Sbi Rar 2014 Part 1

RESERVE BANK OF INDIA
State Bank of India

Assessment as on March 31, 2014
Risk Assessment Report (RAR)
Major Areas of Financial Divergence
Findings on Capital and Earnings
Major Areas of Non Compliance
•
Table of Contents
2
Introduction
2
Part I: Risk Assessment Report
2
Summary of Aggregate Risk at Bank Level
3
Findings on Risks and Control Gaps Assessed
3
Governance & Oversight
7
Credit Risk
13
Market Risk
16
Liquidity Risk
20
Operational (Non-IT) Risk
24
Operational (IT) Risk
28
Other Pillar II Risks
31
Part II: Major Areas of Financial Divergence
32
Part III: Findings on Capital and Earnings
32
Pillar I Capital & CRAR
33
Capital Management, ICAAP and Stress Tests
34
Assessment of Internal Generation of Capital
34
Scope & ability to infuse capital
34
Assessment of Leverage Ratio
35
Part IV: Major Areas of Non-Compliance
1-47
Part V: Annex . 1
Annex-11 Major Areas of Financial Divergence
40
Annex-2: Computation of Outside Liabilities
41
Annex-3: Assessed Net Worth
42
Annex-4: Computation of Assessed Capital
44
Annex-5: Assessment of Internal Generation of Capital
47
Annex-6: Leverage Ratio
or for period April 1, 2013 to

Note : All figures in the following pages refer to position of the hank as on March 31, 2014 otherwise specified.
unless
March 31, 2014 and figures in parenthesis refer to corresponding previous year position
Page 1 of 45
Confidential
INTRODUCTION
The Risk Assessment of State Bank of India for 2013-14 under the Supervisory
Program for Assessment of Risk and Capital (SPARC) was completed with March
the off-
31, 2014 as the reference date. The assessment has been made based on
fin ings
site analysis of the data and information furnished by the bank as well as the
from
of the on-site Inspection for Supervisory Evaluation (ISE) undertaken
y the
September 16, 2014 to December 5, 2014 and various explanations offered
ction
bank in course of inspection. The critical observations emanating from the insp
B nking
of six Local Head Offices and two Zonal Offices under Section 35 of the
Regulation Act, 1949, are also incorporated in the report.
As per the SPARC process, the Aggregate Risk Score of the bank is arriyed at
2.356, which is indicative of high risk. On applying the assessed CRAR (11.8%) to
at 2.460.
the aggregate risk score, the Risk of Failure score of the bank is arrived
Accordingly, a capital add-on of 2.25% is calculated.
PART I: RISK ASSESSMENT REPORT
Summary of Aggregate Risk at Bank Level

Inherent Risk Control Gap
Risk Category
1.91
Board
1.93
Senior Management
2.00
Risk Governance
1.76
Internal Audit
2.891 1.996
Credit Risk
2.072 2.281
Market Risk 2.370
1.978 2.024
Liquidity Risk 2.043
Operational (non-IT) Risk 2.383
Operational (IT) Risk 2.351
Other Pillar II Risk 2.081
BANK LEVEL AGGREGATE RISK
ge 2 of 45
Confidential
FINDINGS ON RISKS AND CONTROL GAPS ASSESSED
1. Governance & Oversight: Aggregate Score: 1.904 (2.061)
Major findings / observations

Score: 1.911(1.948)
1.1 Board
Composition and competencies

1.1.1 There was lack of representation of interest of depositors on the Board of
himself from B ard /
the bank. One of the directors regularly recused
committee proceedings involving exposure to an industrial conglome ate to
which the bank had the highest group exposure, on grounds of conflict of
itizing
interest, thus the Board missing his expertise. Initiatives for sen
foI non-
directors to risk and business profile of the bank, particularly
executive directors, were not much visible.
Structure and Key Processes
1.1.2 While the Central Board approved the Rolling Plan of the bank anc other
budget documents the bank needs to document bank / group level strategic
choices,
direction from the Central Board in terms of alternatives,
implementation, etc. The Board had very limited role in succession plan at
top level.
1.1.3 The leveraging of feedback from Compliance Department or interface with
the Compliance executives by the Audit Committee was not adequate
considering the assessed compliance risk and level of compliance cilture in
the bank. The dependence on external consultants had gone up in many
areas of operations without proper evaluation of availability of nternal
capacity/ management bandwidth or business case for such engagements
1.1.4 There was no discreet process for setting targets for the Board or self
evaluation of the Board's own performance. The performance assessment
for members of senior management was not on the Board's agenda.
Overall Responsibility and Engagement
1.1.5 Adoption and adherence to policies and objectives in certain areas were
done with insufficient analysis and dated information. The implied trategy
to increase fees / charges for retail customers and farm loan acc nts for
Pa.k, 3 of 45
Confidential
improving the non-interest income had no reference to cost of such services
as well as the regulatory environment.
1.1.6 The percolation of compliance culture down the line had not been adequate.
The Compliance did not have independent access to data needed for
sample testing. Compliance acted as data collection unit and secretariat for
Governments / RBI / IBA communications on many counts. There were
some instances of incorrect compliance. While window dressing by
branches in March 2014 was identified by Central Management Committee

