Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Risk Management System

No description

nini matiz

on 28 September 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Risk Management System

Daniel Palomino
Linda Ramírez

Policy credit risk management.
Process credit risk management.
Or internal reference to estimate or quantify the expected loss models.
System provisions to cover credit risk.
Internal control processes.
Policy credit risk management
Defining the criteria under which an entity should evaluate, qualify, assume control and cover credit risk (Board).
Process credit risk management
Defining processes for identifying, measuring and controlling credit risk (should define the responsibilities of each of the agencies involved officials).
Models for estimating or quantifying expected losses
The SARC must estimate or quantify the expected loss of each type of credit (internal or reference models).
Internal control processes

Verification of implementation of methodologies and procedures within SARC entities.

External Circular 011 March 05 200 :

Issuance of the new standard replaces SARC Chapter II of the Basic Accounting and Financial Circular.

Circular 031 March 5, 2002:
Definition of the stages for the definition and implementation of the SARC (three phases).
Circular 059 May 6, 2002 :
Determining the timing of Phase I for the definition and implementation of the SARC.
External Circular 030 June 20, 2003:
Postponement of Phase III.
Risk Management System Credit Card (SARC)
The SARC is the set of policies and procedures from which the criteria by which financial institutions evaluate, take, qualify, control and cover their credit risk are defined.
With the SARC, institutions must adopt policies and special arrangements for the sound management of credit risk, both from its covering (provisioning system) or from the administration of the lending process and ongoing monitoring of the same.

Systems supplies:
The SARC should have an outline of provisions to cover credit risk, which must be calculated based on expected losses calculated by application of the internal model or reference.
Rules on Classification and Rating Credit Risk
Commercial loan contracts should be classified under the following categories of credit risk:

Category AA (no arrears).
Category A (30 ≤ dwelleth <60 days).
Category BB (60 ≤ dwelleth <90 days).
Category B (90 ≤ dwelleth <120 days).
Category CC (dwells ≤ 120 <150 days).
Category Default (greater than or equal to 150 days delinquent).
Credit risk can be defined as the potential loss from the failure of the counterparty in a transaction that includes a commitment to pay.
Market risk is the possibility that an entity incurs losses and
see diminished the value of its assets as a result of changes in
price of financial instruments in which the entity holds
positions in and out of balance. These changes may occur
resulting from changes in interest rates, exchange rates and other

Is the risk management system that must be implemented controlled entities, for the purpose of identifying, measuring, controlling and monitoring market risk to which they are exposed to carry out its operations authorized, including cash, taking its structure and size.
(Value at Risk) is a statistical measure that represents the maximum loss expected within a time horizon and confidence interval. It is the main tool for measuring market risk.

It is a necessary but not sufficient for risk control tool, but. It controls must accompany limits, as well as independence of the areas of risk management.

should allow controlled entities identify market risk to which they are exposed, depending on the type of positions assumed by them in accordance with the authorized operations.
Where applicable,consider the following market risks:

a. interest rate in domestic currency
b. interest rate on foreign currency
c. interest rate transactions agreed in UVR
d. exchange rate
e. share price
f. investments in collective portfolio
SARM should allow supervised institutions to measure and quantify the expected losses from exposure to market risk.

Methodology for measuring market risk

Credit institutions, special government institutions, cooperative bodies Degree:

These entities should measure the market risk arising from their positions in the cash book and cash operations.
b) Companies securities brokerage firms

For brokerage firms stock exchange should be measured market risk arising from its proprietary trading of its operations with its own resources and cash transactions.

d) or collective portfolios managed by brokerage firms securities funds

The collective portfolio or administered by brokerage firms of stock market funds must measure the market risk arising from their positions in the cash book and cash operations
e) Trust companies, fund management companies and unemployment pension, investment management companies, insurance companies and capitalization companies

These entities should measure the market risk arising from their positions in the cash book and cash operations. Additionally, they must measure the market risk for those collective funds and funds it manages
policy -Policies limits -Policies for Staff
organizational Structure
Board, board or body that replaces it
Legal representative
Unit or area of ​​risk management
Supervisory bodies
tax inspection
technology Infrastructure
qualitative information
quantitative information
The Risk Management Process
Risk Management is defined as "the systematic application of management policies, procedures and practices to the tasks of establishing the context, identifying, analyzing, assessing, treating, monitoring and communicating".
Risk is defined as 'the chance of something happening that will have an impact on objectives'. It is, therefore, important to understand what the objectives of the company are, prior to attempting to analyze the risks.

