Risk management in banks

WITH GROWING competition and fast changes in the operating environment impacting the business potentials, banks are compelled to constantly monitor and review their approach to ``credit'', the main earning asset in the balance sheet. With compulsions at peer level in the international standards, the Reserve Bank of India as the central bank has been emphasising, in the recent years, on risk management and recently, issued a timely warning to bank managements to focus on the efforts for installing effective systems for control of risks, through calling for certification regarding compliance on these aspects.

The first circular of RBI introducing ALM (Asset Liability Management) for banks as mandatory, was issued in September 1998; given the history of banking in India and the comfort of insulated economy, awareness on the relative implications is yet to perceive while the RBI itself is administering the relative regulatory measures in phases. It is not simply the banking industry but change in the environment, like the legal structure, market imperfections including the depth of the market nd tax structure, need to keep pace for the requirements. However, bank managements are yet to grapple with what is before them while towards the exercise, the first step namely establishing a data base, is being initiated.

Pertaining to risk management in credit portfolio, it is not as though banks are not conscious of the various risk elements - in fact, all these phrasealogies are repeated all over from time to time in different context. Such comprehension requires to be translated into practice by evolving systems for control/administration.

For various reasons and the stress under which banks have been operating ever since nationalisation, it is a simple fire fighting exercise. Many could be cited.

- for instance, in SBI, sanction of credit facilities to a non- corporate borrower beyond a limit, requires approval from the highest authority at the Central Board level.

- purely from counterparty risk factor, the consortium approach till recently in force, enabled banks to contain exposure to specific borrowers even before the advent of induction of prudential limits by RBI.

- the concept of insurance for loan losses as also the provisioning norms were in existence since the early 1970's. Despite diverting the resources of the deposit premium collected from all banks, including public sector banks, since the 1960's, the credit guarantee scheme failed to deliver. The sheer volumes, as in any walk of banking aspects, outwitted the objectives while concepts were not fine tuned in the sense that supportive systems were not in place.

Permissiveness, root cause

Credit pundits in India discount the need for looking to the end use of funds, as being impractical. Here again, decades back, in the large branches in metros in SBI, the senior executives at branch level, by a system of scanning the day's operations for high values, kept track of large inflows/outflows. However, these were all given up over a period. Eventually, under the consortium concept, inspection was by document, given up.

The problem again is related to the huge operations to be scanned... but in the process, one of the avenues of credit intelligence, crucial for post sanction followup, is given a go- by.

For instance, the various risk parameters, management techniques now being talked about, all these are well established in the U.S. decades back; however, it is equally important to observe the various supportive systems prevalent in terms of administration in such developed nations while practice of banking is closely confined to what has been documented.

Permissiveness in all spheres and at all levels combined with vast volumes to be handled - the root cause for the present status. It is common for us to observe that `dead accounts' are still carried forward in the books for several years and why for that matter, many of the branches of public sector banks in losses for years still continue (this is despite RBI having permitted banks to `swap' loss making branches, way back in 1994).

Federal Deposit Insurance Corporation in the U.S. is a key administrator, on its own, distinct from the Federal Reserve Board, for financial institutions. The public are well informed of the insurance for depositors before they decide to bank; this faith is evolved by the manner in which the FDIC paid out the guaranteed amounts to depositors when banks in thousands failed in the 1980's.

Deposit insurance in India, is only on paper, not to speak of the recent move by the DICGC to hike the premium including the public sector banks (it is pertinent to mention that as early as in 1969, the then Chairman of SBI, Mr. R. K. Talwar, questioned the wisdom of deposit insurance for public sector banks, which is still under study...). It is not as though no bank failures were reported: small banks which failed were all `taken over' (100 per cent of the deposit liabilities) by public sector banks and the DICGC is thereby kept out of the process.

