Bank Risks Flashcards
How are Banks becoming more innovative? What are the problems that arise because of this?
To embrace technology and become more agile, banks are moving to the cloud and other forms of outsourcing, which adds to the complexity. Vital elements of key business services are now being delivered by companies who are not regulated to the same extent as banks.
Yet, although there are opportunities to thrive, embarking on such change can be a source of risk, not only to individual banks, but also to the economy, society, and the wider environment.
What is a Risk?
Risk is defined in various ways depending on the context. Historically, risk has been associated with taking chances to make gains.
Essentially, risk is about uncertainty. While recognising that with risk comes opportunity, risk in banking is mainly seen as the potential for loss that results from banks’ interaction with uncertainty.
What are the three questions Banks ask when facing the concept of Risk versus Reward?
If banks did not take any risks, they would not be able to generate any profit. Key questions are:
- How much risk and reward are we comfortable in facing or taking?
- What are the obstacles to achieving reward, and what could be the downside of failing to do so?
- How do we assess and manage the risk and the reward?
What is a Banks risk appetite?
A bank’s risk appetite is how much risk a bank is prepared to take in order to meet its strategic objectives. A bank will have different appetites for different risks and these may change over time. Risk appetite is established, integrated into business plans, and monitored by the bank’s Board.
What is a Banks risk tolerance?
Risk tolerance is about what the organisation can actually cope with.
How will a Bank exress it’s risk appetite?
A bank will express its risk appetite through its risk appetite statement which helps guide risk management activities across the organisation. The statement is typically based on a review of the perspectives and concerns of the bank’s stakeholders and addresses the implications of its current strategy and objectives.
What are the six types of risks?
Strategic risks
Operational risks
Legal risks
Reputational risk
Financial risks
Systemic risks
What is a Strategic Risk?
Strategic risks are risks that affect, or are created by, an organisation’s business strategy and strategic objectives. Therefore a bank could have strategic risks if it selects an ineffective strategy for remaining competitive in the current banking environment
What is an Operational Risk?
Operational risks are major risks that affect an organisation’s ability to execute its strategic plan. The Basel Committee on Banking Supervision (BCBS) (2011, p.3) defines operational risk as “…the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events”
Operational risks also include the risks of cyber crime. Being the victim of a cyber attack can result in the loss of corporate data, intellectual property, or customers’ financial details, with consequences ranging from regulatory fines and reputational loss, through to complete failure of a business. As cyber risk has been identified as the biggest risk currently facing the financial sector, we look at this in more depth later in this unit.
What is a legal risk?
Legal risks include regulatory and compliance risks:
o Regulatory risk is the risk of changes to regulations that result in increased compliance requirements and costs of compliance; for example, a change in rules relating to products or dealing with customers.
o Compliance risk includes the potential for fines and penalties for an organisation that fails to comply with laws and regulations.
What is a reputational risk?
Reputational risk is where there is a threat or danger to the good name or standing of an organisation. Reputational risk can arise as the result of the actions and conduct of the company, its employees, or a supplier, leading to causing harm to customers, or adverse effects on market stability or effective competition.
What is a financial risk?
Financial risks arise where there is a danger or possibility that the organisation and its shareholders, investors and other financial stakeholders will lose money. For a bank, financial risks include credit risk, market risk and liquidity risk.
Credit risk is the risk that borrowers will not repay their loans. We’ll look more closely at credit risk and how this is managed in a later section.
Market risk is the risk of loss from movements in prices in the financial markets. Examples are foreign exchange risk and interest rate risk.
Foreign exchange risk is also known as currency risk. As banking markets become more global, the importance of a bank’s international activities in the form of foreign investments increases. The risk is that what banks earn from these investments can be affected by exchange rates. Changes in the value of a country’s currency relative to other currencies affect the foreign exchange rates.
Interest rate risk arises from the impact of movements in interest rates and can affect interest paid on deposits and charged on loans. It can therefore affect the profitability of a bank. These risks differ from credit risk, in that they relate to how interest rates and prices for market instruments affect the profitability and value of a bank. Although a bank can be extremely effective at managing credit risk, it can still perform poorly if it fails to manage its market risk.
Liquidity risk is the risk that a bank doesn’t have enough readily available funds to finance its day-to-day operations and pay its debts as they fall due. An example is having enough cash available to give deposit customers their money back either on demand or at an agreed time.
What is a systemic risk?
A further risk that is of critical importance to the financial sector and its regulators is systemic risk — the possibility that an event at one bank or other financial organisation could trigger severe instability or collapse of an entire industry or economy.