Southern Cross University
Risk Treatment
Risk treatment involves identifying the range of options for treating risk, assessing those options, preparing risk treatment plans and implementing them.
If, after controls are put in place, the remaining risk is deemed acceptable to the organization, the risk can be retained. However, plans should be put in place to manage/fund the consequences of the risk should it occur.
Retain/accept the risk -
By preventative maintenance, audit & compliance programs, supervision, contract conditions, policies & procedures, testing, investment & portfolio management, training of staff, technical controls and quality assurance programs etc.
Reduce the Likelihood of the risk occurring
Through contingency planning, contract conditions, disaster recovery & business continuity plans, off-site back-up, public relations, emergency procedures and staff training etc.
Reduce the Consequences of the risk occurring
This involves another party bearing or sharing some part of the risk by the use of contracts, insurance, outsourcing, joint ventures or partnerships etc.

Decide not to proceed with the activity likely to generate the risk, where this is practicable.
Avoid the risk
Transfer the risk
Operational risk is "the likelihood of a change in value caused by the fact that actual losses, incurred for inadequate or failed internal processes, people and systems, or from external events (including legal risk), differ from the expected losses".

It can also include other classes of risk, such as fraud, security, privacy protection, legal risks, physical (e.g. infrastructure shutdown) or environmental risks.
Operational Risk
Operational risk management
The term Operational Risk Management (ORM) is defined as a continual cyclic process which includes risk assessment, risk decision making, and implementation of risk controls, which results in acceptance, mitigation, or avoidance of risk. ORM is the oversight of operational risk, including the risk of loss resulting from inadequate or failed internal processes and systems; human factors; or external events.
Four principles of ORM
The U.S. Department of Defense summarizes the principles of ORM as follows:

> Accept risk when benefits outweigh the cost.
> Accept no unnecessary risk.
> Anticipate and manage risk by planning.
> Make risk decisions at the right level.
Three levels of ORM
Three levels of ORM
Three levels of ORM
In Depth
In depth risk management is used before a project is implemented, when there is plenty of time to plan and prepare. Examples of in depth methods include training, drafting instructions and requirements, and acquiring personal protective equipment.
Deliberate risk management is used at routine periods through the implementation of a project or process. Examples include quality assurance, on-the-job training, safety briefs, performance reviews, and safety checks.
Time Critical
Time critical risk management is used during operational exercises or execution of tasks. It is defined as the effective use of all available resources by individuals, crews, and teams to safely and effectively accomplish the mission or task using risk management concepts when time and resources are limited. Examples of tools used includes execution check-lists and change management. This requires a high degree of situational awareness.
ORM process
In depth
ORM process Deliberate
ORM process Time critical

>Establish context
>Risk assessment
>Risk identification
>Risk analysis
>Risk evaluation
>Risk treatment
>Monitor and review

>Identify hazards
>Assess hazards
>Make risk decisions
>Implement controls
>Supervise (and watch for changes)
1. Assess the situation.
The three conditions of the Assess step are task loading, additive conditions, and human factors.

>Task loading refers to the negative effect of increased tasking on performance of the tasks.

>Additive factors refers to having a situational awareness of the cumulative effect of variables (conditions, etc.).

>Human factors refers to the limitations of the ability of the human body and mind to adapt to the work environment (e.g. stress, fatigue, impairment, lapses of attention, confusion, and willful violations of regulations).
ORM process Time critical
2. Balance your resources.
This refers to balancing resources in three different ways:

>Balancing resources and options available. This means evaluating and leveraging all the informational, labor, equipment, and material resources available.

>Balancing Resources verses hazards. This means estimating how well prepared you are to safely accomplish a task and making a judgement call.

>Balancing individual verses team effort. This means observing individual risk warning signs. It also means observing how well the team is communicating, knows the roles that each member is supposed to play, and the stress level and participation level of each team member.
ORM process Time critical
3. Communicate risks and intentions.

>Communicate hazards and intentions.

>Communicate to the right people.

>Use the right communication style. Asking questions is a technique to opening the lines of communication. A direct and forceful style of communication gets a specific result from a specific situation.

>Reduction of operational loss.
>Lower compliance/auditing costs.
>Early detection of unlawful activities.
>Reduced exposure to future risks.
Benefits of ORM
Liquidity risk
The harm stemming from the lack of marketability of an investment that cannot be bought or sold quickly enough to prevent or minimize a loss.

Liquidity risk is typically reflected in unusually wide bid-ask spreads. The rule says that the smaller the size of the security or its issuer, the larger the liquidity risk.
Liquidity is a financial institution’s capacity to meet its cash and collateral obligations without incurring unacceptable losses. Adequate liquidity is dependent upon the institution’s ability to efficiently meet both expected and unexpected cash flows and collateral needs without adversely affecting either daily operations or the financial condition of the institution.
Liquidity risk
Liquidity risk is the harm to an institution’s financial condition or safety and soundness arising from its inability (whether real or perceived) to meet its contractual obligations.
The primary role of liquidity-risk management is to:

(1) prospectively assess the need for funds to meet obligations, and

(2) ensure the availability of cash or collateral to fulfill those needs at the appropriate time by coordinating the various sources of funds available to the institution under normal and stressed conditions.
liquidity-risk management
The recent crisis that affected large international banks and recognized investment firms help to discover faults in the administration of liquidity risk.
Liquidity risk
liquidity-risk management
The proper management of the liquidity risk is based in two basic components:

