priyanka1987
New member
Credit policy
Indecent exposure
Financial institutions are stepping up their credit risk management policies and implementing new measures to control credit limits. Geoff Bedser defines how these changes should be made
There has been an unprecedented amount of interest in the past few months in how banks formulate and operate their credit risk management policies. At the end of July, the Basle Committee on Banking Supervision issued a consultative paper, which outlines 17 basic principles to be followed in the credit risk management process.
All but two of these principles are directly concerned with implementing a credit policy. The paper, Principles for the management of credit risk, places much emphasis on the responsibility of senior management to formulate, agree and implement a structured credit policy. Some of the main areas covered by the paper concern credit approval processes, credit administration processes and procedures and the application of controls on problem areas. The paper also contains recommendations on how a bank should define its overall credit risk management strategy, which forms the starting point for a credit policy.
Banks seem to have realised it is in their interest to run a sensible, structured credit policy. For too long, too many of them have set credit limits in a disorganised, fragmented fashion. They have either used outmoded methodologies to calculate exposures against limits or have spent considerable time and effort to arrive manually at a global, consolidated view of their exposures. The problems encountered during the worldwide economic turmoil of late 1998 led many such banks to appreciate the benefits of a rational, pragmatic credit policy that can be implemented using the most appropriate systems and approaches.
Although the Basle paper says lending is the most obvious source of credit risk, it also emphasises that, in practice, credit risk arises from banking and trading activity both on and off the balance sheet. If anything, the paper does not emphasise enough the potential credit risk impact of off-balance sheet and other trading activity. Comments on this paper are required by November 30, which suggests that final rules are likely to be implemented by the middle of next year.
While the risk policy principles proposed by the Basle Committee are commendable, the key issue for most banks is how they should actually be put into practice.
When a bank’s credit committee (or similar body) comes to approve a credit line, it is essential that committee members have a thorough understanding of every aspect of the counterparty or borrower. An experienced credit analyst should be responsible for collating the relevant information from a variety of sources, including credit rating agencies, annual reports, market briefings and other sources, such as the Internet.
This approach highlights the importance not only of the basic ratings information provided by credit rating agencies, but also of more detailed profiles of banks and companies, provided by the organisations themselves. This is especially important in emerging markets, where there is a lack of accurate ratings data. Additionally, the information provided by rating agencies may not be kept up to date with the speed of downgrades, as happened during Russia’s financial crisis of August 1998. Even all the available information is no real substitute for first-hand knowledge gained by credit analysts and managers.
The essential output from the credit approval process is the setting of the bank’s credit limits. Some recent discussions have concluded that credit limits are insufficiently flexible and limit the scope of a bank’s traders, and that they should be replaced by sophisticated return on risk measures. Using this approach, traders are allowed to deal up to any level, provided they generate an adequate return to compensate for the risk taken. The greater the value of the trades, the higher the return demanded. But this can give rise to extra dangers by encouraging excessive leverage, and is too reliant on the use of value-at-risk measures. Limits are still needed to protect against event risk.
The vast majority of banks are not yet advanced enough in the use of return on risk methodologies, and are unlikely to be so for some time. For most banks, therefore, limits will still be vital to control the risk in all credit-related activity.
To monitor their banking and trading activity in a controlled fashion and on a global basis, banks must set multiple limits – by product, operational unit and customer subsidiary – for every customer or customer group. These limits are additional to the overall limits traditionally applied by banks for a whole customer group. For example, for a particular customer, there may be limits at several levels in a bank’s product hierarchy (see figure 1). Similarly, there may be separate limits for each subsidiary (or branch) of a customer that the bank trades a particular product with.
To maintain control over these multiple limit levels, the highest level limits applied to a particular customer group are considered to be ‘master’ limits and all other limits in the group are ‘sub’ limits. This distinction is important because it helps to monitor exposures across counterparty groups and to treat excesses. The total of the sub limits can, and often should, be greater than the master limit, as this enhances trading flexibility.
