The management of risk is fundamental to our business and forms an essential element in our overall strategy. Our risk management philosophy is that all risks taken must be identified and managed, and the returns must commensurate with the risks taken.
There is a strong, centralised and independent risk management governance structure on:
The risk management governance structure takes the form of overall responsibility by the Board of Directors, review and approval by top management, as well as operational responsibility and control by our risk management and risk control teams.
Counterparty, Credit And Country Risk
Counterparty and credit risk can be defined as the potential loss arising from any failure in the ability or willingness of customers to fulfil their financial and contractual obligations, as and when they fall due. These obligations may arise from lending, trade finance, treasury and other activities undertaken by the Bank.
The Bank has in place policies, guidelines and procedures to control and monitor such risks. The risk parameters for accepting credit risks are clearly defined and complemented by policies and processes to maintain a well diversified and high quality credit portfolio.
Regular review and reporting are conducted on the Bank's asset concentrations and portfolio quality using internal credit ratings, industry exposures, level of non-performing loans and adequacy of provisioning requirements.
Credit review/audit is performed regularly to ensure that credit quality is maintained and that credit policies/procedures are complied with.
In respect of country risk, this is the risk that the Bank will not be able to obtain payment from customers as a result of actions taken by foreign governments, such as exchange controls, debt moratoria and restrictions on the remittances of funds, even though the creditworthiness of the customers might not have been impaired.
Country and cross-border obligations are monitored and managed through a system of country limits, based on internal country credit gradings, to avoid concentration of transfer, economic or political risks. These limits are regularly reviewed and reported.
Balance Sheet Risk
Balance sheet risk is defined as the potential change in earnings arising from movements in interest rates and foreign exchange prices on the structural banking book of the Bank which is not of a trading nature. Balance sheet risk is managed through a framework of approved policies and limits and reported regularly.
The balance sheet interest rate risk exposure is calculated using a combination of simulation modelling techniques and analysis tools. Stress and scenario tests depicting shifts and tilts in yield curves are performed regularly on the banking book. In addition, the structural foreign exchange risk in the balance sheet arising from the Bank's capital and earnings in our foreign branches and subsidiaries are dynamically managed and stress tested periodically. These are performed to provide early warning of potential worst case losses so as to facilitate proactive management of these risks in the rapidly changing financial markets.
Risk arising from the trading book in interest rate, foreign exchange and equity prices are managed and controlled under the market risk framework which is discussed under 'Market Risk'.
Liquidity Risk
Liquidity risk is defined as the potential loss arising from the Bank's inability to meet its own contractual obligations when due.
Liquidity risk is managed through a framework of liquidity policies, controls and limits. These policies, controls and limits ensure that the Bank maintains well-diversified sources of funding, as well as sufficient liquidity to meet all its contractual obligations when due.
Contingency funding plans have been drawn up to ensure that alternative funding strategies are in place to meet any unexpected liquidity needs of the Bank.
Market Risk
Market risk is defined as the potential loss arising from changes in market prices, namely, foreign exchange, interest rates and equity prices. Market risks are calculated using Value-at-Risk methodologies - variance/covariance and simulation models.
Market risk is managed using a framework of market risk management policies and risk control procedures, as well as risk and loss limits. All risk and loss limits are reviewed and approved annually.
Transactions undertaken for trading purposes are marked-to-market and the resulting gains and losses are taken up in the profit and loss accounts. Transactions designated as hedges are accounted for in a manner consistent with the accounting treatment of hedged items.
Stress and scenario tests are performed on the trading and investment portfolios to provide early warning of potential worst case losses so as to facilitate proactive management of these risks in the rapidly changing financial markets.
A risk-reward measure of Earnings-at-Risk is used as a standard measurement of the risks against related rewards across different products and business types.
Operational Risk
Operational risk is defined as the potential loss arising from a breakdown in the Bank's internal control or corporate governance that result in error, fraud, failure/delay to perform, or compromise of the Bank's interests by employees. Operational risk also includes potential loss arising from major failure of computer systems and disasters, for example, a major fire.
Potential loss includes financial loss or other damage, for example, loss of reputation and public confidence that will impact the Bank's credibility and ability to transact, maintain liquidity and obtain new business.
Operational risk is managed through an integral framework designed to assess, monitor, control and report such risks. The framework employs a variety of operational risk techniques and methodologies like risk profiling, operational risk self-assessment, monitoring of key operational risk indicators and where appropriate through risk transfer mechanisms such as insurance. Included in this framework is a disciplined product programme process. This requires business units to detail the procedures, controls and types of the risks associated with each new product as well as how these risks are managed.
Part of operational risk is legal risk. This risk arises from the inadequate documentation, legal or regulatory incapacity or insufficient authority of customers and uncertainty in the enforcement of contracts. This is managed through the effective use of and consultation with the Bank's legal and external counsel to ensure that legal advice is appropriately taken within established guidelines.
In addition, our Group Internal Audit monitors compliance by business and operation units with these operational control standards.
|