(CENMAC), its quantification or preventive steps for non-recurrence was not
followed up. The bank had entered into commercial arrangement with a few
of its group companies to advertise their products at bank's website. The
bank hosted an e-commerce site and provided links to other commercial
payment collectors like CCAvenue. One of the overseas branches' website
carried head line news (not financial) from another news portal.
1.1.7 The engagement of the Board in the matters of group entities was limited to
review of their performance as submitted by the entities and did not extend
to the improvement in value / return on investments, etc..
1.1.8 The three year technology plan did not adequately address timelines for
short, medium and long term strategic objectives. The focus of the plan was
for scalability of existing applications and did not address the integrity issues
in the existing applications and overall IT architecture.
1.2 Senior Management Score: 1.939 (2.026)
Organizational Structure
1.2.1 International Banking Group (IBG) continued to operate in a non-integrated
manner except for IT functions, resulting in duplication of / gaps in credit
risk management for India-centric accounts.The Business Process
Reengineering Department and New Business Departments continued to
operate regular products and services rather than focusing on their core
functions.
1.2.2 There continued to be overlapping of roles among a few departments such
as Business Intelligence & IT- Executive Support System and a few risk
management functions which were scattered. Certain departments like
Business Intelligence, Financial reporting were performing data cleansing
Confidential
Page 4 of 45
role in addition to their core functions.
Delegation and Oversight Function
1.2.3 The bank's delegation of authority for loan sanctions was credit limit based
and there were instances of breach of delegation of authority and delay in
reporting.
Implementation of Board
Providing Information to Board and
directions
1.2.4 The issue relating to potential conflict of interest in dealing with SBI Capital
Markets had been flagged by ECCB but adequate follow-up assessment
was not done. The services of SBI Caps were utilized for viability study,
respect of 22.27% of
restructuring, information memorandum, etc in
corporate accounts.
In some cases, where ECCB advised exploring exit option or reduction of
1.2.5
exposure over time, such advices were not translated into action. The
RMCB in its December 2012 meeting had directed that the driving factors
for decision to increase / decrease interest rates be mentioned by the
ALCO, which had not been adequately followed. There were some other
instances relating to sale of NPAs to ARCs and settlement under OTS
to the respective
where correct information had not been presented
Committees. While obtaining approval from the Board for the FCNR (B)
product was inaccurately
leveraged product, the profitability of the
presented.
Formulation of Business Objective I plans
1.2.6 Though the actual growth in the personal loan segment was only 30% of the
projection of the previous year, the bank had again projected a growth of
300%. The senior management often attributed external factors responsible
for stress in loan accounts which had not originally been factored in credit
appraisal.
Score:2.000 (2.140)
1.3 Risk Governance
Risk Management Framework & functions

1.3.1 The Chief Risk Officer, designated as Chief Credit and Risk Officer (CCRO)
in the bank discharged roles which inherently involved conflict of interest
and compromised independent risk functions by chairing the Corporate
Centre Credit Committee (CCCC).
Pa e5of45
Confidential
a
1.3.2 There was no development of risk appetite statement to be used as

guidance for decision making. The risk function relied upon the capital
adequacy factor as a proxy for risk appetite
1.3.3 The risk management functions lagged in identifying emerging risks. Risk
guidance and limits issued in respect of a few industries were not consistent
with the performance of industry in the bank's book or the risk direction
issued by independent credit agencies or market trends.
1.3.4 There was no product level risk profiling and the enterprise wide risk
management framework was yet to be effectively established.

1.3.5 The risk function handled many non-risk / operational functions such as
issue of circulars on accounting practice, submission of list of sanctions
before ECCB, etc.
Risk Reporting and Early Warnings
1.3.6 The risk management groups produced many relevant risk analysis reports
upon directions of the top management rather than pro-actively conducting
such analysis for supporting the decision making process.
1.3.7 In-house developed internal credit rating models had not been validated.
Some of the models when subsequently validated by external agency were
rated as 'poor' or 'weak'. During FY2014, the bank had not introduced the
process of mapping external ratings to internal ratings. The bank had not
validated the level of accuracy of model PD with respect to actual PD.
Effectiveness of Risk Management
1.3.8 Risk management standards were not aligned to types of risks that the bank
undertook. There was large number of deviations in credit proposals
including take-over cases. The risk mitigation plans were expected to be

suggested by the respective business verticals.
1.4 Internal Audit Score: 1.768 (2.137)
Governance Framework
1.4.1 There is no documentation to show that the review of Third party Service
Providers (TSP) as part of IS Audit is being done even if there is excessive
reliance on TSP in respect to key applications.
1.4.2 Number of vacant positions of Concurrent Auditors was 97 branches and
the number of pending Concurrent Audit notes has increased to 5745; 1162
reports pending for a period more than three months.
Confidential
Page 6 of 45
1.4.3 Audit / inspection of certain critical areas of overseas branches were
assigned to officials from other business departments. The bank had started
outsourcing management audit functions from multinational consultant firms
for individual verticals.
Scope of Audit Activities
1.4.4 The Audit policy of the bank did not cover audit of outsourced entities. The
audit as per Market Risk Management Policy was not adhered to. The
aspect regarding compliance to (BCSBI) Codes did not form part of internal
audit.
1.4.5 For the FY 2014-15, IS Audit by independent third party had not yet been
undertaken even if due by more than 16-17 months. Against 12 weeks norm
es of
for closure of IS Audit observations, there were several instan
persistent IS audit observations in respect of Core Banking Solution (CBS).
Communication and Linkage
1.4.6 The formal communication linkages among internal control departments
including risk management departments, compliance department etc. was
yet to be effectively established and implemented.

