2. Page 2
An Introduction to RiskAn Introduction to Risk
Risk Management is the process ofRisk Management is the process of
measuring or assessing the actual ormeasuring or assessing the actual or
potential dangers of a particularpotential dangers of a particular
situation.situation.
3. Page 3
Risk Has Two ComponentsRisk Has Two Components
Uncertainty.Uncertainty.
Exposure.Exposure.
4. Page 4
Types of RiskTypes of Risk
Operational.Operational.
Credit.Credit.
Reputational.Reputational.
5. Page 5
Operational RiskOperational Risk
The risk of loss resulting fromThe risk of loss resulting from
inadequate or failed internal processes,inadequate or failed internal processes,
people and systems, or from externalpeople and systems, or from external
events.events.
6. Page 6
Operational Risks IncludeOperational Risks Include
Internal Fraud.Internal Fraud.
External Fraud.External Fraud.
Employment Practices and Workplace Safety.Employment Practices and Workplace Safety.
Clients, Products and Business Practices.Clients, Products and Business Practices.
Damage to Physical Assets.Damage to Physical Assets.
Business Disruption and System Failures.Business Disruption and System Failures.
Execution, Delivery and Process Management.Execution, Delivery and Process Management.
7. Page 7
Internal FraudInternal Fraud
Unauthorized Activity.Unauthorized Activity.
Transactions not reported.Transactions not reported.
Transaction type unauthorized.Transaction type unauthorized.
Mismarking of position.Mismarking of position.
Theft and Fraud.Theft and Fraud.
Fraud/credit fraud/worthless deposits.Fraud/credit fraud/worthless deposits.
Theft/extortion/embezzlement/robbery.Theft/extortion/embezzlement/robbery.
Misappropriation of assets.Misappropriation of assets.
Forgery.Forgery.
Account take-over/impersonation.Account take-over/impersonation.
Bribes/kickbacks.Bribes/kickbacks.
Insider trading.Insider trading.
Money laundering.Money laundering.
Willful blindness.Willful blindness.
8. Page 8
External FraudExternal Fraud
Theft and Fraud.Theft and Fraud.
Theft/robbery.Theft/robbery.
Forgery.Forgery.
Check kiting.Check kiting.
Identity theft.Identity theft.
Elder financial abuse.Elder financial abuse.
Systems Security.Systems Security.
Hacking damage.Hacking damage.
Theft of information (with monetary loss).Theft of information (with monetary loss).
9. Page 9
Employment Practices and WorkplaceEmployment Practices and Workplace
SafetySafety
Employee Relations.Employee Relations.
Compensation, benefit, termination issues.Compensation, benefit, termination issues.
Organized labor issues.Organized labor issues.
Safe Environment.Safe Environment.
General liability (slips and falls).General liability (slips and falls).
Employee health and safety rules.Employee health and safety rules.
Workers’ compensation.Workers’ compensation.
Diversity and Discrimination.Diversity and Discrimination.
All discrimination types.All discrimination types.
Harassment.Harassment.
Equal Employment Opportunity (EEO).Equal Employment Opportunity (EEO).
10. Page 10
Clients, Products and Business PracticesClients, Products and Business Practices
Suitability, Disclosure and Fiduciary.Suitability, Disclosure and Fiduciary.
Fiduciary breaches/guideline violations.Fiduciary breaches/guideline violations.
Suitability/disclosure issues.Suitability/disclosure issues.
Retail consumer disclosure violations.Retail consumer disclosure violations.
Breach of privacy.Breach of privacy.
Aggressive sales.Aggressive sales.
Inadequate product offerings.Inadequate product offerings.
Account churning.Account churning.
Misuse of confidential information.Misuse of confidential information.
Lender liability.Lender liability.
11. Page 11
Clients, Products and Business PracticesClients, Products and Business Practices
((CONTINUEDCONTINUED))
Improper Business or Market Practices .Improper Business or Market Practices .
Antitrust.Antitrust.
Improper trade/market practice.Improper trade/market practice.
Market manipulation.Market manipulation.
Insider trading (on firm’s account).Insider trading (on firm’s account).
Unlicensed activity.Unlicensed activity.
Money laundering.Money laundering.
12. Page 12
Clients, Products and Business PracticesClients, Products and Business Practices
((CONTINUEDCONTINUED))
Selection, Sponsorship and Exposure.Selection, Sponsorship and Exposure.
Failure to investigate client per guidelines.Failure to investigate client per guidelines.
Exceeding client exposure limits.Exceeding client exposure limits.
Advisory Activities.Advisory Activities.
Disputes over performance or advisory activities.Disputes over performance or advisory activities.
