DFCC Banking Business (DBB) adopts a comprehensive and well-structured mechanism for assessing, quantifying and managing risk exposures which are material and relevant for its operations within a well-defined risk framework. The articulated set of limits explains the risk appetite of DBB for all material and relevant risk categories and the risk capital position. Risk management is integrated with strategic, business and financial planning and customer/client transactions so that business and risk management goals and responsibilities are aligned across the organisation. Risk is managed in a systematic manner by focusing on a group basis as well as managing risk across the enterprise, individual business units, products, services, transactions and across all geographic locations.
Credit risk amounts to the highest quantum of quantifiable risk faced by any Sri Lankan bank based on the currently effective quantification techniques. In DBB also, credit risk accounted for 89% of risk-weighted assets as at March 2015. However, the Bank is fully aware and takes necessary measures to manage operational risk as a very important risk category. Operational risk incidents may be with high frequency but low impact or with low frequency but high impact all of which warrant being closely monitored and managed prudently.
Following broad risk categories are in focus:
DBB’s general policies for risk management are outlined as follows:
DBB advocates strong risk governance applied pragmatically and consistently with a strong emphasis on the concept of ‘Three Lines of Defence’. The governance structure encompasses accountability, responsibility, independence, reporting, communication and transparency, both internally and with our relevant external stakeholders.
The First Line of Defence involves the supervision and monitoring of risk management practices by the business managers, corporate management and executive committees while discharging their responsibilities and accountability for day-to-day management of business operations. Independent risk monitoring, validation, policy review and compliance by the IRMD, the compliance function and periodic monitoring and oversight by the Board Integrated Risk Management Committee (BIRMC) constitute the Second Line of Defence. The Third Line of Defence is provided by the independent check and quality assurance of the internal and external audit functions.
DBB exhibits an established risk management culture with effective risk management approaches, systems and controls. Policy manuals, internal controls, segregation of duties, clearly demarcated authority limits and internal audit as key risk management tools. The Group Chief Risk Officer (CRO), who is an Executive Vice-President functions on a Group basis with direct access to the BIRMC.
The Concept of ‘Three Lines of Defence’ for Integrated Risk Management Function of DBB
A set of structured policies and frameworks approved by the BIRMC and the Board forms a key part of the risk governance structure. Integrated Risk Management Framework stipulates, in a broader aspect, the policies, guidelines and organisational structure for the management of overall risk exposures of DBB in an integrated approach. This framework defines risk integration and the aggregation approaches for different risk categories. In addition, separate policy frameworks detail the practices for management of key specific risk categories such as credit risk, market risk, credit concentration risk, liquidity risk, operational risk etc. These policy frameworks are communicated across the Bank. Respective staff members are required to adhere to the specifications of these frameworks when conducting business transactions.
Risk appetite of the Bank has been defined in the Overall Risk Limits System. It consists of risk limits arising from regulatory requirements, borrowing covenants and internal prudential purposes. The limit system forms a key part of the key risk indicators and covers key risk areas such as credit, interest rate, liquidity, operational, foreign exchange, concentration and risk capital position amongst others. Lending limits cover the industry sectors and geographical regions as part of the prudential internal limits. These limits are monitored monthly and quarterly on a ‘Traffic Light’ system. These risk appetite limits are reviewed at least annually in line with the risk management capacities, business opportunities, business strategy of DBB and regulatory specifications. Industry sector limits for the lending portfolio considers the inherent diversification within the sub-sectors and the borrowers within broader sectors.
The BIRMC is a Board sub-committee, which operates on a group basis and oversees the risk management function and the Basel II implementation process in line with the Board approved policies and strategies.
The BIRMC functions under the responsibilities set out in the Board-approved Charter for the BIRMC, which incorporates corporate governance requirements for Licensed Commercial Banks issued by the Central Bank of Sri Lanka (CBSL). BIRMC will set the policy and operations for bank-wide risk management including credit risk, market risk, operational risk and liquidity risk. The Committee interacts with the CEO, Credit Committee, ALCO, Operational Risk Management Committee (ORMC) and Group CRO on risk management-related tasks. In addition to the Board’s representatives, the BIRMC consists of the CEO and CRO as voting members. Further, Heads representing Credit, Finance, Treasury, Information Technology and Operations attend the meeting as invitees. A summary of the responsibilities and functions of the BIRMC are outlined in the Report on the Board Integrated Risk Management Committee.
