REPORT PRESENTATION

CHAPTER 1
DEFINE THE RESEARCH PROBLEM Introduction to the concept
Risk management is present in all aspects of life; it is about the everyday trade-off between expected rewards on a potential danger. We, in the business world, often associate with some variability in financial outcomes. However the notion of risk is much larger. It is universal, in the sense that it refers to human behavior in decision making process.

Risk Management is a discipline at the core of every financial institution and encompasses all the activities that affect its risk profile. It involves identification, measurement, monitoring and controlling risks. The evolution of risk management as a discipline has been driven by market forces on the one hand and developments in banking supervision on the other, each side operating with the other in complementary and mutually reinforcing ways. Banks and other market participants have made many of the key innovations in risk measurement and risk management, but supervisors have often helped to adapt and disseminate best practices to a broader array of financial institutions. And at times, supervisors have taken the lead, for example, by identifying emerging issues through examinations and comparisons of peer institutions or by establishing guidelines that codify evolving practices. Contemporary banking organizations are exposed to a diverse set of market and non market risks, and the management of risk has accordingly become a core function within banks. Banks have invested in risk management for the good economic reason that their shareholders and creditors demand it. But bank supervisors, such as the Federal Reserve, also have an obvious interest in promoting strong risk management at banking organizations because a safe and sound banking system is critical to economic growth and to the stability of financial markets. Indeed,

identifying, assessing, and promoting sound risk-management practices have become central elements of good supervisory practice. The four key elements of sound risk management that are widely accepted today are, first, good corporate governance--that is, active oversight by the board and senior management; second, the consistent application of policies, procedures, and limits; third, the use of appropriate risk-measurement techniques and reporting; and, fourth, the adoption of comprehensive internal controls. The emerging Indian rural market is playing a big role in charting out a trend for the growth of banks. With the economy surging, the income levels have increased in rural areas. Agriculture income is on the rise. Rural market is not just for micro credit, it also possess tremendous potential for commercial banking. Till now rural banking was the forte of public sector banks which was more of an obligation than a well thought out banking initiative for the same. The dynamics of the rural market are changing, and so must the strategy of banks which has to inculcate the spirit of microfinance, credit for small enterprises along with commercial banking. Increased activity in the sector, globalization and deregulation of financial markets have resulted in enhanced volatility in interest and exchange rates, rapid growth of innovations and a reduction in barriers relating to business diversification. This has made managing risk the core activity of a banker. RBI has planned to implement Basel II norms by 31st March, 2007. The quantification and accounting of various risks would result in a more robust risk management system in industry. As we know Basel II has three pillars Capital adequacy requirement, Risk based supervision and Market disclosures. Banks need to carve out a road map in order to measure up to Basel II norms leading to an effective risk management system. Risk-management practices and bank supervision have both evolved over their long histories, but innovations in information technology and in financial markets have caused the pace of change to increase significantly over the past two decades. In particular, the management of market risk and credit risk has become increasingly sophisticated.

The Indian Banking industry, which is governed by the Banking Regulation Act of India, 1949 can be broadly classified into two major categories, non-scheduled banks and scheduled banks. Scheduled banks comprise commercial banks and the co-operative banks. In terms of ownership, commercial banks can be further grouped into nationalized banks, the State Bank of India and its group banks, regional rural banks and private sector banks (the old/ new domestic and foreign). These banks have over 67,000 branches spread across the country. The industry is currently in a transition phase. On the one hand, the PSBs, which are the mainstay of the Indian Banking system, are in the process of shedding their flab in terms of excessive manpower, excessive non-Performing Assets (NPAs) and excessive governmental equity, while on the other hand the private sector banks are consolidating themselves through mergers and acquisitions. PSBs, which currently account for more than 78 percent of total banking industry assets are saddled with NPAs (a mind-boggling Rs 830 billion in 2000), falling revenues from traditional sources, lack of modern technology and a massive workforce while the new private sector banks are forging ahead and rewriting the traditional banking business model by way of their sheer innovation and service. The PSBs are of course currently working out challenging strategies even as 20 percent of their massive employee strength has dwindled in the wake of the successful Voluntary Retirement Schemes (VRS) schemes. The private players however cannot match the PSBs great reach, great size and access to low cost deposits. Therefore one of the means for them to combat the PSBs have been through the merger and acquisition (M& A) route. Over the last two years, the industry has witnessed several such instances. For instance, HDFC Banks merger with Times Bank, ICICI Banks acquisition of ITC Classic, Anagram Finance and Bank of Madura. Centurion Bank, Indusind Bank, Bank of Punjab, Vysya Bank are said to be on the lookout. The UTI bank- Global Trust. Bank merger however opened a Pandoras box and brought about the realization that all was not well in the functioning of many of the private sector banks. Private sector Banks have pioneered internet banking, phone banking, anywhere banking, mobile banking, debit cards, Automatic Teller Machines (ATMs) and combined various other services and integrated them into the mainstream banking arena, while the PSBs are still grappling with disgruntled employees in the aftermath of successful VRS schemes. Also, following Indias commitment to

the WTO agreement in respect of the services sector, foreign banks, including both new and the existing ones, have been permitted to open up to 12 branches a year with effect from 1998-99 as against the earlier stipulation of 8 branches.

Introduction to the topic 8-22 pages Risk can be classified into

For example, in the area of market risk, advances in data processing have enabled more analytically advanced and more comprehensive evaluations of the interest rate risks associated with individual transactions, portfolios, and even entire organizations. Institutions of all sizes now regularly apply concepts such as duration, convexity, and option-adjusted spreads in the context of analyses that ten years ago would have taxed the processing capabilities of all but a

handful of large institutions. From the perspective of bank management and stockholders, the availability of advanced methods for managing interest rate risk leads to a more favorable risk-return tradeoff. For supervisors, the benefit is a greater resilience of the banking system in the face of a risk that figured prominently in some past episodes of banking problems. Other market risks are those inherent in trading and dealer activities. The management of such risks has also advanced significantly, in large part as a result of the growth and development of over-the-counter derivatives markets. Critical concepts such as value-at-risk and stress testing were pioneered and then became standard practice during the 1990s, advances that, again, were facilitated by the growth of computing power in that decade. Over the past few decades, banks' management of their capital-market risks has evolved from simple methods like the imposition of fixed position limits to increasingly sophisticated techniques that make use of extensive data analyses and a variety of new financial instruments. Supervisors have encouraged the continuous improvement of banks' systems for managing market risk by emphasizing that bankers bear responsibility for understanding and managing their risk profiles and by issuing guidance that, in some cases, includes industry advances in risk management. A case in point is the 1996 Market Risk Amendment to Basel I, in which supervisors incorporated industry innovations in the calculation of capital requirements

for market risk, including the linking of capital charges to the outputs of banks' own value-at-risk models.

Credit risk
The banking industry has also made strides in managing credit risk. Until the early 1990s, the analysis of credit risk was generally limited to reviews of individual loans, and banks kept most loans on their books to maturity. Today, credit-risk management encompasses both loan

reviews and portfolio analysis. Moreover, the development of new technologies for buying and selling risks has allowed many banks to move away from the traditional book-andhold lending practice in favor of a more active strategy that seeks the best mix of assets in light of the prevailing credit environment, market conditions, and business opportunities. Much more so than in the past, banks today are able to manage and control obligor and portfolio concentrations, maturities, and loan sizes, and to address and even eliminate problem assets before they create losses. Many banks also stress-test their portfolios on a business-line basis to help inform their overall risk management. To an important degree, banks can be more active in their management of credit risks and other portfolio risks because of the increased availability of financial instruments and activities such as loan syndications, loan trading, credit derivatives, and securitization. For example, trading in credit derivatives has grown rapidly over the last decade, reaching $18 trillion (in notional terms) in 2005. The notional value of trading in credit default swaps on many wellknown corporate names now exceeds the value of trading in the primary debt securities of the same obligors. Similarly, between 1990 and 2005, the market for loan syndications grew from $700 billion to more than $2.5 trillion, and loan trading grew from less than $10 billion to more than $160 billion. Asset-backed securitization has also provided a vehicle for decreasing concentrations and credit risk in bank portfolios by permitting the sale of loans in the capital markets, particularly loans on homes and commercial real estate. Risk-management principles are now ingrained in banks' day-to-day credit allocation activities. The most sophisticated banking organizations use risk-rating systems that characterize credits by both the probability of default and the expected loss given default. Consistent with the principles of the Basel II accord, the largest banks evaluate credit decisions by augmenting

expert judgment with quantitative, model-based techniques. For instance, lending to individuals once relied mainly on the personal judgments of loan officers and was thus highly labor-

intensive and subjective. Today, retail lending has become more routinized as banks have become increasingly adept at predicting default risk by applying statistical models to data, such as credit scores. Similarly, new analytical tools and techniques have made lending to corporate borrowers highly quantitative. Among these tools are models that estimate the risk-adjusted return on capital and thus allow lenders to price relevant risks before loan origination. Other tools include proprietary internal debt-rating models and third-party programs that use market data to analyze the risk of exposures to corporate borrowers that issue stock. Banks have also come to appreciate the importance of independent controls within the credit review and rating process. Innovations in technology have facilitated significant improvements in bank information systems, a development that the Basel II proposal also has encouraged. These systems increase the ability of bank management to identify, measure, and control key characteristics of portfolio risk.

Liquidity risk
Liquidity risk is considered a major risk for banks. It arises when the cushion provided by the liquid assets are not sufficient enough to meet its obligation. In such a situation banks often meet their liquidity requirements from market. However conditions of funding through market depend upon liquidity in the market and borrowing institutions liquidity. Accordingly an institution short of liquidity may have to undertake transaction at heavy cost resulting in a loss of earning or in worst case scenario the liquidity risk could result in bankruptcy of the institution if it is unable to undertake transaction even at current market prices. Banks with large off-balance sheet exposures or the banks, which rely heavily on large corporate deposit, have relatively high level of liquidity risk. Further the banks experiencing a rapid growth in assets should have major concern for liquidity. Liquidity risk may not be seen in isolation, because financial risk are not mutually exclusive and liquidity risk often triggered by consequence of these other financial risks such as credit risk, market risk etc. For instance, a bank increasing its credit risk through asset

concentration etc may be increasing its liquidity risk as well. Similarly a large loan default or changes in interest rate can adversely impact a banks liquidity position. Further if management misjudges the impact on liquidity of entering into a new business or product line, the banks strategic risk would increase.

Operational risk
Operational risk is the risk of loss resulting from inadequate or failed internal processes, people and system or from external events. Operational risk is associated with human error, system failures and inadequate procedures and controls. It is the risk of loss arising from the potential that inadequate information system; technology failures, breaches in internal controls, fraud, unforeseen catastrophes, or other operational problems may result in unexpected losses or reputation problems. Operational risk exists in all products and business activities. Operational risk event types that have the potential to result in substantial losses includes Internal fraud, External fraud, employment practices and workplace safety, clients, products and business practices, business disruption and system failures, damage to physical assets, and finally execution, delivery and process management. The objective of operational risk management is the same as for credit, market and liquidity risks that is to find out the extent of the financial institutions operational risk exposure; to understand what drives it, to allocate capital against it and identify trends internally and externally that would help predicting it. The management of specific operational risks is not a new practice; it has always been important for banks to try to prevent fraud, maintain the integrity of internal controls, and reduce errors in transactions processing, and so on. However, what is relatively new is the view of operational risk management as a comprehensive practice comparable to the management of credit and market risks in principles. Failure to understand and manage operational risk, which is present in virtually all banking transactions and activities, may greatly increase the likelihood that some risks will go unrecognized and uncontrolled.

