Enterprise Risk Management

Similar documents
11/15/2016. Enterprise Risk Management. Building FHLBank Atlanta s ERM Program. FHLBank Atlanta. Navigating the Enterprise Risk Management Landscape

Navigating the New Normal Enterprise Risk Management After e-risk Identification and Assessment

FIRMA Nashville Tennessee April 21, 2015

Can we take more risk and remain safe?

Risk Management. Policy No. 14. Document uncontrolled when printed DOCUMENT CONTROL. SSAA Vic

Certified Enterprise Risk Professional (CERP) Test Content Outline

360 Degrees of Enterprise Risk Management

RISK COMMITTEE CHARTER THE CHARLES SCHWAB CORPORATION

FINANCIAL INSTITUTION GOVERNANCE AND REGULATION SERVICES EXPERTS WITH IMPACT

Regulatory Disclosures. September 30, 2016

Amidst such development, BPMB stays focused in fulfilling its mandated role whilst remaining steadfast in improving its asset quality.

Mission Statement. Build shareholder value through leadership in strategic management of risk. Objectives. Risk Priorities

National Risk Committee (NRC) Semiannual Risk Perspective. Fall 2015

Market and Liquidity Risk Assessment Overview. Federal Reserve System

Enterprise-Wide Risk Management

ERM/ORSA Training Thai General Insurance Association (TGIA)

Amex Bank of Canada. Basel III Pillar III Disclosures December 31, AXP Internal Page 1 of 15

Risk Report. 42 Introduction 43 Risk and Capital Overview 43 Key Risk Metrics 44 Overall Risk Assessment 44 Risk Profile

Delivering Clarity to Credit Unions Through Expertise and Experience

ENTERPRISE RISK MANAGEMENT (ERM) POLICY Republic Glass Holdings Corporation. Purpose. Goals

RISK COMMITTEE CHARTER

Risk Appetite Survey Current state of the Insurance Industry

Presentation by: Nasumba Kizito Kwatukha CPA,CIA, CISA,CFE,CISSP,CRMA,CISM,IIK 6 th JULY 2017

ZAG BANK BASEL PILLAR 3 DISCLOSURES. December 31, 2015

Summary of Risk Management Policy PT Bank CIMB Niaga Tbk

BERGRIVIER MUNICIPALITY. Risk Management Risk Appetite Framework

Community Trust Company Basel III Pillar 3 Disclosures June 30, 2018

INTERNAL AUDIT AND OPERATIONAL RISK T A C K L I N G T O D A Y S E M E R G I N G R I S K S T O G E T H E R

NAIC OWN RISK AND SOLVENCY ASSESSMENT (ORSA) GUIDANCE MANUAL

ZAG BANK BASEL PILLAR 3 AND OTHER REGULATORY DISCLOSURES. December 31, 2017

Meridian Finance & Investment Limited Disclosure under Pillar III on Capital Adequacy and Market Discipline As on December 31, 2017

Enterprise-Wide Risk Management

U.S. Bancorp Risk Management Committee Charter

Guidance Note: Internal Capital Adequacy Assessment Process (ICAAP) Credit Unions with Total Assets Greater than $1 Billion.

Pillar III Disclosure Report 2017

Community Trust Company Basel III Pillar 3 Disclosures December 31, 2017

Opinion of the EBA on Good Practices for ETF Risk Management

2019 ANNUAL SHAREHOLDERS MEETING

Market and Liquidity Risk Examination Techniques. Federal Reserve System

Federal Home Loan Bank of Atlanta 2017 Annual Stress Test Disclosure

We referred to ICP 20 which deals with public disclosures and is therefore directly comparable to the SFCR.

Critical Reflection of Two State-of-the-Art Risk Management Frameworks (SRM004)

Basel III Pillar III Disclosures

Risk An overview and MIS An audit Perspective

Community Trust Company Basel III Pillar 3 Disclosures March 31, 2017

2015 CEO & Board University Aligning the Strategic Plan with Enterprise Risk Management Programs. Michael D. Cohn, CPA, CISA, CGEIT

Nagement. Revenue Scotland. Risk Management Framework

What Is Asset/Liability Management?

