enterprise risk management- a closer look at the issues mr. ravi varadachari november 18, 2008

<Insert Picture Here>

Enterprise Risk Management- A closer look at the issues

Mr. Ravi Varadachari November 18, 2008

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions.The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

Safe Harbor Statement


Agenda

• ERM defined

• Goals of ERM

• ERM Framework

• ERM implementation

3© 2008 Oracle Corporation – Proprietary and Confidential

Enterprise Risk Management

© 2008 Oracle Corporation – Proprietary and Confidential4

• Financial institutions are exposed to a variety of risks like financial risk, economic risk, geo-political risk and societal risk.

• Traditionally, the focus has been on understanding and managing the financial risk.

• Enterprise Risk Management is a mechanism to have a holistic view of all the risks that a financial institution is exposed to at the right level of granularity.

Economic Risk

Societal Risk

Financial Risk

Technological Risk

Geopolitical Risk

• Market risk

• Credit risk

• Operational risk

• Liquidity risk

• Interest rate risk

•ALM

• Concentration risk

Global risks


Economic• Oil price shock/energy supply interruptions• US economy• Chinese economic hard landing• Fiscal crises caused by demographic shift• Blow up in asset prices/excessive indebtedness

Geopolitical• International terrorism• Proliferation of weapons of mass destruction• Civil wars and failed and failing states • Retrenchment from globalization• Middle East instability

Technological • Breakdown of critical information infrastructure • Emergence of risks associated with nanotechnology

Societal• Pandemics• Infectious diseases in the developing world • Chronic disease in the developed world• Liability regimes

Financial• Market risk• Credit risk•Operations risk•Liquidity risk•Interest rate risk•Concentration risk

ERM- key drivers


ERM

External stakeholders-Rating agencies

-Investors

Regulatory- Sarbanes Oxley

Legislature

Other- Basel II

Internal stakeholders-Employees

-Strategic partners

Management- Align risk with

strategy

Board and Audit Committee

-Understand risk profile

Other

Intern

al


Agenda

• ERM defined

• Goals of ERM

• ERM Framework



The goals of ERM


Establishsustainablecompetitive advantage

Managerisk at lower cost

Support Business decisions

• Integrate with business planning and value management processes

• Avoid missing key risks and losing vital opportunities

• Optimize balance between capital preservation and growth/profit-generation

• Minimize risk averse behavior

• Develop cost-effective risk strategies and solutions

• Eliminate redundant or unnecessary risk controls

• Support more informed/proactive risk management decisions aligned with business objectives/strategies

• Link to enterprise performance, measurement and monitoring

• Reduce volatility and prevent surprises

Estimate the “Right” amount of capital

Capital depends on various factors including:

Exposure to type of asset class - corporate, bank, sovereign and the like

Country of incorporation of the exposures

Credit ratings/Credit Score

Term of exposure – short term or long term

Collateral

Policy, processes and systems for risk management

ERM and Capital can impact growth ambitions and funding cost

Impact on Growth:

Asset growth would require additional capital Additional capital required depends on growth in “risk weights”

and not just asset growth

Cost of Funds:

Lower wholesale deposit rates for banks that demonstrate good risk management systems and adequate capital

No substantial impact on retail deposit rates

and also profitability …

Capital 10 10 10 10

Borrowings 90 100 110 120

Total assets 100 110 120 130

Average cost of borrowings

4% 4% 4% 4%

Average yield on loans

7% 7% 7% 7%

Average costs 1% 1% 1% 1%

Interest Income 7.0 7.7 8.4 9.1

Interest Expenses

3.6 4.0 4.4 4.8

Other Expenses 1.0 1.1 1.2 1.3

Net Income 2.4 2.6 2.8 3.0

Return on Equity 24% 26% 28% 30%


Agenda

• ERM defined

• Goals of ERM

• ERM Framework



Key to effective Enterprise Risk Management

• How Do We Address ERM?