Table 1.1: Internal risk factors

People *Employee collusion and fraud *Employee error *Employee misdeed *Employers liability *Employment law *Health safety *Industrial action *Lack Knowledge and skills *Loss of key personnel of Processes * Accounting error * Capacity risk * Contract risk * Misselling/suitability * Product complexity * Project risk * Reporting error error and * Transaction error * Valuation error Systems * Data quality * Programming error * Security breach * Strategic risks * System capacity * System compatibility * System delivery * System failure

* Settlement/payment * System suitability

Table 1.2: External risk factors

External * Legal Physical * Fire

* Money laundering * Outsourcing * Political * Regulatory * Supplier risk * Tax

* Natural disaster * Physical security * Terrorism * Theft

Settlement risk
Settlement risk is the risk that a settlement in a transfer system does not take place as expected. Generally this happens because one party defaults on its clearing obligations to one or more counterparts.

Legal risk
Legal risk is the risk that a transaction proves enforceable in law or because it has been inadequately documented. For example, cross border netting arrangements raise choice-of-law questions that cannot be easily resolved. Establishing a sound basis for the assertion of net exposures will, therefore require thorough legal preparation by the participants in netting schemes and netting providers.

Regulatory risk
Regulatory risk is the risk that a firms earnings, value and cash flows will be influenced adversely by unanticipated changes in regulation such as legal requirements and accounting rules. Thus, Risk Management should focus on the identification of these potential unanticipated events and on their possible impact on the financial performance of the firm and at the limit on its survival.

The management of the banking firm relies on a sequence of steps to implement a risk management system. These can be seen as containing the following four parts: (i) Standards and reports, (ii) Position limits or rules, (iii) Investment guidelines or strategies, (iv) Incentive contracts and compensation. In general, these tools are established to measure exposure, define procedures to manage these exposures, limit individual positions to acceptable levels, and encourage decision makers to manage risk in a manner that is consistent with the firm's goals and objectives.

(i) Standards and Reports

The first of these risk management techniques involves two different conceptual activities, i.e., standard setting and financial reporting. Underwriting standards, risk categorizations, and standards of review are all traditional tools of risk management and control. Consistent evaluation and rating of exposures of various types are essential to understand the risks in the portfolio, and the extent to which these risks must be mitigated or absorbed. The standardization of financial reporting is the next ingredient. Obviously outside audits, regulatory reports, and rating agency evaluations are essential for investors to gauge asset quality and firm level risk. These reports have long been standardized, for better or worse. However, the need here goes beyond public reports and audited statements to the need for management information on asset quality and risk posture. Such internal reports need similar standardization and much more frequent reporting intervals, with daily or weekly reports substituting for the quarterly GAAP periodicity.

(ii) Position Limits and Rules

A second technique for internal control of active management is the use of position limits, and/or minimum standards for participation. In terms of the latter, the domain of risk taking is restricted to only those assets or counterparties that pass some pre specified quality standard. Then, even for those investments that are eligible, limits are imposed to cover exposures to counterparties, credits, and overall position concentrations relative to various types of risks. While such limits are costly to establish and administer, their imposition restricts the risk that can be assumed by any one individual, and therefore by the organization as a whole. In general, each person who can commit capital will have a well-defined limit. This applies to traders, lenders, and portfolio managers. Summary reports show limits as well as current exposure by business unit on a periodic basis. In large organizations with thousands of positions maintained, accurate and timely reporting is difficult, but even more essential.

(iii) Investment Guidelines and Strategies

Investment guidelines and recommended positions for the immediate future are the third technique commonly in use. Here, strategies are outlined in terms of concentrations and commitments to particular areas of the market, the extent of desired asset-liability mismatching or exposure, and the need to hedge against systematic risk of a particular type. The limits described above lead to passive risk avoidance and/or diversification, because managers generally operate within position limits and prescribed rules. Beyond this, guidelines offer firm level advice as to the appropriate level of active management, given the state of the market and the willingness of senior management to absorb the risks implied by the aggregate portfolio. Such guidelines lead to firm level hedging and asset-liability matching. In addition, securitization and even derivative activity are rapidly growing techniques of position management open to participants looking to reduce their exposure to be in line with management's guidelines.

(iv) Incentive Schemes

To the extent that management can enter incentive compatible contracts with line managers and make compensation related to the risks borne by these individuals, then the need for elaborate and costly controls is lessened. However, such incentive contracts require accurate position valuation and proper internal control systems. Such tools which include position posting, risk analysis, the allocation of costs, and setting of required returns to various parts of the organization are not trivial. Notwithstanding the difficulty, well designed systems align the goals of managers with other stakeholders in a most desirable way.

RISK MANAGEMENT AND MONITORING PROCEDURES

In order to check possible abuse of banking channels for illegal and anti-national activities, the Board should clearly lay down a policy.

1) Internal control systems:

Duties and responsibilities should be explicitly allocated for ensuring that policies and procedures are managed effectively and that there is full commitment and compliance to an effective Know Your Customer program in respect of both exciting and prospective deposit accounts. Controlling offices of banks should periodically monitor strict adherence to the laid down policies and procedures by the officials at the branch level.

2) Terrorism finance:
Reserve Bank of India has been circulating list of terrorist entities notified by the government of India to banks so that banks may exercise caution if any transaction is detected with such entities. There should be a system at the branch level to ensure that such lists are consulted in order to determine whether a person / organization involved in a prospective or existing business relationship appears on such a list.

3) Internal Audit / inspection:

a) An independent evaluation of the controls for identifying high value transactions should be carried out at a regular basis by the internal audit function in the banks.

b)

Concurrent / internal auditors must specifically scrutinize and comment on the

effectiveness of the measures taken by branches in adoption of Know Your Customer norms and

steps towards prevention of money laundering. Such compliance report should be placed before the Audit Committee of the Board (ACB) at quarterly intervals.

4) Identification and reporting of suspicious transactions:

Banks should ensure that the branches and Head offices report transactions of suspicious nature to the appropriate law enforcement authorities designated under the relevant laws governing such activities. There should be well laid down systems for freezing of accounts as directed by such authority and reporting thereof to the Head office. There must be a quarterly reporting of such aspects and action taken there on to the ACB or the Board of Directors.

5) Record keeping:
Banks should prepare and maintain documentation on their customer relationships and transactions to meet the requirement of relevant laws and regulations to enable any transaction effected through them to be reconstructed. In the case of wire transfer transactions, the records of electronic payments and messages must be treated in the same way as other records in support of entries in the account. All financial transactions records should be retained for at least five years after the transaction has taken place and should be available for perusal and scrutiny of audit functionaries as well as regulators as and when required.

6) Training of staff and management:

It is crucial that all the operating and management staff fully understand the need for strict adherence to Know Your Customer norms. Banks must, therefore, have an ongoing training program so that staffs are adequately trained for their roles and responsibilities as appropriate to their hierarchical level in complying with anti-money laundering guidelines and for implementing Know Your Customer policies consistently.

Know Your Customer guidelines:

As part of Know Your Customer principle, Reserve Bank has issued several guidelines relating to identification of depositors and advised the banks to put in place systems and procedures to prevent financial frauds, identify money laundering and suspicious activities, and for scrutiny / monitoring of large value cash transactions. Instructions have also been issued from time to time advising banks to be vigilant while opening accounts for new customers to prevent misuse of the banking system for perpetration of frauds.

2.0 CHAPTER 2
RESEARCH DESIGN

1. Title of the study:

Risk Management in Banks at ICICI Bank.

2. Statement of the problem:

The banks face high risk in the conduct of its activities due to the financial nature of its transactions and its uncertain financial outcomes. So steps need to be taken to minimize these risks.

3. Review of Literature:
According to Crockford Neil - Risk management in Banks is the process of measuring, or assessing, risk and developing strategies to manage it. Strategies include transferring the risk

to another party, avoiding the risk, reducing the negative effect of the risk, and accepting some or all of the consequences of a particular risk. Richard. M. Heins defines Risk management in Banks as the process of identification, analysis and either acceptance or mitigation of uncertainty in investment decision-making. Essentially, risk management occurs anytime an investor or fund manager analyzes and attempts to quantify the potential for losses in an investment and then takes the appropriate action (or inaction) given their investment objectives and risk tolerance.

4. Objectives of the study:

To identify, and manage uncertainty in the conduct of various activities and transactions in the bank. To analyze the techniques for minimizing the risk in the banking business viz. interest rate risk, operational risk etc. To analyze the accounting standards applicable to the banks in India and internationally from the perspective of risk management. Widening as well as redirecting the scope of Internal Audit to evaluate the adequacy and effectiveness of risk management procedures and internal control systems in the banks calling for a risk based approach in the Internal Auditing. To define steps that should be proactively taken up to prevent risk in Internet Banking.

5. Scope of the Study:

Risk is present in all aspects of the business of a bank. So managing the risk is an important task for a bank. This study is limited to one particular branch only and the study is based on the risk management of this particular branch.

6. Operational Definition of Concepts:

Risk - Uncertainty that an asset will earn an expected rate of return, or that a loss may occur. Risk management - is the human activity which integrates recognition of risk, risk assessment, developing strategies to manage it, and mitigation of risk using managerial resources. Credit Risk - The possibility that the borrower will be unable to make regular payments of principal and interest, and may default. Interest Rate Risk - Risk that an interest earning asset will decline in value as market interest rates change. Liquidity Risk -Risk that a bank will have insufficient cash or marketable assets to meet needs of depositors and borrowers. Operations Risk - The possibility that a data processing failure from fire, other natural disaster, or from other causes (for example, a computer hacker gaining access to bank records) will impede or prevent a bank from maintaining normal service. Value at risk (VaR) It is a measure of how the market value of an asset or of a portfolio of assets is likely to decrease over a certain time period (usually over 1 day or 10 days) under usual conditions.

7. Methodology:

A. Type of Study:
Descriptive This is a fact finding investigation with adequate interpretation. It provides information for formulating more sophisticated studies. The researcher has no control over variables. He/she can only report the happenings.

B. Sources of Data:
The data used is collected from various sources that include primary data and secondary data.

Primary Data:
Primary data are obtained by a study specifically designed to fulfill the data needs of the problem at hand. Here primary data are obtained from personal discussions with the executives, staff and customers.

Secondary Data:
Secondary data are data which are not originally collected but rather obtained from published or unpublished sources. Here the sources of secondary data are company records, journals, websites, magazines, newspapers, etc.

8. Limitations of the study:

The study was limited to the information available in the particular branch. Time allowed for the study is limited. Study is limited to the bank premises only.

9. Chapter Scheme:

Chapter 1- Introduction:
This chapter includes an introduction to the Risk management in Banks at ICICI Bank.

Chapter 2- Research Design:

This chapter provides a plan of the study, which includes statement of the problem, need for study, review of the literature, objectives of the study, operational definition of concepts, scope of the study, methodology, limitation of the study, and overview of chapter scheme.