Enterprise Risk Management How much risk do you want to take? Mark Lim Risk Consulting and Software Towers Watson

RISK APPETITE FRAMEWORK

Risk Management. Credit Risk Management

PNC Bank, NA. Board Report. June 30, Pittsburgh, PA. A/L BENCHMARKS Standards for Asset/Liability Management

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

ENTERPRISE RISK MANAGEMENT IN HEALTH CARE. April 27, 2017

Basel III Reforms. Strategic Initiatives of the Risk Management Implementation in Risk and its Management Profiles

Liquidity Coverage Ratio Public Disclosure

PILLAR 3 REGULATORY CAPITAL DISCLOSURES

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Fifth Third Bancorp 1Q18 Earnings Presentation

Working through Risk Appetite

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

THE INVESTOR FOR SECURITIES COMPANY. PILLAR III DISCLOSURE As of 31 December 2017

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Harmonizing Risk Appetites within a Stress Testing Framework

2016 Annual Stress Test Disclosure FHLB Des Moines

BASEL III PILLAR 3 DISCLOSURES. September 30, 2017

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

Wells Fargo & Company. Basel III Pillar 3 Regulatory Capital Disclosures

NOVEMBER 16, As Required by the Dodd-Frank Wall Street Reform and Consumer Protection Act

Operational risk and corporate governance

Dodd-Frank Act Stress Test 2017 Public Disclosure

Capital Plan and Business Operating Plan. Enterprise-wide Stress Testing ICAAP

Desjardins Trust Inc. Financial Information and Information on Risk Management (unaudited)

Northern Trust Corporation

Risk management policy

Basel II Pillar 3- Qualitative Disclosure

DFAST Public Disclosure: Texas Capital Bancshares 2015

BASEL III PILLAR 3 DISCLOSURES (unaudited) December 31, 2017

Basics of Liquidity Risk Management For Community Financial Institutions under $3 Billion in Assets

BASEL III PILLAR 3 DISCLOSURES (unaudited) March 31, 2018

BASEL III PILLAR 3 DISCLOSURES. December 31, 2016

Solvency II Insights for North American Insurers. CAS Centennial Meeting Damon Paisley Bill VonSeggern November 10, 2014

RISK COMMITTEE TERMS OF REFERENCE. The Board has resolved to establish a Committee of the Board to be known as the Risk Committee.

CITY OF JOHANNESBURG METROPOLITAN MUNICIPALITY GROUP RISK AND ASSURANCE SERVICES GROUP RISK MANAGEMENT POLICY

External Credit Stress Testing

Wintrust Financial Corporation

Guidance Note: Stress Testing Credit Unions with Assets Greater than $500 million. May Ce document est également disponible en français.

Rogers Bank Basel III Pillar 3 Disclosures

PILLAR 3 Disclosures

West Coast District Municipality. Risk Management Policy

ERM in the Rating Process: A Practical Perspective

Financial Literacy Mastery

RISK MANAGEMENT FRAMEWORK

2015 Annual Stress Test Disclosure

Basel III Pillar 3 Disclosures

Pillar III Disclosures

Northern Trust Corporation

BASEL III PILLAR 3 DISCLOSURES. December 31, 2013

Transcription:

Enterprise Risk Management Navigating the Enterprise Risk Management Landscape Alp E. Can Director of Enterprise Risk Management, FHLBank Atlanta North Carolina Bankers Association August 31, 2016

Building FHLBank Atlanta s ERM Program

FHLBank Atlanta Goal: To help shareholder financial institutions make affordable home mortgages and provide economic development credit to their communities One of the 11 regional Banks in FHLBank System 2nd quarter 2016 dividend: 4.64% (LIBOR + 400 bps) 3

FHLBanks and ERM As a matter of sound practice, each FHLBank should have a risk management function or unit(s) with clearly defined responsibilities that reports directly to executive management and has regular reporting responsibility to the board of directors of a committee thereof. The risk management function should not report to business units that undertake risk positioning. Federal Housing Finance Agency Advisory Bulletin May 18, 2005 4