13. Page 13
Damage to Physical AssetsDamage to Physical Assets
Disasters and Other Events.Disasters and Other Events.
Natural disaster losses.Natural disaster losses.
Human losses from external sources (terrorism,Human losses from external sources (terrorism,
vandalism).vandalism).
14. Page 14
Business Disruption and System FailuresBusiness Disruption and System Failures
Systems.Systems.
Hardware.Hardware.
Software.Software.
Telecommunications.Telecommunications.
Utility outage/disruptions.Utility outage/disruptions.
15. Page 15
Execution, Delivery and ProcessExecution, Delivery and Process
ManagementManagement
Transaction Capture, Execution and Maintenance.Transaction Capture, Execution and Maintenance.
Miscommunication.Miscommunication.
Data entry, maintenance or loading errors.Data entry, maintenance or loading errors.
Missed deadline or responsibility.Missed deadline or responsibility.
Model/system misoperation.Model/system misoperation.
Accounting error/entity attribution error.Accounting error/entity attribution error.
Other task misperformance.Other task misperformance.
Record retention.Record retention.
Documentation maintenance.Documentation maintenance.
Delivery failure.Delivery failure.
Collateral management failure.Collateral management failure.
Reference data maintenance.Reference data maintenance.
16. Page 16
Execution, Delivery and ProcessExecution, Delivery and Process
ManagementManagement (CONTINUED)(CONTINUED)
Monitoring and Reporting.Monitoring and Reporting.
Failed mandatory reporting obligations.Failed mandatory reporting obligations.
Inaccurate external loss (loss incurred).Inaccurate external loss (loss incurred).
Customer Intake and Documentation.Customer Intake and Documentation.
Unapproved access given to accounts.Unapproved access given to accounts.
Incorrect client records (loss incurred).Incorrect client records (loss incurred).
Negligent loss or damage of client assets.Negligent loss or damage of client assets.
17. Page 17
Execution, Delivery and ProcessExecution, Delivery and Process
ManagementManagement (CONTINUED)(CONTINUED)
Customer/Client Account Management.Customer/Client Account Management.
Unapproved access given to accounts.Unapproved access given to accounts.
Incorrect client records (loss incurred).Incorrect client records (loss incurred).
Negligent loss or damage of client assets.Negligent loss or damage of client assets.
Trade Counterparties.Trade Counterparties.
Non-client counterparty misperformance.Non-client counterparty misperformance.
Vendors and Suppliers.Vendors and Suppliers.
Outsourcing.Outsourcing.
Vendor disputes.Vendor disputes.
18. Page 18
Operational Risk ChecklistOperational Risk Checklist
Employee training.Employee training.
Close management oversight.Close management oversight.
Segregation of duties.Segregation of duties.
Employee background checks.Employee background checks.
Procedures and process.Procedures and process.
Purchase of insurance.Purchase of insurance.
Exiting certain businesses.Exiting certain businesses.
Capitalization of risks.Capitalization of risks.
19. Page 19
Credit RiskCredit Risk
Risk due to an uncertainty in aRisk due to an uncertainty in a
counterparty’s ability to meet itscounterparty’s ability to meet its
obligations in accordance with agreedobligations in accordance with agreed
upon terms.upon terms.
21. Page 21
Sound Practices for ManagingSound Practices for Managing
Credit RiskCredit Risk
Establish an appropriate credit risk environment.Establish an appropriate credit risk environment.
Operate under a sound credit-granting process.Operate under a sound credit-granting process.
Maintain an appropriate credit administration,Maintain an appropriate credit administration,
measurement and monitoring process.measurement and monitoring process.
Ensure adequate controls over credit risk.Ensure adequate controls over credit risk.
22. Page 22
Establish an Appropriate Credit RiskEstablish an Appropriate Credit Risk
EnvironmentEnvironment
Board of Directors should review credit risk strategyBoard of Directors should review credit risk strategy
periodically.periodically.
Senior management should implement credit riskSenior management should implement credit risk
strategy approved by the Board.strategy approved by the Board.
23. Page 23
Operate Under a Sound Credit GrantingOperate Under a Sound Credit Granting
ProcessProcess
Criteria should include thorough understanding ofCriteria should include thorough understanding of
the borrower, purpose/structure of credit and itsthe borrower, purpose/structure of credit and its
source of repayment.source of repayment.
Establish overall credit limits at the level of individualEstablish overall credit limits at the level of individual
borrowers/connected counterparties.borrowers/connected counterparties.
Have a clearly established process for approvingHave a clearly established process for approving
new credits/extension of existing credits.new credits/extension of existing credits.