Chapter 3- Profile of Industry, and Company:

This chapter includes profile of Banking industry and a complete profile of ICICI BANK Ltd.

Chapter 4- Analysis of Data collected:

This chapter provides an analysis of the data collected with required interpretations. Tables and Graphs are used wherever necessary.

Chapter 5- Summary of Findings, Conclusions and Suggestions:

This chapter provides summary of findings under each objective, provide conclusion and offer suggestions based on the findings.

APPENDICES AND ANNEXURES

Profit and loss account and Balance sheet.

BIBLIOGRAPHY

3.0 CHAPTER 3
PROFILE OF THE ECONOMY

India's economy is on the fulcrum of an ever increasing growth curve. With positive indicators such as a stable 8 per cent annual growth, rising foreign exchange reserves of close to US$ 166 billion, a booming capital market with the popular "Sensex" index topping the majestic 14,000 mark, the Government estimating FDI flow of US$ 12 billion in this fiscal, and a more than 22 per cent surge in exports, it is easy to understand why India is a leading destination for foreign investment.

Growth of Mutual Funds in India:

Phase 1(1964 and 1987) o o The only player was the Unit Trust of India 8 funds were established (6 by banks and one each by LIC and GIC). The total assets Phase 11(1987 and 1993) under management had grown to Rs. 61.028/- crores at the end of 1994 and the number of schemes were 167 Phase III (1993 till date)

Entry of private and foreign sectors in the Mutual fund industry in 1993. Kothari Pioneer Mutual fund was the first fund to be established by the private sector in association with a foreign fund. As on August 2000, there were 33 funds with 391 schemes and assets under management with Rs. 1, 02,849 crores. The share of the private players has risen rapidly since then. The economy has grown by 8.9 per cent for the April-July quarter of 06-07, the highest first-quarter growth rate since '00-01. The growth rate has been spurred by the manufacturing sector, which has logged an 11.3 per cent rise in Q1 06-07, according to the GDP data released by the Central Statistical Organization. It was 10.7 per cent in the corresponding period of the last fiscal year. The GDP numbers come just weeks after the monthly IIP growth figures have touched 12.4 per cent. Agriculture, which accounts for nearly a quarter of the GDP, has also grown by a healthy 3.4 per cent, unchanged from the corresponding period of last fiscal. Other propellers of GDP growth for the first quarter this fiscal have been the trade, hotels, transport and communications sector which grew by 9.5 per cent and construction, which grew by 13.2 per cent. In the corresponding period of last fiscal, these sectors grew by 11.7 per cent and 12.4 per cent, respectively. Electricity also grew by 5.4 per cent this first quarter as opposed to 7.4 per cent in the same period last year. The overall growth in this sector was fuelled by growth in July and August. The services sector also grew by 10.6 per cent in the first quarter of 06-07. It was only 9.8 per cent last year in the same period. There has been exceptional growth rate in some specific industries, like commercial vehicles at 36 per cent, telephone connections, by 48.9 per cent and passenger growth in civil aviation by 32.2 per cent.

INDUSTRY PROFILE

The Indian Banking industry, which is governed by the Banking Regulation Act of India, 1949 can be broadly classified into two major categories, non-scheduled banks and scheduled banks. Scheduled banks comprise commercial banks and the co-operative banks. In terms of ownership, commercial banks can be further grouped into nationalized banks, the State Bank of India and its group banks, regional rural banks and private sector banks (the old/ new domestic and foreign). These banks have over 67,000 branches spread across the country. The industry is currently in a transition phase. On the one hand, the PSBs, which are the mainstay of the Indian Banking system, are in the process of shedding their flab in terms of excessive manpower, excessive non Performing Assets (NPAs) and excessive governmental equity, while on the other hand the private sector banks are consolidating themselves through mergers and acquisitions. PSBs, which currently account for more than 78 percent of total banking industry assets are saddled with NPAs (a mind-boggling Rs 830 billion in 2000), falling revenues from traditional sources, lack of modern technology and a massive workforce while the new private sector banks are forging ahead and rewriting the traditional banking business model by way of their sheer innovation and service. The PSBs are of course currently working out challenging strategies even as 20 percent of their massive employee strength has dwindled in the wake of the successful Voluntary Retirement Schemes (VRS) schemes. The private players however cannot match the PSBs great reach, great size and access to low cost deposits. Therefore one of the means for them to combat the PSBs have been through the merger and acquisition (M& A) route. Over the last two years, the industry has witnessed several such instances. For instance, HDFC Banks merger with Times Bank, ICICI Banks acquisition of ITC Classic, Anagram Finance and Bank of Madura. Centurion Bank,

Indusind Bank, Bank of Punjab, Vysya Bank are said to be on the lookout. The UTI bank- Global Trust. Bank merger however opened a Pandoras box and brought about the realization that all was not well in the functioning of many of the private sector banks. Private sector Banks have pioneered internet banking, phone banking, anywhere banking, mobile banking, debit cards, Automatic Teller Machines (ATMs) and combined various other services and integrated them

into the mainstream banking arena, while the PSBs are still grappling with disgruntled employees in the aftermath of successful VRS schemes. Also, following Indias commitment to the WTO agreement in respect of the services sector, foreign banks, including both new and the existing ones, have been permitted to open up to 12 branches a year with effect from 1998-99 as against the earlier stipulation of 8 branches.

COMPANY PROFILE
Established in the year 1906, ICICI Bank is an organization based on the traditional Indian values of service to the community. ICICI Bank is regarded as one of the well-run banks in the comity of Private Sector Banks in the country. The Bank has a unique history of 100 years of successful Banking and has stood the test of time by growing steadily, offering vast, varied and versatile services with a personal touch. Today, its good customer service, pre-eminent track record in House Keeping, adherence to Prudential Accounting norms, consistent profitability and adoption of modern technology for betterment of customer service have earned the Bank a place of pride in the Banking Community. The Bank has been richly endowed with a relatively young, dynamic and efficient manpower, which is the key factor of the Bank's success.Excellence in performance and uniqueness in customer service form the central core of the Bank's organizational culture. The growing confidence of its clientele is well reflected in the Bank's performance, in all critical areas of its operations all through the years. The Bank is a Private Sector Unit with 57.17% of Share Capital held by the Government of India. The Bank came out with its Initial Public Offer (IPO) in October 1997. The Bank's Net Worth stood at Rs.3,374.89 crore as on 31.03.2008. ICICI Bank is the first Private Sector Bank to publish the results under US GAAP. The Bank has been publishing the results under the US GAAP since 1998-99. The net profit of the Bank and its subsidiaries under US GAAP for the year 2004-05 stood at Rs. 435.89 crore against consolidated net profit of Rs.350.69 crore registered under Indian GAAP method. As on 31.03.08, the Bank has a highly dedicated team of 11,325 employees who have made the encouraging performance of the Bank possible by extending exemplary services to its

customers. The Bank will continue its endeavors in the development of human capital so as to provide unmatched services to its clientele. The Bank has better productivity levels than many of its peers in the Private sector. The details of the manpower position and the productivity is given below.

Manpower position:
Particulars No. of Employees Productivity (business per Employee) Net profit Per employee 3.00 5.06 4.98 3.95 4.13 Bank Industry 291.63 187 319.40 187 365.56 287.06 446.87 347.81 526.89 10837 10801 31.03.2004 10727 10734 10765 31.03.2007 31.03.2008 11325 31.03.2005 31.03.2006 31.03.2003 31.03.2004 31.03.2005 31.03.2006 31.03.2007 31.03.2008

In pursuit of niche banking with technology as the competitive edge, the Bank has drawn up an IT Plan to provide better service to its customers. All the branches of the Bank have been computerized and consequently, 100% of the Bank's business is computerized now. The Bank endeavors to provide high quality service to its customers. As on 30th September, 2008 , the aggregate business of the Bank stood at Rs. 66,022 crore comprising Rs. 38,017 CroreDeposits and Rs.28,004 Crore Advances . With its strategic business focus and innovation, the Bank is striving for bettei performance in the coming years. Its total business is set to cross Rs.70, 000 crore in March 2007. The Bank has anambitious plan to raise its total business level to Rs.1,00,000 crore by March 2009. Board of Directors: Chairman & Managing Director Executive Director Director (Govt. of India Nominee) Director (RBI Nominee) Shrl B Sambamurthy Shri K.L. Gopalakrishna Shrl Mukul Singhal Shri. M A Srinivasan

Directors

Shrl CH Hanumantha Rao Shri D N Prakoah Shri S Ravl Dr.C. Ramakrishna Kamath Shri P.M. Sirajuddin Shri Hiren Mehta

General Managers Shri M. Narendra Shri A, Mohan Rao Shri V.A. Mendonsa Shri N.N. Pal Shri M.R. Nayak Shri K.A. Kamath Deputy General Managers Shri M D Kamath Shri Shri K. Ramamurthy Shri M.P. Kunju Shri K.R. Shanoy Shri Sudhakar N. Bhat Shri Ramachandra Nayak Shri P.R. Karanth Shrl H.M.A. Khan Shrl M.R. Kamath . N. Radhakrlshna Shet Shri C.V.R. Rajendran Shri S. Satlsh Nayak Shri B.N. Satlsh Shri C.G. Pinto Shri H.S. Saini Shri B. Narayana Shenoy Shri K.V. Raghaya Kamath Shri Y.S, Jain Shri K.P.Rao Shri T.M. Lakshmikanthan Shri U.S. Bhat Shri U.B. Bhat Shri K. Rama Murthy Shri H. Mehaboob All Khan

Fixed Ratings reflect ICICI Bank's sound capital position, superior asset quality and healthy track record of profitability and superior

management by the strong liquidity position of the Bank and its status as a Government owned institution.

AWARDS WON: National Award for Assistance to Exporters from the President of India (1976-77) Gem & Jewellery Export Promotion Council Award successively for 5 years from 1981 to 1985 Shiromani Award 1992 for Banking from Union Minister for Commerce Best Bank Award for Excellence in Banking Technology from Institute for Development and Research in Banking Technology (IDRBT), Hyderabad (2001) Best Bank Award for Innovative Usage and Application on INFINET (Indian Financial Network) from Institute for Development and Research in Banking Technology (IDRBT), Hyderabad (2002) Best Bank Award for Delivery Channels from Institute for Development and Research in Banking Technology (IDRBT), Hyderabad (2003) Runner-up Awards in the "Best Online and Multi-channel Banking Team" and "Outstanding achiever of the year-corporate" categories in recognition of outstanding achievement in Banking Technology for 2004, instituted under the aegis of Indian Banks Association and Trade Fairs & Conferences International.