It is also increasingly important to set limits according to the residual maturity of the underlying transactions. Figure 2 shows how, within an overall limit (with a top residual maturity ceiling of five years) of £600,000, there are further limits of £250,000 for business with a residual maturity of more than one month and of £150,000 for business with a residual maturity of more than one year. Such an approach provides maximum control over riskier, longer-term loans, while still allowing larger volumes of short-term business.
Banks must also continue to set and adhere to limits reflecting the economic and political risks associated with a particular country. In practical terms, country limits are only needed for areas where such risks are considered significant, such as emerging markets. To be useful, country limits must be set lower than the sum of the limits of the individual customers based in that country.
The Basle Committee proposals state that banks should set limits by industry sector, geographic region and, overall, for specific products, as well as using traditional customer and country limits. In practice, these limits will tend to be more advisory than the customer limits, and may not necessarily be set for every geographic region. Traditionally, many banks have monitored their total exposures within these categories, but have not felt the need to set ceilings on their exposures to industry sectors, geographic regions or products. Today, however, with a greater understanding of the risk of contagion in, say, a particular industry, banks are realising the value of such limits.
Just as important as setting limits is calculating accurate exposures against them. A surprising number of banks set limits and hold them on spreadsheets, isolated from the exposure. Others may have a system to monitor limits and exposures, but continue to use the most basic methodologies to measure the exposure against their limits. For example, many banks still measure exposures against foreign exchange and derivative limits on the basis of the principal amounts involved, rather than of the replacement cost of each trade, or using a statistical approach. This means the exposures may be incorrect, and that the limits set to accommodate these types of exposures will be far higher than they should.
Banks must define the approaches to be used for calculating exposures against limits as part of their credit policy. The methodologies vary according to the type of product, and the availability of information in a bank’s computer systems. For current accounts and lending, the ledger balance provides an adequate measure. There has been some debate as to whether accruals should be measured as part of the exposure. Some banks have asserted they should not, as they would simply write off the interest if necessary. However, in principle, accruals should be considered as part of the credit exposure, since the default of the counterparty would almost certainly lead to the loss of the interest income. Admittedly, many banks currently have problems making this information available to their credit risk management system.
For issuer exposures on bonds and equities, the current market value forms the ideal exposure value. For unsettled trades on these products, the counterparty exposure should be based on the replacement cost of the trade, that is, the difference between the agreed sale or purchase price and the current market price.
More sophisticated measures are necessary for foreign exchange and derivatives. The most common acceptable approach is to calculate the exposure based on the replacement cost of the trade, plus an add-on value based on its nominal value. This add-on value is designed to reflect the potential for future adverse movements in the replacement cost. Traditionally, most banks have adopted a very broad-brush approach to determining the factors used in the add-on calculation. Many have used a similar approach to that used for capital adequacy purposes, where the add-on factor varies according to one of three time-bands and one of five broad product categories.
Banks need to take a more sophisticated approach to setting add-on factors, using a wider range of time bands and product categories, and varying the add-on factors according to the currencies involved. These factors should be based on the historical volatility of interest and exchange rates in each currency. However sophisticated the setting of add-on factors, this approach can never be a match for the use of a statistically based credit exposure calculation engine, employing techniques such as Monte Carlo simulation. This method can determine a full future profile over time of the exposure for a portfolio (see figure 3). The greatest exposure in the future profile, measured at a 95% or 99% confidence level, is normally used for comparison with the credit limit.
In most cases, this value is likely to be considerably lower than the traditional exposure. Stress tests should also be applied to credit exposures, using a range of real and hypothetical scenarios.
Once the exposure has been calculated, defined administration processes must be set up to monitor exposures against limits; review credit facilities prior to their approaching renewal; check the legal validity of elements, such as netting agreements; and update internal credit risk ratings. These should be used to identify potential problem customers as early as possible. Senior management should be informed, ideally at least monthly, of all new, increased and renewed limits.