Extension of credit must be made on an arm’sExtension of credit must be made on an arm’s
length basis.length basis.
24. Page 24
Maintain a Credit Administration,Maintain a Credit Administration,
Measurement and Monitoring ProcessMeasurement and Monitoring Process
Have in place a system for ongoing administration ofHave in place a system for ongoing administration of
various risk-bearing portfolios.various risk-bearing portfolios.
Develop an internal risk rating system for managingDevelop an internal risk rating system for managing
credit risk.credit risk.
Have an information system and analyticalHave an information system and analytical
techniques that enable management to measuretechniques that enable management to measure
credit risk of on/off balance sheet activities.credit risk of on/off balance sheet activities.
25. Page 25
Maintain a Credit Administration, MeasurementMaintain a Credit Administration, Measurement
and Monitoring Processand Monitoring Process (CONTINUED)(CONTINUED)
System for monitoring overall composition andSystem for monitoring overall composition and
quality of the credit portfolio.quality of the credit portfolio.
Consider future changes in economic conditionsConsider future changes in economic conditions
when assessing individual credits.when assessing individual credits.
26. Page 26
Ensure Adequate Controls Over Credit RiskEnsure Adequate Controls Over Credit Risk
System of independent, ongoing credit review.System of independent, ongoing credit review.
Credit granting function is properly handled andCredit granting function is properly handled and
credit exposures are within limits.credit exposures are within limits.
System for managing problem credits.System for managing problem credits.
27. Page 27
Credit Risk ChecklistCredit Risk Checklist
Stringent credit standards for borrowers andStringent credit standards for borrowers and
counterparties.counterparties.
Strict portfolio risk management.Strict portfolio risk management.
Constant focus on changes in economic or otherConstant focus on changes in economic or other
circumstances that can lead to a deterioration in thecircumstances that can lead to a deterioration in the
credit standing of a bank’s counterparties.credit standing of a bank’s counterparties.
28. Page 28
Reputational RiskReputational Risk
Reputational risk is the potential thatReputational risk is the potential that
negative publicity, whether true or not, willnegative publicity, whether true or not, will
result in loss of customers, severing ofresult in loss of customers, severing of
corporate affiliations, decrease incorporate affiliations, decrease in
revenues and increase in costs.revenues and increase in costs.
29. Page 29
Benefits of Effective ReputationBenefits of Effective Reputation
ManagementManagement
Improving relations with shareholders.Improving relations with shareholders.
Creating a more favorable environment forCreating a more favorable environment for
investment.investment.
Recruiting/retaining the best employees.Recruiting/retaining the best employees.
Reducing barriers to development in new markets.Reducing barriers to development in new markets.
Securing premium prices for products.Securing premium prices for products.
Minimizing threats of litigation.Minimizing threats of litigation.
30. Page 30
The key to managing reputational risk isThe key to managing reputational risk is
sound risk management, coupled withsound risk management, coupled with
straightforward communication about thestraightforward communication about the
problem the bank is facing.problem the bank is facing.
31. Page 31
Re-establishing a firm’sRe-establishing a firm’s
reputation takes a long time.reputation takes a long time.
33. Page 33
Reputational Risk ChecklistReputational Risk Checklist
Processes for crisis management are planned andProcesses for crisis management are planned and
documented.documented.
External perceptions of the bank are regularly measured.External perceptions of the bank are regularly measured.
Reputational threats are systematically tracked.Reputational threats are systematically tracked.
Employees are trained to identify and manage reputationalEmployees are trained to identify and manage reputational
risks.risks.
Standards on environmental, human rights and laborStandards on environmental, human rights and labor
practices are set publically.practices are set publically.
Relationships and trust with pressure groups and otherRelationships and trust with pressure groups and other
potential critics are established.potential critics are established.
34. Page 34
True or False?True or False?
Corporate reputation is one of the primary assets ofCorporate reputation is one of the primary assets of
my bank.my bank.
The risks involving a bank’s reputation haveThe risks involving a bank’s reputation have
increased significantly over the past five years.increased significantly over the past five years.
Reputational risk is harder to manage than otherReputational risk is harder to manage than other
forms of risk.forms of risk.
My bank is proactive in enhancing and protecting itsMy bank is proactive in enhancing and protecting its
reputation.reputation.
35. Page 35
True or False?True or False?
It is impossible to quantify the impact of reputationalIt is impossible to quantify the impact of reputational
risks.risks.
My bank usually thinks about its reputation onlyMy bank usually thinks about its reputation only
when things go wrong.when things go wrong.