MAJOR RECOGNITIONS One of the Best 200 companies world over outside the US having a turnover under a billion US$ - Forbes Global, Hongkong, issue dated 27th October, 2003 India's Best Public Sector Bank - Business Today - KPMG Survey dated 7th December, 2003

 India's Strongest and Asia's Second Strongest - The Asian1 Banker, Singapore dated 15th December, 2003 India's Best Public Sector Bank - Outlook Money , 15th March, 2004

One among the Best 200/100 companies in Asia/Pacific and Europe

Analysing primary or secondary data in detail Questionare (framed 24 in total) One among the Best 200/100

Profitability ratios or stock trading whichever is best companies in Asia/Pacific and Europe

having turnover under a billion US$-forbes Global, Hongkong, issue dated 1st November, One among India's Best Public Sector Banks - Business Today, 26th February, 2006 Branch Network Select a link Zone wise Branches Presently, the Bank has a network of 907 Branches, 47 Extension Counters and 19 currency chests covering 21 States-and 2 Union Territories of the country. The Bank has 929 online interconnected ATMs spread across the country. The Bank has its' presence in 96 centers out of 100 top centers in the country. It has a Specialized Branch network of 140 Branches, which are designed to cater exclusively to the banking needs of different segments like Personal Segment, Trade & Commercial Segment, Small Scale Industry, Large and Medium Industrial Units, Non-Resident Indians, Housing Sector and Export & Import Segment.

Types of Loans provided by the bank:

Consumption loan Housing loan Vehicle loan Business loan Merchant loan Self employment/ professional loan Contractors Education loan Gold loan Education institutions Cash credit In this consumption loan is the most moving one. Bank has the demand draft facility which can be changed any where in India in a low rate. All the branches of the bank are computerized.

SWOT Analysis: STRENGTHS

High quality services Power strategies and competitive edge Good customer relationship A well trained and motivated workforce

WEAKNESS
Lack of highly sophisticated techniques

OPPORTUNITIES
Booming economic condition in the economy Globalization and liberalization policies open new opportunities

THREATS
High competition in the market Advancement of new technologies Attrition of skilled resources

CHAPTER 4
ANALYSIS & INTERPRETION

DATA ANALYSIS

RISK MANAGEMENT IN BANKS

The banks face high risk in the conduct of its activities due to the financial nature of its transactions and its uncertain financial outcomes. So steps need to be taken to minimize these risks. The main objective of this study is to identify, and manage uncertainty in the conduct of various activities and transactions in the bank. This is a descriptive study and the data is collected from primary and secondary sources. Acceptance of deposits and maintenance of deposit accounts is the core activity in any bank. The very basic legal interpretation of the word banking as defined in the Banking Regulatory Act 1949 means accepting deposits of money, for the purpose of lending or investment from the public, repayable on demand or otherwise, and withdraw able by cheque, draft, order or otherwise. Thus, deposits are the major resource and mainstay of a bank and the main objective of a bank are to mobilize adequate deposits. In order to strengthen the capital base of banks and in keeping with recommendations made by the Basle committee on Banking Regulations and Supervisory Practices, the Reserve Bank of India has introduced Capital to Risk Assets Ratio (CRAR) system for commercial banks in India as a capital adequacy measure way back in 1993. The fundamental objectives that underlay behind this principle are, firstly that the framework should serve to strengthen the soundness and stability of the banking system, and, secondly that the framework should be fair, and have a degree of consistency in its application to banks operating at different levels.

The urban co-operative banks are performing same banking functions as commercial banks and are exposed to similar risks in the operations, non applications of capital adequacy norms to urban co-operative banks undermines the stability of the whole banking system. It has therefore been found necessary to extend capital adequacy norms. ie; Capital to Risk Assets Ratio (CRAR) to urban co-operative banks in a phased manner commencing from 31st march 2002.

Accordingly, urban co-operative banks are required to adhere to capital adequacy norms in a phased manner. The urban banks are now operating in a fairly regulated environment and are required to determine their own interest rates on deposits and interest on the advances are subject to only the Minimum Lending Rate (MLR) prescription. The interest rates on banks investments in Government and other permissible securities are also now market related. Intense competition for business involving both assets and liabilities together on the management of banks to maintain an optimal balance between spreads profitability and long-term viability. The unscientific and ad-hoc pricing of deposits in the context of competition and alternative avenues for the borrowers, results in inefficient deployment of resources. At the same time imprudent liquidity management can put banks earning and reputation at greater risk. These pressures call for a comprehensive approach towards management of banks balance sheets and not just ad hoc action. The managements of urban co-operative banks have to base their business decisions on sound risk management systems with the ultimate objective of protecting the interest of depositors and stake holders. It is, therefore, important that urban co-operative banks introduce effective Asset Liability Management (ALM) systems to address the issues related to liquidity, interest rate and currency risk. Funds Management is the most crucial issue. Banks will have to take prudent decisions relating to asset liability mismatches. Liquidity management is an integral part of the funds management. If the technology helps to reduce the lead time for collection and payment of cheques at banks, it not only helps the clients to increase their cash management but also helps the banks to increase their liquidity. Receivables management is a major treasury function in the corporate sector. If the lead time in debtor's receivables period is reduced, the corporates will be able to reduce their working capital requirements. The "Lockbox Banking" is one of the ways for a better cash management. But it should not lead to fraudulent encashment of cheques. Both anks and clients have to follow certain precautionary measures in their cash management system.

B u s

Risk matrix of a bank An out line.

Hig Extre Me Mediu Very Lo Low Medi High Low Med Hig I h high mely diu m High w um Riskn ium h High m Risk e Risk
S S

Control Risks

CREDIT RISK MANAGEMENT

In the global scenario, the increased credit risk arises due to two reasons. Banks have been forced to lend to riskier clients because well rated corporates have moved away from banks as they have access to low cost funds through disintermediation. The other reason is the lurking fear of global recession. Recession in the economy could lead to low industrial output which may lead to defaults by the industry under recession culminating into credit risk. Hence, the markets are in search of new credit risk management models. Credit derivatives which were a new innovation in the market stood the real test in 1997 during the Asian financial crisis. In the recent times, we have witnessed runs on the banks - mainly the Urban Cooperative Banks like Madhavpura Coop Bank in Gujarat/Mumbai, Charminar Bank, a scheduled bank in Hyderabad and many others. When the banks give the signals of distress, the depositors panic and run for their money. As per the existing rules, Deposit Insurance and Credit Guarantee Corporation of India (DICGC) guarantees the depositors' money up to one lakh rupees subject to certain conditions. Till now, the banks used to pay the insurance premium for the deposits they hold to get insurance coverage from DICGC. Now the committee set up by the RBI under the Chairmanship of J Capoor suggested that the risk premium is to be paid which is sensitive to the probability of the bank in question going bankrupt. It is the overall responsibility of banks Board to approve banks credit risk strategy and significant policies relating to credit risk and its management which should be based on the

banks overall business strategy. To keep it current, the overall strategy has to be reviewed by the board, preferably annually. The responsibilities of the Board with regard to credit risk management shall, include : a) Delineate banks overall risk tolerance in relation to credit risk. b) Ensure that banks overall credit risk exposure is maintained at prudent levels and consistent with the available capital. c) Ensure that top management as well as individuals responsible for credit risk management possess sound expertise and knowledge to accomplish the risk management function. d) Ensure that the bank implements sound fundamental principles that facilitate the identification, measurement, monitoring and control of credit risk. e) Ensure that appropriate plans and procedures for credit risk management are in place. The very first purpose of banks credit strategy is to determine the risk appetite of the bank. Once it is determined the bank could develop a plan to optimize return while keeping credit risk within predetermined limits. The banks credit risk strategy thus should spell out a) The institutions plan to grant credit based on various client segments and products, economic sectors, geographical location, currency and maturity. b) Target market within each lending segment, preferred level of diversification/concentration. c) Pricing strategy. It is essential that banks give due consideration to their target market while devising credit risk strategy. The credit procedures should aim to obtain an in depth understanding of the banks clients, their credentials & their businesses in order to fully know their customers. The strategy should provide continuity in approach and take into account cyclic aspect of countrys economy and the resulting shifts in composition and quality of overall credit portfolio. While the strategy would be reviewed periodically and amended, as deemed necessary, it should be viable in long term and through various economic cycles. The senior management of the bank should develop and establish credit policies and credit administration procedures as a part of overall credit risk management framework and get those approved from board. Such policies and procedures shall provide guidance to the staff on various types of lending including corporate, SME, consumer, agriculture, etc.

Banks have to make sure that the credit is used for the purpose it was borrowed. Where the obligor has utilized funds for purposes not shown in the original proposal, institutions should take steps to determine the implications on creditworthiness. In case of corporate loans where borrower own group of companies such diligence becomes more important. Institutions should classify such connected companies and conduct credit assessment on consolidated/group basis. In loan syndication, generally most of the credit assessment and analysis is done by the lead institution. While such information is important, institutions should not over rely on that. All syndicate participants should perform their own independent analysis and review of syndicate terms. The measurement of credit risk is of vital importance in credit risk management. A number of qualitative and quantitative techniques to measure risk inherent in credit portfolio are evolving. To start with, banks should establish a credit risk rating framework across all type of credit activities. Among other things, the rating framework may, incorporate: Business Risk Industry Characteristics Competitive Position (e.g. marketing/technological edge) Management

Financial Risk
Financial condition Profitability Capital Structure Present and future Cash flows

Internal Risk Rating.

Credit risk rating is summary indicator of a banks individual credit exposure. An internal rating system categorizes all credits into various classes on the basis of underlying credit quality. A well-structured credit rating framework is an important tool for monitoring and controlling risk

inherent in individual credits as well as in credit portfolios of a bank or a business line. The importance of internal credit rating framework becomes more eminent due to the fact that historically major losses to banks stemmed from default in loan portfolios. While a number of banks already have a system for rating individual credits in addition to the risk categories prescribed by SBP, all banks are encouraged to devise an internal rating framework. An internal rating framework would facilitate banks in a number of ways such as a) Credit selection b) Amount of exposure c) Tenure and price of facility d) Frequency or intensity of monitoring e) Analysis of migration of deteriorating credits and more accurate computation of future loan loss provision f) Deciding the level of Approving authority of loan.

OPERATIONAL RISK MANAGEMENT

The Basle committee formulated new rules on the capital adequacy, which are supposed to be introduced from 2005. The major issue of Basle II recommendations is the operational risk. Banks are yet to get clarity on the issues which are to be included in operational risk. System vendors have identified that a proper workflow and process automation would help reduce and detect errors. Apart from automating, right levels of audit and control are to be introduced to

reduce operational risk. Increased operational efficiency of the system would reduce operational risk. Ultimate accountability for operational risk management rests with the board, and the level of risk that the organization accepts, together with the basis for managing those risks, is driven from the top down by those charged with overall responsibility for running the business. The board and executive management should ensure that there is an effective, integrated operational risk management framework. This should incorporate a clearly defined organizational structure, with defined roles and responsibilities for all aspects of operational risk

management/monitoring and appropriate tools that support the identification, assessment, control and reporting of key risks. Board and executive management should recognize, understand and have defined all categories of operational risk applicable to the institution. Furthermore, they should ensure that their operational risk management framework adequately covers all of these categories of operational risk, including those that do not readily lend themselves to measurement. Operational risk policies and procedures that clearly define the way in which all aspects of operational risk are managed should be documented and communicated. These operational risk management policies and procedures should be aligned to the overall business strategy and should support the continuous improvement of risk management. All business and support functions should be an integral part of the overall operational risk management framework in order to enable the institution to manage effectively the key operational risks facing the institution.