Management Committees such as Credit Committee, Asset and Liability Management Committee (ALCO), Operational Risk Management Committee (ORMC), Special Loan Review Committee (SLRC) and Impairment Assessment Committee (IAC) encompass a part of the organisational structure for integrated risk management function in DBB. The responsibilities and tasks of these committees are stipulated in the Board approved charters and TORs and the membership of each committee have been defined to bring an optimal balance for the business and risk management perspective including the CRO as a member.
The Credit Risk Appraisal Unit, which directly reports to the Group CRO, engages in credit risk management of the commercial banking business carrying out checks on credit rating and appraisals prior to credit approval in order to ensure quality of appraisals, adherence to defined guidelines and risk in the credit appraisal. Credit proposals from all branches are submitted for the review of this Unit before submission to the credit approving authority.
Organisational Structure for Integrated Risk Management Function
IRMD functions on a group basis and is responsible for measuring and monitoring risk at operational levels on an ongoing basis to ensure compliance with the parameters set out by the Board/BIRMC and other executive committees for carrying out the overall risk management function in DBB. It consists of four separate units such as Risk policy and Modelling, Credit Risk Management, ALM & Market Risk Management and Operational Risk Management. IRMD is involved with product or business strategy development or entering into new business lines from the initial design stage through input to the task/process from a risk management perspective. Credit Risk Management Unit of the IRMD carries out an independent review of the credit ratings of all corporates over a minimum threshold and also carries out random examination of other exposures. Treasury Middle Office which is functionally segregated from the Treasury Department and directly reports to the Group CRO and monitors the Treasury-related market risk limits.
During the period under review, several significant initiatives were undertaken paying continuous emphasis on regulatory developments and reassessing DBB’s existing risk management policies guidelines and practices for necessary improvements. In addition to these regulatory specifications, changes in business strategy, industry factors and international best practices were also considered during this improvement process. The following are the key initiatives during the financial year which brought improvements to the overall Integrated Risk Management Function:
The Bank continued to maintain its foreign currency credit rating of B+ (stable outlook) by the Fitch Ratings and B (stable outlook) assigned by Standard & Poor’s. The sovereign rating of BB- assigned for the Government of Sri Lanka is the benchmark for the foreign currency rating of other institutions within the country. During the year under review, the DFCC Bank’s local currency rating of ‘AA-’ was also maintained. DFCC Bank’s credit rating is influenced by the growing significance of the commercial banking business segment due to the highly integrated nature within the Group in operations and management. The commercial banking business of the Group – DVB, carries a stand-alone credit rating of ‘AA-’ assigned by Fitch Ratings Lanka. The increased significance of Group’s commercial banking business segment is a result of its business diversification strategy to bring earnings growth while managing the excessive dependence on the project lending business.
Credit risk is the risk of loss to the Bank if a customer or counterparty fails to meet its financial obligations in accordance with agreed terms and conditions. It arises principally from On-Balance Sheet lending such as loans, leases, trade finance, overdrafts as well as through Off-Balance Sheet products such as guarantees and letters of credit. A deterioration of counterparty credit quality can lead to potential credit-related losses for a Bank. Credit risk is the largest component of the quantified risk in DBB and accounts for 89% of Risk-Weighted Assets at DBB.
DFCC Bank, being a leading Development Finance Institution in Sri Lanka, is faced with a relatively high level of credit risk when conducting its development finance activities. The goal of credit risk management is to maximise the risk adjusted rate of return by maintaining the credit risk exposure within acceptable levels.
The DBB’s Credit Policies approved by the Board of Directors define the credit objectives, outlining the credit strategy to be adopted at DBB. The policies are based on CBSL Direction on Integrated Risk Management, Basel recommendations, business practices of DBB and risk appetite of DBB.