1.4.7 The closure of deficiencies pointed out followed different standards. Spot
audits were closed without ensuring full compliance.
Efficacy of Audit Functions
1.4.8 At the stage of various sanctions by ECCB, CCCC, etc., the loan proposals
carried good number of open adverse credit audit observations. Ho ever,
such position did not affect the sanction decisions. The average turn round
time for credit audit and RFIA audit was 127 and 140 days respective! .
1.4.9 The ACB had observed that the credit audit report template was more
to
statistical and lacked sufficient risk aspects. Incorrect compliances
internal audit observations continued in large numbers. The internal audit of
overseas operations was inadequate.
2. Credit Risk: Aggregate Score: 2.623 (2.330)
Inherent Risk Score: 2.891 (2 452)

2.1
Default Risk
2.1.1 The share of restructured loans in 'Standard' category continued 10 remain
Page 7 of 45
Confidential
high at 2.70%. The figure may be understated as there were instances of
restructuring not recognised by the bank. About 30% of the corporate
accounts, which were restructured during the last 4 years proved to be cases
of failed restructuring. Further, in case of top 41 large corporate restructured
accounts, the projected earnings, sales & profit could not be achieved by
more than 50% of borrowers. Restructuring undertaken with projected
performance parameters below the industry norms presented cases of
heightened default risk.
2.1.2 The incremental exposures to infrastructure projects constituted 26.45% of
total incremental exposures. Projects under implementation formed 4.03% of
total exposure. The upgradation ratio of sub-standard accounts remained low
at 15.81%.
2.1.3 The rating migration indicated default risk as rating upgrades declined to 12%
(FY 2014) and downgrades remained at 33%. The credit rating profile of the
loan book deteriorated with unrated exposures constituting 48.00% (19.35%)
and share of Low quality 'Standard' exposures increasing to 32.79%
(23.59%). The downward rating migration of rated accounts constituted
51.73%.
Recovery Risk
2.1.4 The share of unsecured loans rose to 20.16% (18.58%). The share of loans
with readily redeemable non-financial collaterals increased to 27.30%
(12.22%) with share of financial collaterals declining to 7.93% (17.02%). In

terms of product categories. auto and educational loans had insufficient/
negligible securities. In case of stressed assets, the security coverage was
around 37%, while only 11% of the total dues could be recovered
2.1.5 The sacrifice (write-off) in respect of high value compromise / OTS
settlements continued to be high at 32.46% (43.05%) and waiver of accrued

interest was 100%.
Concentration Risk
2.1.6 The single borrower concentration risk increased with top 20 borrowers
constituting 17.02% (11.93%) of the total exposure and borrowers with
exposure exceeding 1% of bank's net worth rising to 41.01% (20.95%). The
exposure to top 10 borrower groups increased to 19.01% (15.24%) and the
RWAs to 5.03% (4.20%).
Confidential Page 8 of 45
2.1.7 Industry concentration (top 3 industries) registered an increase of 27.03%
exposures (23.04%) and exposure to stressed industries increased by
58.52% (10.99%).
Exposure &Tenor Risk
2.1.8 Total credit exposure of the bank was leveraged to the extent of 17.60 times
its net worth. The foreign currency component of its corporate credit exposure
was high at 21.37% as on March 31, 2014 and 21.19% of such exposures
remained un-hedged as on date. Cancellable undrawn commitments as a
proportion of total commitments were 14.36% as on March 31, 2014, which
had gone up from 11.72% as on March 31, 2013.
2.1.9 Tenor risk of the loan portfolio was high as the weighted average maturity of
loans went up to 3.55 years (3.15 years). There was increase in term loans in
the 7-10 years and 10-15 years bucket mostly arising from st ess on
repayment. The bank had also converted some funded exposure , under
stressed repayment circumstances, to non-funded exposure of long r tenors
through issuance of Standby Letter of Credits (SLCs) or long ter Export
Performance Guarantees with assignability clause, adding currency and tenor

risk to its portfolio.
2.2 Control Gap Score: 1.996 (2.047)
Control Environment
2.2.1 The loan policy of the bank had not covered widely used products such as
corporate loans, short term loans, etc. The loan policy did not have specific
approach towards lending to companies where name of directors ap eared in
willful defaulters list, ECGC caution list, suit-filed accounts list, etc. he bank
increased sanctioning of balance sheet loans for the purpose of sho ing up of
working capital or repayment of various existing dues & for capex p rpose. It
had inadequate mechanism for monitoring the end-use of such funds
disbursed. The CBS was not capable of generating accurate data on quick
mortality accounts primarily because of system related problem.
Identification and Assessment
2.2.2 The bank had no integrated system of monitoring the credit exposure arising
out of overseas geography. The manual assessment created a lag in
monitoring of geographical risks.
2.2.3 The bank deferred the identification of the inherent risks by restructuring
Page 9 of 45
Confidential
accounts with deficiencies like, unsecured facilities, without prescribed
viability studies, existing NPAs, promoters' contribution not in proper form,
without having personal/corporate guarantees and with standalone
documentation in the absence of MRA.

