Risk management policy
Risk management policy
Powers of units involved in risk management.
Structure and powers of bodies involved in risk management.
VTB Bank (Azerbaijan) OJSC follows the “risk management policy”, which sets out the basic objectives, principles and mechanisms of internal processes of generation and operation of the risk management system.
The overall structure of the system of bodies / structural units involved in risk management in the Bank has the following levels:
- Top Level – the General Shareholders’ Meeting, the Supervisory Council and the Audit Committee of the Bank;
- Medium Level - the Management Board (including the Chairman of the Board), the Internal Audit Service and the committees of the Bank;
- Lower level - the structural units and individual employees of the Bank.
The competence of the General Shareholders’ Meeting of the Bank includes assigning authority (except for members of the Supervisory Council) of the Bank’s Administrators for assuming liabilities on behalf of and at the expense of the Bank and the limits of the right to transfer this authority to other employees of the Bank and the adoption of rules on disclosure of commercial interests by the Bank’s Administrators, as well as additions and amendments thereto. Moreover: approval of annual financial reports certified by the external auditor and suggested by the Audit Committee of the Bank, as well as making decisions to establish provisions through net income and to pay out dividends.
The competence of the Bank’s Supervisory Council includes the following:
- approval of the Bank's policies, including the Credit policy;
- adoption of the rules on particular risks management;
- making decision to establish capital provisions of the Bank;
- permission to enter into transactions exceeding a total of 25 (twenty five) percents of the net assets of the Bank;
- permission to enter into transactions exceeding a total of 50 (fifty) percents of the authorized capital of the Bank on behalf of the Bank;
- approval of transactions with affiliates of the Bank and entities acting on their behalf, in cases provided by the legislation of Azerbaijan Republic;
- establishment and liquidation of the Bank Committees (except for the Audit Committee), approval of their regulations;
- definition of limits on operations of the Bank and the delegation of this power to the Risk Management Committee of the Bank;
- making decision to write-off unrecoverable Bank assets.
The competence of the Audit Committee of the Bank includes the following:
- determination of the Bank’s audit policy and strategy;
- approving internal audit plans and monitoring the activities of the Internal Audit Service of the Bank;
The competence of the Management Board (including the Chairman of the Board) includes the following:
- approval of the instructions on the application of individual risk management tools, as well as the regulations of the structural units of the Bank;
- organizing and ensuring the Bank's current activities related to risk management, providing them with IT resources, etc.;
- making the Bank's risk management policy and coordinating it with the Parent Bank, submission for consideration and approval in accordance with the specified procedure;
- ensuring compliance with the approved key performance indicators relating to the risk management activities;
- organizational support for the interaction of the functional structural units of the Bank with the Parent Bank;
- ensuring adoption of the Bank's internal documents that define rules and procedures for risk management in order to comply with the basic principles of risk management, approved by management bodies;
- distribution of powers and responsibility for managing the Bank's risks between managers of the departments of different levels, providing them with necessary resources, establishment of procedures for communication and reporting;
- control of the Bank's activity on optimization of the credit risks of retail business, adjustment of model parameters, approval of lending technologies, support for common standards for risk management established by the Parent Bank.
Competence of the Internal Audit Service of the Bank includes continuous monitoring the efficiency of activities of the internal control and risk management systems.
In order to ensure effective and uninterrupted functioning of the risk management system in the Bank there was established the Risk Management Committee, whose main objectives are the following:
- establishment of effective mechanisms for the consolidated management of the Bank's risks;
- qualitative improvement of risk management level in the Bank in accordance with current international standards and best practices;
- ensuring the optimal risk distribution in the Bank and minimizing the vulnerability and potential losses from exposure of the Bank's activities on national and international markets to risk factors.
- In order to realize these objectives, the Bank’s Risk Management Committee has the following competencies:
- approval of common standards, principles and approaches to risk management;
- development of limitation system for the Bank’s operations;
- coordination of activities of other committees;
- approval of risk management procedures, including limitation systems etc.;
- consideration of regular reports on the Bank's risks condition;
- allocation of economic capital by risks/ types of operations taken by the Bank;
- overall monitoring of the status of risk management;
- definition of work priorities, identification of existing problems;
- development and monitoring of implementation of plans to improve the Bank’s activities in the field of risk management.
Risk management system is a system of infrastructure, methods and measures to ensure the identification, assessment, control and monitoring of the Bank's risks.