Line management should establish processes for the identification, assessment, mitigation, monitoring and reporting of operational risks that are appropriate to the needs of the institution, easy to implement, operate consistently over time and support an organizational view of operational risks and material failures. Banks should identify and assess the operational risk inherent in all material products, activities, processes and systems and its vulnerability to these risks. Banks should also ensure that before new products, activities, processes and systems are introduced or undertaken, the operational risk inherent in them is subject to adequate assessment procedures. While a number of techniques are evolving, operating risk remains the most difficult risk category to quantify. It would not be feasible at the moment to expect banks to develop such measures. However the banks could systematically track and record frequency, severity and other information on individual loss events. Such a data could provide meaningful information for assessing the banks exposure to operational risk and developing a policy to mitigate / control that risk. Management need to evaluate the adequacy of countermeasures, both in terms of their effectiveness in reducing the probability of a given operational risk, and of their effectiveness in reducing the impact should it

occur. Where necessary, steps should be taken to design and implement cost-effective solutions to reduce the operational risk to an acceptable level. It is essential that ownership for these actions be assigned to ensure that they are initiated. Risk management and internal control procedures should be established by the business units, though guidance from the risk function may be required, to address operational risks. While the extent and nature of the controls adopted by each institution will be different, very often such measures encompass areas such as Code of Conduct, Delegation of authority, Segregation of duties, audit coverage, compliance, succession planning, mandatory leave, staff compensation, recruitment and training, dealing with customers, complaint handling, record keeping, MIS, physical controls, etc. An effective monitoring process is essential for adequately managing operational risk. Regular monitoring activities can offer the advantage of quickly detecting and correcting deficiencies in the policies, processes and procedures for managing operational risk. Promptly detecting and addressing these deficiencies can substantially reduce the potential frequency and/or severity of a loss. There should be regular reporting of pertinent information to senior management and the board of directors that supports the proactive management of operational risk.

LIQUIDITY RISK MANAGEMENT

When economy is in recession, every one focuses on the performance of the manufacturing sector and other related corporate sectors. Actually economic slowdown creates a cumulative effect on the banking sector. The liquidity in the financial markets largely depends both on the supply and demand sides. During the year 2001, there was a significant spurt in deposit growth because of various reasons like poor performance of mutual funds, UTI fiasco, failure of many NBFCs, stock market scams etc. With this back drop, the investors' confidence in banks has gone up. This has caused a gradual influx of deposits into the banking system increasing the supply side. The economic slow down both in domestic as well as international side resulted in a sluggish growth in the manufacturing and service sectors. Consequently, the credit off take in the banking sector was not at the desired levels resulting in low demand for funds. Low credit off take coupled with an influx of deposits created an excess liquidity in the banking system in 2001.

Banks and primary dealers used to get refinance for their specific activities at a fixed rate. The RBI "de-regulated" the refinance facility and introduced the concept of Liquidity Adjustment Facility (LAF) in phases through its mid term review of Monetary Policy in 2001. Introduction of LAF will change the equation in money market functioning. As LAF is expected to develop a stable overnight rate, the market will be encouraged to take a view over a long period, which will help develop the rupee yield curve. The liquidity of the banking system has drawn less attention compared to the importance given by the system to capital adequacy. Maturity transformation and the provision of liquidity insurance are core banking businesses. There are two separate, but interrelated dimensions to a bank's liquidity to meet the short term needs borrowing from the market to meet any liquidity pressure; and selling high quality assets to the market. Hence, liquidity management depends on the business more than the structure of the balance sheet of the bank. The prerequisites of an effective liquidity risk management include an informed board, capable management, and staff having relevant expertise and efficient systems and procedures. It is primarily the duty of board of directors to understand the liquidity risk profile of the bank and the tools used to manage liquidity risk. The board has to ensure that the bank has necessary liquidity risk management framework and bank is capable of confronting uneven liquidity scenarios. An effective measurement and monitoring system is essential for adequate management of liquidity risk. Consequently banks should institute systems that enable them to capture liquidity risk ahead of time, so that appropriate remedial measures could be prompted to avoid any significant losses. It needs not mention that banks vary in relation to their liquidity risk (depending upon their size and complexity of business) and require liquidity risk measurement techniques accordingly. For instance banks having large networks may have access to low cost

stable deposit, while small banks have significant reliance on large size institution deposits. However, abundant liquidity does not obviate the need for a mechanism to measure and monitor liquidity profile of the bank. An effective liquidity risk measurement and monitoring system not only helps in managing liquidity in times of crisis but also optimize return through efficient utilization of available funds.

MARKET RISK MANAGEMENT

Financial institutions may be exposed to Market Risk in variety of ways. Market risk exposure may be explicit in portfolios of securities / equities and instruments that are actively traded. Conversely it may be implicit such as interest rate risk due to mismatch of loans and deposits. Besides, market risk may also arise from activities categorized as off-balance sheet item. Therefore market risk is potential for loss resulting from adverse movement in market risk factors such as interest rates, forex rates, equity and commodity prices. Interest rate risk arises when there is a mismatch between positions, which are subject to interest rate adjustment within a specified period. The banks lending, funding and investment activities give rise to interest rate risk. The immediate impact of variation in interest rate is on banks net interest income, while a long term impact is on banks net worth since the economic value of banks assets, liabilities and off-balance sheet exposures are affected. Consequently there are two common perspectives for the assessment of interest rate risk. a) Earning perspective: In earning perspective, the focus of analysis is the impact of variation in interest rates on accrual or reported earnings. This is a traditional approach to interest rate risk assessment and obtained by measuring the changes in the Net Interest Income (NII) or Net Interest Margin (NIM) i.e. the difference between the total interest income and the total interest expense.

b) Economic Value perspective: It reflects the impact of fluctuation in the interest rates on economic value of a financial institution. Economic value of the bank can be viewed as the present value of future cash flows. In this respect economic value is affected both by changes in future cash flows and discount rate used for determining present value. Economic value perspective considers the potential longer-term impact of interest rates on an institution.

Interest rate risk occurs due to (1) differences between the timing of rate changes and the timing of cash flows (re-pricing risk); (2) changing rate relationships among different yield curves effecting bank activities (basis risk); risk). (3) changing rate relationships across the range of maturities (yield curve risk); and (4) interest-related options embedded in bank products (options

Managing the Interest Rate Risk Better

With the advancement in the Indian interest rate derivatives market, the banks are becoming better equipped to manage their interest risk. Interest rate swaps, forward rate agreements (FRA), and recently introduced interest rate futures are alternative hedging vehicles. Fine tuning these products and introduction of new products will give banks more choices. In order to lower the interest rate risk, the bank can take the following:

Interest Rates Swaps and Forward Rate Agreements (FRA)

Overnight Index Swaps and Reuters benchmark of Yield to Maturity on liquid benchmark government securities swaps from the Indian market provide good hedge against a Government-Securities yields. But the limitation of the swap markets is their lack of volume and high impact cost. The OIS swap market typically witnesses around 15-20 market participants and daily volumes are around Rs.100crores. it is also to be noted that the players in the swap market are primarily banks who are exposed to interest rate risk. So if they all come forward to hedge

their portfolio then the market will be one sided. So this market is of limited use unless some other players enter the market.

Interest Rate Futures

Interest rate futures on notional T-bills, zero-coupon bonds are the instruments which are worldwide considered to be ideal hedge vehicles for interest rate risks management, because they provide a counterparty risk free way of locking in the price of a bond at a future point in time. Since the inception of the futures on around 50% of the trading days the direction of future price change is opposite to that of the direction of price change in the 10-year benchmark security and the futures price is also considerably more volatile than the bond price. This leads for substantial basis risk for the hedger. This asynchronous movement can at least partly be

explained by the valuation of interest rate futures, for which the NSE zero-coupon rates are used which do not closely reflect the market. To increase popularity of the interest rate futures to hedgers, banks, should be allowed to trade in interest rate futures. To encourage retail participants in the Government securities segment, market players should consistently offer two way quotes. Using NSEs zero-coupon curve introduces significant basis risk in the pricing of interest rate futures. Using Yield to Maturity as the benchmark for pricing of underlying instruments will align futures price with the market.

Floating Rate Government Securities

Over the last few years RBI has attempted to reduce the redemption pressure on Government of India at maturity of bonds by elongating maturity profile of government issuances. This has lead to a higher systematic market risk. In order to achieve a targeted risk

profile RBI may increase the issuance of floating rate bonds. Long maturity debts with shortterm resets will enable them to take advantage of lower interest rates while smoothening the redemption profile. Till September 2003 RBI has issued the above floating rate bonds. The interest rates on these floaters are calculated by adding a mark-up to a variable base rate, where the mark-up is decided through auction. Only 3% of RBIs outstanding government securities is in the form of floaters. RBI may consider increasing this proportion to about 25% of its government stock. With a sizable portion of the outstanding fixed rate government securities stock swapped against newly issued floating rate bonds, the interest rate risk can be managed better.

Table 4.1

Floating rate Government Securities

Issue size (cr) 2000 3000

Auction Date Maturity 14-11-04 05-01-05 2009 2020

23-05-06 05-08-06

2017 2014 Total

5000 6000 I6000

Sale of Long-tenor Government securities

Life Insurance Corporation of India and Employees Provident Fund typically hold longer tenor government securities as compared to the banking system. Assuming the composition has not changed much in the last one and half years, the banking system can try to sell the longer maturity investments. By pricing aggressively, banks will find counterparties outside the banking system even in the current one sided market conditions. However this will merely shift the interest rate risk outside the banking system; but the economy as a whole will have to bear the burnt of an interest rate hike.

Disclosures and Regulation to ensure better interest rate risk management should be made compulsory by the RBI:

Ratio of fixed and floating rate assets to total assets. Share of trading and banking book among assets Interest rate sensitivity of the assets and liabilities- VaR or duration, separately for banking and trading books

Risk arising from optionality in bonds with embedded options for credit and investment portfolios Fair value of all assets Overall impact of strategy in Interest Rate risk

FOREIGN EXCHANGE RISK MANAGEMENT

Foreign exchange portfolio is exposed to fluctuations in the currency values and adverse movement in a currency in which the bank has an open position. Spot, forward or a combination of the two, could lead to sudden deterioration in the portfolio. The mismatch can also arise from the interest rate differential or maturity mismatches. Default in counterparty settlement is also considered to be a risk in foreign exchange. The other risks associated includes Hersatt or time zone risk, which arises out of time lag in settlement in one currency in one center and settlement of another currency in another center. The forex transactions with counter party from another country also trigger country risk.

The issues which require attention in managing foreign exchange risk are: Nature and magnitude of risk:
It would be necessary to examine the purchasing power parity relationship, which says exchange rate changes are determined by inflation differentials. The uncovered interest parity means that forward exchange rate is the best and unbiased predictor of future spot rates under risk neutral situation.

Managing foreign exchange risk

An essential prerequisite is fixation of position limits- daylight and overnight limit. The daylight limit is higher owing to the fact that is easier to manage exchange risk when the market is open and the bank requires a higher limit to accommodate business flows. Overnight limit is subject to uncertainty and is comparatively lower. The next stage is to allocate the limits to different centers of the bank. The monitoring of the limit is to be done on a real time basis.

Tools and Techniques

Forwards, futures, money market instruments and the like are available for hedging of foreign exchange risk enabling the banks to take long/short position, depending upon the situation.