FHLBank Atlanta and ERM Years 1 and 2 (2007-2008) Early challenges Hiring of risk managers and analysts Development of Key Risk Indicators (KRIs) Continuous improvement (assessment quality, reporting) Year 3 and 4 (2009-2010) Committee refinement Model enhancement and methodology development Better analysis and focus on risk versus return (stress testing) Increased ERM personnel involvement on key projects 5

FHLBank Atlanta and ERM Years 5 through 10 (2011-2016) Expansion + increased credibility and trust of ERM team Development of risk appetite statement Created an ERM charter Involvement in strategic planning process Creating Model Risk Governance Group Implementing Dodd-Frank Act Stress testing Embed stress testing with strategic planning, risk appetite, and capital planning Future of ERM (2016-beyond) Business Intelligence Using new technology and big data to improve future risk assessments 6

Why ERM?

ERM Defined Enterprise Risk Management (ERM) is the capability of an organization to understand, control, and articulate the nature and level of the risks taken in pursuit of a risk adjusted return. Categories of risk: Credit Liquidity Strategic / Business / Reputation Market Operational Compliance / Legal Financial Capital Adequacy Source: Risk Management Association (RMA) 8

ERM Framework (Rooted in Culture) Ensure the company has significant capital in a stressed environment Stress Testing Develop a response plan to best manage risk Response Coverage Consider all current and potential risk facing business strategy and operations Assess how well the company manages risks Control Environment CULTURE Risk Appetite Determine the amount of risk the company is willing to accept Determine the size and scope of all risks Measurement & Evaluation Governance & Policies Create a strong foundation for risk management Risk Data & Infrastructure Ensure appropriate data is used to manage risk Source: Risk Management Association (RMA) 9

What Makes a Culture Strong? Honesty Tone at the top Integrity Trust CULTURAL VALUES Proper incentives Courage to speak up and act Independence of thought Openness / transparency Respect for the ideas of others Source: Toward Effective Governance of Financial Institutions,G30 Working Group, 2012. 10

Examples of Top Risks/Issues 11

Examples of Recent Risk Events CYBER RISK GEOPOLITICAL RISK June 2015 Exposed PII of over 20 million people June 2016, the U.K. votes to leave the EU Impacted global stock markets and currency valuation Negatively impacted forecasted GDP for U.K. and EU 12

ERM: Practical Implementation Steps

Three Lines of Defense Model Board / Risk or Audit Committees Senior Management 1 st Line 2 nd Line 3 rd Line Operational Management Internal Controls Risk management by business operations Risk Oversight Compliance Independent risk oversight and compliance Internal Audit Independent evaluation of risk management effectiveness E X T E R N A L A U D I T R E G U L A T O R 14

Risk Appetite Statement Strategic Plan Risk Assessment Capital Plan Incentive Comp Plan Risk Appetite Framework Internal Risk Policies Risk Committee Reports (i.e., ALCO) Other Key Internal Documents IT Risk Tolerance Statement 15

Stress Testing: A Fundamental ERM Tool Source: Supervisors Raising the Bar on ERM. Promontory, Sightlines in Focus, February 2013. 16

Final Thoughts Effective ERM = more intelligent risk-taking, fewer loss events Implementation takes years and commitment Pace toward maturity determined by CEO and board commitment and demonstrated value Developing a balanced risk/return culture is a journey Developing a comprehensive risk assessment that includes emerging risks 17

APPENDIX

Organizational ERM Structure/Team Board Board Risk Committee CEO CRO Independent ERM Units Credit Risk Team Market Risk Team Ops Risk Team Model Risk Team 19

Board Committee Structure BOARD OF DIRECTORS Overall Risks Business Risks Strategic Risks Reputation Risks Audit Finance Credit & Member Services Enterprise Risk & Operations Governance & Compensation Housing & Community Investment Financial Reporting Risks Overall Compliance Risks Fraud Risks Internal Controls Market Risks Liquidity Risks Capital Risks Earnings Risks Credit Risks Collateral Risks Enterprise-wide Risks Risk Appetite Operational Risks Emerging Risks Black Swans Human Resources Risks Disclosure Risks (CD&A) Affordable Housing Program Compliance Risks 20