Standards for Retained risks
2.2.4 The standards for timely recognition of credit risks as per prudential regulatory
guidelines were poorly practiced by the bank. The practices included non-
recognition of restructuring in some cases, retrospective extension of DCCO,
pre-mature recognition of achievement of DCCO, non-implementation of
restructuring package. terms refinance for higher amounts / longer tenor.
2.2.5 The industry exposure ceilings were not fixed on independent risk
management practices.. The risk limits were set with enough headroom. The
industry exposure limits were set as a percentage of domestic credit alone
rather than global exposure. The bank had high exposure limits for some
industries, such as hydrocarbon, power, iron & steel, etc. which had high
geopolitical, price and other risks or were stressed in its books.
2.2.6 The bank had neither fixed nor monitored any portfolio level limits for the
collaterals. The fixation of Drawing Power (DP) had not followed best
business practices. In 250 accounts with outstanding greater than Z10 mn,
the bank had not conducted the mandatory valuation of properties in the last
three years. In several large value accounts, the security creation was not
completed within the stipulated time.
2.2.7 Though the tenor of loans was fixed as per its internal policy, no monitoring of
residual and average maturity was undertaken by the bank. Further, there
were instances when competent authority waived the restrictions on tenor of
loan and moratorium period of the loan.
Control Activities
2.2.8 J In case of many large borrowers, the projections submitted by them were
inconsistent with actual performance. During last 3 years, around 13% of the
corporate accounts were sanctioned loans below hurdle rate, about 30% had
(TOL)/(TNW) ratio at more than the stipulated level, about 65% of the cases
had current ratio less than the stipulated level, more than 50% of the cases
had DSCR lower than the stipulated level. Portfolio level deviations
sanctioned/approved were not monitored. In 5273 accounts belonging to retail
loans, the rate of interest being charged was below Base Rate of the bank.
2.2.9 The bank was yet to put in place a system for rebalancing the portfolir) based
on rating migration for its advances portfolios. The account leve rating
downgrades were reported only at the time of renewal/review. There was no
process for reporting overdue rating review. The back testing of the model
was done in 2008-09 and 2009-10 wherein the performance was found to be
unsatisfactory. No refinement / review of the model was done subsequently.
In a large number of accounts, the bank was yet to obtain the externa ratings
of the borrowers. In case of overseas accounts only 36% accounts had
internal ratings.
2.2.10 In case of a few large corporates, commercial real estate loars were
sanctioned without fixing the DCCO. The terms of loans sanctioned under SBI
realty scheme were not being complied with. There was no aditomatic
computation of penalty.
2.2.11 The IRAC norms were not strictly applied by the bank as seven out of the
top 10 fresh medium sized corporate NPAs for the fourth quarter (March
2014), were actually identified / downgraded by the Statutory Auditors. Some
common deficiencies were as under:
(a) Control failures leading to a large number of accounts with de ciencies