Credit risk management guidelines identify target markets and industry sectors, define risk tolerance limits and recommend control measures to manage concentration risk. Standardised formats and clearly documented processes and procedure ensure uniformity of practices across DBB.
Credit Risk Culture |
|
|
|
|
|
Credit approval process |
|
|
|
|
|
|
|
|
|
|
|
Control Measures |
|
|
|
Credit Risk Management |
|
|
|
|
|
|
|
|
|
Credit Risk Monitoring and Reporting |
|
|
|
|
|
|
|
|
|
Credit Risk Mitigation |
|
Market risk is the possibility of loss arising from changes in the value of a financial instrument as a result of changes in market variables such as interest rates, exchange rates, equity prices and commodity prices. As a financial intermediary the DBB is exposed primarily to the interest rate risk and as an authorized dealer, commercial Banking business is exposed to the exchange rate risk on foreign currency portfolio positions.
Market risk could impact DBB mainly in two ways; viz., loss of cash flows or loss of economic value. Market risk can be looked at in two dimensions; as traded market risk, which is associated with the trading book and non-traded market risk, which is associated with the banking book.
The ALCO oversees the management of both the traded and the non-traded market risk. The Group Treasury manages the foreign exchange risk with permitted hedging mechanisms. Trends in relevant local as well as international markets are analyzed and reported by IRMD and the Treasury to ALCO and BIRMC. The market risks are controlled through various limits. These limits are stipulated by the Group’s Investment Policy, Treasury Manual & Policy, and limits system of DBB.
Treasury Middle Office (TMO) is segregated from the Treasury Front Office (TFO) and Treasury Back Office (TBO) and reports to CRO. The role of the TMO includes the day-to-day operational function of monitoring and controlling risks assumed in the TFO and TBO based on clearly defined limits and controls. Being independent of the dealers, the TMO provides an objective view on Front Office activities and monitors the limits. TMO has the authority to escalate limit excesses as per delegation of authority to the relevant hierarchy. The Treasury information management system maintained by TMO includes a dashboard that facilitates the timely reporting of Treasury market positions independently to management.
The Treasury telephone voice logging system is fully deployed and is under the purview of the TMO in order to minimise operational risks associated with the voice-based market activities.
The strengthened treasury and market risk management practices contribute positively to the overall risk rating of the Group and efficiency in the overall Treasury operations.
TBO which is reporting to Head of Accounting and Reporting is responsible for accounting, processing settlements and valuations of all treasury products and transactions. The treasury transactions related information is independently submitted by TBO to relevant authorities.
Interest rate risk can be termed as the risk of loss in the net interest income (earnings perspective) or the net worth (economic value perspective) due to adverse changes in the market interest rates. ALM unit routinely assesses the DBB’s asset and liability profile in terms of interest rate risk and the trends in costs and yields are reported to ALCO for necessary realignment in the asset and liability structure and the pricing mechanism.
Foreign exchange rate risk can be termed as possibility of adverse impact to the Group’s capital or earnings due to fluctuations in the market exchange rates. This risk arises due to holding assets or liabilities in foreign currencies. Net Open Position (NOP) on foreign currency indicates the level of net foreign currency exposure that has been assumed by the Bank at a point of time. This figure represents the unhedged position of the Bank in all the foreign currencies. DBB accrues foreign currency exposure through purchase and sale of foreign currency from customers in its commercial banking and international trade business and through borrowings and lendings in foreign currency.
DBB manages the foreign currency risk using a set of tools which includes limits for net unhedged exposures, hedging through forward contracts and hedging through creating offsetting foreign currency asset or liability. TMO monitors the end of the day NOP as calculated by the TBO, and the NOP movement in relation to the spot movement. The daily inter-bank foreign currency transactions are monitored for consistency with preset limits and any excesses are reported to the management and to BIRMC. The unhedged foreign currency exposure of DBB is closely monitored and necessary steps are taken to hedge in accordance with the market volatilities.
