Govind Gurnani, Former AGM, RBI

Risk Assessment In The Banking Sector

The banking sector has a huge role to play in the

development of the economy. Certainly, it is the driver
of the economic growth of the country. It plays an
important role in identifying the idle resources for their
e cient utilisation to attain maximum productivity.
However, this process involves risks. Banks are highly
regulated in order to promote nancial stability, foster
competition, and protect consumers. And since the
risk is directly proportional to returns, the more risk a
bank take, the higher it can generate pro ts. Hence,
measuring risks in banks is a critical aspect of risk
management to ensure the stability and soundness of
the nancial institution.
Risk assessment refers to identifying and mitigating
risks that banks face in their day-to-day operations. It
is a comprehensive approach involving various risk
management tools, techniques, and methodologies
to manage risks e ectively.The objective of risk
management in banking is to minimise the impact of
risks on the bank’s operations, nancial performance,
and reputation.
ffi
fi
ff
fi
fi
fi
◼Types Of Risks Faced By The Banks
1. Credit Risk
2. Market Risk
3. Liquidity Risk
4. Interest Rate Risk
5. Operational Risk
6. Compliance and Legal Risk
7. Counterparty Credit Risk
8. Reputational Risk
9, Concentration Risk
10. Cybersecurity Risk
11. Foreign Exchange Risk
12. Financial Crime Risk
13. Country Risk
14. Solvency Risk
15. Climate Risk

1. Credit Risk
Credit risk refers to the potential loss arising from a
bank borrower or counterparty failing to meet its
obligations in accordance with the agreed terms.
Credit risk analysis is the means of assessing the
probability that a customer will default on a payment
before you extend trade credit.

◼ Credit Scoring Models

Credit scoring models are statistical tools that
evaluate creditworthiness and determine the
likelihood of default on credit obligations. These
models are used by credit bureaus & lenders to
assess the risk of lending money or extending credit
to individuals or businesses.

The credit scoring model evaluates various factors,

including payment history, credit utilisation, length of
credit history, types of credit accounts, & recent
credit inquiries. Each factor is assigned a weight, and
the model’s formula calculates a credit score based
on the evaluation.

A credit score typically ranges from 300 to 850, with a

higher score indicating a lower risk of default.
Lenders use credit scores to make decisions about
loan terms, including interest rates, repayment
periods, and loan amounts. A good credit score can
result in favorable loan terms, while a poor score can
lead to higher interest rates and less favorable terms.

◼ Credit Risk Models

Credit risk model is a method that uses statistical
techniques to evaluate a borrower's creditworthiness
and estimate the likelihood of them defaulting on their
payments.These models can range from simple
credit scoring models to complex models that
consider multiple factors, including:
▪ Financial statements
▪ Credit bureau data
▪ Alternate data
◼ Factors A ecting Credit Risk Modelling
For lenders to minimise credit risk, credit risk
forecasting needs to be more precise. Here are some
factors to consider:

Probability of default
Probability of default (PD) is the likelihood that a
borrower will fail to pay their loan obligations, and
lenders use it to assess the level of risk that comes
with loaning money. For individual borrowers, the PD
is typically based on two primary factors:
1. Credit score
2. Debt-to-income ratio

Loss Given Default

Loss given default (LGD) refers to the amount of
money a lender is likely to lose if a borrower defaults
on a loan, helping them predict and manage their risk
exposure. LGD accounts for:
▪ Value of the collateral
▪ The type of loan
▪ The legal framework in which the lender operates

It helps lenders with credit risk management and

make informed decisions about loan pricing and
underwriting.
ff
Exposure At Default
Exposure at default refers to the amount of possible
loss a lender is exposed to at any point in time,
allowing them to better manage their risk. It considers
factors including:
▪ The outstanding principal balance
▪ Accrued interest
▪ Any fees or penalties associated with the loan

2. Market Risk
Market risk is the risk of losses on nancial
investments caused by adverse price movements.
Examples of market risk are: changes in equity prices
or commodity prices, interest rate movements or
foreign exchange uctuations.

