EBB20603 Risk Management in

Islamic Financial Institutions

Semester September 2014
Course Leader:
Mdm Rodziah Bt Ahmad
2
Chapter 1: An overview
Rodziah (c)
1. Risk Management: Basic concepts and
Techniques
2. Risk Management Process
3. Financial Balance-Sheet and Income-
Statement Structure
3
Contents
Rodziah (c)
Identify and explain the basic concepts and
theories related to risk management
process
Comprehend resources for financial risk
identification
4
Learning Objective
Rodziah (c)
5
Definition : Risk is defined as a condition of the real world in which there is a
possibility of positive or negative outcome from what is expected.
In Financial Institutions (FI), risks are uncertain future events that could
influence the achievement of the Banks objectives, including strategic,
operational, financial and compliance objectives
Uncertain future events could be:
Failure of a borrower to repay a financing
Fluctuation of foreign exchange rates
Fraud, incomplete security documentations, etc
Non-compliance with shariah law and principles
Other events that may result in a loss to the Bank
Rodziah (c)
6 Rodziah (c)
Risk Management is not the minimization
of losses but the optimisation of the risk
reward equation.
The competitive advantage of a financial
institution is dependent on how well it
manages risk.
7
Risk Management
Rodziah (c)
Risk management is the process by which
various risk exposures are
(1) identified
(2) measured/assessed
(3) mitigated and controlled
(4) reported and monitored
8
Risk Management
Rodziah (c)
1. Creates and protects value
Good risk management contributes to the achievement of an agencys
objectives through the continuous review of its processes and systems.
2. Be an integral part of organisational processes
Risk management needs to be integrated with an agencys governance
framework and become a part of its planning processes, at both the
operational and strategic level.
3. Be part of decision making
The process of risk management assists decision makers to make
informed choices, identify priorities and select the most appropriate
action.
9
11 Principles of Risk Management
Rodziah (c)
4. Explicitly address uncertainty
By identifying potential risks, agencies can implement controls and
treatments to maximise the chance of gain while minimising the chance
of loss.
5. Be systematic, structured and timely
The process of risk management should be consistent across an agency
to ensure efficiency, consistency and the reliability of results.
6. Based on the best available information
To effectively manage risk it is important to understand and consider all
available information relevant to an activity and to be aware that there
may be limitations on that information. It is then important to
understand how all this information informs the risk management
process.
10
11 Principles of Risk Management
Rodziah (c)
7. Be tailored
An agencys risk management framework needs to include its risk
profile, as well as take into consideration its internal and external
operating environment.
8. Take into account human and cultural factors
Risk management needs to recognise the contribution that people and
culture have on achieving an agencys objectives.
9. Be transparent and inclusive
Engaging stakeholders, both internal and external, throughout the risk
management process recognises that communication and consultation is
key to identifying, analysing and monitoring risk.
11
11 Principles of Risk Management
Rodziah (c)
10. Be dynamic, iterative and responsive to change
The process of managing risk needs to be flexible. The challenging
environment we operate in requires agencies to consider the context for
managing risk as well as continuing to identify new risks that emerge,
and make allowances for those risks that no longer exist.
11. Facilitate the continual improvement of organisations
Agencies with a mature risk management culture are those that have
invested resources over time and are able to demonstrate the continual
achievement of their objectives.
12
11 Principles of Risk Management
Rodziah (c)
13 Rodziah (c)
Establishing the context
Risk Assessment
Risk Identification
Risk Analysis
Risk Evaluation
Risk Treatment
Monitor & Review
Communication and consultation
http://www.praxiom.com/iso-31000-terms.htm
14
Risk Management Process*
Rodziah (c)
External Parameters
External stakeholders
Local environment
International environment
Etc
Internal Parameters
Internal stakeholders
Approach to governance
Contractual relationship
Capabilities
Cultures
Standards
15
Establishing the Context
Rodziah (c)
Risk
identification
To find, recognize, and describe the risks that could affect the
achievement of objectives.
Risk Analysis
To understand the nature, sources, and causes of the risks that you have
identified and to estimate the level of risk. It is also used to study
impacts and consequences and to examine the controls that currently
exist.
Risk
Evaluations
to compare risk analysis results with risk criteria in order to determine
whether or not a specified level of risk is acceptable or tolerable.
16
Risk Assessment
Rodziah (c)
17 Rodziah (c)
18
Risk
Treatment
Risk
Avoidance
Risk
Reduction
Risk
Transfer
Risk
Control
Risk
Retention
Rodziah (c)
Monitor:
To supervise and to
continually check and
critically observe.
Review:
To determine whether
something is a suitable,
adequate, and effective
way of achieving
established objectives.
19
Monitor & Review
Rodziah (c)
Dialogue between an organization and its
stakeholders.
Once communication and consultation is
finished, decisions
are established by
stakeholders.
20
Communication & Consultation
Rodziah (c)
21
Resources of
Financial
Risk
Management
Counter-
parts
Markets
contracts
Rodziah (c)