What does PESTLE stand for? What does PESTLE do?
A key tool for analysing external environmental factors is PESTLE:
- Political (e.g., changes in government)
- Economic (e.g., changes in interest rates, exchange rates, or a recession)
- Social (e.g., an ageing population or the effect of automation on people, skills and employment)
- Technological (e.g., digital innovations)
- Legal (e.g., changes in legislation and regulation)
- Environmental (e.g., impact of a business on the environment, its social responsibility, and climate change).
Banks use this tool to identify the key drivers for change — the environmental factors that are likely to have a high impact on the banking industry and the success or failure of a bank’s strategy. PESTLE is also useful for identifying risks that could prevent a bank from achieving its strategic objectives, as well as opportunities for achieving success.
What is a capability?
Capabilities refer to the extent to which these resources are capable of implementing the bank’s strategy. The efficiency and effectiveness of physical or financial resources and the people in the organisation depend, not just on the fact that they are there, but on “…the systems and processes by which they are managed, the relationships between people and cooperation between people, their adaptability, their innovative capacity, the relationship with customers and suppliers, and the experience and learning about what works well and what does not
What are the fundamental principles in the Risk Management Associations standards?
Identify
• What are the risks?
• How will we define them?
• In what format will we record them?
Assess
• How likely is it that the risks will materialise?
• What could happen as a result?
• What are our priorities?
Respond
• How will we respond to and treat each risk?
• What action will we take?
• What can we do to mitigate this risk, i.e., prevent or reduce it to make it less harmful to us?
Review
• How likely is it that these risks could change or evolve?
• How often should we review them?
• Which risks and actions need to be revised?
What is a holistic approach to risk management?
A holistic approach to risk management is one that recognises the interrelationships between risks. As such, it is not fragmented into functions and departments; rather, it is organised with a view to optimising risk management performance across the entire organisation
An example of a holistic approach to risk management is Enterprise Risk Management (ERM), a process that is applied in setting risk strategy and implemented across the organisation to ensure risk is managed within the organisation’s risk appetite and that organisational goals are achieved.
What is the difference between Governance and Culture?
Governance sets the organisation’s tone, reinforcing the importance of, and establishing oversight responsibilities for, enterprise risk management. Culture is about the organisation’s ethical values and how it expects employees to behave.
What is strategy and objective setting?
Enterprise risk management, strategy, and objective-setting work together in the strategic planning process. A risk appetite, aligned with strategy, is established. Business objectives are devised to implement the strategy and provide the basis for identifying, assessing, and responding to risk.
What happens once the risks are identified and assessed?
Risks are prioritised in accordance with how severe they are thought to be within the context of risk appetite. The organisation then decides how it will respond to the risks, taking an overall view of risk across the organisation. The results of this process are reported to key risk stakeholders.
What is Credit Risk? How does a Bank manage Credit Risk?
Credit risk is “… the potential that a bank borrower or counterparty will fail to meet its obligations in accordance with agreed terms”
A bank will lend in line with its credit risk strategy, approved by the bank’s board of directors. The strategy will include the bank’s tolerance for credit risk and the level of profitability it expects to achieve for incurring various credit risks (see the section on ‘risk appetite’). A key concept here is ‘know your risk’.
What is a Bank’s loan portfolio?
A bank’s loan portfolio is all the bank’s loans on a given day and is a major asset for the bank. The value of a portfolio depends on the interest earned on the loans and the quality, or likelihood, that the interest and the original loan amount (the ‘principal’) will be paid.
What is screening? What is the pros and cons?
Knowing your customer becomes more difficult when a bank has adopted a ‘black box’ system, where the decision to lend is decided by a ‘machine’ programmed by an algorithm, and where there is no lending professional reviewing the application.
The danger is that either the machine says ‘yes’ based on the input of data (a good credit score for example) which may not take into account a customer’s other borrowing commitments.
Or that the machine says ‘no’ based on the criteria it is programmed with, yet it may well be a good lending proposition if other factors were to be taken into consideration by a professional lending specialist.
Does a Bank measure risk on a single loan or a wider portfolio?
Credit risk management is not just about the risk of a single loan, it also applies to all the loans on the bank’s books, that is, the bank’s entire loan portfolio. It’s therefore important for credit managers to identify risks on individual loans and assess any adverse effects these could have on the wider portfolio. This will enable the lender to decide whether it can grow its loan portfolio by lending more money or limiting the number of loans it makes to avoid overexposing itself to the risk of loans not being repaid.
