hizamuddin jamalluddin - bank islam · pdf fileoversight & risk management hizamuddin...

OVERSIGHT & RISK MANAGEMENTHizamuddin Jamalluddin

Head, Strategic Planning-Managing Directors’ Office

Strictly Private & Confidential

Managing Director’s Office 2


BOARD OF DIRECTORS

SHARIAH SUPERVISORY COUNCIL


SHARIAH GOVERNANCE FRAMEWORK


SHARIAH AS OVERARCHING PRINCIPLE IN BANK ISLAM

SHARIAH SUPERVISORY COUNCIL (SSC)

•Oversight accountability on Shariah related matters.

BOARD OFDIRECTORS

(Overall oversight on Shariah governance structure & Shariah

compliance) BOARD RISK COMMITTEE

AUDIT & EXAMINATION

COMMITTEE (AEC)

MANAGEMENT•Ensure execution of business & operations are in accordance with Shariah principles.• Provide necessary resources, infrastructure, enablers to the SSC.

Shariah Risk Management Control Function:Identify, measure, monitor, report & control Shariah non‐compliance risk

Shariah Review Function:Review business operation on regular basis to ensure Shariah compliance.

Shariah Research Function:(under Product Development)Conduct in‐depth Shariah research prior to submission to Shariah Committee.

Shariah Audit Function:Provide independent assessment & objective assurance designed to value add & improve Bank Islam adherence to Shariah

BOARD GOVERNANCE PRINCIPLES


Risk Identification, Assessment, Control,

Monitoring & Reporting

Independent Risk Control & Segregation of Duties

Information & Communication

Monitoring & Remedial/ Corrective Action

Risk Management Oversight

OVERSIGHT STRUCTURE


MANAGEMENT COMMITTEE (MANCO)


MANAGEMENT RISK CONTROL COMMITTEE (MRCC)


INTEGRATED FRAMEWOK


Board of DirectorsSet Risk Appetite & Tolerance Level

Board Risk Committee

Management Risk Control Committees

[Present single view of risks and to ensure adequate policies and control]

MRCC ALCO ORCC RMC BARC

Risk Management Division

Credit Risk

Management

Market Risk

Management

Operational Risk

Mgmt

Monitoring & Reporting

Business DivisionConsumer BankingCorporate Inv. BankingCommercial BankingTreasury

Operation DivisionBranchesCash ManagementCorp. Communication

Business Support Div.Credit AdministrationTransaction ServicesTrade Operations

Other Div.Information Tech.Product Dev.Human Resourceetc

Risk Policies & Capital Allocations

Feedback from Audit & Examination Committee

RISK POLICY METHODOLOGY


GOVERNANCE ARCH– THREE LINE OF DEFENCE


1st line of defense 2nd line of defense 3rd line of defense 1st line of defense 2nd line of defense 3rd line of defense

Touch PointsBusiness Units (Point of Origination)Business SupportsOperationsProduct Development

Touch PointsBusiness Units (Point of Origination)Business SupportsOperationsProduct Development

Risk Management(Credit, Market & Operational Risk)Shariah ReviewShariah Risk ManagementCompliance

Risk Management(Credit, Market & Operational Risk)Shariah ReviewShariah Risk ManagementCompliance

Internal AuditShariah AuditInternal AuditShariah Audit

RISK MANAGEMENT ROADMAP


MaximiseEarningsPotential

EarningsStability

ProtectionAgainstUnforeseenLosses

Increased Risk Management Sophistication

Risk IdentificationRisk Management/AssessmentRisk ReportingProcesses & ProceduresRMS(datamart, credit risk, Basel II)

Loss Minimization/Risk Control Framework

Risk‐based product pricingLinking risks and returnsMeasuring risk adjusted performanceIntegration of market, credit and operational risksRMS(market, operational)

Economic capitalRAROCBank‐wide VaRIncremental VaRRMS(economic capital, RAROC, IRB)Full compliance with Pillar 2

RAPM Framework

Active Portfolio ManagementFramework

Reactive

Active

Proactive

RISK MANAGEMENT STRATEGIES


RISK IT ENABLER


ERP‐Systems Other Risk Systems >>EDW

Data‐Management – Data Quality, Data Models and Flows

Reporting

Source Systems

RISK CULTURE


Most important element in a bank!