A well run bank doesn’t need to invest extraA well run bank doesn’t need to invest extra
resources into guarding against reputational risk.resources into guarding against reputational risk.
36. Page 36
Risk ManagementRisk Management
Risk management is the process ofRisk management is the process of
monitoring and addressing the potentialmonitoring and addressing the potential
for loss.for loss.
37. Page 37
Evolution of Risk ManagementEvolution of Risk Management
Emerged as a discipline during the early 1990s.Emerged as a discipline during the early 1990s.
Used long before (1960s).Used long before (1960s).
Typically used to describe techniques for addressingTypically used to describe techniques for addressing
insurable risks.insurable risks.
38. Page 38
““Old” Risk ManagementOld” Risk Management
Risk reduction through safety, quality control andRisk reduction through safety, quality control and
hazard education.hazard education.
Alternative risk financing, including self-insuranceAlternative risk financing, including self-insurance
and captive insurance.and captive insurance.
The purchase of traditional insurance products.The purchase of traditional insurance products.
Use of derivatives to hedge or customize market riskUse of derivatives to hedge or customize market risk
exposures.exposures.
39. Page 39
““New” Risk ManagementNew” Risk Management
Treats derivatives as a problem as much as aTreats derivatives as a problem as much as a
solution.solution.
Focuses on reporting, oversight and segregation ofFocuses on reporting, oversight and segregation of
duties within the organization.duties within the organization.
40. Page 40
By the Mid-1990sBy the Mid-1990s
Regulatory initiatives.Regulatory initiatives.
Concerns about derivatives.Concerns about derivatives.
Release of RiskMetrics.Release of RiskMetrics.
Published losses.Published losses.
41. Page 41
Enron’s Experience with Risk ManagementEnron’s Experience with Risk Management
Maintained a risk management function.Maintained a risk management function.
Lines of reporting were reasonably independent.Lines of reporting were reasonably independent.
Mark-to-market valuations were subject toMark-to-market valuations were subject to
adjustments by management.adjustments by management.
Few career risk managers.Few career risk managers.
Fluid workforce.Fluid workforce.
Employees constantly looking for next transfer.Employees constantly looking for next transfer.
42. Page 42
Regulatory Responses from the FinancialRegulatory Responses from the Financial
Services CommunityServices Community
Basel II.Basel II.
Sarbanes-Oxley Act of 2002.Sarbanes-Oxley Act of 2002.
Graam-Leach-Bliley Act.Graam-Leach-Bliley Act.
Bank Secrecy Act/Anti-Money Laundering.Bank Secrecy Act/Anti-Money Laundering.
Insider Trading Rules.Insider Trading Rules.
Bank Bribery Act.Bank Bribery Act.
Fair and Accurate Credit Transactions Act (FACTA)Fair and Accurate Credit Transactions Act (FACTA)
Fair LendingFair Lending
Federal Conflicts of Interest Statutes.Federal Conflicts of Interest Statutes.
Various record retention and reporting requirements.Various record retention and reporting requirements.
43. Page 43
Success Depends UponSuccess Depends Upon
A positive corporate culture.A positive corporate culture.
Actively observed policies and procedures.Actively observed policies and procedures.
Effective use of technology.Effective use of technology.
Independence of risk management professionals.Independence of risk management professionals.
44. Page 44
When risk management is doneWhen risk management is done
correctly you CAN sleep at night!correctly you CAN sleep at night!
45. Page 45
Thank you for your interest in The Edcomm Group Banker‘s Academy.Thank you for your interest in The Edcomm Group Banker‘s Academy.
We are the #1 financial services training company in the world for threeWe are the #1 financial services training company in the world for three
reasons:reasons:
We are so committed to our clients that we offer a complete money-backWe are so committed to our clients that we offer a complete money-back
quality guarantee.quality guarantee.
Our PledgeOur Pledge
Our ExpertiseOur Expertise – We have been proudly serving the global financial– We have been proudly serving the global financial
community for over 20 years.community for over 20 years.
Our ProductsOur Products – The breadth and depth of our products assures you– The breadth and depth of our products assures you
that we will provide you with a solution that meets your business needs.that we will provide you with a solution that meets your business needs.
Our ServiceOur Service – The excellent service we provide demonstrates that we– The excellent service we provide demonstrates that we
are your partner.are your partner.
Dr. Linda EagleDr. Linda Eagle
Founder & PresidentFounder & President
The Edcomm Group Banker's AcademyThe Edcomm Group Banker's Academy
+1 212 631 9400+1 212 631 9400
+1 917 318 6650+1 917 318 6650
linda.eagle@edcomm.comlinda.eagle@edcomm.com