However, an exception was made when the DICGC met the deposit liabilities of Bank of Karad - the circumstances of the case were such that there was no question of any existing bank even to think of rescue..! The committee's recommendations to revamp the DICGC providing teeth with legal powers - given the size of operations of public sector banks, it is inconceivable as to how even a revamped Deposit Insurance Corporation may deliver the goods; even in the private sector, the growth of some of the banks has been phenomenal in recent years.

Again, `securitisation' is being talked about since 1990's but we are yet to see any positive development (NHB has recently concluded mortgage-backed securitisation on its own guarantee). The basic support in the form of legislation is yet to be seen while in the U.S., supportive organisations are established by the Government, like GNMA (the Government National Mortgage Association or `Ginnie Mae'' as it is known), a directly owned government agency with major functions like sponsoring mortgage- backed securities programmes by financial institutions besides acting as a guarantor to investors in mortgage-backed securities regarding the timely passthrough of principal and interest payments on the sponsored bonds, providing timing insurance. Besides, with such support the instruments emanating from GNMA are available in markets for hedging operations in risk management.

The RBI has been advocating as one of the elements of risk, standardised documentation - in the U.S., even in the case of non- corporates, registration of documents provides comfort to the lending banks.

Here, instances are aplenty for violation of even the limited documentation; it is a fact that giant corporates dictate terms to banks for compromising on the covenants, even the documentation; small banks can ill-afford to lose such customers and provide `clean' facility.

In the regime of bill markets, two types of interest are quoted, one for a mercantile bill and another for non-mercantile bill. In the regime of consortium principle, consent letter from the lead bank is a `must' - in reality, a simple letter is obtained from a co-operative bank to comply with this condition!

Risk management presupposes avenues for `hedging' namely availability of instruments, markets to be developed. The legislation regarding derivatives was recently enacted and further process is yet to develop. MIBOR as a branch mark rate is yet find wider acceptance. FRAs (forward rate agreements) are yet to take off; only few banks, mostly foreign banks offer as at present. The RBI has recently cut down the lock in period for banks CDs to 15 days providing a short term investment avenue.

The horrid memories of the securities scam in the early 1990's are still fresh in memory. One of the reasons for the major debacle was attributed to the lack of preparations, systems/procedures by participating banks: it is a fact that banking has been prevalent in India for more than a century with SBI owing its origin to the 19th century as well. However, until the scam broke out, in the absence of a regulatory concern, the procedures in treasury transactions for banks were not even standardised.

Be it an accounting treatment or the procedure for a transaction, even today one cannot be sure: for instance, other than the metros where established markets exist for call money (overnight moneys), at other centre, branches of banks do meet the liquidity requirements by inter bank arrangements.

However, the documentation or the manner in which such deals are struck is a matter for mockery: a paper requesting for TT discounting is exchanged for overnight call borrowing. Practice prevails over law...? Do these transactions, particularly in the public sector banks get reported to the central treasury desk on daily basis...?

That bring the next question of a fundamental requirement: the aggregate exposure of a bank to a customer on various transactions like credit, forex and treasury. Particularly in the case of large corporates or public sector giants, at least no bank of Indian origin maintain the overall liability; it is all available in truncated data - the problem is lack of connectivity or reporting systems to a centralised collecting agency.

With the advent of computers, perhaps major or large values get focussed. It is sheer volume spread across the length and breadth of the country: for instance, in the case of IOC, high value transactions even without a formal current account is handled by public sector banks which are not encompassed.

It did happen sometime back that one of the public sector giants desired allocation of cash credit limits to additional branches within the overall sanctioned limit; however, even before the relative administrative sanction could be conveyed, branches permitted the public sector organisation drawings resulting in overdrawals to the tune of Rs. 600 crores vitiating the liquidity profile as perceived at the corporate office.

Credit information bureau

With spread of branches all over, the traditional procedure of renewal of limits periodically for high value customers such as the public sector units and relative advice to branches concerned - all these are forgotten as impractical and it is assumed that the public sector is after all a governmental organisation... The pertinent observation is that with galloping volumes in transactions, banks have not been proactive in establishing appropriate control measures.