As well as monitoring exposures to individual customers, banks must have a policy for monitoring concentrations of exposures in individual products, industries, countries, regions and connected counterparties. The key reason for monitoring concentration risk is the potential for adverse economic movements that may have a harmful effect on a whole area. Provided information is available on a global basis, a bank can perform this type of monitoring simply, using straightforward enquiry tools that summarise its exposure to, say, different industry sectors, on a percentage basis.
Over the limit
The other key area where clear, enforceable procedures are vital is when managing excesses, ie, when an exposure breaches the limit. A credit manager – rather than the relationship manager that deals directly with the customer – must take responsibility for approving an excess, to avoid any conflict of interests. There should also be an escalation process in place so that exceptionally large excesses are referred to the head of credit rather than to individual credit managers (see figure 4). Senior management should be informed – on at least a weekly basis – of all excesses, and should ensure an appropriate course of action is taken, normally via a formal summary report.
Credit risk monitoring and implementing a credit policy should not be the responsibility of the credit department alone. Senior management and members of the board must also take responsibility. They need to be able to understand the key issues quickly, which requires a clear presentation of the information. They should receive summary printed reports, and should be encouraged to use on-line systems capable of accessing the underlying information, to investigate any specific concerns rapidly and easily.
Too often, these basic principles are being ignored because banks are either not fully aware of the risks they are running or are not able to control those risks. For too long, in credit risk management, banks have relied on the knowledge inside people’s heads, but this approach is no longer adequate. Robust, global systems – which can facilitate the setting of limits, undertake all the necessary calculations and provide the triggers for monitoring – are essential. The skills of good quality credit personnel will remain important, especially in the credit approval process and in taking the correct actions when problems arise. The ideal solution is a mixture of the right system, the right advice to help implement that system and the right people in the bank to get the best out of the system, together with a coherent credit policy and clear procedures for its application.
Indecent exposure
Financial institutions are stepping up their credit risk management policies and implementing new measures to control credit limits. Geoff Bedser defines how these changes should be made
There has been an unprecedented amount of interest in the past few months in how banks formulate and operate their credit risk management policies. At the end of July, the Basle Committee on Banking Supervision issued a consultative paper, which outlines 17 basic principles to be followed in the credit risk management process.
All but two of these principles are directly concerned with implementing a credit policy. The paper, Principles for the management of credit risk, places much emphasis on the responsibility of senior management to formulate, agree and implement a structured credit policy. Some of the main areas covered by the paper concern credit approval processes, credit administration processes and procedures and the application of controls on problem areas. The paper also contains recommendations on how a bank should define its overall credit risk management strategy, which forms the starting point for a credit policy.
Banks seem to have realised it is in their interest to run a sensible, structured credit policy. For too long, too many of them have set credit limits in a disorganised, fragmented fashion. They have either used outmoded methodologies to calculate exposures against limits or have spent considerable time and effort to arrive manually at a global, consolidated view of their exposures. The problems encountered during the worldwide economic turmoil of late 1998 led many such banks to appreciate the benefits of a rational, pragmatic credit policy that can be implemented using the most appropriate systems and approaches.
Although the Basle paper says lending is the most obvious source of credit risk, it also emphasises that, in practice, credit risk arises from banking and trading activity both on and off the balance sheet. If anything, the paper does not emphasise enough the potential credit risk impact of off-balance sheet and other trading activity. Comments on this paper are required by November 30, which suggests that final rules are likely to be implemented by the middle of next year.
While the risk policy principles proposed by the Basle Committee are commendable, the key issue for most banks is how they should actually be put into practice.
When a bank’s credit committee (or similar body) comes to approve a credit line, it is essential that committee members have a thorough understanding of every aspect of the counterparty or borrower. An experienced credit analyst should be responsible for collating the relevant information from a variety of sources, including credit rating agencies, annual reports, market briefings and other sources, such as the Internet.