For assessment of market risk, there are mainly two

approaches :
▪ Value at Risk Model
▪ Sensitivity Analysis Model

◼ Value At Risk Model

Value at Risk (VaR) is a statistic that is used in risk
management to predict the greatest possible losses
over a speci c time frame. VaR modeling is a
statistical risk management method that quanti es a
stock's or portfolio's potential loss as well as the
probability of that potential loss occurring.
fi
fl
fi
fi
 VaR is de ned as the maximum amount expected to
be lost over a given time horizon, at a pre-de ned
con dence level. For example, if the 95% one-month
VAR is ₹1 million, there is 95% con dence that over
the next month the portfolio will not lose more than
₹1 million.

VaR can be calculated using di erent techniques.

Under the parametric method, also known as
variance-covariance method, VaR is calculated as a
function of mean and variance of the returns series,
assuming normal distribution. With the historical
method, VaR is determined by taking the returns
belonging to the lowest quintile of the series
(identi ed by the con dence level) and observing the
highest of those returns. The Monte Carlo method
simulates large numbers of scenarios for the portfolio
and determines VAR by observing the distribution of
the resulting paths.

◼ Sensitivity Analysis Model

Sensitivity analysis to market risk re ects the degree
to which changes in interest rates, foreign exchange
rates, commodity prices, or equity prices can
adversely a ect a nancial institution's earnings or
capital. Sensitivity analysis determines how di erent
values of an independent variable a ect a particular
dependent variable under a given set of assumptions.
Market variables like interest rates, exchange rates,
fi
fi
fi
ff
fi
fi
ff
fi
fl
ff
ff
fi
asset prices, etc., impact businesses signi cantly.
Analysts can analyse these variables to help
organisations evade exposure to market risks and
develop necessary hedging strategies.

Sensitivity analysis can be carried out manually or

using a Microsoft Excel spreadsheet. However,
manual calculations might seem challenging if the
dataset is vast.

3. Liquidity Risk
Liquidity risk is the risk of loss resulting from the
inability to meet payment obligations in full and on
time when they become due. Liquidity risk is inherent
to the Bank's business and results from the mismatch
in maturities between assets and liabilities.

▪ Gap Analysis
Gap analysis is a method of asset-liability
management and helps assess liquidity risk. Gap
analysis assesses the maturity pro le of assets and
liabilities to identify potential funding gaps.

▪ Stress Testing
A liquidity stress test aims to measure the level of
liquidity the institution must maintain to ensure a
continuous ability to meet nancial obligations in
stressed conditions. It simulates adverse scenarios to
fi
fi
fi
 evaluate the bank’s ability to withstand liquidity
shocks.

4. Interest Rate Risk

Interest rate risk refers to the current or prospective
risk to the bank’s capital and earnings arising from
adverse movements in interest rates.

For assessment of interest rate risk, there are ve

approaches :

1⃣ Earnings at risk
2⃣ Duration Analysis
3⃣ Simulation Analysis
4⃣ Gap Analysis
5⃣ Value at Risk

▪ Earnings at Risk
Earnings at risk is a risk measurement of the amount
by which net income may adversely change due to
interest rates uctuations. In simple words, earnings
at risk measures the potential impact of interest rate
changes on a bank’s earnings.

▪ Duration Analysis
Duration analysis measures the sensitivity of a bond’s
or xed income portfolio’s price to changes in interest
rates.
fi
fl
fi
▪ Simulation Analysis
Simulation analysis involves using computer models
to estimate the potential impact of various interest
rate scenarios on a bank’s nancial position and
performance.

▪Gap Analysis
Gap analysis is a commonly used method for
measuring interest rate risk. It involves comparing the
repricing of assets and liabilities within speci ed time
periods, which helps identify potential mismatches
that could a ect a bank’s net interest income.

Using gap analysis, banks can assess their exposure

to repricing risk and develop strategies to mitigate the
potential impact of interest rate changes.

However, this method may not fully capture the

complexity of a rm's interest rate risk exposure,
particularly when considering yield curve risk and
optionality risk.

▪Value At Risk
Value at Risk (VaR) is a statistical technique used to
estimate the potential losses a bank could incur due
to changes in market factors, including interest rates.
ff
fi
fi
fi
 VaR calculates the maximum potential loss a bank
could experience within a speci ed time period and
con dence level. Using VaR, banks can quantify their
interest rate risk exposure and develop strategies to
manage this risk.