Value at Risk
Value at Risk (VaR) is technically defined as the Loss amount, accumulated over a certain period that is not exceeded in more that a certain percentage of all time. For example, VaR 99percent, 1week) is equal to the loss amount, accumulated over one week, that is not exceeded in more than one percent of all time. For measuring VaR one relies on a model of random changes in the prices of underlying instruments- interest rate changes, changes in foreign exchange rates etc. and a model for computing sensitivity of derivatives prices relative to the prices of underlying instruments. In all these, one has to remember that a VaR measure is merely a benchmark for relative judgments, such as the risk of one portfolio relative to another. Even if accurate, comparisons such as these are specific to a time horizon. VaR has three parameters:

The time horizon (period) to be analyzed (i. e. the length of time over which one plans to hold the assets in the portfolio - the "holding period"). The typical holding period is 1 day, although 10 days are used, for example, to compute capital requirements under the European Capital Adequacy Directive (CAD). For some problems, even a holding period of 1 year is appropriate.

The confidence level at which the estimate is made. Popular confidence levels usually are 99% and 95%.

The unit of the currency which will be used to denominate the value at risk (VaR).

The VaR is the maximum amount at risk to be lost from an investment (under 'normal' market conditions) over a given holding period, at a particular confidence level. As such, it is the converse of shortfall probability, in that it represents the amount to be lost with a given probability, rather than the probability of a given amount to be lost.

Graph 4.1: Risk Prioritization Grid of a Bank

Monitoring, Account C Other Sanction T Drafts fee S A based H High L Frequency High potential FeeAccount Advances Deposits & Support opening Risk follow-up r services disbursal R e c i operations o priority e c g w areas risk k d u o h e i n r u r t o i n s l t a o y i p g n p y g r a i s a l

From the analysis it is concluded that high priority risk areas are the credit appraisal, accounting,account operations and drafts and risk potential is upward and frequency is downward.

Graph: 4.2 Percentage of Banks having systems for Operational Risk Management
From the above analysis it is concluded that public sector is higher than the private sector but lower than the foreign banks.

Graph : 4. 3 Percentage of Banks maintaining operational Loss Data

From the analysis it is concluded that foreign banks are higher than the public sector banks and private banks in business and activity wise.

Graph: 4.4 Percentage of banks having Risk Management Policies

From the above analysis it is concluded that foreign banks is very high than the public and private banks in case of risk management policies.

Graph: 4.5 Percentage of Banks with Documented Risk Management Policies

From the above analysis it is concluded that public sector banks is very lower than the private sector banks and foreign banks.

Graph: 4.6 Share of banking sectors in the Interest rate Risk

From the above analysis it is concluded that both private and foreign banks are lower than the public sector banks which is raising very high.

Graph: 4.7 Share of Banking sector in total G-Sec Investments

From the above analysis it is concluded that public sector banks is very high in case of banking sector in total G-Sec Investments.

ACCOUNTING FOR RISK

As a result of recent developments, accounting standards for banks have come to encompass the calculation and reporting of their risk profiles. An attempt is made to analyze the accounting standards applicable to banks in India and internationally from the perspective of risk management. Useful criteria to be kept in mind while comparing the Indian and international standards. They should facilitate market discipline and effective supervision They should contribute to sound risk management policies in bank Disclosure should be comprehensive for an assessment of financial position, performance and risk exposure and management.

Risk Management Policies

While US GAAP encourages firms to disclose their risk management policies, currently this is not mandatory. However the latest consultative paper on Basel Accord requires banks to provide extensive qualitative disclosures on their risk management policies. The accord requires that for each separate risk area (e.g. credit, market, operational, banking interest rate risk, equity) banks should describe their risk management objectives and policies. The objectives and policies would also include the following: Strategies and processes Structure and organization of the relevant risk management function Scope and nature of risk measuring and/or reporting systems Policies for hedging and/ or mitigating risk Strategies and policies for monitoring the continuing effectiveness for hedges/mitigates.

The accord requires this detail of disclosures since it envisages allowing banks to use internal rating processes to determine the amount of capital adequate for meeting all risks. In India, too, banks are not required to disclose their Risk Management Policies though it finds some mention in the annual reports.

Accounting for Business Risks:

The International Accounting Standards Committee and US GAAP both require banks to report key results for reportable segments. The standards define a reportable segment as the one that contributes more than 10% revenue, profit or assets of the enterprise.

It should be required that the segment- wise disclosure should be for the credit risks as well. This covers a breakdown of credit by major types of credit exposures (for e.g. loans, securities, derivative), geographical areas and industry type. In India, banks are required to follow segment reporting as per Accounting Standard 17. However when banks classify their segments, say on the basis of corporate, retail and treasury, the existing disclosures will be inadequate. From the point of view of promoting better risk management and measurement practices in banks these additional requirements will serve the purpose.

Accounting for Risks of Conglomeration

Consolidation of subsidiary accounts is required by both the international standards. Banks are required to provide a listing of subsidiaries, proportion of ownership and method for accounting for subsidiaries in the parents separate financial statements.

Further disclosures are to be made in this regard as outlined below:

An outline of differences in the basis of consolidation for accounting and regulatory purposes with a brief description of the entities within the group Any restrictions or other major impediments on the transfer of funds or regulatory capital within the group The aggregate amount of capital deficiencies in all the subsidiaries not included in the consolidated group i.e. that are deducted and the name of such subsidiaries The aggregate amount of the groups total interests in insurance entities which are risk weighted rather than deducted from capital.

Accounting for Solvency and Liquidity Risks:

The International Accounting Standards Committee requires all firms to disclose their sources of funding and levels of gearing. A bank should disclose an analysis of assets and liabilities into relevant maturity groupings based on the remaining period at balance sheet date to the contractual date. For ach class of financial asset, liability, both recognized and unrecognized, an enterprise should disclose:

Information about the extent and nature of instruments including significant terms and conditions that may affect the amount, timing and certainty of future cash flows. Accounting policies, including criteria for recognition and basis for the measurement Nature and amount of commitments to extend credit that are irrevocable because they can not be withdrawn at the discretion of the bank without the risk of incurring significant penalty or expense.

Currently, Indian standards provide information only about predicting future cash shortfalls. Thus, it is imperative to the bank to provide information about the second step such as pledged securities, open lines of credit etc.

Accounting for Credit Risk

As per international standards, a loan is impaired if it is possible that some or all of its interest and principal will not be collected. Impairment should be recognized immediately by debiting bad debt expense and crediting valuation allowance. The impairment is calculated either Difference between the investment value and the present value of the new future cash flow discounted at the effective rate of interest Market price of the loan, if available; or Fair value of the collateral is the only source of repayment.

Disclosures required for impaired loans are:

Accounting policy with regard to bad loans Amount of impaired loans bifurcated into those for which there is a valuation allowance and those for which there isnt

Creditors policy for recognizing interest revenue on the impaired loans The average investment in impaired loans, the interest income on impaired loans recognized and the amount in interest income on cash basis recognized

The International Accounting Standards Committee also requires the bank to disclose the following information about its credit risk, including: Amount representing maximum credit risk exposure, without taking collateral into account Significant concentrations of credit risk.

In case of bad debt restructuring disclosures required by the creditor in footnotes by US GAAP are: Description of restructuring provisions Outstanding commitments Receivables by major categories

In addition to the above it is suggested that: Banks should be required to provide summary information about troubled loans that have been restructured during the year. Banks should make disclosures about its techniques and methods for managing the past due and impaired assets The use of credit mitigation techniques and securitization by a bank also requires a list of disclosures In addition the adoption by a bank of either standardized approach or the internal ratings approach to determine risk weighted capital will rehire to make further disclosures. Indian banks are not required to assess the amount of impairment in their loan portfolio. Of the disclosures, they are not expected to disclose the amount of income recognized from impaired loans; of course the recognition is on cash basis. While the Indian banks do provide summary on restructured loans, they are not required to make disclosures relating to description of restructuring provisons, outstanding commitments and receivables under restructuring. Indian standards are far behind the international ones in this category. This is largely on account of the inadequate credit risk measurement systems at Indian banks. Regulators can consider a

gradual implementation of a disclosure schedule in line with the international best practices to provide an incentive to the banks to improve their risk measurement practices.

Accounting for Market Risk:

The International Accounting Standards Committee requires banks to provide details of gains less losses arising from the investment and dealing in securities. The US GAAP requires disclosures on: Valuation basis used for investment portfolio Total market value of portfolio Reasons for selling yield to maturity or transferring securities across categories Gains and losses from transferring included in P&L Market value and cost by major equity category Subsequent event disclosure.

In the Indian scenario only depreciations on available for sale securities are recognized through provisions while revaluation losses on trading securities are taken to the Profit & Loss account. Moreover, the maximum amount that can be classified as yield to maturity is limited by the RBI.

The accounting policies on Indian banks are in line with the international standards though on a conservative side. The disclosures can be brought to international standards without too much effort.

Accounting for Interest Rate Risk

According to the International Accounting Standards Committee, for class of financial asset and financial liability, both recognized and unrecognized, an enterprise should disclose information about its exposure to interest rate risk, including;
1. contractual re-pricing or maturity dates which ever is earlier, and

2. Effective interest rates, when applicable.

It also considers desirable for management to provide a commentary on- average interest rates, average interest earning assets, and average interest bearing liabilities. It should be required by the banks to disclose the nature of interest rate risk in the banking book and key assumptions, including assumptions regarding loan prepayments and behavior of non maturity deposits and frequency of interest rate risks in banking book measurements. Indian banks report the maturity profile of assets and liabilities for the purpose of liquidity risk. This is grossly inadequate for the purpose of interest rate risk since it does not give any information about repricing. Since most banks advances are PLR linked, maturity information does not throw any light on the interest rate risk. Banks should be immediately asked to disclose this information given the volatility of interest rates after their deregulation.

Accounting for Off Balance sheet Risk

The International Accounting Standards Committee requires a bank to disclose the following about contingent liabilities and commitments: Nature and amount of commitments to extend credit that are irrevocable because they cannot be withdrawn at the discretion of the bank without the risk of incurring significant penalty or expense,

Transactions related contingent liabilities including performance bonds, bid bonds, Short term self liquidating trade related contingent liabilities arising from movement of goods. Those sale and repurchase agreements not recognized in balance sheet, Interest and foreign exchange related items including futures, options.

For class of contingency the enterprise should disclose- brief description; estimate of financial effect; uncertainties; and possibilities of reimbursements. Indian banks are not required to disclose nature and amount of commitments to extend credit that are irrevocable. They are also not required to give the details of each contingency.

Given the fast growth in off balance sheet items over the past few years the regulators can consider making these disclosures mandatory.