“The norms and traditions of behavior of individuals and of groups within an organization that determine the way in which they identify, understand, discuss and act upon the risks the organization confronts and the risk it takes”

Horizontal information sharing

Vertical escalation of threats or fears

Continuous and constructive challenging of the organization’s actions and preconceptions

Committed leadership

Incentives that reward thinking about the whole organization

QUALITY OF RISK MANAGEMENT IN ISLAMIC BANK


Mgmt Board Oversight Senior Mgmt Risk Mgmt Compliance

Embed Shariah rulings into operational procedure

Refer to the SSC for any

operational issues during

implementation

Observe and implement

Shariah rulings and decisions made by SSC in the day‐to‐day operation

Ultimate accountability on‐Shariah governance

framework & Shariah compliance

BOD members have basic knowledge in

Shariah

Interaction with SSSC members (Appoint 1 SSC member on the BOD or Provide

forum for interaction

Oversee audit and review on Shariah

matters

Assisted by SC :• Provide rulings on Shariah matters• Oversee implementation of Shariah matters•Advice the Board• Endorse policies & procedures and documentations

Implement rulings by SSC

Identify Shariah issues and refer to

SSC

• Endorse that new product approval has :‐Complied with internal product design and pricing policy, and reflect its strategy‐ Been endorsed by the Shariah Committee that it complies with Shariah rulings and SAC resolution‐ Taken into account all the inherent risks and the mitigation

Shariah risk is assessed as part of the Operational and

Legal risks

Identify, measure, monitor, report & control Shariah non‐compliance risk

Develop and implement processes for Shariah non‐

compliance risk awareness

Shariah risk management

function is to be performed by risk officers that have

suitable qualifications

Internal Audit

Provide independent assessment &

assurance on IFI’s compliance with

Shariah

Shariah audit to be performed by

internal auditors that have acquired adequate Shariah‐related knowledge

The audit shall cover:‐ Financial stmts ‐ Compliance of the structure, people, process and systems‐ Adequacy of Shariah governance

Review business operations on regular basis to ensure Shariah compliance

Examine Level of compliance, the rectification

measures and the control mechanism

to avoid recurrences

Cover overall business operations

(including end‐to‐end product development process)

Source: Mohamad Muhsin Mohd Anas, Bank Negara Malaysia

ENTERPRISE WIDE RISK FOR ISLAMIC BANKS


RISK PROFILE OF ISLAMIC BANK


Financial RiskFinancial Risk Business RiskBusiness Risk Treasury RiskTreasury Risk Governance RiskGovernance Risk

Credit RiskCredit Risk

Market RiskMarket Risk

Equity RiskEquity Risk

Operational RiskOperational Risk

Solvency RiskSolvency Risk

ALM RiskALM Risk

Hedging RiskHedging Risk

RoR RiskRoR Risk

Reputation RiskReputation Risk

Transparency Risk

Transparency Risk

Shariah RiskShariah Risk

Fiduciary RiskFiduciary Risk

Iqbal, Mirakhor: Introduction to Islamic Finance, theory and practice

FINANCIAL RISK


CREDIT RISK – INTERNATIONAL BEST PRACTICE


IFSB-1 PUBLISHED STANDARD


CREDIT RISK MANAGEMENT


Feedback Loop

CREDIT GOVERNANCE STRUCTURE AT BANK ISLAM


BusinessBusiness Credit Risk AnalysisCredit Risk Analysis

Financing Committee AFinancing

Committee AFinancing

Committee BFinancing

Committee B

Underwriting and Investment Committee

Underwriting and Investment Committee

Board Financing Committee

Board Financing Committee

CRO

Board Risk CommitteeBoard Risk Committee

RISK ASSOCIATED WITH SHARIAH CONTRACTS


IJARAH In case of a non‐binding Ijarah, the Bank runs the risk of having to sell the asset at a (much) lower price. Bank also runs the risk of residual value at end of the lease.

Normal credit risks with respect to periodical payments of installments.

Bank is responsible for major maintenance costs

Legality and enforceability of the beneficial ownership

AssetAsset

CustomerCustomer

Fund Flow

RISK ASSOCIATED WITH SHARIAH CONTRACTS…CONT


COMMODITY MURABAHAH / TAWARRUQ

Exposed when Bank delivers asset to Customer but does not receive payment on time. Higher risk in non‐binding MPO.