The DBB’s pawning portfolio amounted to LKR 1,720 million at 31 March 2015, which was only 0.8% of total assets of DBB. This indicates that the risk exposure arising from the pawning portfolio is at a comfortably absorbable level to DBB, if it crystallises in the future.
Equity prices risk is the risk of losses in the marked-to-market equity portfolio, due to the decline in the market prices. The direct exposure to the equity prices risk by the DBB arises from the trading and available-for-sale equity portfolios. Indirect exposure to equity prices risk arises through the margin lending portfolio of DVB in the event of crystallisation of credit risk of margin borrowers. The Investment Committee of DFCC Bank is responsible for managing equity portfolio in line with the policies and the guidelines set out by the Board and the BIRMC. Allocation of limits for equities, sectors and for collateral form part of the tools for managing the equity portfolio. Rigorous appraisal, proper market timing and close monitoring of the portfolio performance in relation to the market performance facilitate the management of the equity portfolio within the framework of investment strategy and the risk policy. DBB’s long- term investment horizon for equity investments smoothens out the adverse implications of the short-term market volatilities while enabling the Group to reap optimal benefits from the selected securities in the portfolio.
The indirect exposure to equity prices risk arising from margin lending of DVB is managed through the specific margin trading policy framework under the supervision of the Credit Committee. Each margin lending customer is carefully appraised for his track record with the Bank and the financial strength to meet margin calls, if needed, while the equity exposure arising in terms of collateral is assessed under a structured process set out in the Margin Trading Policy before the origination of the facility. Fundamentals of the lodged shares, market liquidity of the share and the diversification of the portfolio are considered as part of the assessment. Margin lending is governed by proper documentation and daily monitoring and management reporting as specified in the Margin Trading Policy.
The DBB’s direct exposure to equity market accounted for 10% of the Group’s assets inclusive of DFCC Bank’s residual investment in the Commercial Bank of Ceylon PLC based on the marked-to-market values as at 31 March 2015. This equity portfolio which is classified as AFS, indicates an unrealized capital gain of LKR 17,380 million, which is reported under the other comprehensive income and the fair value reserve based on the marked-to-market value. Since there is such a large unrealised gains, the equity portfolio has to decline in current market value by more than 82.2% for the Group to recognise any possible negative impact to the income statement in case of a disposal of the portfolio. A value decline of 82.2% of the equity portfolio can be considered as a remote occurrence which is termed as a black swan event.
Liquidity risk is the risk of not having sufficient funds to meet financial obligations in time and in full, at a reasonable cost. Liquidity risk arises from mismatched maturities of assets and liabilities. DBB has a well set out framework for liquidity risk management and a contingency funding plan. The liquidity risk management process includes regular analysis and monitoring of the liquidity position by ALCO and maintenance of market accessibility. Regular cash flow forecasts, liquidity ratios and maturity gap analysis are used as analytical tools by the ALCO. Any negative mismatches up to the next quarter revealed through the cash flow gap statements are matched against cash availability either through incremental deposits or committed lines of credit. Additionally ALCO monitors the maturity gap limits set up across all time buckets. Whilst comfortably meeting the regulatory requirements relating to liquidity, for internal monitoring purposes, DBB takes into consideration the liquidity of each eligible instrument relating to the market at a given point in time as well as undrawn commitments to borrowers when stress testing its liquidity position. The maintenance of a strong credit rating [AA- (LKA)] assigned by Fitch Ratings Lanka and reputation in the market enables the DBB to access domestic wholesale funds. For short-term liquidity support the Bank also has access to the money market at competitive rates.
The CBSL Direction No. 7 of 2011 specifies that liquidity can be measured through stock or flow approaches. Under the stock approach, liquidity is measured in terms of key ratios which portray the liquidity in the balance sheet. Under the flow approach banks should prepare a statement of maturities of assets and liabilities placing all cash inflows and outflows in the time bands according to the residual time to maturity in major currencies. DFCC Bank primarily uses the flow approach in measuring and managing liquidity risk while DVB uses both the flow and stock approaches. In line with the long-term project financing business, the Bank focuses on long-term funding through dedicated credit lines while its commercial banking business focuses on Current and Savings Accounts (CASA) and Term Deposits as the key source of funding for its lending.