Management Committee Structure IT Steering Committee Credit & Collateral Committee Asset/Liability Committee Enterprise Risk Committee IT Governance Committee Collateral Model Valuation Committee Financial Management Strategy Committee Operational Risk Committee Security Governance Committee Retirement Plan Committee Community Investment Services Committee Accounting Policy Committee Disclosure Committee 21

Risk Identification and Assessment 22

Risk Assessment: Key Risk Indicators and Trends 23

Key Risk Indicators: Focus Group vs. All Banks Risk Appetite Statement/Report (Community Bank Template) Sample Template Risk Category Capital Adequacy Market Risk / Earnings Credit Risk (Concentration) Liquidity Compliance / Regulatory Reputation/Strategic Operational Risk Risk Appetite Report As of Risk Level Risk Appetite Levels Risk Appetite Categories Current Previous Zero Low Moderate High Capital Adequacy Market Risk / Earnings Credit Risk (Concentration) Liquidity Compliance / Regulatory Reputation/Strategic Operational Risk 12.0 Regulatory Leverage Ratio (%) 120.0 Texas Ratio 12.0 NPAs / Assets (%) 9.0 90.0 9.0 6.0 60.0 6.0 3.0 30.0 3.0 0.0 2011Q2 2011Q3 2011Q4 2012Q1 0.0 2011Q2 2011Q3 2011Q4 2012Q1 0.0 2011Q2 2011Q3 2011Q4 2012Q1 All Banks (Avg) Focus Group (Avg) All Banks (Avg) Focus Group (Avg) All Banks (Avg) Focus Group (Avg) 4.0 Loan Loss Reserves / Gross Loans (%) 20.0 Net Non-Core Funding Dependence (%) 200.0 Efficiency Ratio (%) 3.0 15.0 150.0 2.0 10.0 100.0 1.0 5.0 50.0 0.0 2011Q2 2011Q3 2011Q4 2012Q1 0.0 2011Q2 2011Q3 2011Q4 2012Q1 0.0 2011Q2 2011Q3 2011Q4 2012Q1 All Banks (Avg) Focus Group (Avg) All Banks (Avg) Focus Group (Avg) All Banks (Avg) Focus Group (Avg) 24