This approach highlights the importance not only of the basic ratings information provided by credit rating agencies, but also of more detailed profiles of banks and companies, provided by the organisations themselves. This is especially important in emerging markets, where there is a lack of accurate ratings data. Additionally, the information provided by rating agencies may not be kept up to date with the speed of downgrades, as happened during Russia’s financial crisis of August 1998. Even all the available information is no real substitute for first-hand knowledge gained by credit analysts and managers.
The essential output from the credit approval process is the setting of the bank’s credit limits. Some recent discussions have concluded that credit limits are insufficiently flexible and limit the scope of a bank’s traders, and that they should be replaced by sophisticated return on risk measures. Using this approach, traders are allowed to deal up to any level, provided they generate an adequate return to compensate for the risk taken. The greater the value of the trades, the higher the return demanded. But this can give rise to extra dangers by encouraging excessive leverage, and is too reliant on the use of value-at-risk measures. Limits are still needed to protect against event risk.
The vast majority of banks are not yet advanced enough in the use of return on risk methodologies, and are unlikely to be so for some time. For most banks, therefore, limits will still be vital to control the risk in all credit-related activity.
To monitor their banking and trading activity in a controlled fashion and on a global basis, banks must set multiple limits – by product, operational unit and customer subsidiary – for every customer or customer group. These limits are additional to the overall limits traditionally applied by banks for a whole customer group. For example, for a particular customer, there may be limits at several levels in a bank’s product hierarchy (see figure 1). Similarly, there may be separate limits for each subsidiary (or branch) of a customer that the bank trades a particular product with.
To maintain control over these multiple limit levels, the highest level limits applied to a particular customer group are considered to be ‘master’ limits and all other limits in the group are ‘sub’ limits. This distinction is important because it helps to monitor exposures across counterparty groups and to treat excesses. The total of the sub limits can, and often should, be greater than the master limit, as this enhances trading flexibility.
It is also increasingly important to set limits according to the residual maturity of the underlying transactions. Figure 2 shows how, within an overall limit (with a top residual maturity ceiling of five years) of £600,000, there are further limits of £250,000 for business with a residual maturity of more than one month and of £150,000 for business with a residual maturity of more than one year. Such an approach provides maximum control over riskier, longer-term loans, while still allowing larger volumes of short-term business.
Banks must also continue to set and adhere to limits reflecting the economic and political risks associated with a particular country. In practical terms, country limits are only needed for areas where such risks are considered significant, such as emerging markets. To be useful, country limits must be set lower than the sum of the limits of the individual customers based in that country.
The Basle Committee proposals state that banks should set limits by industry sector, geographic region and, overall, for specific products, as well as using traditional customer and country limits. In practice, these limits will tend to be more advisory than the customer limits, and may not necessarily be set for every geographic region. Traditionally, many banks have monitored their total exposures within these categories, but have not felt the need to set ceilings on their exposures to industry sectors, geographic regions or products. Today, however, with a greater understanding of the risk of contagion in, say, a particular industry, banks are realising the value of such limits.
Just as important as setting limits is calculating accurate exposures against them. A surprising number of banks set limits and hold them on spreadsheets, isolated from the exposure. Others may have a system to monitor limits and exposures, but continue to use the most basic methodologies to measure the exposure against their limits. For example, many banks still measure exposures against foreign exchange and derivative limits on the basis of the principal amounts involved, rather than of the replacement cost of each trade, or using a statistical approach. This means the exposures may be incorrect, and that the limits set to accommodate these types of exposures will be far higher than they should.