The structure and procedures for asset and liability management at DFCC Bank and DFCC Vardhana Bank have been clearly set out in the Board approved ALCO Charters.
In October 2014, the Central Bank issued consultative guidelines for implementation of the minimum liquidity standards (Liquidity Coverage Ratio) under Basel III. Accordingly, Banks will be required to maintain an adequate level of unencumbered High Quality Liquid Assets (HQLAs) that can be easily and readily converted into cash to meet their liquidity needs for a 30 calendar day time horizon under a significantly severe liquidity stress scenario. These guidelines are to be implemented from April 2015. The initial test computations of LCR performed for DFCC and DVB indicated that the Banks are already in compliance with the Basel III minimum requirements having sufficient High Quality Liquid Assets well in excess of the minimum requirements specified by the Central Bank (The Minimum requirement is 60% in HQLAs to be maintained over the immediate 30 day net cash outflow).
In October 2013, the Bank issued its debut foreign currency international bond of USD 100 million with an original maturity of 5 years. The Bank entered into a hedging agreement with the CBSL in order to mitigate the foreign exchange rate risk to the extent of USD 75 million. The balance part of this foreign currency borrowing continues to be managed actively within the Bank in line with the market movements as a part of managing the Bank’s overall unhedged foreign currency exposure.
As at 31 March 2015, DBB carried a net unhedged foreign currency liability equivalent to USD 13.5 million, which is closely monitored.
Operational risk is defined as the potential risk of loss resulting from inadequate or failed internal processes, people, systems and external events. It covers a wide area ranging from losses arising from fraudulent activities, unauthorised trade or account activities, human errors, omissions, inefficiencies in reporting, technology failures or from external events such as natural disasters, terrorism or even political instability. The objective of DBB is to manage, control and mitigate operational risk in a cost effective manner consistent with the Group’s risk appetite. The Group has ensured an escalated level of rigor in operational risk management approaches for sensitive areas of its operations.
ORMC oversees and directs the management of operational risk of DBB at an operational level with facilitation from the Operational Risk Management Unit of the IRMD. Active representation of the relevant departments and units of DBB has been ensured in the process of operational risk management through the operational risk coordination officers.
Segregation of duties with demarcated authority limits, internal and external audit, strict monitoring facilitated by the technology platform and back-up facilities for information are the fundamental tools of operational risk management. Audit findings and management responses are forwarded to the Board’s Audit sub-committee for their examination. Effective internal control systems, supervision by the Board, senior management and the line managers forms part of ‘First Line of Defence’ for operational risk management at DBB. The Group demands a high level of technical skills, professionalism and ethical conduct from its staff and these serve as insulators for many operational risk factors.
The Group business continuity plan deals with natural or other catastrophes. The loss of physical assets is mitigated through insurance.
The following are other key aspects of the operational risk management process in DBB:
Reputation risk is the risk of losing public trust or the tarnishing of the DBB’s image in the public eye. It could arise from environmental, social, regulatory or operational risk factors. Events that could lead to reputation risk events are closely monitored, utilizing an early warning system that includes inputs from frontline staff, media reports and internal and external market survey results. Though all policies and standards relating to the conduct of the DBB’s business have been promulgated through internal communication and training, a specific policy was established to take action in case of an event which hinders the reputation occurs. DBB has zero tolerance for knowingly engaging in any business, activity or association where foreseeable reputational damage has not been considered and mitigated. While there is a level of risk in every aspect of business activity, appropriate consideration of potential harm to DBB’s good name is a part of all business decisions. The complaints management process and the whistle blowing process of the Bank include a set of key tools to recognise and manage reputational risk.
Business risk is the risk of deterioration in earnings due to the loss of market share, changes in the cost structure and adverse changes in industry or macroeconomic conditions. The DBB’s medium term strategic plan and annual business plan form a strategy road map for sustainable growth. Continuous competitor and customer analysis, and monitoring of the macroeconomic environment enable the DBB to formulate its strategies for growth and business risk management. The processes such as Planning, ALM, IT and Product Development in coordination with business functions facilitate the management of business risk through recognition, measurement and implementation of tasks. Business risk relating to customers is assessed in the credit rating process and is priced accordingly.