• Risk measurement and management• Regulatory capital• Economic capital• Risk based pricing and compensation• Stress testing

• Internal controls and mechanisms• Strategy• Governance• Organization structure• Processes, Policies and Procedures


14

The “Risk Management” Value Chain

Source: i-flex study based on various surveys

Risk Identification

•Identification of risks and Go - No

Go Decision

Risk Management

Collateral, Guarantees, Covenants

Capital Allocation

Capital estimation commensurate

with risk

Risk Based Pricing

Pricing takes into account capital

charge apart from expenses

Stage I Stage II Stage III Stage IV

15

Regulatory, Economic and Book Capital

Regulatory Capital : Capital that banks are required to hold by their regulator

“The amount of capital a bank must have to stay in business”

Under the Basel II framework – computed based on a prescriptive formula for credit risk

Economic Capital : Capital that is required commensurate with the risk profile of the bank

“The amount of capital a bank should have”

Various models to estimate economic capital - stochastic view

Endeavor is to use it for business decisions

Book Capital : Capital that a prudent bank would choose to hold

“The amount of capital a bank that a bank has on its book”

Economic book value – different from accounting concept of book value

Concept of risk appetite

16

The meaning of capital- different when perceived in the context of risk management

Regulators are now trying to align regulatory capital with economic capital…

Regulatory Capital : Capital that banks are required to hold by their regulator

“The amount of capital a bank must have”

Economic Capital : Capital that a prudent bank would choose to hold – commensurate with the risk of the bank

“The amount of capital a bank should have”

=

To maintain

Capital Adequacy Ratio = Capital/ Risk Weighted Assets >= 8%

Capital depends on the risk profile of the bank’s portfolio

The “Stochastic” Representation

Risk Expected Best

Market 0% or Bid/Ask Price%

Credit Average Loss% 0 Loss%

Operational Average Error% 0 Error%

Worst

Price%

Unexpected Loss%

Unexpected Error%

SET LIMITS

ProbabilityDistribution

Worst Expected Best

Economic Capital for Credit Risk

EC = Coverage against “unexpected” losses at desired confidence level

Pro

bab

ilit

y o

f L

os

s

Amount of Loss ($)

Unexpected Loss

Expected Loss

Mean Confidence Level

ECONOMIC CAPITAL

Typically 99.96% to 99.98% denoting risk appetite

ERM frameworks- A global perspective

• UK - The Combined Code (2003) and Turnbull (2005)

• US – Committee of Sponsoring Organizations (COSO) ERM (2004)

• Australia/New Zealand 4360 Standard on Risk Management 1999, 2004

• South Africa– King II Report (2002)

• Federation of European Risk Management Association (FERMA) (2004)

• Basel II (2004)


The COSO ERM framework


ERM Framework

Internal environment

Objective setting

Event identification

Risk assessment

Risk response

Control activities

Information and communication

Monitoring

•The eight components of the framework are interrelated.

•It considers activities at all levels of the organization.

•The objectives can be viewed in the context of four categories-

•Strategic•Operations•Reporting•Compliance

•A strong system of internal control is essential to effective enterprise risk management.


Agenda

• ERM defined

• Goals of ERM

• ERM Framework



A structured approach to ERM implementation


An as-is analysis

Establishing the value proposition

Develop a model

Pilot the model

Review/revise the road map

Core Banking implementation

• A thorough understanding of the organization’s current approach to risk management is the first step in migrating to ERM.

• The next step is the establishment of the value proposition of ERM in the context of the organization. It should cover the financial and business advantages that the organization draws from this revised approach to risk management.

• Adopting a robust model that can be customized to meet the requirements of the organization with minimum change requirements.

• Running a pilot and proving the concept before a full-scale implementation allows for refinement of the program if needed.

•Review and revise the road map for transition to steady-state.

ERM implementation impediments


Implementation impediments

Operational:-Inadequate tools and systems for statistical analysis.-Lack of adequate decision support mechanisms.

Strategic:-ERM objectives nor aligned to corporate objectives.-Inadequate conceptualization of ERM model.

People:-Insufficient commitment from top management.- Challenges of change management.