like non-review/renewal of limits within 180 days from the due dat , adhoc
limit / corporate loans being sanctioned to regularise the irregularitie , DCCO
not being achieved, enhancement of limit and inter-changeabili being
approved from NFB to FB limits without ascertaining the availabili y of DP
through stock audit, conditions of forbearance not being fulfilled, fresh viability
not being conducted for accounts with revised scope, irregularities of more
than 90 days being allowed to remain in standard category were observed. A
large number of accounts turned NPA without being identified as SMA.
(b) By not capturing the correct date of NPA in cases of failed restructuring,
by not following the proper asset classification status where there were
erosion in the value of security, by overestimating the value of security
through old stocks, old valuations and thus not considering the realizable and
realistic value of security, the bank could not address the identified risks by
11 of tJ
Confidential
making adequate provisions in these accounts.
(c) The bank had reduced the provisions by upgrading many accounts in
order to refer them for restructuring as standard assets. Fresh facilities
disbursed under restructuring package were used to repay the amount
brought in to upgrade the account, longer moratoriums with FITL for future
interest as well as provisions of the interest on FITL to be converted to equity
equivalent instruments were approved. This led to weak accounts being
upgraded. More than 50% of the medium and large corporate accounts were
upgraded by the bank by discounting bills and sanction of adhoc limits, by
shifting the DCCO of NPA accounts after 2 years of original DCCO, by
prepayment of dues immediately on approval of the restructuring proposals
without waiting for the satisfactory performance during the specified period, by
transferring funds from parent company to whom fresh additional facility had
been sanctioned under CDR. by disbursement of loans by other banks which
were repaid as part of immediate restructuring proposal, without restructuring
being fully implemented, merely by part-payment of the overdue in retail
accounts.
2.2.12 Short Term Loans
In case of borrowers with more than 0.3 mn under short term crop loans,
that bank was charging interest rate at 7% to a large number of KCCs
contrary to banks own guidelines.
Crop Insurance
There were no checks and control at branches input in CBS and bank had not
developed any appropriate system to verify the correctness of the interest
subvention claim made to RBI. In view of huge deficiencies pointed out in a
sample check by Inspection Team, it appears that statutory audit and bank's
existing system failed to detect the error.
Education subvention
There was no system of monitoring education subvention cases at zonal
level. and the data input by branches was not subject to any cross check at
RO/ZO level.
2.2.13 The Management Information System (MIS) relating to small and micro
industries accounts was inadequate. No review of special mentioned
accounts of SME was undertaken for the last two quarters of 2013-14.
Several large PSU corporate accounts were marked as priority sector.
!some
Corporate centre was neither maintaining any data nor monitoring
critical areas like write-offs, NPAs etc.
3. Market Risk: Aggregate Score: 2.281 (1.926)
3.1 Inherent Risk Score: 2.370 (1.899)
Trading Book
3.1.1 The average of top three PV01 represented 4.87% of Tier 1 capital over a 90
days holding with a high tenor-wise concentration of PV01 at 84.8 %. The
average MTM changes over a 90 days window worked out to 1.73% of
average position. The higher interest rate risk of the bank was on ac ount of
the PV01 positions in both INR and USD.
Banking Book
3.1.2 The rate sensitive assets of the bank were more than the rate sensitive
liabilities. The change in interest rates by 100 bps would impact 4.01% of NII
against 5% cap and MVE by 2.86%.
3.1.3 The IRRBB from earning perspective was high as the EaR for 200 bps shock
formed 66.13% of the average NII for the same period. The depreciation of
HTM investments formed 20.55% of the Tier 1 capital of the bank.
3.1.4 Embedded optionality risk in the bank's loan book was very high with 46.72%
of fixed tenor loans being prematurely repaid / refinanced for lowe interest
rate. On the liability side, against overall 20.27% of total p mature
redemption of fixed deposits, exercise of such option by non-ins itutional
depositors at 30.87% was significant. The level of this risk in the abo e cases
was, however, assessed to be understated as the behavioural st dy was
deficient. Significant embedded optionality risk was inherent in in reasing
trend of big ticket loans being pre-paid or getting refinanced at lower -tes.
Currency Risk
3.1.5 The VaR level of the bank, with the average of top three VaR (90 drys) was
284% (221 `)/0) of the average VaR during the same period was as -ssed to
be high and the positional risk was assessed from the average of top 3 NOOP
during the period being 52.48% (54.02%) of the NOOP limits.
Equity Risk
Pag 13 of 45
Confidential
3.1.6 The share of unlisted equities in the trading portfolio (AFS and HFT)
constituted 56.04% (53.92%). Investments in convertible instruments formed
0.26% (1.86 %) of the Tier 1 capital of the bank.
3.1.7 Depreciation on the unlisted equity portfolio was to the extent of 21.70 %.
Control Environment
3.2.1 The investment policy did not explicitly set out risk management as a major
policy objective as risk mitigation was defined generally in terms of acceptable
business practice. The ALCO was indicated to be issuing directions and
strategy. The market risk departments of the domestic and IBG did not have
any interface for an integrated market risk management structure.
3.2.2 The fragmented approach in monitoring of market risk as well as taking
trading views was evident from the fact that while it had a receive fixed
position in the OIS portfolio for 'Retail Bonds', it had taken a predominantly
pay fixed position in the OIS trading portfolio.
3.2.3 Stress testing policy did not specify stress factors for some of the portfolios
viz. mutual funds, CPs, CDs. ZCBs etc. Trading portfolios of overseas
branches were not included for stress testing. Stress scenarios were not
reviewed and as a result the scenarios used as proxy of plausible events
were less severe than the actual event. The bank had not reviewed all the
models as prescribed in the model validation policy on an annual basis.
Further, models used for capturing interest rate sensitivity under Time Gap
Analysis and Duration Gap Analysis were not covered in the policy and the
exercise undertaken in this connection lacked correctness of the inputs,
validation of the model, etc.
3.2.4 A robust system for measurement of market risk at bank-wide level with
appropriate benchmarks / triggers / action plans was yet to be put in place.
The bank did not have a rate reasonability framework for derivatives in place
and hence not in a position to capture any off-market intra-day trades. The
mid-office had not carried out a review of the portfolios.
3.2.5 The models used for measurement of risk needed to be periodically validated.
The inputs viz. yield, tenure, etc used for calculating modified duration, PV01,
etc were different in a few cases when compared with the actual parai`neters.
Independent review of the risk measurement system by the internal audit was
yet to operate. The bank's model for valuation of bonds/debentures with
special features lacked appropriateness. The bank's valuation process of
unquoted equity was not sound.
3.2.6 Interest rate sensitivity analysis was based on OFSAA application for which
no model validation had been done. Further, the gap appeared understated
on some factors. For instance, term deposits bucketing were based on
residual maturity without being based on behavioral analysis; coupon rate for
calculation of MD of term deposits assumed by the bank was actual rate of
that particular account as against average coupon. Appropriate assumptions
based for CASA deposits with special features viz. auto sweep were not
considered by the bank.
3.2.7 The bank's system was not capable to back-test VaR as also compute
stressed VaR at bank-wide level. The bank's policy on stressed VaR did not
specify action to be taken in case the stressed VaR was breached or the
stressed VaR parameters were lower than the actual market condition
Standards for Retained Risks
3.2.8 The bank held some HTM investments being sovereign securities issued by
Bahrain and Bangladesh, which were not eligible to be held under HTM
category in terms of extent regulatory instructions.
3.2.9 The bank had not fixed any limit or benchmark for PV01 but prescribed a
Modified Duration limit. The model for calculation of modified dura on and
PV01 were not subjected to periodical validations and as a result the isk was
understated as the inputs viz. yield. tenure, etc were not aptured
appropriately in many cases. Management Triggers and action pans for
triggers were not defined. Further, the bank's investment decisions n a few
occasions deviated from the prescribed benchmarks in terms of targ t yields,
tenure etc. Appropriate risk factors for factoring the credit risk in the CPs
pricing were not prescribed. Further, high yielding riskless opportunities were
missed as the average target yield got smoothened. The market risk
management limits were not aligned to optimal risk adjusted returns on
investments.
3.2.10 While the bank was monitoring the counterparty exposure limits for inter-bank
derivative transactions, no such report was being generated for merchant
transactions. The bank submitted that such monitoring was being done at the
branches.
Control Activities
3.2.11 OIS trades had been done through brokers even though the bank's policy did
not permit the same. The dealer P&L was being computed on an
approximation basis and was not the real P&L. Further, there was a huge gap
between the blotters / system time and the actual time of the deal as
evidenced from the voice recordings.
3.2.12 The mid-office was only monitoring dealer-wise P&L for forex (spot deals).
The mid-office needs to monitor dealer-wise and product-wise P&L to
enhance its monitoring over trading activities.
3.2.13 In terms of the bank's investment policy, target return for Commercial Papers
was benchmarked to one year average of auction cut-off rate of 91 day T-
bills. Instances of better T-bill yield over the target CP yield at the same point
of time were observed. The credit risk associated with the borrower was not
factored. Delegation of powers in case of CDs was not monitored.
3.2.14 Cut loss limits were based on different parameters for different desks & were
not monitored online for all the parameters. Separate cut loss limit for OIS &
MIFOR part of money market operations was not prescribed. While deal wise
limits could be monitored by dealers but monthly/yearly, Modified deviation or
PV01 based limits were not monitored online.
4. Liquidity Risk: Aggregate Score: 2.024 (1.754)