Legal risk arises from unenforceable transactions in a court of law or the failure to successfully defend legal action instituted against the DBB. Legal risk management commences from prior analysis, and a thorough understanding of, and adherence to, related legislation by the staff. Necessary precautions are taken at the design stage of transactions to minimise legal risk exposure. In the event of a legal risk factor, the legal unit of the DBB takes immediate action to address and mitigate these risks. External legal advice is obtained or Counsel retained when required.
Compliance risk can be termed as the risk of legal or regulatory sanctions, financial losses or damages to the reputation of the Bank as a result of its failure to comply with all applicable laws, regulations, Codes of Conduct and Standards of good practice. DBB ensures the effective compliance policies and procedures are followed and appropriate corrective actions are taken to rectify any breaches of laws, rules and standards if and when identified. A robust compliance culture has been established within DBB with processes and work flows designed with the required checks and balances to facilitate compliance. The compliance function works closely with the business and operational units to ensure the consistent management of compliance risk. Compliance is a key area of focus during the process of new product development and review. Head of compliance submits quarterly reports on the compliance status to the BIRMC and the Board to enable oversight to be exercised with the added safeguard of being subject to internal audit. A culture of compliance permeates all levels of DBB.
In response to international best practices and global standards of AML and combating terrorist financing. Sri Lanka has enacted laws relating to AML and CTF. Further, the Financial Intelligence Unit, under the purview of the Central Bank, has issued rules for Know Your Customer (KYC), and Customer Due Diligence (CDD) to identify and report suspicious transactions. DBB has taken necessary measures to implement these regulatory and legislative requirements for AML and CFT. The steps taken in this respect include customer identification and verification, maintenance of records, ascertaining sources of funds, monitoring and maintenance of AML/CTF programmes. The customers of DBB are subject to KYC/CDD measures.
The Business Continuity Plan (BCP) of DBB ensures timely recovery of critical operations that are required to meet stakeholder needs based on identified disruptions categorised into various severity levels. BCP has been designed to minimise risk to human resources and to enable the resumption of critical operations within reasonable time frames with minimum disruption to customer service and payment settlement systems. The BCP site, which is located in a suburb of Colombo, is prepared in line with the BCP Guidelines issued by the Central Bank and is tested regularly to establish its effectiveness. Training is carried out to ensure that all staff is fully aware of their role within the BCP.
The Group adopts a proactive approach to ensure satisfactory risk capital level throughout its operations. In line with its historical practice and the capital targets, the Group aims to maintain its risk capital position higher than the regulatory minimum requirements of 5% for Tier I and 10% for Total capital. The risk capital position of the DBB (on a group basis) demonstrates the following key features.
DFCC Group Capital Adequacy Ratios
Under Simple Approaches of Basel II
As at 31st March | ||
Parameter | Tier I
% |
Total Capital
% |
Minimum regulatory requirement | 5 | 10 |
DFCC Group capital position | ||
- 2010 | 26.2 | 23.1 |
- 2011 | 28.0 | 26.9 |
- 2012 | 21.0 | 19.9 |
- 2013 | 20.8 | 19.3 |
- 2014 | 18.7 | 17.2 |
- 2015 | 17.7 | 16.6 |
Capital adequacy measures the adequacy of the Group’s aggregate capital in relation to the risk it assumes. The capital adequacy of the Group has been computed under the following approaches of Basel II which are currently effective in the local banking industry.
Graph below shows DFCC Group’s capital allocation and available capital buffer as at 31 March 2015 based on the quantified risk as per the applicable regulatory guidelines. Out of the regulatory risk capital (total capital) available as at 31 March, credit risk accounts to 50.2% of the total capital while the available capital buffer is 43.4%.