24

Changing Landscape of Risk

• Financial Crisis Experienced by Banks/Financial Institutions

• Increase in “Rare Events”

Key Events that Shaped Regulation …

Bank Herstatt FailureBank Herstatt FailureCredit RiskCredit Risk

Barings/LTCM CollapseBarings/LTCM CollapseOperational RiskOperational Risk

Banking Crisis of 1929 Banking Crisis of 1929 Conflict of InterestConflict of Interest

Orange CountyOrange CountyOperational RiskOperational Risk

Proctor & Gamble Derivative LossProctor & Gamble Derivative Loss Strategy RiskStrategy Risk

Enron/WorldComEnron/WorldComFinancial Statement Accuracy RiskFinancial Statement Accuracy Risk

S&L CrisisS&L Crisis ALM/ Market RiskALM/ Market Risk

•Conflict of InterestConflict of Interest

•Deposit Guarantee Deposit Guarantee InstitutionsInstitutions

•Credit RiskCredit Risk

•Market RiskMarket Risk

•Operational RiskOperational Risk

•Regulatory RiskRegulatory Risk

•Financial Statement Financial Statement Accuracy RiskAccuracy Risk

•Reputation RiskReputation Risk

•Strategy RiskStrategy Risk

© 2008 Oracle Corporation – Proprietary and Confidential

The current financial crisis

16th Mar ’08- Bear Stearns

•Bear Stearns gets acquired for $2 a share by JP Morgan Chase in a fire sale avoiding bankruptcy.

7th Sept ’08- Fannie Mae & Freddie Mac

•Federal takeover of Fannie Mae and Freddie Mac was based on a growing concern about the liquidity of the firms• These two companies back-up nearly half the country’s mortgages.

•The US Federal Reserve loans $85 billion to American International Group (AIG) to avoid bankruptcy

17th Sept ’08- AIG

15th Sept ’08- Lehman Brothers

•Liquidity crisis forced Lehman Brothers to file for bankruptcy


25th Sept ’08- Washington Mutual

•Liquidity crisis due to a 10-day bank run forced the OTS (Office of Thrift and Supervision) to place the bank under FDIC.•The banking assets were sold to J P Morgan Chase.

29th Sept ’08- Wachovia Bank

•Wachovia Bank was acquired by Wells Fargo• The bank was invested heavily in adjustable-rate-mortgages and faced severe losses.

© 2008 Oracle Corporation – Proprietary and Confidential

The Global Story …

14th Sept ’07- Northern Rock Bank, UK

•UKs fifth largest mortgage lender sought financial support from the Bank of England. The bank was taken into state ownership/nationalized•This was on account of the global credit crunch triggered by the sub-prime mortgage crisis in the US.

18th Sept ’08- HBOS, UK

•HBOS was taken over by Lloyds Bank TSB.• The share prices suffered heavy fluctuations on account of short selling and rumors of a credit crunch.


29th Sept ’08- Bradford & Bingley, UK

•The share prices of the bank fell on account of the credit crunch.•The bank was nationalized and the Spanish bank Group Santander acquired all the savings bank assets.

29th Sept ’08- Fortis Bank, Belgium

•The bank was partially nationalized by the European Central Bank• The share prices fell dramatically on account of rumors of insolvency.•Can be attributed to the sub-prime mortgage crisis in the US

The Black Swam Phenomenon

“No amount of observations of white swans can allow the inference that all swans are white, but the observation of a single black swan is

sufficient to refute that conclusion.”

What is a Black Swam?

•It is an Event

•Hard to predict based on historical data

•After the event – many people saw it coming

Stress testing models must assume black swan events to ensure greater predictive power.

The London “Millennium Bridge” Incident

Source: http://www.urban75.org/london/

The London “Millennium Bridge” Incident

London Bridge – Architect Lord Norman Foster

Source: http://www.urban75.org/london/

Thank you Mr. Ravi Varadachari

Practice Leader – Risk Management & [email protected]

+1 917 502 9480


enterprise risk management- a closer look at the issues mr. ravi varadachari november 18, 2008

Documents

risk profile

enterprise risk management

costeffective risk strategies

risk averse behavior

unnecessary risk controls

geopolitical risk

confidential slide

agenda erm