Strategy and processes.
The basic strategic directions for risk management in the Bank are the following:
- implementation of the Bank's risk management policy and development of common standards, principles and approaches;
- establishment of mechanisms for managing the structure and amount of risk taken by the Bank, databases, mechanisms for consulting and data exchange within the Bank framework;
- implementation of systematic and comprehensive approach to the analysis of different types of risks taken;
- application of the advanced methods of risk assessment;
- establishment of the comprehensive reporting system at each level of the Bank’s management;
- legible distribution of responsibilities between the authorized management bodies and officials of the Bank in making decisions;
- ensuring qualitative improvement of the risk management level in the Bank in accordance with current international standards and best practices;
- ensuring compliance with the requirements of the Central Bank of Azerbaijan Republic on relevance of the risk management system applied in the Bank.
The reporting system in the field of risk management involves submission of quarterly reports on individual types of risks to the Risk Management Committee and the Head Office by structural units of the Bank in order to further analyze and development of plan of measures to prevent or minimize the level of identified risks.
Methods and systems of risk assessment.
Risk assessment is a key component of the Bank's risk management process. The bases for it are generally accepted methodologies, but the Bank is trying to approach certain categories of risks having regard to specially developed techniques and gathered experience. In addition to quantitative assessment, an integrated assessment of non-financial factors is used. Control measures are defined for each risk in order to make sure once again that all the quantitative and qualitative parameters were taken into account. The main risk management and control method are tools for limitation and / or immunization of risks of possible losses (expected and unexpected), which can be taken from the realization of those or other sources (events) of a specific type of risk at the appropriate risk objects.
The main risk control methods are limitation, hedging, transmission or distribution of risk, insurance, diversification, and quality requirements.
Models and techniques of risk assessment are ongoing subject of internal and external independent evaluation. Use of the principles of the agreement of the Basel Committee on Banking Supervision “International Convergence of Capital Measurement and Capital Standards: New Approaches (Basel II)” will strengthen the Bank's position in risk assessment.
Risk reduction policy and processes of controlling the effectiveness of management tools.
The main risks arising from the Bank’s activities include: credit risk, liquidity risk, market risk, interest rate risk, currency risk, operational risk. The purpose of the Bank's risk management strategy is to perform analysis, monitoring and managing the size and concentration of these risks.
Responsibility for the Bank’s risk management is vested in the Management Board and collegiate structural units (Risk Management Committee, Asset and Liability Management Committee, Credit Committee).
The objective of Risk Management is to ensure the effective functioning and development of system of consolidated analysis and credit, market and operational risk management in the Bank.
Credit risk is the risk of losses due to default, late or incomplete performance of financial obligations to the Bank by the debtor in accordance with the terms of the agreement. Credit risk is the greatest weight among the risks taken by the Bank in the course of banking activities.
Credit Risk Management in the Bank is performed using the following main procedures:
- setting limits for the conduct of operations in order to limit credit risk;
- setting indicative limits for the concentration of credit risk and the share of unsecured loan portfolio;
- creation of security for credit operations;
- setting value conditions for conducted operations with respect to payment for risks taken from them;
- permanent monitoring of level of risks taken and preparation of appropriate management reporting for the Credit Committee, the Bank's management and units concerned;
- evaluation of regulatory and economic capital necessary to cover the risks taken in respect of the Bank's operations, ensuring its sufficiency;
- conducting hedging operations;
- permanent internal control over the Bank's units in respect of observing regulations on operations procedures and risk assessment and management procedures by independent unit.
Assessment of credit risk taken by the Bank for counterparty to set limits is done on the basis of multifactor analysis including use of rating system, and comprises analysis of the following aspects:
- specific risks related to the shareholder structure of the counterparty;
- market positioning of the counterparty;
- credit capacity and financial condition of the counterparty;
- possible impact of limit setting on the financial condition and performance of the counterparty;
- economic acceptability of the proposed security to ensure proper coverage of the counterparty's obligations to the Bank;
- acceptability of value conditions;
- background of the counterparty's relations with the Bank, including operations implying credit risk taken by the Bank;
- impact of limit setting for the counterparty on the level of industry, region and country risks taken by the Bank;
- impact of limit-setting on liquidity risk, market risks (interest rate risk, currency risk, price risk, if any), and reputation risk.
The most important tool to minimize credit risk taken by the Bank is the creation of security for credit operations. The Bank's policy in this field is based on the principle of forming a reliable and liquid security portfolio, sufficient to cover the credit risks taken by the Bank. At the same time, it does not relieve from the requirement to conduct complex analysis of the borrower’s financial and economic activities and does not compensate for the insufficient payment and credit capacity of the borrower or lack of information on its business.
Property is accepted as pledge if there are no legal restrictions by results of assessment of liquidity and market value of property, as well as control of ensuring of its preservation. Besides, the Bank usually demands that the items pledged should be insured.
The Assets and Liabilities Committee determines the Bank's policy on management liquidity risk and market risks to limit and mitigate possible losses caused by adverse changes in foreign exchange rates, interest rates and quotations of securities (i.e. currency risk, interest rate risk and price risk respectively).
In market risk management the Bank follows the requirements set by the regulations of the Central Bank of Azerbaijan Republic, and also uses internal models complying with the recommendations of the Basel Committee on Banking Supervision.
The key elements of the Bank's market risk assessment and management system are the following:
- analysis of the Bank's balance sensitivity to changes in market parameters (primarily, interest rates and/or foreign exchange rates) and assessment of the Bank's stability against their sharp fluctuations (stress testing) as well. Stress-testing procedures are under development;
- scenario analysis of the Bank's asset and liability operations, setting target values of asset and liabilities structure by volume, maturity, return/value.
- procedure of setting limits for restriction of market risks taken by the Bank and rigid control over compliance:
- net foreign exchange position limits;
- limits for conversion operations and operations with marketable securities by types of operations and tools;
Liquidity risk management methods.
Liquidity risk is the risk of losses due to the inability of the Bank to ensure the fulfillment of its obligations in full.
Risk of deficient liquidity is the risk of a situation in which the Bank will be unable to make payments on its obligations or current payments on behalf of borrowers, because of the lack of liquid assets and / or inability to raise necessary funds to make payments.
Risk of excess liquidity is the risk of losses or shortfalls in the revenue of the Bank due to excess of high liquid and low-yield assets.
Liquidity risk management methods include the following:
- setting and monitoring the compliance with the standard values of liquidity ratios (liquidity gap ratio by maturity, sufficiency ratio of a provision of high liquid assets, sufficiency ratio of a provision of liquid assets);
- setting and monitoring the compliance with standard of liquid assets provision, which determines the minimum amount of liquid assets (in absolute value) required to meet current liabilities of the Bank and to perform ongoing payments on behalf of clients;
- setting and monitoring the compliance with the deposit base concentration ratio, which characterizes the Bank's dependence on the movement of funds attracted from large corporate clients;
- the Bank’s cash flow control by time periods in order to identify discrepancies between receipt and payment values;
- performing the forecast and situational modelling of the Bank’s liquidity condition.
Interest rate risk.
Interest rate risk generally means the risk of the Bank’s losses due to the reduction in return, increased interest costs, reduction in market value of securities resulting from adverse changes in market interest rates..
The main instruments to limit interest rate risk perform a number of control procedures:
- Formation of structures of interest earning assets and interest bearing liabilities by maturity before interest rate changes and by kinds of tools that allows to minimize the sensitivity of the Bank’s balance to changes in interest rates;
- setting and adjustment of the basic interest rates (in fixed and floating form) from operations of allocation and attraction of funds, having regard to the structure of interest earning assets and interest bearing liabilities of the Bank, forecast dynamics of market interest rates and the state of interest rate risk as well;
- operations in the financial markets for hedging interest rate risk are conducted;
- predicting the dynamics of market interest rates is performed;
- quantitative assessment of the interest rate risk taken by the Bank, preparation of management reporting on interest rate risk.
In order to minimize interest rate risk, having significant impact on financial performance and capital of the Bank, the daily monitoring is conducted by the Bank.
Operational risks are the risks of a losses resulting from the inadequacy of internal protocols and procedures of banking operations and other transactions to the nature and volume of the Bank’s activity and/ or requirements of the existing legislation, their violations by the employees and/ or other persons (due to unintentional or intentional acts or omissions), disproportion (failure) of functional capabilities (characteristics) of information, technology and other systems used by the Bank and / or their failure (of dysfunction), as well as due to external events not related to credit and market risks. In order to minimize operational risk, the daily monitoring is conducted by the Bank’s Risk Management.