Risk Appetite Statement/Report (Community Bank Template) Sample Template Risk Categories 1. Capital Adequacy 1.a. Achieve satisfactory CAMELS ratings for Capital Adequacy 1.b. Maintain Total Equity / Total Assets w ithin acceptable limits (%) 1.c. Maintain capital ratios above regulatory capital requirements 1.d. Maintain Leverage Ratio w ithin acceptable levels 2. Market Risk / Earnings 2.a. Achieve satisfactory CAMELS ratings for Sensitivity to Market Risk 2.b. Maintain Duration Gap above acceptable levels w ith up/dow n 100, 200, 300 bps rate shocks 2.c. Maintain EVE above acceptable levels w ith up/dow n 100, 200, 300 bps rate shocks 2.d. Maintain Interest Expense/ Avg. Assets w ithin acceptable limits (%) 2.e. Rate-sensitive Assets/Assets (%) 2.f. Rate-sensitive Liabilities/Assets (%) 3. Credit Risk (Concentration) 3.a. Achieve satisfactory CAMELS ratings for Asset Quality 3.b. Maintain NPA's (Non-Performing Assets) / Assets w ithin acceptable level (%) 3.c. Maintain NPL's (Non-Performing Loans) / Loans w ithin acceptable level (%) 3.d. Maintain ALLL w ithin acceptable level 3.e. Maintain Commercial Real Estate (CRE) Loans / Total RBC w ithin acceptable level (%) 3.f. Maintain Residential 1-4 w ithin limits to RBC (%) 3.g. Maintain C&I w ithin limits to RBC (%) 4. Liquidity 4.a. Achieve satisfactory CAMELS ratings for Liquidity 4.b. Maintain satisfactory Net Non-Core Funding Dependence (%) 4.c. Maintain satisfactory Net Short-Term Liabilities / Assets (%) 4.d. Maintain satisfactory FHLB funding availability 4.e. Maintain acceptable liquidity ratios (%) 4.f. Maintain acceptable levels of pledged securities 5. Compliance / Regulatory 5.a. Achieve a satisfactory exam report 5.b. Number of Internal audit reports less than satisfactory (%) 5.c. Number of external audit reports less than satisfactory 5.d. Number of customer complaints 5.e. Number of new or proposed regulations or legislation 5.f. Minimize Bank Secrecy Act / Anti-Money Laundering related losses ($000s) 6. Reputation/Strategic 6.a. Achieve satisfactory CAMELS ratings for Management 6.b. Number of active litigation matters 6.c. Community Reinvestment Act activities 6.d. Tone of new s reports (positive/negative) 6.e. Succession planning in place for senior management / key personnel (%) 6.f. Achievement of strategic goals 7. Operational Risk 7.a. Number of material w eaknesses 7.b. Maintain acceptable level of operational losses ($000s) 7.c. Maintain high level of critical system availability (%) 7.d. Maintain adequate insurance coverage (e.g. flood / hazard) (%) 7.e. Maintain optimal level of employee headcount (%) 7.f. Minimize confidential data breaches Risk Appetite Key Risk Indicators as of Internal Sources Current Level Previous Level Risk Trend Board Oversight Risk Appetite Level Definitions Zero Not w illing to accept risks under any circumstances Low Not w illing to accept risks in most circumstances Moderate Willing to accept risks in certain circumstances High Willing to accept risks in most circumstances Aggregate Risk Score - 95-100 90-94.9-85 - 89.9-80 - 84.9 - Less than 80 - n/a Internal Documents Legend BP Budget Plan CP Capital Plan ICP Incentive Comp Plan IP Internal Bank Policies Individual Risk Level Acceptable At Risk Unacceptable Increasing Risk Stable Risk Decreasing Risk Board Committees AC Audit Committee CC Credit Committee ERC Enterprise Risk Committee FC Finance Committee GCC Governance & Compensation Committee 25

Risk Appetite Statement/Report (Community Bank Template) Sample Metrics / Data Risk Appetite Key Risk Indicators as of 1. Capital Adequacy 3. Credit Risk 1.a. Achieve satisfactory CAMELS ratings for Capital Adequacy 1.b. Maintain Total Equity / Total Assets within acceptable limits (%) 1.c. Maintain capital ratios above regulatory capital requirements (%) 1.d. Maintain Leverage Ratio within acceptable levels (%) 1 3 4 3.a. Achieve satisfactory CAMELS 1 3 4 ratings for Asset Quality 10.3 6 10.4 10.7 8 10.9 20 30 3.b. Maintain Non-Performing Assets / Assets within acceptable level (%) 17.5 17.7 5.9 6.0 3.c. Maintain Non-Performing Loans / Loans within acceptable level (%) 3.d. Maintain ALLL within acceptable level ($000s) 155 159.6 5.5 5.6 4 6 378.2 379.5 2. Market Risk / Earnings 3.e. Maintain CRE Loans / Total RBC within acceptable level (%) 300 400 2.a. Achieve satisfactory CAMELS ratings for Sensitivity to Market Risk 2.b. Maintain Duration Gap between acceptable levels with up/down 100, 200, 300 bps rate shocks (years) 2.c. Maintain EVE above acceptable levels with up/down 100, 200, 300 bps rate shocks 2.d. Maintain Interest Expense/ Avg. Assets within acceptable limits (%) 2.e. Rate-sensitive Assets/Assets (%) 1 3 4.12.12-8 -7 +7 +8 0.89 0.99 32.2 33.1 63.7 63.9 3.f. Maintain Residential 1-4 within limits to RBC (%) 3.g. Maintain C&I within limits to RBC (%) 4. Liquidity 4.a. Achieve satisfactory CAMELS ratings for Liquidity 4.b. Maintain satisfactory Net Non-Core Funding Dependence (%) 4.c. Maintain satisfactory Net Short- Term Liabilities / Assets (%) 100 200 100 1 3 4 7.0 9.5 5.8 7.0 150 2.f. Rate-sensitive Liabilities/Assets (%) Legend 4.d. Maintain satisfactory FHLB funding availability 28.6 29.4 Green Yellow Red Risk is within acceptable threshold Increase in risk as threshold has been breached Increase in risk as threshold has been breached Current Level 12 - month Avg 4.e. Maintain acceptable liquidity ratios (%) 4.f. Maintain acceptable levels of pledged securities 30.6 31.5 26