The sequence of the ownership transfer of asset and the fact that 2 traders are involved could expose the Bank to price risk.

Operational risk ‐ Broker defaults in the middle of the transaction

Normal credit risks of non‐payment or not according to contract during the life of the transaction

CustomerCustomer

Commodity Trader 1

Commodity Trader 1

Commodity Trader 2

Commodity Trader 2

Asset/Commodity Flow

Fund Flow

1 3 5 6

2 4



MUDHARABAH FINANCINGPrincipal – Agent problems; Adverse selection by Customer (info asymmetry)

Risk especially high when info asymmetry is high and in cases of low transparency (in case Bank does not have appropriate rights to monitor participate in management of project)

In case if misconduct/negligence of customer, Bank’s share of capital is transformed into debt liability (different rules apply to recovering debt)

Higher capital credit charge

CustomerCustomerBusiness Venture / Project

Business Venture / Project

Fund Flow

ProfitProfit LossLoss

PSR

PSR

X%

1‐X%



SALAM / ISTISNA

Bank is exposed to failure of customer to supply on time or at all, or if specifications of goods/project are not according to agreement. Hence payment could not be secured by selling commodities or project.

Bank usually enter into parallel Salam/Istisna, but contracts must not be linked. Hence if one leg falls away, the bank is still liable to perform under the other leg.

Customer(Today)Customer(Today)

Customer(delivery)Customer(delivery)

Asset/Commodity Flow

Fund FlowJeroen P.M.M Thijs, CRO‐Bank Islam, Credit Risk Management in Islamic Banks

TREASURY RISK


RISK MANAGEMENT AT TREASURY


Issuer’s/Counterparty Rating•Reliance on ECAIs•Govies vs PDS;AAA vs BBB•Probability of default ;rating downgrades

Underwriting activitiesCommitment to underwrite; ability to sell down

Adequacy of Internal market risk measure‐duration, PV01, VaR, Net Open Position

ConcentrationBy type of securities, sectorial, by rating, geographical location

Market Environment • Sector outlook;•Developments impacting specific issuer/counterparty

Supervisors to consider circumstances when credit risk becomes primary risk:‐Portfolio dominated by banking book securities‐Business strategy to trade on credit of the instruments

Peculiarities of Islamic Banking• Understanding of securities structure and underlying contracts is essential for the assessment of source of repayment• To rely on rating by ECAI, supervisors should ensure that assessments by ECAI had covered all the unique characteristics of the underlying Islamic contract

MARKET RISK – FACTORS TO CONSIDER

Role in market –principal dealer;

market maker; hedge provider

Concentration to specific market – over

the counter, derivatives or foreign

exchange

Nature and characteristics of positions – longer maturity structure; exotic currencies

Peculiarities of Islamic Banking• Valuation and price volatility of non‐

traditional banking assets (e.g. commodities, real estate, vehicle/automobiles)

Market Liquidity Risk•Immediate – speed of sale & cost to bear•Market Resilience•Market Depth•Breath – bid and ask spread

Funding Liquidity Risk• Maturity Transformation – Long term lending vs short term funding•Wholesale vs retail funding•Undrawn loans and crystallization of guarantees

LIQUIDITY RISK – FACTORS TO CONSIDER

Source: Mohamad Muhsin Mohd Anas, Bank Negara Malaysia

RISK MANAGEMENT – BUSINESS BANKING


Financing structure•Type of financing – bullet principal payment, long moratorium, RC (rollover of profit portion), Longer tenure financing, unsecured exposures, large working capital

Resources – supported by adequate number of staff with necessary

experience

ConcentrationBy sectors, by rating, geographical location, major borrowers (ie. Top 20)

Market Environment • Sector outlook; Developments impacting specific borrowers

Portfolio Analysis• Identify risk drivers ‐ vulnerable sectors, rating distribution• Delinquency analysis•Concentration analysis•Post‐mortem & Post‐approval Credit Review

OPERATIONAL RISK – FACTORS TO CONSIDER

IT system Infrastructure and MIS – ability to

support corporate banking business and

risk monitoring function

Manual Intervention–extent of manual

processes and internal control

Legal & regulatory risk• Assess financing structure, detailed scrutiny of

security documents•Nature and extent of business activities, including

new products and services;•Volume and significance of non‐compliance and non‐conformance with P&P, laws, regulations