Risk-Weighted Assets of DFCC Bank on a Solo and a Group Basis as at 31 March 2015
Risk-weighted assets (quantified risk category as per the CBSL Guidelines) | 2015 | 2014 | ||
Bank | Group | Bank | Group | |
Credit risk | 86,158 | 150,641 | 73,852 | 125,745 |
Market risk | 2,655 | 2,720 | 2,896 | 3,069 |
Operational risk | 7,637 | 14,034 | 7,575 | 13,172 |
Total | 96,450 | 157,374 | 84,323 | 141,987 |
DFCC Group’s Capital Position in Comparison to the Industry
As at Financial Year end (DFCC Group – 31 March, Industry – 31 December)
Parameter | 2014/15 | 2013/14 | 2012/13 | |||
Tier I | Total Capital | Tier I | Total Capital | Tier I | Total Capital | |
Local industry capital adequacy ratios | 14.1 | 16.7 | 14.9 | 17.6 | 14.7 | 16.4 |
DFCC Group | 17.7 | 16.6 | 18.7 | 17.2 | 20.8 | 19.3 |
Apart from the strong capital position reported on-balance sheet, the Group maintains a financial flexibility through the stored value in it its equity investment portfolio. The unrealised capital gain of the Group is LKR 17,380 million, as at 31 March 2015 of the listed equity portfolio is included in the Fair Value Reserve and is currently not taken into consideration in the capital adequacy computation based on regulatory specifications.
Banking Supervision Department of the Central Bank of Sri Lanka (CBSL) has taken steps to strengthen the risk management aspects of the licensed banks in Sri Lanka by enforcing certain regulations, specifications, guidelines and recommendations from time to time, which are in line with the Basel II recommendations. The following regulatory specifications are particularly crucial;
Risk Category | Impact | Key Risk Indicators | Statutory/
Internal Limit |
Position as at
31.03.2015 |
Integrated Risk
Management |
An adequate level of capital is required to absorb unexpected losses without affecting the Bank’s stability. (Total capital as a percentage of total risk-weighted assets) |
Capital Adequacy Ratio (Core capital as a percentage of total risk-weighted asset) | Regulatory | Complied |
Capital Adequacy Ratio (Total capital as a percentage of total risk-weighted asset) | Regulatory | Complied < | ||
Capital Adequacy Ratio (Tier I as a percentage of total risk-weighted assets) | Internal | Complied | ||
Concentration/Credit Risk
Management |
When the credit portfolio is concentrated to a few borrowers or a few groups of borrowers with large exposures, there is a high risk of a substantial loss due to failure of one such borrower. |
Single Borrower Limit - Individual (Amount of accommodation granted to any single company, public corporation, firm, association of persons or an individual/capital base) | Regulatory | Complied |
Single Borrower limit - Group | Regulatory | Complied | ||
Aggregate large accommodation (Sum of total of the outstanding amount of accommodation granted to customers whose accommodation exceeds 15% of the capital base/outstanding amount of accommodation granted by the Bank to total customers excluding the Government of Sri Lanka) | Regulatory | Complied | ||
Aggregate limits for related parties (Accommodation to related parties as the CBSL Direction/Regulatory Capital) | Internal | Complied | ||
Exposure to agriculture sector (As per the CBSL Direction) | Regulatory | Complied | ||
Exposure to each industry sector (On-Balance Sheet exposure to each industry as a percentage of total Lending Portfolio) | Internal | Complied | ||
Exposure to selected regions (On-Balance Sheet exposure to the regions as a percentage of the Total Lending Portfolio) | Internal | Complied | ||
Leases Portfolio (On-Balance Sheet exposure to the leasing product as a percentage of Total Lending Portfolio Plus Securities Portfolio) | Internal | Complied | ||
Exposure to GOSL | Internal | Complied | ||
Non-Performing Ratio | Internal | Complied | ||
Industry HHI | Internal | Complied | ||
Maximum expected loss limits for each product line | Internal | Complied | ||
Loan & OD - Exposure in BB and below grades | Internal | Complied | ||
Loan & OD - Exposure in B and below grades | Internal | Complied | ||
Leasing - Exposure in BB and below grades | Internal | Complied | ||
Leasing - Exposure in B and below grades | Internal | Complied | ||
Target Rating-wise PDs and provisions | Internal | Complied | ||
Margin trading (Aggregate exposure of margin loans extended/total loans and advances) | Internal | Complied | ||