Risk Appetite Statement/Report (Community Bank Template) Sample Metrics / Data 5. Compliance / Regulatory 5.a. Achieve a satisfactory exam report 5.b. Number of Internal audit reports less than satisfactory (%) 5.c. Number of external audit reports less than satisfactory 5.d. Number of significant customer complaints 5.e. Number of new or proposed regulations or legislation 5.f. Minimize Bank Secrecy Act / Anti- Money Laundering related losses ($000s) Risk Appetite Key Risk Indicators as of 7. Operational Risk 1 3 4 5 7.a. Number of material weaknesses 0 1 2 3 0 5 10 7.b. Maintain acceptable level of 0 operational losses ($000s) 0 0 250 500 0 3 6 7.c. Maintain high level of critical 0 50 90 system availability (%) 0 0.17 1 1.2 0 5 9 7.d. Maintain adequate insurance 0 5 10 coverage (e.g. flood / hazard) (%) 1 1 98 98 0 5 9 7.e. Maintain optimal level of employee headcount (%) 80 90 100 0 0 2 2 0 0 25 75.2 0 0 0 50 100 7.f. Minimize confidential data 0 1 2 breaches 99.85 99.98 100 6. Reputation / Strategic 6.a. Achieve satisfactory CAMELS ratings for Management 1 3 4 6.b. Number of active litigation matters 0 * 100 200 6.c. Community Reinvestment Act activities Outstanding or Satisfactory Needs to Improve Substantial Noncompliance *P rior Rating 6.d. Tone of news reports (positive/negative) - qualitative measure Legend 6.e. Succession planning in place for senior management / key personnel (%) 0 50 85 95 98 100 Green Yellow Red Risk is within acceptable threshold Potential increasein risk as threshold has been breached Increase in risk as threshold has been breached Current Level 12 mo. Average 6.f. Achievement of strategic goals 27

Risk Appetite Statement/Report (Community Bank Template) Sample Template Risk Appetite Additional Information as of Risk Appetite Preamble The Bank s board of directors and management have established this risk appetite statement and risk metrics for controlling and escalating actions based on the seven continuing objectives that represent the foundation of the Bank's strategic and tactical planning: Capital Adequacy Maintain adequate levels of capital components that protect against the risks inherent on the Bank s balance sheet and provide sufficient resiliency to withstand potential stressed losses. Market Risk / Earnings Market risk exposure should be managed in such a way that a significant disruption in rates and spreads would not result in a loss that would threaten the Bank's capital plan. Credit Risk (Concentration) Avoid credit losses by managing credit risk exposures within acceptable parameters. Achieve this objective through datadriven analysis (and when appropriate perform shareholder-specific analysis), monitoring and verification. Monitor through enhanced reporting any elevated risk concentrations, and when appropriate, manage and mitigate the increased risk. Liquidity Risk Maintain sufficient liquidity and funding sources to allow the Bank to meet expected and unexpected obligations. Compliance / Regulatory Comply with all applicable laws and regulations. Reputation / Strategic Recognize the importance of and advance positive awareness and perception of the Bank. Operations Manage the key risks associated with operational availability of critical systems, the integrity and security of the Bank s information, and the alignment of technology investment with key business objectives. Current Key Issues 3.b. Maintain Non-Performing Assets / Assets within acceptable level (%) - Continue to monitor. 3.e. Maintain CRE Loans / Total RBC within acceptable level (%) - Continue to monitor. 28

Questions and Answers Alp E. Can Director of Enterprise Risk Management FHLBank Atlanta acan@fhlbatl.com Tel: 404.888.5574

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback