Semester September 2014 Course Leader: Mdm Rodziah Bt Ahmad 2 Chapter 1: An overview Rodziah (c) 1. Risk Management: Basic concepts and Techniques 2. Risk Management Process 3. Financial Balance-Sheet and Income- Statement Structure 3 Contents Rodziah (c) Identify and explain the basic concepts and theories related to risk management process Comprehend resources for financial risk identification 4 Learning Objective Rodziah (c) 5 Definition : Risk is defined as a condition of the real world in which there is a possibility of positive or negative outcome from what is expected. In Financial Institutions (FI), risks are uncertain future events that could influence the achievement of the Banks objectives, including strategic, operational, financial and compliance objectives Uncertain future events could be: Failure of a borrower to repay a financing Fluctuation of foreign exchange rates Fraud, incomplete security documentations, etc Non-compliance with shariah law and principles Other events that may result in a loss to the Bank Rodziah (c) 6 Rodziah (c) Risk Management is not the minimization of losses but the optimisation of the risk reward equation. The competitive advantage of a financial institution is dependent on how well it manages risk. 7 Risk Management Rodziah (c) Risk management is the process by which various risk exposures are (1) identified (2) measured/assessed (3) mitigated and controlled (4) reported and monitored 8 Risk Management Rodziah (c) 1. Creates and protects value Good risk management contributes to the achievement of an agencys objectives through the continuous review of its processes and systems. 2. Be an integral part of organisational processes Risk management needs to be integrated with an agencys governance framework and become a part of its planning processes, at both the operational and strategic level. 3. Be part of decision making The process of risk management assists decision makers to make informed choices, identify priorities and select the most appropriate action. 9 11 Principles of Risk Management Rodziah (c) 4. Explicitly address uncertainty By identifying potential risks, agencies can implement controls and treatments to maximise the chance of gain while minimising the chance of loss. 5. Be systematic, structured and timely The process of risk management should be consistent across an agency to ensure efficiency, consistency and the reliability of results. 6. Based on the best available information To effectively manage risk it is important to understand and consider all available information relevant to an activity and to be aware that there may be limitations on that information. It is then important to understand how all this information informs the risk management process. 10 11 Principles of Risk Management Rodziah (c) 7. Be tailored An agencys risk management framework needs to include its risk profile, as well as take into consideration its internal and external operating environment. 8. Take into account human and cultural factors Risk management needs to recognise the contribution that people and culture have on achieving an agencys objectives. 9. Be transparent and inclusive Engaging stakeholders, both internal and external, throughout the risk management process recognises that communication and consultation is key to identifying, analysing and monitoring risk. 11 11 Principles of Risk Management Rodziah (c) 10. Be dynamic, iterative and responsive to change The process of managing risk needs to be flexible. The challenging environment we operate in requires agencies to consider the context for managing risk as well as continuing to identify new risks that emerge, and make allowances for those risks that no longer exist. 11. Facilitate the continual improvement of organisations Agencies with a mature risk management culture are those that have invested resources over time and are able to demonstrate the continual achievement of their objectives. 12 11 Principles of Risk Management Rodziah (c) 13 Rodziah (c) Establishing the context Risk Assessment Risk Identification Risk Analysis Risk Evaluation Risk Treatment Monitor & Review Communication and consultation http://www.praxiom.com/iso-31000-terms.htm 14 Risk Management Process* Rodziah (c) External Parameters External stakeholders Local environment International environment Etc Internal Parameters Internal stakeholders Approach to governance Contractual relationship Capabilities Cultures Standards 15 Establishing the Context Rodziah (c) Risk identification To find, recognize, and describe the risks that could affect the achievement of objectives. Risk Analysis To understand the nature, sources, and causes of the risks that you have identified and to estimate the level of risk. It is also used to study impacts and consequences and to examine the controls that currently exist. Risk Evaluations to compare risk analysis results with risk criteria in order to determine whether or not a specified level of risk is acceptable or tolerable. 16 Risk Assessment Rodziah (c) 17 Rodziah (c) 18 Risk Treatment Risk Avoidance Risk Reduction Risk Transfer Risk Control Risk Retention Rodziah (c) Monitor: To supervise and to continually check and critically observe. Review: To determine whether something is a suitable, adequate, and effective way of achieving established objectives. 19 Monitor & Review Rodziah (c) Dialogue between an organization and its stakeholders. Once communication and consultation is finished, decisions are established by stakeholders. 20 Communication & Consultation Rodziah (c) 21 Resources of Financial Risk Management Counter- parts Markets contracts Rodziah (c)