5. Operational Risk
Operational risk refers to the risk of loss due to errors,
breaches, interruptions or damages, either intentional
or accidental, caused by people, internal processes,
systems or external events.

Banks that take a comprehensive approach to

operational risk management (ORM) recognise four
broad areas that requires attention :

1⃣ People
Even in a digital age, employees and the customers
with whom they interact can cause substantial
damage when they do things wrong, either by
accident or on purpose. Problems can arise from a
combination of factors, including intentional and
illegal breaches of policies and rules, sloppy
execution, lack of knowledge and training, and
unclear and sometimes contradictory procedures.
Unauthorised trading, for example, can cause billions
in direct losses and multimillions more in regulatory,
legal and restructuring costs.
fi
fi
2⃣ Information Technology (IT)
Systems can be hacked and breached; data can be
corrupted or stolen. The risks banks face extend to
the third-party IT providers that so many banks now
rely on for cloud-based storage and other services.
Systems can slow down or crash, leaving customers
unable to access ATMs or mobile apps. Even the
speed of technological change presents an
operational risk. With the cyber landscape evolving
so rapidly, banks can have trouble keeping up with
new threats.

3⃣ Organisational Structure
By setting aggressive sales targets and rewarding
employees for how well they meet them, the bank
management can encourage, and, in some cases,
explicitly condone inappropriate risk taking. Such
activity, when exposed, can lead to management
changes, shareholder losses and regulatory nes.

4⃣ Regulation
The fourth area that vexes ORM planners is
regulation. Since the global nancial crisis, regulators
have increased the number and complexity of rules
that banks must follow. The banks that operate in
multiple jurisdictions can face overlapping,
inconsistent and con icting regulatory regimes.
Lapses can be expensive and embarrassing,
triggering regulatory sanctions and customer
fl
fi
fi
 defections. As is the case with technology, the speed
and magnitude of regulatory change can be daunting.
Even as banks are trying to contain costs, they must
invest in the people, systems and processes that
foster compliance.

6. Compliance & Legal Risk

Compliance risk refers to the potential damage banks
face when they fail to comply with industry standards,
laws and regulations. This risk involves both nancial
penalties and reputational damage. Legal risk is when
a bank fails to comply with regulations or contractual
terms. It is caused by internal errors, awed
processes, and deliberate infractions.

▪ Regulatory Compliance Audits

Ensures adherence to regulatory requirements.

▪ Legal Risk Assessments

Identi es and manages legal risks associated with
contracts, litigation, and other legal matters.

7. Counterparty Credit Risk

Counterparty credit risk (CCR) is the risk that the
counterparty to a transaction could default before the
nal settlement of the transaction's cash ows. An
economic loss would occur if the transactions or
portfolio of transactions with the counterparty has a
positive economic value at the time of default.
fi
fi
fl
fi
fl
From OTC derivatives trading to prime brokerage,
securities lending, and repos, CCR is inherently
bound to the daily operations of markets businesses
and markets environments. It is most often
manifested in default risk, replacement risk and
settlement risk—albeit at the tail end of probabilities.

◼ BCBS Guidelines On Assessment And

Managing CCR

1⃣ Conduct comprehensive due diligence of

counterparties both at initial onboarding and on an
ongoing basis. The aim is to ensure banks have a full
understanding of the risks they are taking before they
make key credit risk decisions and that they are able
to act swiftly and with su cient information on the
changing risk pro les of counterparties during times
of stress.

2⃣ Develop a comprehensive credit risk mitigation

strategy to e ectively manage counterparty
exposures. This entails the use of robust contractual
terms and tools such as risk-sensitive margining

3⃣ Measure, control, and limit counterparty credit

risk using a wide variety of complementary metrics.
This should be done while ensuring that counterparty
ff
fi
ffi
credit risk metrics comprehensively cover the bank’s
range of material risks, portfolios, and counterparties.

4⃣ Build a strong counterparty credit risk governance

framework. This should be guided by clear risk
management processes, including limits and
escalations, and supported by informative and
reliable reporting that is integrated into decision-
making processes.

8. Reputational Risk
Reputational risk is associated with an institution
losing consumer or stakeholder trust. It’s the risk that
those consumers and stakeholders will take on a
negative perception of the bank following a particular
event.

▪ Customer Feedback and Surveys Monitors

customer satisfaction and feedback.