Structural Liquidity
4.1.1 The structural liquidity risk arising from increasing share of undrawn portion of
committed credit lines at 22.88% (13.24 %) of bank's total fund-based
commitments was assessed as material. Short term resources funding the
illiquid assets of the bank to the extent of 27.03% (32.05%) continued to pose
liquidity risk. The market liability ratio as a percentage of banks total assets
stood at 11.04%.
4.1.2 The impact of liquidity of group entities on the bank's structural liquidity was
assessed significant as the committed lines extended to such entities
constituted 1.17% of bank's total outside liabilities. The nature of business of
the group entities such as mutual fund, underwriting, credit card, PD, apart
from five associate banks, added to the normative aspects of liquidity risk as
such entities inherently run higher liquidity risk.
Stress Liquidity
4.1.3 Volatile liabilities formed 49.74% of the long term earning assets and the
market buffer for funding the mismatch by way of excess SLR securities
continued to be thin at 3.15% (0.49%).
4.1.4 The inherent liquidity risk was further heightened by increasing tend of
foreign currency lending for rupee liabilities of large corporate borrowers
having ECBs/FCCBs due for maturity but without transparency on the foreign
currency inflows.
Asset Liquidity
4.1.5 The non-liquefiable assets formed 88.08% of the bank's total assets. Liability
to top 100 depositors formed 173.64% of assets liquid within two weeks' time.
Asset liquidity decreased with demand loan assets declining to 48.00%
(58.89%) of the loan book. It was also evident from the encumbered G-Secs
forming 91.77% (95.10%) of total liquid assets.
Market Liquidity
4.1.6 Average cost of term deposits and institutional deposits at 88.89% and
95.75% respectively of market averages indicated limited market advantage
to raise additional liabilities at competitive cost.
4.1.7 Incremental CASA deposits to outside liabilities were 8.27% (10.17%). Money
market liabilities formed 55.67% of the short term liabilities.
Control Environment
4.2.1 The bank lacked integrated liquidity risk management with independent ALM
policies for domestic and overseas operations. This resulted in lack of clarity
in terms of the responsibilities between the divisions and reliance on improper
risk metrics due to non-availability of relevant data. It also manifested in
inconsistency of certain regulatory liquidity statements. Intra-day liquidity
management was handled by the Global Market Units and without iivolving
ALM functions. The periodicity of the review of policies was irregular with
large delays resulting in lag between the notification of guidelines by RBI and
implementation of the same by the bank. The ALM policy for overseas
branches did not strictly conform to regulatory guidelines inasmuch as it
provided for relaxation in regulatory prescriptions for net cumulative negative
mismatches in the first four buckets of Structural Liquidity Statement (SLS).
4.2.2 The Fund Transfer Pricing (FTP) mechanism of the bank did not cover IBG
and the foreign offices. The domestic policy remained the same since last
review undertaken retrospectively in October 2013. The policy did not meet
the acceptable FTP with shortcomings pointed out during previous
assessments. The bank continued to distribute the surplus funds arising from
FTP among branches outside any FTP mechanism. For bulk deposits,
incentive of 10bps was given under FTP mechanism although the business
strategy of the bank required reduction of reliance on bulk deposits. Though
there was stipulation for penalty under FTP for branches maintaining cash
beyond retention limit, this was not implemented. Analysis of the interest rate
and liquidity component of bank's funding rate was not visible. Pricing of
unexpected risks was not factored in insofar as the cost of capital was not
factored in FTP.
4.2.3 The Board policy had assigned the responsibility of the Contingency Funding
Plan (CFP) to the ALM functions but its effectiveness had not been tested.
There was no documentation on the roles and responsibilities of the various
parties involved with the specifics left to the ALM functions. The ALM
department did not quantify funding from various sources / time required to
raise such funds and did not have access to the latest data for monitoring
liquidity risk as it relied on manual calculations to generate the T-1 day
liquidity position of the bank.
4.2.4 The bank prepared the SLS statement manually with data drawn from
different sources. The SLS statement of overseas operations was prepared at
monthly intervals instead of daily as required under extant regulatory
guidelines. Consequently, the bank was not in a position to conduct
appropriate liquidity assessment on point of time basis.
4.2.5 The behavioural study did not assume a uniform time period. These varied
from 6 months (premature closure/repayment) to 12 months and 24 months.
Hence, the seasonal and cyclical pattern was not captured in the behavioural
studies. The bank had also not undertaken any study with respect to the
bucketing of these results and had instead assumed arbitrary numbers. The
draw-down of loans did not form part of the outflows of the SLS statement.
4.2.6 The bank did not conduct any stress test at the bank-wide level. The stress
testing for domestic operations was run based on stressing the parameters of
the complete portfolio without separating the portfolio into foreign currency
and INR components. The stress testing was undertaken by change in
assumptions of the various cash flows by arbitrary percentages (e.g. 5%,
10%, 15%) without any justification. The bulk deposits were not stressed.
Macroeconomic parameters were also not stressed. The correlation effect
between funding and market liquidity was unaccounted for both in the stress
situations and also in the funding plan. The stress testing scenarios assumed
a standard 90 day window as against the multiple time frames. Though the
bank had mapped the actual bucket-wise net cash flows under various stress
scenarios for the 90-day time-frame, the mitigation plans were not based on
the bucket-wise slotting mechanism. The funding plan under the stressed
scenarios depended to a large extent on generation of Certificates of Deposit
(CDs) and bulk deposits without taking into account the interplay of various
factors under stress scenario. The bank's funding plans were arrived based
on the assessment of the cumulative impact of scenarios across the three
buckets (upto 90 days). Thus, the funding sources were not bucketed. The
mitigation plan to raise funds had assumed arbitrary haircuts and interest
rates for securities and deposits respectively.
4.2.7 The bank lagged in leveraging on the best practices in liquidity risk
management, integrating uncertainties while moving towards cost inte ligence
sides of managing liquidity ratios. P&L effects stemming from deviation
between scheduled and realized cash flows (expected risk) was not being
measured.
4.2.8 The bank had assumed the 180-days retail term deposit rate, constituting
about 2.5% of total term deposits, as the cost of funds for calculation of the
Base Rate. While calculating the 'Average Return on Net-worth (ARoNW)',
the bank had assumed the actual profit and the deposit for the past year
instead of using averages. This had led to reduction in ARoNW factor despite
the bank targeting it at 1.5%.
4.2.9 The bank had raised funds through various products, such as Senior
Unsecured Bonds (April 2013), Special FCNR(B) product, etc. but the liquidity
risk emanating from such products, redemption plans and regulatory
requirements had not been properly evaluated.
Control Activities
4.2.10 There were multiple breaches of regulatory limits pertaining to net cumulative
negative mismatches (structural liquidity) by overseas branches. The IBG did
not follow Board approved ALM policy requiring computation and monitoring
of gaps at each foreign office separately. Instead, IBG was only monitoring
the gaps at aggregate level. There were multiple breaches of regulatory limits
pertaining to fund management at major foreign offices.
4.2.11 While position monitoring was being done, it lacked clear consistent
estimation for next day liquidity requirements in terms of timing, excess SLR
securities required etc.
4.2.12 The role of IBG was not proactive in liquidity risk management. The reason for
breach of long term funding ratios were being given such as roll down of MTN
holdings from LT to MT bucket etc. which were planned activities. It did not
provide overall strategic directions to foreign offices except through annual
plans.
5. Operational (Non- IT) Risk: Aggregate Score: 2.419 (2.402)
People Risk
5.1.1 The availability risk was significant as existing and expected vacancies in
senior management cadre in a year's time horizon formed 44.19% of such
positions and increase in average age of those joining the bank.
5.1.2 The proportion of employees whose services were terminated on integrity
related events was 3.24% (13.80%). Vigilance cases filed against top grade
officers in the bank formed 4.59% (2.34%) of total vigilance cases filed.
Losses arising from frauds involving employees formed 0.40% (0.42%) of
bank's Profit After Tax (PAT).
5.1.3 Capability building among human resources was lagging with only 59. 2% of
the officers receiving training during last 3 years. The bank had among
highest percentage of officers i.e 21% deployed in administrative / offices
/functions compared to operational roles against declining 'Business Per
Employee'. The responsibility / accountability assignment in cross functional
activities / processes was inadequate.
Process Risk
5.1.4 Operational risk arising from customer interface was high inasmuch as 1.34%
of incremental customers were KYC non-compliant. The numbers of
complaints received, which had process implications, formed 0.70 % of the
bank's customer base.
External Risk
5.1.5 Losses from frauds committed by external parties customers and non-
customers constituted 7.67% and 0.25% of bank's PAT. Complaints against
outsourced employees constituted 20% of the complaints.
Compliance Risk
5.1.6 There were nine instances of regulatory action such as penalty, caution letter
etc. on the bank including penalty amount of 233.28 mn. Several other
instances of non-compliance are given in Part IV
Control Environment
5.2.1 Outsourcing policy did not cover outsourcing of services from management
consultants and other technical functions such as forensic audit. Man of the
activities outsourced at Foreign Offices were not subjected to ann al and
bank-wide reviews. Activity outsourced is being risk rated differ ntly at
different offices. Growth in overheads were mainly on account of inc ease in
hiring of services.
5.2.2 The bank did not have a documented process/manual to ens re the
correctness of the data/ information being reported for compliance. Non-
compliance in some areas viz. KYC due diligence, IRAC norms etc continued.
Confidential Page lof 45