>The internal management
>Quantitative measurement.
The internal management
Quantitative measurement
Aims for an appropriate culture organizational covering all areas entity, with special emphasis on roles to be played by management, administration and control bodies.
In the measurement section, the entities may have internal models for measuring Liquidity Risk, and clear rules for incorporating extreme scenarios and plans contingency, in line with the international recommendations.
Colombian standard is a step
further, to develop what is called
Liquidity Standard Risk Report

that has to be sent each week to the

This serves a dual purpose: the model for those entities that do not use internal methodologies and serves as a tool of information and monitoring for SFC.
Colombian Rule
The standard report consists of the construction of Liquidity Risk Indicator (LRI)  which is based on the analysis of the main variables that generate cash flows in financial institutions:
net liquid assets (NLA),
mismatches cash flows between assets and liabilities with
contractual maturity

and estimated cash flows that obey
no contractual maturity

Liquidity Risk Indicator (LRI)
The standard itself encourages institutions to develop internal models, using statistical tools and expert qualitative criteria, that reflects the particularities of the business being conducted.
Colombian Rule
The Basel Committee notes that the best practices in the management of liquidity risk events are to develop internal models to the measure of each institution, involve senior management in decision-making, set limits, establish risk profiles and levels tolerance to it, and provide contingency plans for extreme situations.
Risk of money laundering and terrorist financing
Possibility of loss or damage that may have an entity supervised by their propensity to be used directly or through its operations as an instrument for money laundering and / or channeling resources to carry out terrorist activities, or the concealment of intended assets of such activities.

is the management system that must be implemented by supervised institutions to protect against the risk of ML / FT.


1 Risk identification,
2 Measurement and evaluation
3 Control and
4 Monitoring.

should allow controlled entities identify risks of ML / FT inherent in the development of its activity.

To identify the risk of ML / FT controlled entities should at least:
a) Establish methodologies for segmenting risk factors.
b) Based on the methodologies set forth in the preceding paragraph development, target risk factors.
c) establish methodologies for identifying risk of ML / FT risks and
associated for each one of the risk factors.
d) Based on the methodologies set forth in the preceding paragraph development, identify ways in which they can present the risk of ML / FT.
Risk Factors
Generating agents are risk of ML / FT. For purposes of
controlled entities should consider at least the following:
a) Customers / users
b) Products
c) Distribution Channels and
d) Jurisdiction.

After the identification stage, the
should allow controlled entities measure the likelihood or probability of the inherent risk of ML / FT against each of the risk factors and the impact should they materialize by the risks associated . These measurements may be qualitative or quantitative.
Measurement and Evaluation
At this stage the supervised institutions must take measures to control the inherent risk to which they are exposed, because of the risk factors and associated risks.
This step should allow controlled entities to track risk profiles and, in general, to SARLAFT and conduct screening unusual and / or suspicious.
2 Procedures.
3 Documentation.
4 Organizational Structure.
5 Bodies control.
6 Technology infrastructure.
7 Disclosure of information.
8 Training.
Mechanisms MLFTMS
Customer knowledge.
Market knowledge.
Identification and analysis of unusual transactions.
Determination and reporting of suspicious activities.
Article 323 of the Penal Code (acquire, protect, invest, transport, process, preserve, administer, color of law, legalize, conceal, and cover up)

The Colombian penal code punishes this activity by the figures of criminal conspiracy (Article 340 of the penal code) and resource management related to terrorist activities (Article 345 of the penal code)

102 and subsequent articles of the Organic Statute of the Financial System and External Circular 026 of 2008 issued by the SFC, with its circular amendments
Basilea III requires more tangible capital (highest quality) than Basilea I-II
Countercyclical measures
the credit institutions in Colombia must fullfil a minimun sovency 9%. (patrimonio técnico/activos ponderados por nivel de riesgo)

The new laws of liquidity

1999. Reputational risk. All the savers of Davivienda were removing his savings because they heard that the bank will be in Bankcrucy.
Fat finger

Feb 1995: Barings Bank, Uk, registered a loss of USD$ 1.3 bill. Nick Leeson a derivates trader acumuló hid his operations for 2 years. The Bank was declared in bankcrupcty.

Sept 1995: Daiwa Bank, Japan, registered a loss of USD$ 1.1 bill. A bond trader, Toshihide Igushi, hid his operations for 11 years in a US subsidiary. The Bank was declared in bankcrupcty.

These cases are relate to internal fraud. There were a failure of supervision.

America de Cali

When a persons is include in the clinton list he is a financial person dead.
HSBC Mexico y Colombia

OFAC (Office of Foreign Assets Control ) publishes a list of individuals and companies owned or controlled by, or acting for or on behalf of, terrorists and narcotics traffickers. Their assets are blocked and U.S. persons are generally prohibited from dealing with them.

Full transcript