▪ Media Monitoring
Keeps track of media coverage and public
perception.

9. Concentration Risk
Concentration risk refers to the potential for nancial
loss due to an overexposure to a single counterparty,
sector, or geographic region.The presence of
concentration risk increases the vulnerability of a
fi
 portfolio to market uctuations and economic
downturns.

▪ Portfolio Diversi cation Analysis

Examines the concentration of risks across various
segments.

▪ Geographic and Industry Exposure Analysis

Assesses risk concentrations in speci c regions or
industries.

10. Cybersecurity Risk

Cybersecurity risk is the potential for exposure or loss
resulting from cyberattack or data breach on your
institution.

▪ Vulnerability Assessments
Identi es weaknesses in the bank’s cybersecurity
infrastructure.

▪ Incident Response Planning

Prepares for and responds to cybersecurity incidents.

11. Foreign Exchange Risk

Foreign exchange risk is the chance that a bank will
lose money on international trade because of
currency uctuations.
fi
fl
fi
fl
fi
1⃣ External Forex Risk Mitigation Strategies
▪ forward contracts
▪ currency futures
▪ currency options
▪ currency swaps

2⃣ Internal Forex Risk Mitigation Strategies

▪ Invoicing in own currency
▪ Build protection into your commercial
relationships/contracts
▪ Natural foreign exchange hedging
▪ Hedging arrangements via nancial instruments

12. Financial Crime Risk

Financial crime risk refers to any kind of criminal
conduct relating to money or to nancial. services or
markets, including any o ence involving: (a) fraud. or
dishonesty; or (b) misconduct in, or misuse of
information. relating to, a nancial market; or (c)
handling the proceeds of.
▪ Implement KYC ID veri cation measures
▪ Perform FATF recommended due diligence
measures
▪ Record Maintenance of high risk clients
▪ Monitoring of accounts for suspicious nancial
activity & its reporting to RBI.
ff
fi
fi
fi
fi
fi
 13. Country Risk
Country risk refers to the ability and willingness of
borrowers within a country to meet their obligations.
It is thus a credit risk on obligations advanced across
borders. Assessment of country risk relies on the
analysis of economic, social and political variables
that relate to the particular country in question.
Although the economic factors can be measured
objectively, the social and political variables will often
involve subjective judgments.

Country risk can be categorised under two headings.

The rst sub-category of country risk is sovereign
risk, which refers to both the risk of default by a
sovereign government on its foreign currency
obligations, and the risk that direct or indirect actions
by the sovereign government may a ect the ability of
other entities in that country to use their available
funds to meet foreign currency debt obligations.

In the former case, sovereign risk addresses the

credit risk of national governments, but not the
speci c default risks of other debt issuers. Here,
credit risk relates to two key aspects: economic risk,
which addresses the government's ability to repay its
obligations on time, and political risk, which
addresses its willingness to repay debt. In practice,
these risks are related, since a government that is
unwilling to repay debt is often pursuing economic
policies that weaken its ability to do so.
fi
fi
ff
14. Solvency Risk
Solvency risk refers to the risk of having insu cient
capital to cover losses generated by all types of risks,
and is thus e ectively the risk of default of the bank.
From a regulatory viewpoint, the issue of adequate
capital is critically important for the stability of the
banking system.

To address solvency risk, it is necessary to de ne the

level of capital which is appropriate for given levels of
overall risk. The key principles involved can be
summarised as follows:

▪ Risks generate potential losses.

▪ The ultimate protection for such losses is capital.

▪ Capital should be adjusted to the level required to

ensure capability to absorb the potential losses
generated by all risks.

To implement the latter, all risks should be quanti ed

in terms of potential losses, and a measure of
aggregate potential losses should be derived from the
potential losses of all component risks.

15. Climate Risk

Climate change can pose many risks to the banking
sector, including extreme weather events, long-term
ff
fi
ffi
fi
climate shifts, and asset value declines. These risks
can negatively impact clients' creditworthiness, cause
business interruptions, and lead to the closure of
retail branches.

To assess climate risk in the banking sector, nancial

institutions can follow these steps:
▪ Create a roadmap
▪ Select a methodology
▪ Form a steering committee
▪ Consider partnering with climate scientists
▪ Create scenario models
▪ Identify resources and tools
******************************
fi