There was no framework for the KYC related negative list of sanctions by
UNSCR, etc. circulated by RBI for immediate updation. Compliance function
did not have mechanism for identifying exceptions .
5.2.3 Process for development of new products, changes in systems and

procedures etc were not guided appropriately from operational risk and
compliance perspective.
5.2.4 Under advanced approach to operational risk, settlement related errors were
not being captured as KRI. KRIs at some of the Business Units were yet to be
operationalised. KRIs at some of the business verticals. The bank's loss data
capture mechanism was yet to be developed. Near miss events were not
captured appropriately. KRIs were not prescribed for IBG as per the approved
policy.
5.2.5 Most high value and retail loan accounts frauds were detected after the
account turned non-performing.
5.2.6 Instances of cash shortages in branches / ATMs which were later recovered
from the employee / outsourced vendor etc. and not reported as fraud
5.2.7 The bank was yet to put in place all AML scenarios as indicated in the IBA
instructions to generate STRs. Accounts opened through BCs did not pass
through LCPCs.
5.2.8 The 689 fraud cases reported for amount of 29126.00 mn and was 61.84%
higher than previous year. There was delay in reporting of the cases as well
as filing the complaint with police/CBI. The preventive mechanism of frauds
was not effective as frauds with same modus operandi continued to recur.
The spurt in cheque frauds in the bank owed it to lax control over cheque
printing process and had affected many other banks. Usage of withdrawal
forms in lieu of cheques contributed to frauds as 15 frauds of more than 0.1
mn were reported with this modus operandi. While assessing the fraud cases
it was observed that CCTV backups were not appropriately stored and there
was not system in place to verify whether the same were stored and
retrievable. Instance of frauds in KCC loans remained high and continued to
recur using similar modus operandi and instance of fraud with the connivance
of business facilitators too recurred. Credit of subvention benefits, crop
insurance proceeds etc were not centralised and were done at branch level
leaving vast scope for fraud as also delay. Most of the frauds in gold loans
occurred with the connivance of the staff/appraiser who handled gold loans.
Frauds in tractor loans, car loans, housing loans, xpress credit loans
continued to be detected.
The actions initiated based on each frauds were generally limited to advising
the branch/zone by way of circulars. Internal audit had observed events of
suspected frauds on a few occasions. But the same was not taken up for
further investigation from the fraud angle. Audit observations indicating fraud
prone advances portfolios were not immediately subjected to further
investigation.
Control Activities
5.2.9 In 20.67% (418 branches) of the branches, RFIA was conducted during the
quarter ending March 31, 2014, Account opening forms and KYC documents
were not forwarded to LCPC on daily basis. Of around 1.7 mn AoFs were
returned by LCPCs for reasons including non-compliance to KYC guidelines,
0.67 mn were not returned after due completion for more than six months.
5.2.10 There was little monitoring mechanism for ensuring timely submission of
correct data under regulatory returns. Compliance Department at corporate
office was entrusted with the function of compiling and submitting DSB
returns, FINCON returns, filling of RBS templates etc.
5.2.11 The system in place for assessing level of customer satisfaction was not
present. The annual review of depositors satisfaction was not dor e and
operational guidelines for conducting such surveys was not in place.
5.2.12 Accounts opened with help of 'Welcome Kits' by branches between June
2007 and March 2014 were being operated without any name / address and
other fields of KYC particulars till date. Similarly, some particulars were
missing in Foreign Travel Card accounts and parking accounts (office
accounts) There were 230 accounts which opened and closed during the
same day during April 2013 - September 2014 some of which had high value
suspicious transactions. There were also discrepancies in BSBDA accounts
and accounts opened with liberalised KYC (tiny accounts, small accounts
etc). The Qatar Financial Centre Regulatory Authority in its on-site
examination report date May 2014 had critically commented upon banks'
processes related to establishing source of wealth and economic activity of
customer. and inappropriate customer due diligence.
5.2.13 The bank has been lagging behind in recruiting the target number of
employees. Process of identification of 'Key man' risk was not established.
Documentation at the time of handover needed standardisation and
improvement. Instances of complaints under whistle blower scheme were
flagged to the same business unit/branch instead of an independent
investigation process.
6. Operational (IT) Risk: Aggregate Score: 2.362 (2.381)
Financial Risk
6.1.1 The bank's expenditure on license fees etc. on captive software applications
formed 40.51% of total such expenditures incurred by it. Many of the
overseas jurisdiction had to deploy applications recommended by the local
regulators. While the cost of change requests within a year of implementation
of applications was 0.73% of total costs of change requests, the
enhancements were too frequent.
6.1.2 The IT Capex budget as a proportion of net block of fixed assets (other than
premises & lease assets) at the beginning of the year continued to be high at
33.37% (52.03%) vis-a-vis its growth plan impacting the earnings. Since a
significant capex related to new projects or total revamp of existing IT assets,
the corresponding incremental servicing / maintenance cost would also
impact operational expenditures upward. Income leakages of mainly from
interest on loans and other fees manually detected by various audits (except
IS audit) is a pointer towards significance of inherent financial risk arising from
the IT systems and possibility of undetected revenue leakage.
Operational Risk
6.1.3 The CBS of the bank had faced 34 hours of unscheduled down times with
largest spell lasting about 11 hours. The maximum downtime in CBS was for
2 hours due to failure of network. This had resulted in a total of 843,687
transaction drop and 56269 transactions timed out. On an average 20% ATM
were un available for operations by customers. Network failure and slow down
of internet application were also responsible for availability risk of IT systems.
6.1,4 On data integrity risk, in respect of 11.11% of the critical systems, Straight
Through processing (STP) had not been established and independent
reconciliation between balances in interfacing systems were not being
prescribed in respect of 65% of the critical system.