RISK BASED INTERNAL AUDIT

Business risk is increasing and growing in complexity in todays banking environment. Rapid volatile changes in business conditions, intense competition, growing customer sophistication and expectations in a fast evolving global environment due to the progressive deregulation and liberalization of the Indian financial sector, all add up to greater uncertainties and risks to the banking industry. Having in place an effective risk management and internal control systems has become crucial to the conduct of banking business today and the internal audit function of the banks should proactively identify the new risks to ensure that appropriate controls are in place to mitigate them. The audit function should provide high quality counsel to management on the effectiveness of risk management and internal controls including regulatory compliance by the bank. Historically, the internal audit system in the banks has been concentrating on transaction testing, testing of accuracy and reliability of accounting records and financial reports, integrity, reliability and timelines of control reports and adherence to legal and regulatory requirements. However, in the changing scenario such testing by itself would not be sufficient. There is a need for widening as well as redirecting the scope of internal audit to evaluate the adequacy and effectiveness of risk management procedures and internal control system in the banks calling for a risk based approach to the internal auditing. The implementation of risk based internal audit would mean that greater emphasis is placed on the internal auditors role in mitigating risk. While focusing on effective risk management and controls, in addition to appropriate transaction testing, the risk based internal audit would not only offer suggestions for mitigating current risk but also anticipate areas of potential risks and play an important role in protecting the bank from various risks. Thus, the main rationale for embarking on a re-engineering process of internal audit in banks is adding of value to the banks internal control systems and the environment with a view to

improving its operations. Under risk-based internal audit, the focus will shift from the present system of full-scale transaction testing to risk identification, prioritization of audit areas and allocation of audit resources in accordance with the risk assessment. The scope of a risk based internal audit shall include areas like The examination and evaluation of the adequacy and effectiveness of the internal control systems; Review of the application and the effectiveness of risk management procedures and risk assessment methodologies; Review of the management and financial information systems; Review of the accuracy and reliability of the accounting records and financial reports; The appraisal of the economy and the efficiency of the operations; Testing of both transactions and the functioning of specific internal control procedures etc. An internal Audit re-engineering process in banks should have a four pronged focus depending upon specific needs on the Internal Audit function. The four areas of focus are Audit Methodology People Technology and tools Knowledge

Audit Methodology
Audit Methodology forms the core of the re-engineering process. Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organizations operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance process. The internal audit system of the bank should, for the risk based internal audit, undertake an independent risk assessment solely for the purpose formulating the risk-based audit plan keeping in view the inherent business risks of an activity/ location and the effectiveness of the control systems for monitoring the inherent risks of the business activity.

Every activity of the bank should fall within the scope of the internal audit including the activities of the branches and subsidiaries. The internal audit department should have access to any records, files or data of the bank including management information and the minutes of the consultative and decision making bodies, whenever it is relevant to the performance of its assignments. The scope of the internal audit should include the examination and evaluation of the internal control systems and of the manner in which assigned responsibilities are fulfilled. In many respects, this represents a risk analysis of the banks internal control system. In particular, the internal audit department should evaluate the banks compliance with policies and risk controls; the reliability and the timeliness of financial and management information. The internal audit department should give adequate consideration to the legal and regulatory provisions covering the banks operations, including the policies, principles, rules and guidelines issued by the supervisory authority with regard to the manner in which banks are organized and managed. However, this does not imply that the internal audit department should assume the compliance function.

People
The process of mitigating from compliance to a risk-based auditing is a challenging journey. It is a radical change requiring a paradigm shift calling for a change in the mindset of auditors from being a ticker auditor to a thinking auditor with the right attitudes. People are intangible and invaluable asset to the auditor function. It is the people who are going to deliver the objectives of re-engineering process. The professional competence of internal auditor as well as his/her motivation and continuing training are prerequisites for the effectiveness of the internal audit department. Also, the need for competence of the people behind the audit function is underlined. The Internal Audit Department should be provided with appropriate resources and staff to achieve its objectives under the risk-based internal audit. They should also be trained periodically to enable them to understand the banks business activities, operating procedures, risk management and control systems and MIS etc.

Technology and Tools

This phase of the internal audit re-engineering involves equipping the audit staff with the necessary technology to compliment the new audit methodology. In todays world, technological advancement has allowed mankind to achieve almost anything in the shortest possible time. In terms of audit re-engineering, new audit software can be introduced to enhance greater audit efficiency. Audit technological tools can be used to greatly reduce audit cycle times. As new technology is introduced during the re-engineering process, training is required to ensure a smooth transition for manual system to automated system.

Knowledge
The final phase in an internal audit re-engineering process is acquiring knowledge, which is vital for an organization to succeed and prosper. Today we hear about organizations that are called Learning Organization whose employees are continuously attempting to learn new things and applying what they learn into improving the quality of the products and services. Part of the internal audit re-engineering is to cultivate such a learning culture within the internal audit function. While the staff learns, they acquire new knowledge that can be applied in their audit work. Learning and applying knowledge create a work force known as Intellectual Capital.

Outsourcing of Internal Audit

When an internal audit department of a bank is not proficient enough, the RBI permits outsourcing of internal audit. An internal audit outsourcing is a contract between the institution and an outsourcing vendor to provide internal audit services. On the one hand, outsourcing of internal audit activities, especially when it is done on a limited and targeted basis, can bring

significant benefits to banks such as access to specialized expertise and knowledge for a special audit project otherwise not available within the organization. On the other hand, outsourcing may introduce risks to the bank such as lost or reduced control of the outsourced internal audit activities. Regardless of whether internal audit activities are outsourced, the Board of Directors and senior management remain ultimately responsible for ensuring that the system of internal control and internal audit are adequate and operate effectively. To avoid significant operational risk that may arise on account of a sudden termination of the outsourcing arrangement, the banks should have in place a contingency plan to mitigate any discontinuity in audit coverage.

RISKS IN INTERNET BANKING Informational

This is the basic level of Internet Banking. Typically the bank has marketing information about the banks products and services on a stand alone server.

Communicative
This type of Internet Banking system allows some interaction between the banks systems and the customer. The interaction may be limited to electronic mail, account inquiry, loan applications or static file updates (name and address changes).

Transactional
This level of Internet banking allows customers to execute transactions. Customer transactions can include accessing accounts, paying bills, transferring funds etc.

Preventive measures
Attacks on intrusion attempts on banks computer and network systems are a major concern. Studies show that systems are more vulnerable to internal attacks than external, because

internal system users have knowledge of the system and access. Banks should have sound preventive and detective controls to protect their Internal Banking System from exploitation. Contingency and business resumption planning is necessary for banks to be sure that they can deliver products and services in the event of adverse circumstances. Internet Banking products connected to a robust network actually makes this easier because back up capabilities can be spread over a wide geographic area. Security issues should be considered when the bank develops its contingency plans. Banks that offer bill presentment and payment will need a process to settle transactions between the bank, its customers and external parties. In addition to transaction risk, settlement failures could adversely affect reputation, liquidity and credit risk.

`Risk management
Financial Institutions should have a technology risk management process to enable them to identify, measure, control, and monitor their functions. Risk management of new technologies has three essentials: 1. The planning process for the use of the technology. 2. Implementation of the technology. 3. The means to measure and monitor risk.

The Risk Planning Process

It is the responsibility of the board and senior management. They need to possess the knowledge and skills to manage the banks use of Internet Banking technology and technology related risks. The board should review, approve, and monitor Internet Banking technology related projects that may have significant impact on the banks risk profile. They should determine whether the technology and products are in line with the banks strategic goals and meet a need in their market. Senior managers should have the skills to evaluate the technology

employed and risks assumed. Periodic independent evaluations of the internet banking technology and products by the auditors or consultants can help the board and the senior management to fulfill their responsibilities.

Implementation of the technology

It is the responsibility of middle management. Management should have the skills to effectively evaluate Internet Banking technologies and products, select the right mix for the bank and see that they are installed appropriately. If the bank does not have the expertise to fulfill this responsibility internally, it should consider contracting with a vendor who specializes in this type of business or engaging in an alliance with another provider with complimentary technologies or expertise.

Measuring and Monitor risk

It is also the responsibility of the middle management. Management should have the skills to effectively identify measure, monitor and control risks associated with internet banking. The board should receive regular reports on the technologies employed, the risks assumed and how the risks are managed. Monitoring the system performance is a key success factor. As apart of the design process, a bank should include effective quality assurance and audit processes in its internet banking system. The bank should periodically review the systems to determine whether they are meeting performance standards.

Internal Controls
Internal controls over Internet Banking systems should be commensurate with an institutions level of risk. As in any other banking area, management has the ultimate responsibility for developing and implementing a sound system of internal controls over the banks internet banking and products. Regular audit of the control systems will help ensure that the controls are appropriate and functioning properly. The control objectives for an individual banks internet banking technology and products might focus on: Consistency of the technology planning and strategic goals including efficiency and economy of operations and compliance with corporate policies. Data availability, including business recovery planning.

Data integrity, including providing for the safeguarding of assets, proper authorization of transactions and reliability of the process and output. Data confidentiality and privacy safeguards Reliability of MIS

Once the control objectives are established, management has the responsibility to install the necessary internal controls to see that the objectives are met. Management also has the responsibility to evaluate the appropriateness of the controls on the cost benefit analysis. Risk management is highly dependent on information to support and monitor a wide range of business issues. In particular, banks need to: ensure that the assumption of risk is in line with the articulated strategy and risk appetite of the institution; develop customer segment strategies and marketing programs that optimize EVA; and understand the impact of a changing environment and stress events on the risk profile of the institution. In times of uncertainty, the MIS requirements tend to increase significantly. For example, without knowing what the banks Asian profile looks like, it becomes difficult to differentiate actions on the basis of higher risk exposures versus core franchise activities. There are two ways in which banks create an MIS to monitor risk. The first approach involves integrating all exposures into an information warehouse that provides standard reporting across a range of different dimensions. Unfortunately, building a warehouse can be very time consuming and is usually hampered by a lack of consistency and accuracy in data definitions and integrity. The alternative method, referred to as a bottom-up approach, starts with decisions at the transaction and customer level and gradually captures the data centrally. This approach provides immediate benefits for front-line staff, but does allow aggregated risk data to be available early in the process. Most banks end up taking a hybrid approach. An effective management information system (MIS) is essential for sound liquidity management decisions. Information should be readily available for day to day liquidity

management and risk control, as well as during times of stress. Data should be appropriately consolidated, comprehensive yet succinct, focused, and available in a timely manner. Ideally, the

regular reports a bank generates will enable it to monitor liquidity during a crisis; managers would simply have to prepare the reports more frequently. Managers should keep crisis monitoring in mind when developing liquidity MIS. There is usually a trade -off between accuracy and timeliness. Liquidity problems can arise very quickly, and effective liquidity management may require daily internal reporting. Since bank liquidity is primarily affected by large, aggregate principal cash flows, detailed information on every transaction may not improve analysis.

PRICING AND RISK MANAGEMENT

It is important for the banks to understand the capital, pricing and margin aspects and the implementation of costs and benefits. By having a more risk sensitive approach to capital adequacy, banks will be able to allocate less capital to the strongest credit, while more capital will be required for weaker credits. With the shrinking interest spread and more regulator stipulations ahead, banks may shift their attentions more to relationship pricing or individual product pricing, preferential pricing, innovative pricing etc. credit card business once seem to be a risky business is seen as a lucrative business even today to most of the players in the field. Bundling of products and services and selling them at an attractive discounted pricing is still to take a large shape in India. This will enable banks to offer bundled financial services to enhance market share. It is high time for banks to shift to more scientific approach of pricing of the product and services. A systematic risk management not only paves the means of growth to a banking institution but also higher returns. Better pricing is one of the crucial means of higher growth and higher returns.

