Credit risk is defined as the probability that a bank borrower or counterparty will fail to meet their obligations in accordance with agreed terms. The goal of credit risk management is to maximize a bank's risk-adjusted rate of return by maintaining credit risk exposure within acceptable parameters. Banks need to manage credit risk inherent in the entire portfolio, as well as the risk in individual credits or transactions. This straightforward and simple definition provides the framework for risk management policies and procedures within banking organizations. There is also operational risk, which is defined as ‘the risk of direct or indirect loss resulting from inadequate or failed internal processes, people and systems, or from external events’. In addition, the Basel accord has taken a scientific approach to define the way provisions must be made or handled for market risk arising from the legitimate business operations of a bank.
At the outset, all this may appear to point the way a model should be built to arrive at the required safety capital in the form of tier one and two. No doubt the committee approach was far more superior to its own assessment at the Basel I level, and it created a robust mechanism to assess a bank’s financial health covering business, operations and market risk dimensions. It is believed that, compared to the current scenario, these approaches would have helped banks to not only improve the bottom line on the balance sheet but, to improve the way the business is done. It would help the banks organize their internal systems, people, and processes to ensure that their business is not jeopardized due to failures in operational or credit risk monitoring practices.
As stated earlier, operational risk management has been an important aspect of bank management prescribed by the Basel Accord. The committee’s approach towards Loss Distribution suggests that the bank’s estimate for each business line/risk, type the probability distribution functions of the single event impacting the business for the next (one) year, based on its internal data to compute the probability distribution function of the cumulative operational loss. This approach had two important intentions of helping bank managements mitigate any risk of unexpected as well as expected losses which could have an impact on the capital structure.
Though the Basel II and III Accords did prescribe how banks should approach risk and develop a mitigation framework, the industry is uncertain about how much proactive thinking has been devoted to developing enterprise-wide operational risk frameworks at the operational level of banks. Recent debacles, including the US home lending and sub-prime crises, point to a gap between instrument pricing, valuation and business priorities. This missing link between how we define an operational risk and a market risk is one of the key reasons for today’s financial problems.
Unwinding incidents and continued sub-prime loss events hitting the balance sheet on every new batch run of mark-to-market calculations are worrisome indicators. They show that banks have not achieved significant improvement in their processes to integrate their risk definition (credit, markets and operational risk), data collection exercises (enterprise-wide and cross-border), risk assessment and management (balance sheet as well as off-balance sheet), along with capital allocation and governance mechanisms.
With business thriving and growth driven by the derivatives desk, too often these processes which existed on paper did not translate into operations. View is that the single largest reason for this is the lack of clarity in definitions as well as insufficient investments in building middle and back-office systems to generate synchronized MIS reports cutting across the businesses and product lines.
Further, the qualitative nature of the banks’ approach to manage the operational risk does not by itself lead to meaningful information. Since definition of ‘operations’ failure covers unscrupulous activities by malicious entities along with failure to adhere to the norms prescribed for the businesses. Thus it is of no use while unearthing the potential risk introduced through the pricing of instruments that do not have robust reference markets. The table below depicts a key model used by markets to monitor credit risk:
As depicted in the table above, banks often rely on the information provided through known sources or the documents made available to them.
It is interesting to note that though counter-parties/products and business are classified as a risk type, the risk level in terms of severity is generally classified as medium. Further, this approach does not consider sophisticated financial instruments and products that do not have robust reference markets from the pricing perspective and certainly does not factor in underlying cash flows of products. This is a key reason why banks are unable to understand the contamination effect of bad loans on good advances.
While these models and criteria have helped banks mitigate credit risk to an extent, it is evident that these do not suffice to identify the risk raised through new products such as credit derivatives. From the perspective of risk managers and practitioners, it is important to develop different ways to measure both expected and unexpected losses. The following two approaches should be added to the well-laid foundation of Basel II and III:
1. Measuring the instrument and deal pricing – It is important to measure the unknown risks arising from policies and procedures followed to price a deal or instruments. A clear understanding of the products and underlying cash flow, based on which the product is designed and developed, is critical. If two co-related cash flows for the base for a product which depends on rating obtained from rating bureaus, exposure limits or higher risk measurement needs to be placed on such instruments and deals.
2. Operational risk measurement needs to take legitimate business practices into account. Consistent methodology, processes, and procedures need to be developed to price a deal or instruments. Also, the concentration of asset classes and its impact must be taken into consideration for any risk assessment model.
As these two approaches are simple to understand and implement, they can help risk managers better prepare themselves to handle unexpected loss events if they occur. This back to basics approach can help make the financial world a much safer place.