.
Identification and analysis of unusual transactions.
Determination and reporting of suspicious activities.
Article 323 of the Penal Code (acquire, protect, invest, transport, process, preserve, administer, color of law, legalize, conceal, and cover up)
The Colombian penal code punishes this activity by the figures of criminal conspiracy (Article 340 of the penal code) and resource management related to terrorist activities (Article 345 of the penal code)
102 and subsequent articles of the Organic Statute of the Financial System and External Circular 026 of 2008 issued by the SFC, with its circular amendments
Basilea III requires more tangible capital (highest quality) than Basilea I-II
the credit institutions in Colombia must fullfil a minimun sovency 9%. (patrimonio técnico/activos ponderados por nivel de riesgo)
The new laws of liquidity
1999. Reputational risk. All the savers of Davivienda were removing his savings because they heard that the bank will be in Bankcrucy.
Feb 1995: Barings Bank, Uk, registered a loss of USD$ 1.3 bill. Nick Leeson a derivates trader acumuló hid his operations for 2 years. The Bank was declared in bankcrupcty.
Sept 1995: Daiwa Bank, Japan, registered a loss of USD$ 1.1 bill. A bond trader, Toshihide Igushi, hid his operations for 11 years in a US subsidiary. The Bank was declared in bankcrupcty.
These cases are relate to internal fraud. There were a failure of supervision.
OPERATIVE RISK CASES
America de Cali
When a persons is include in the clinton list he is a financial person dead.
HSBC Mexico y Colombia
OFAC (Office of Foreign Assets Control ) publishes a list of individuals and companies owned or controlled by, or acting for or on behalf of, terrorists and narcotics traffickers. Their assets are blocked and U.S. persons are generally prohibited from dealing with them.
MONEY LAUNDRY RISK CASES