RISK MANAGEMENT

BETTER PRICING

LESS COST

LOWER RISK

BETTER MARKETSHARE

BETTER USE OF CAPITAL

HIGHER PROFIT

CUSTOMER CONFIDENCE

BETTER CAPITAL ALLOCATION

LOWER RISK CAPITAL

MORE CAPITAL

CHEAPER CAPITAL

MORE LEVERAGED CAPITAL

HIGHER GROWTH

HIGHER RETURNS

INTEGRATED RISK MANAGEMENT

Risks must not be viewed and assessed in isolation, not only because a single transaction might have a number of risks but also one type of risk can trigger other risks. Since interaction of various risks could result in diminution or increase in risk, the risk management process should

recognize and reflect risk interactions in all business activities as appropriate. While assessing and managing risk the management should have an overall view of risks the institution is exposed to. This requires having a structure in place to look at risk interrelationships across the organization. In every banking organization there are people who are dedicated to risk management activities, such as risk review, internal audit etc. It must not be construed that risk management is something to be performed by a few individuals or a department. Business lines are equally responsible for the risks they are taking. Because line personnel, more than anyone else, understand the risks of the business, such a lack of accountability can lead to problems.

Seven steps in implementing Integrated Risk Management for Banks

The implementation time is a function of size of operations, levels of existing risk practices, Banks prioritization and allocation of resources etc. The approach discussed in the following section is typical of a successful approach to Integrated Risk Management implementation.

1. Establishing Integrated Risk Management Long Term Vision and Strategy:

After extensive discussions and interactions with the banks top management an IRM Implementation Strategy is established depending on its vision, focus and positioning and the resource commitments. IRM should be introduced in the bank with the support of the banks Board of Directors and senior management.

2. Risk Identification
A study will be carried out to access the current level of risk management, processes, structure, technology and analytical sophistication at the bank. The approach will be comprehensive and will incorporate all aspects of Market, Credit and Operational risk. The result n this study would identify gaps in the bank practices in each line of activity relative to best practices.

3. Construction of Integrated Risk Management Index and Sub-indices

A customized benchmark Index based on the Banks IRM vision & IRM strategy is rolled out. This will provide an indicator of the current level of risk practices already put in place. Also rolled out is separate sub-indices to benchmark each of the major risk such as Credit, Market, Operation & Liquid risks. The implementation prioritization could be fine tuned to relative gap scores in each of the major risk areas.

4. Defining Roadmap
Based on the target IRM Strategy / Gap Analysis, unique work plans for each deliverable milestone and quantifiable benefits for achieving sustainable competitive advantage is developed: a. Risk based supervision requirements b. Basel 2 compliance c. Using Risk Strategy in the decision making process Capital Allocation

Provisioning Pricing of products Streamlining procedures and reducing operating costs

By rolling out the action steps in phases as outlined in the roadmap, the bank can measure the progress of the implementation.

5. Establish Risk measure and early Warning Indicators

Depending on the lines of business as reflected in the banks balance sheet and business plans, the relative importance of Market, Credit and Operating risk in each line of activity is

determined. The process work flow, organization, risks control 7 mitigation procedures for each activity line of activity is provided.

6. Executing the Key Requirements

At an operational level, on this basis an elaborate checklist of key success factors and quantitative benchmarks are generated. Models to be applied are tested and validated on a prototype basis. Weightages are applied depending on the criticality of each sub activity and benchmark levels specified. This helps to build up through an aggregation process a risk process implementation score, in some way reflective of the value addition, and the extent of capital optimization possible. The process encourages incentive compatibility of the IRM process, as highlighted above as benefits.

7. Integrate Risk Management/Strategy into banks internal decision making process.

The objective is to integrate risk management into business decision making process. This would involve: Evolve risk culture through awareness and training Develop Integrated Risk Reports and Success Measures Align Insurance Program

Align Risk Strategies and Business Strategies

Roadmap for Implementation of Integrated Risk-Management by Banks

DEFINE
THE MASTER PLAN Credit risk Market

DIAGNOS E Credit risk Market risk

DESIGN
Credit risk Market risk Operationa

DEVELOP Credit risk Market risk Operationa

DEPLOY
Credit risk Market risk Operationa

Scope, Coverage, Inter linkages,

POLICIES

Evaluate current policies, Review Gap Analysis

Risk adjusted performance managemen t, Risk capital

Organization structure, Align Business and Risk policies

Performance targets, Business change programs

PROCESSE S

Identificati on, Measurem ent, Monitoring , Manageme

Current practices , Best practices , Gap analysis

Frame works for risk adjusted budgeting, Loan pricing

Activity pricing, Transfer pricing, & default statistics

Mitigation techniques, Standard operating procedures, Performance management

PRODUCT S

Access to multiple data sources, Data managem ent, Data

Methodol ogy for risks, Enterpris e wide risk architect

Function al/softwa re specifica tions, Gap report

Credit risk assessment models, Value at risk models, Portfolio models

Finalize MIS implementat ion, Finetuning back testing, and recalibration of model

CHAPTER 5
FINDINGS
Until and unless risks are assessed and measured it will not be possible to control risks. Further a true assessment of risk gives management a clear view of institutions standing and helps in deciding future action plan. The major findings are: Risk measurement represents aggregate exposure of institution both risk type and business line and encompass short run as well as long run impact on institution. The importance of staff having relevant knowledge and expertise is not undermined. Institutions have a mechanism to identify stress situations ahead of time and plan to deal with such unusual situations in a timely and effective manner.

CONCLUSION
Banks have good reason to worry about risk management; they continue to be caught by dramatic turns in the economic cycle that arrive without much warning. Even if these turns could

be predicted in advance, many activities are not yet liquid enough to remove or hedge the risk. Banking organizations of all sizes have made substantial strides over the past two decades in their ability to measure and manage risks. The banking agencies will continue to promote supervisory approaches that complement and support banks' own efforts to enhance their riskmanagement capabilities.

SUGGESTIONS Mandate time bound introduction of IRM for all the banks:
It will be extremely difficult to muster the commitment of top management of banks throughout the sector, in the absence of a binding timeframe. Effort should be directed at ensuring that comprehensive and credible systems for measuring and managing risk need to be in place by a specified date.

Set time lines and take progress reports:

Timelines are recommended for progress on the components of IRM table, for each risk component and according to defined phases. Quarterly progress reports would be an effective way of keeping track of the progress made by each bank.

Procedural audit:
Procedural audit is suggested for banks reporting IRM introduction, both by way of an independent validation of procedures and methodologies and mapping out of steps to be taken.

Knowledge management and dissemination:

Simple handbooks on the subject of risk management, demystifying the subject and making it accessible to the line managers who will eventually need to implement and use it.

Definitions, Approaches and Methodologies:

Definitions of key Risk Management terms should be arrived at and compiled. The presence of a common and accepted vocabulary aids standardization and precludes multiple interpretations and will have several positive spin offs.

Seminars and Workshops:

Seminars and workshops should be organized which would be occasions for training of Risk Management professionals.

Replacement of current Inspection / Audit with Risk-based Internal Audit:

Risk -based internal audit will be a fairly new exercise for most of the Indian banks, a gradual but effective approach would be necessary for its implementation. Initially, the risk- based internal audit may be used as a management tool in addition to the existing inspection. Once the risk based internal audit stabilizes and the staff attains proficiency, it should replace the existing internal audit.

Reorientation of Management Information Systems:

Banks have to initiate measures to improve their MIS. The measures should emphasize on the generation of data through the system rather than compilation of errors.

 The Risk Management system needs to be developed in line with the Organizations goals and objectives.

Active participation of the senior management and main line functional staff:
This will enhance the acceptability of adopting the Risk Management measures by the employees.

The Risk Management system should be implemented effectively in letter and in spirit:
Monitoring and reviewing of the risk management processes with dynamically changing global environment needs to be undertaken.

APPENDICES AND ANNEXURES

PROFIT AND LOSS ACCOUNT FOR THE YEAR ENDED MARCH 31,2008
SL NO Particulars I INCOME Income from Operations Other Income Prior Period Income TOTAL INCOME EXPENDITURE Operating Employees Allowances and Administrative Expenses Depreciation Loss on sale of Fixed Asset Preliminary & operative written off Cost of Software off TOTAL Prior period expenses TOTAL EXPENDITURE PROFIT Net Profit before Taxation Provision for Tax Provision for Tax Profit after Taxation APPROPRIATIONS Transfer to Reserve u/s. 36(l)(viii) of the Income Tax Act, 1961 Proposed Dividend Balance Carried Balance Sheet Sch.No 10 10 10C (A) 11 12 13 4 9 14 Current Rs. Ps. Previous Year Rs. Ps. 172,786,177.00 7,335,238.17 468,957.00 180,590,372.17 148,250,188.00 1,301,187.00 1,744,520.55 450,857.06 1,293.37 622,281.00 40,000.00

A 715,297,508.00 B 3,978,874.80 48,490.00 719,324,872.80 677,227,055.00 1,471,574.00 2,185,571.82 520,627.45 3,729.68 0.00 40,000.00

II

(B) (A)-(B)

681,448,557.95 1,082,406.00 681,448,557.95 36,793,908.85 8,538,203.00 (91,663.83)

152,410,326.98 0.00 45,624,590.66 28,180,045.19 6,704,915.49 29,083.70

III

28.347,369.68

21,446,046.00 9,857,531.24 3,476,554.00 434,569.00 7,677,391.76

IV

14,287,193.09 D 5,669,474.00 C * 20% 726,401.36 7,664,301.23

Notes forming Part of 16 accounts

28.347,369.68

21,446,046.00

BALANCE SHEET AS ON MARCH 31,2008

SL NO

Particulars SOURCES FUNDS 1. Share holders Funds 2. Deferred Tax 3. Loan Funds a. Secured Loans OF

Sch.No Current 1 2

Previous

Year

Year Rs. Rs. Ps. 234,000,700.00 234,000,700.00 96,547,207.98 74,595,713.66

15 3(a) 3(b)

0.00 62,049.39 660,886,557.00 354,355,029.00 8,649,273,956. 2,149,697,500.00 00 9,640,708,420. 2,812,710,992.05 6,589,832.85 2,707.368.75 98 1,387,074,06 5,202,758.79 948,911.00 827,264.83 1,880,103.92 0.00

b. Unsecured Loans TOTAL APPLICATION 4 OF 1 .Fixed Gross Depreciation FUNDS Assets: Block Less Net

Block Capital 2. Investments Work-in-Progress 3. Deferred Tax 15 4. Current Assets : 5 6 7 Loans and Advances a. Cash and Bank balance b. Other Current Less: Assets Current 8

0.00 0.00 29,614.44 0.00 159,553,202.90 93,722,427.83 135,214,072.18 24,372,408.97 9,608,471,837. 2,720,784,191.82 52 9,903,239,112. 2,838,879,028.62 60 28,048,140.00 9,634,527,136. 2,810,830,888.13 75 9,640,708,420. 2,812,710,992.05

Liabilities & Net Current Assets TOTAL Notes on Accounts 16

5.0 CHAPTER 5
FINDINGS CONCLUSIONS & SUGGESTIONS

BIBLIOGRAPHY

1. Practice of Banking : B.S. Raman 2. The New Management Imperative in Finance: Gleason 3. Financial Risk Management: Dun & Bradstreet 4. Banking Quest Journal 5. Basel Committee on Banking supervision 6. Internet Websites