Likewise, large private business houses have multiple banking arrangements and these corporates only know the total exposure not the banks concerned.

It is heartening to note that RBI has initiated steps in December last for establishing a Credit Information Bureau, a long felt need - the task is huge and here too, banks and other institutions need to be bound by legal compulsions to provide prompt and accurate information - as of now, even within the banks/financial institutions, arrears in reconciliation in customers' accounts need to be tackled to provide accuracy.

The list of such open position of banks to transaction risks is endless and these are in vogue for decades. If only these are to evaluated for risk parameters as required under the present dictates, it will be an impossible task for banks to find capital resources.

The central bank, the Government and the bank managements - all of them have a collective responsibility to comprehend to find solutions. Providing infrastructure is the main responsibility of the government/RBI - in many of the circulars relating to treasury or for that matter, the provisioning norms, RBI is silent on taxation.

A lot of ground has been covered in loan loss provision while administration in the taxation is yet to toe the line advocated; likewise, in treasury transactions, now and then income tax department create hurdles, reverting their own decisions, from time to time - for instance, the classic case of Vijaya Bank regarding treatment of broken period interest on debt instruments: the case refers to the procedure prevalent in 1969 while the relative provisions in the Income Tax Act were omitted in early 1990's.

However, the assessing officers blindly quote the Supreme Court decision event today. And again, the result is by such disallowances after considerable passage of time, the losses suffered by banks are not properly reckoned.

There is a requirement from the RBI that all banks submit a compliance certificate in regard to transactions in treasury - the format is simple: list out all circulars of RBI issued since decades and against each these, the bank has to say ``complied''. With market developments, circular instructions issued from time to time are modified, returned, deleted. It is not the RBI's domain to codify the essentials while banks on their own, need to list all circulars for the certification.

Another growing contribution to the mess is the `hot potch' computerisation in bits and pieces. Including the new generation private banks, the volume to be handled five or ten years hence is not the objective; the exercise is confined to the present volume which itself is huge, no doubt.

Already, banks are freely `outsourcing' (the modern management jargon) their requirements of routine work albeit the inhouse computer support. The fall out of these will be seen in the next four or five years - confidentiality of the customers accounts apart, the data handled by outsiders may be exploited for fraudulent manipulations - while the computerisation itself is not well designed in many cases: to take care of routine functions besides reporting requirements, risk factors etc.

The problem is the initial introduction itself requires tremendous efforts and thereafter, to retune or make it compatible with fresh requirements is rendered even more difficult.

Lastly, if one looks retrospectively, one of the major contributors to the above `hotch potch' credit administration is attributable to the vexatious accountability concept with Governmental blessings from time to time - these have totally sapped even the little professionalism to develop in banking arenas while the mention of CBI is adequate for business promotion...! The sadistic approach sans the purpose viz., to save the financial loss in the major factor for the present status of helplessness at the managerial levels.

It is, therefore, essential on the part of the Govt. and RBI to identify the loose ends in the infrastructure. Simultaneously, bank managements may well take upon in serious terms, risk management systems which should be a daily practice in their operations and not mere reports at the Board levels. No doubt the task is of a very high magnitude and willy nilly we need to start somewhere; however, what is essential is that at the macro level, be it the Government or RBI or bank managements, commitment to the exercise should be visible - failure may be suicidal as we are exposed to market risks at international level, which is not under our control as it was in the insulated economy till sometime back.

The environment, including the judicial process, awareness all round need to be geared to these tasks. First it is the bank staff who need to see the writing on the wall - the attitudinal changes, which is more crucial... The regulatory authorities, to ensure a positive direction, may enlist the chartered accountants, outside the statutory audit, for verification of the compliances which should be dovetailed to the certification of the balance sheets. Till then, certification for compliances would continue, only as an academic exercise.

R. S. Raghavan

Formerly of SBI/ICICI Bank