Banks must define the approaches to be used for calculating exposures against limits as part of their credit policy. The methodologies vary according to the type of product, and the availability of information in a bank’s computer systems. For current accounts and lending, the ledger balance provides an adequate measure. There has been some debate as to whether accruals should be measured as part of the exposure. Some banks have asserted they should not, as they would simply write off the interest if necessary. However, in principle, accruals should be considered as part of the credit exposure, since the default of the counterparty would almost certainly lead to the loss of the interest income. Admittedly, many banks currently have problems making this information available to their credit risk management system.
For issuer exposures on bonds and equities, the current market value forms the ideal exposure value. For unsettled trades on these products, the counterparty exposure should be based on the replacement cost of the trade, that is, the difference between the agreed sale or purchase price and the current market price.
More sophisticated measures are necessary for foreign exchange and derivatives. The most common acceptable approach is to calculate the exposure based on the replacement cost of the trade, plus an add-on value based on its nominal value. This add-on value is designed to reflect the potential for future adverse movements in the replacement cost. Traditionally, most banks have adopted a very broad-brush approach to determining the factors used in the add-on calculation. Many have used a similar approach to that used for capital adequacy purposes, where the add-on factor varies according to one of three time-bands and one of five broad product categories.
Banks need to take a more sophisticated approach to setting add-on factors, using a wider range of time bands and product categories, and varying the add-on factors according to the currencies involved. These factors should be based on the historical volatility of interest and exchange rates in each currency. However sophisticated the setting of add-on factors, this approach can never be a match for the use of a statistically based credit exposure calculation engine, employing techniques such as Monte Carlo simulation. This method can determine a full future profile over time of the exposure for a portfolio (see figure 3). The greatest exposure in the future profile, measured at a 95% or 99% confidence level, is normally used for comparison with the credit limit.
In most cases, this value is likely to be considerably lower than the traditional exposure. Stress tests should also be applied to credit exposures, using a range of real and hypothetical scenarios.
Once the exposure has been calculated, defined administration processes must be set up to monitor exposures against limits; review credit facilities prior to their approaching renewal; check the legal validity of elements, such as netting agreements; and update internal credit risk ratings. These should be used to identify potential problem customers as early as possible. Senior management should be informed, ideally at least monthly, of all new, increased and renewed limits.
As well as monitoring exposures to individual customers, banks must have a policy for monitoring concentrations of exposures in individual products, industries, countries, regions and connected counterparties. The key reason for monitoring concentration risk is the potential for adverse economic movements that may have a harmful effect on a whole area. Provided information is available on a global basis, a bank can perform this type of monitoring simply, using straightforward enquiry tools that summarise its exposure to, say, different industry sectors, on a percentage basis.
Over the limit
The other key area where clear, enforceable procedures are vital is when managing excesses, ie, when an exposure breaches the limit. A credit manager – rather than the relationship manager that deals directly with the customer – must take responsibility for approving an excess, to avoid any conflict of interests. There should also be an escalation process in place so that exceptionally large excesses are referred to the head of credit rather than to individual credit managers (see figure 4). Senior management should be informed – on at least a weekly basis – of all excesses, and should ensure an appropriate course of action is taken, normally via a formal summary report.
Credit risk monitoring and implementing a credit policy should not be the responsibility of the credit department alone. Senior management and members of the board must also take responsibility. They need to be able to understand the key issues quickly, which requires a clear presentation of the information. They should receive summary printed reports, and should be encouraged to use on-line systems capable of accessing the underlying information, to investigate any specific concerns rapidly and easily.
Too often, these basic principles are being ignored because banks are either not fully aware of the risks they are running or are not able to control those risks. For too long, in credit risk management, banks have relied on the knowledge inside people’s heads, but this approach is no longer adequate. Robust, global systems – which can facilitate the setting of limits, undertake all the necessary calculations and provide the triggers for monitoring – are essential. The skills of good quality credit personnel will remain important, especially in the credit approval process and in taking the correct actions when problems arise. The ideal solution is a mixture of the right system, the right advice to help implement that system and the right people in the bank to get the best out of the system, together with a coherent credit policy and clear procedures for its application.