Strategic Risk•Inability to implement business plans and strategies•Resources constraints to support business plan•Inability to adapt to changes in business environment•Stiff competition/pricing issues•Difficulty in growing business due to low risk appetite

STRATEGIC RISK – FACTORS TO CONSIDER

Shariah Risk – lapses in Shariah Compliance

RISK MANAGEMENT – RETAIL BANKING


Robustness of Credit Underwriting Standards

Comprehensiveness of risk appetite statement• Loss tolerance level•Target market/customer segment•Portfolio mix/concentration

Transaction Volume

Risk Profile•Concentration to risk drivers‐income, MoF, LTV employment, age etc

Business Targets• Financing growth, PBT target, incentive scheme

Impact of Economic Condition•:GDP growth/contraction;•Unemployment rate•Inflation

Adequacy of Risk Management ToolsPortfolio analysis‐• Migration Analysis/Flow Rates•Vintage Analysis•Scorecard Analysis•Performance of Deviation Cases•Assets Quality Trend (Delinquencies & impaired)•Performance of Reschedule & Restructured Accounts

OPERATIONAL RISK – FACTORS TO CONSIDER

Internal ControlAdequacy of check and balance function across retail credit processes

IT Infrastructure– capacity & capability of systems to support retail banking operations and risk management

function

Shariah Issues‐documentations and

Aqad

External Events –Catastrophes, fraud, AML

Debt‐service‐ratio – to be net of all statutory deductions and other obligations which are not covered by Central Credit Reference Information System (CCRIS)

Tenure – Vehicle financing must not be more than 9 years

MACRO PRUDENTIAL MEASURES ON RETAIL BANKING

Product Complexity

Segregation of duties

Marketing – Disclosure requirements; Fess and charges

Tenure – Vehicle financing must not be more than 9 years

AKPK – Avenue for redress & assistance

Sustainability of Residential Property Market•Individual : Maximum LTV of 70% for 3rd

residential properties•Non Individual : Maximum LTV of 60% for residential properties•Other pecuniary costs to be included in LTV calculation except for MRTT/Takaful•To verify existing commitment with CCRIS

CAPITAL MANAGEMENT


BASEL II


INTERNAL CAPITAL ADEQUACY ASSESSMENT PROCESS


Measurement of risk and required capital under BIS2

Integration of risk and capital in

strategic decisions and planningPillar 1 risks Pillar 2 risks External factors

Risk governance and control

Credit risk data issues

Market Risk

Market risk data issues

BIS1

Credit risk

Model risk

Legal risk

Interest rate risk bank book

Liquidity risk

Business risk

Strategic risks

Country & transfer risk

Concentration risk

Operational Risk

Stress tests / scenarios

Macro-economic risks Risk based pricing

Risk adjusted performance management

Active credit portfolio and capital

management

Business planning and budgeting

Risk appetite / capital management

Coherence of risks and results (EL vs LLP)

Roles and responsibilities•Supervisory Board•Executive Com.•Internal audit•Risk Department•Finance Dept•Strategic Planning•Investor relations•Branches

Risk governance•Committees•Limit system•Reporting•Escalations

Minimum standards for risk•Independent internal control•Sound risk assessment•Risk disclosure

Risk Issues Finance Issues Corporate Governance

ICAAP

www.bankislam.com.my


& Thank You

شكرا جزيال شكرا جزيال

Disclaimer: This presentation material has been prepared by Bank Islam Malaysia Berhad (the Bank”) for information purposes only and does not purport to contain all the information that may be required to evaluate the Bank or its financial position. No

representation or warranty, express r implied, is given by or on behalf of the Bank as to the accuracy of the information or opinions contained in this presentation. The presentation does not constitute or form part of an offer, solicitation or invitation of any offer, to buy or subscribe for any securities , nor should it or any part of it form the basis of, or be relied in any connection with, any contract, investment decision or commitment whatsoever. The Bank does not accept any liability whatsoever for any loss howsoever arising

from any use of this presentation or their contents or otherwise arising in connection therewith.

hizamuddin jamalluddin - bank islam · pdf fileoversight & risk management hizamuddin...

Documents