Maturity profile of loan book (Loans and advances with maturity of less than one year/total loans and advances | Internal | Complied | ||
Pawning portfolio (Aggregate exposure of pawning portfolio/total loans and advances) | Internal | Complied | ||
Liquidity Risk
Management |
If adequate liquidity is not maintained, the Bank will be unable to fund the Bank’s commitments and planned assets growth without incurring costs or losses. | Liquid Asset Ratio for DBU (Average Monthly liquid assets/total monthly deposit liabilities) | Regulatory | Complied |
Liquid Asset Ratio for FCBU | Regulatory | Complied | ||
Loans to Deposit Ratio | Internal | Limit exceeded | ||
(However, this ratio was brought within the limit subsequent to the reporting date) | ||||
Liquidity gap limits | Internal | Complied | ||
Market Risk Management | Forex Net Open Long Position | Regulatory | Complied | |
Forex Net Open Short Position | Regulatory | Complied | ||
Limit for counter party Off-Balance Sheet Market Risk | Internal | Complied | ||
Aggregate interbank exposure | Internal | Complied | ||
Limit for settlement risk arising from market risk | Internal | Complied | ||
Investment Risk | Equity exposure – Individual (Equity Investment in a private OR public company/Capital fund of the Bank) | Regulatory | Complied | |
Equity exposure – Individual (Equity investment in a private OR public company/Paid-up capital of the Company) | Regulatory | Complied | ||
Aggregate equity exposure in public companies (Aggregate amount of equity investments in public companies/capital fund of the Bank) | Regulatory | Complied | ||
Aggregate equity exposure in private companies (Aggregate amount of equity investments in private companies/capital fund of the Bank) | Regulatory | Complied | ||
Aggregate equity exposure in private and public companies (Total investments in private and public companies/capital fund of the bank) | Regulatory | Complied | ||
Equity exposure (Equity exposure as a percentage of Total Lending Portfolio plus Securities Portfolio) | Internal | Complied | ||
Operational Efficiency | Cost to income ratio (Solo) - Operational Cost/Operational Income | Internal | Complied | |
Operational Risk | Adequately places policies, processes, and systems will ensure and mitigate against excessive risks arising. This will result in the stability of the Bank. | Reputation risk of the Bank and Group (Zero risk appetite) | Internal | Complied |
Significant regulatory breaches (Zero risk appetite) | Internal | Complied | ||
Inability to recover from business disruptions over and above the Recovery Time Objectives (RTO) as defined in the BCP of the Bank (Zero risk appetite) | Internal | Complied | ||
Mis-selling of financial products and services (Zero risk appetite) | Internal | Complied | ||
Failure to undertake risk-based customer due diligence (Zero risk appetite) | Internal | Complied | ||
Internal fraud (Zero tolerance for losses due to acts of a type intended to defraud, misappropriate property or circumvent regulations, the law or bank policy, excluding diversity/discrimination events, which involves at least one internal party). | Internal | Complied | ||
External fraud (Very low appetite for losses due to act of a type intended to defraud misappropriate property or circumvent laws, by a third party) | Internal | Complied | ||
Employee practices and workplace safety (Zero appetite for losses arising from acts inconsistent with employment, health or safety laws or agreements from payment of personal injury claims, or from diversity/discrimination events) | Internal | Complied | ||
Client products and business practices (Zero risk appetite for losses arising from an unintentional or negligent, failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements) or from the nature or design of a product). | Internal | Complied | ||
Damage to physical assets (Very low appetite for loss arises from loss or damage to physical assets from natural disaster or other events). | Internal | Complied | ||
Business disruption and systems failures (Very low appetite for business disruptions/system failures for more than 30 minutes during service hours). | Internal | Complied | ||
Execution, delivery and process management (Very low appetite for losses from failed transaction processing or process management). | Internal | Complied |