Saturday, 3 September 2016

Realities of Risk Management in Financial Sectors

Md. Abdullah Al Mamoon, PMP

The International Monetary Fund (IMF) recently inquired about the updates on the high profile financial scams that took place since last one year and sent a letter to the Finance Ministry to know about the recovery drives undertaken by the Government for one of the largest scams. Three main financial scams namely Hall Mark Group (Sonali Bank), AB Trade Link (Basic Bank) and Bismillah Group (Janata Bank Limited, Prime Bank Limited, Shahjalal Islami Bank Limited, Jamuna Bank Limited and Premier Bank Limited) involved a disputed amount of more than Taka 90 billion.
All these scams revealed a common fact: irregularities and noncompliance in the process and procedure. And ironically none of these risks fall within any special categories where forecasting risks are sometimes beyond the control of the Banks. It wouldn’t a wrong presumption that there are more such unreported irregularities. 



There are risk management standards, policies, procedures, and reporting systems including globally recognized Basel Accord promulgated by Bangladesh Bank as mandatory compliances for all financial institutions. But the most important missing parameters are implementation and execution of these instructions at every financial institution, effectiveness of risks monitoring and reporting, and integrity of the reported information and reports submitted by the financial institutions to Bangladesh Bank and/or respective Regulators. 



Risks are inherent to any types of ventures irrespective of industries and even professional and personal life. Complete elimination of risks is an impossible proposition and not desirable either. But exposure to risks can surely be minimized. If it rains, none can stop the rain since it is a natural phenomenon and uncontrollable. But possibility of rain can be predicted and using an umbrella or other protective measures can minimize the chances of getting wet. So are the risks in most of the time. Merely from the example of rain, it can be easily deducted that there are inadequacies in forecasting risks, some of which may be intentional and some are due to the absence of appropriate technologies, tools and techniques, and trained human resources working in risks management. 

The most predominant risks in the financial industry are the Operational risks consist of people, process and IT Systems related risks. Unlike other types of risks like Market Risks and Foreign Exchange Risks, most of the operational risks are controllable since trigger of these risks are typically embedded in the functional processes. Tragically, most of the financial institutions don’t have well documented Process Manual or Operations Manual. Even if there is formally documented Operations Manual, it is shelved with care for satisfying internal and external auditors and regulators as a part of displaying compliance culture rather than implying to execution. In many cases, functional processes lack comprehension in terms of efficiency, service orientation, control mechanisms, and compliance to internal and regulatory polices and guidelines, which ultimately entail to huge risk exposures. 

There are independent Internal Control and Audit and Risk Management departments having direct supervisory linkage with the representatives of the Board of Directors in every financial institution as regulated by Bangladesh Bank. But risk management and audit processes are still very primitive and far behind the modern practices. There are huge inadequacies in tools and techniques and trained resources. Added to this is the tendency of the organizations to dump non-performing employees in the Internal Control and Audit department as the last resort of retention or ship-out. As a result, lapses in controls and other irregularities don’t get surfaced in many cases until a serious disaster takes place – let alone the cases of intentional forgery influenced by other entities including Politically Exposed Persons (PEPs). 

Risk management culture in Bangladesh is unfortunately testament to ‘Fire Fighting’ rather than structured and systematic approach to forecasting and management of risks. Despite of repeated financial scams involving huge disputed amount and reputation loss in the International market, management mindset towards risk management seriously lacks comprehension and awareness in manifolds. Risk management is perceived as the impediment to business growth and people working in risks management are considered as the ‘Alien’. Modernization of risks management systems, assigning good resources and providing training to existing resources in risks management are treated with the least priority among every other initiatives and investments in the organizations. Ultimately risks management in its true spirit has been a far-reaching reality in most of the organizations. 

One of the fundamental prerequisites of administering effective risks management is to have established and structured ‘Risk Database’. Risks are supposed to be forecasted, identified, analyzed for impacts, and accordingly determine the risks mitigation strategies for implementation. Unfortunately, there is no such data repository either at organizational level or within the Bangladesh Bank. This has caused very limited or no access to conduct trend analysis for forecasting the risks and define the corresponding probability and impacts. Although, as a part of the Basel Accord implementation, all Banks are to determine the ‘Risk Profile’ and accordingly preserve minimum amount as the coverage of the risks exposures (MCR-Minimum Capital Requirement), the accuracy and reliability of determining the MCR remains apprehensively doubtful. 

To strengthen the risks management practices, the first and foremost step is the changing mindset of the senior management including the Board of Directors and the regulators. It is imperative to have adequate trained resources and contemporary policies and functional processes in place with appropriate mechanism of monitoring and controlling the outcome. It is equally significant to ensure that set policies and processes are being aligned with the strategic objectives of the organizations for maximizing the returns on capitals of the shareholders while minimizing the exposures to risks. 

Technology can play the most crucial role and can be effectively leveraged in establishing appropriate risk management systems including establishment and management of centralized Risk Database at enterprise and national level. This will enormously empower the financial institutions and the regulators in performing global, country and industry trend analysis for forecasting the risks, analyzing the probability and impacts and proactively apply appropriate risks mitigation strategies. Most importantly, this would facilitate establishing an integrated risks management approach which would enable centralized control and monitoring of risks and allow organizations to take the risks exposures by choice, not by chance. 

Risk Management in this fastest moving and volatile global economy is no more a discretionary option – it is the fulcrum of every function of the organization including it resources. A risk-aware culture along with integrated risk management processes and systems that are adaptive to organizational strategy is the key to secure the growth and sustainability.

A modified version of this article has been published in the Financial Express on August 3, 2013.


Emailabdullah.mamoon@hotmail.com

No comments:

Post a Comment