Control Environment
6.2.1 The lack of clarity on ownership of data persisted without clear understanding
as to whether it was business or technology which owned data. There was no
formal and coordinated process to identify the utility of projects/products at
bank-wide level as IT application requirements for most of the
departmental/business verticals were assessed in silos. The return on IT
investments was never assessed or measured. There was no clear road map
and time frame for migration or integrity test after migration.
6.2.2 The Information Security Department (ISD) reviewed and approved Security
Configuration Document (SCD) for hardware, OS and OS related standard
services for applications. Application level security was not mandated by ISD
at the design / development / implementation stage leading to lack of
standardisation at enterprise level, particularly in respect of applications
having interfaces with core banking. Lack of knowledge of Information
security standards was manifest in persistent security breaches seen in IT
departments and branches. Information classification by way of segregation of
confidential / non confidential data was absent in existing applications Even
new applications did not consider these aspects at the development stage
despite the bank having it as part of IS policy.
6.2.3 The bank had not clearly identified critical process, activities as part of the
BCP. The BCP/DR plan has been prepared for applications in silcs, not
considering the interfaces with other applications. Various scenarios for BCP
based on business requirement and process, and their criticality had not been
differentiated for estimating the RPO, RTO nor their uniformity in scenarios
and assumptions. The bank had not assessed key people and asscciated
process risk as part of BCP. Over dependence of certain activity on a few
officials and vendors was pronounced for some of the critical system. Certain
older systems lacked updated documentation and SOP minimizing people
risk. There was no comprehensive BCP document for the ATMs at the circle
level.
6.2.4 Application level interfaces with Banc24 and Finacle did not have
standardized application level authentication mechanism nor are encrypted to
protect the integrity of sensitive data/information. Also, the process of data
flow between these applications did not ensure integrity of audit trails. There
was no process for independent reconciliation between application interfaces
to ensure that all the transactions pushed from one system reaches the other
system and is suitably processed with acknowledgement being transmitted
back to the initiating system.
6.2.5 There was high concentration risk in respect of a dependence on a particular
IT Vendor for some of the core applications like Banc24, Exim Bill, Finance
one, Payment hub. The percentage of total fees paid to it in the last five years
was about 50% and 66% of total software support cost. The bank was yet to
develop internal capacity / alternate external capacity in respect of some
critical applications as part of BCP. Key people and process risk and suitable
controls particularly in respect of outsourced activities like server
configuration, management, database architecture. DBA activities and

Information security have not been adequately addressed. In many critical
applications database (including banc24), the DBA was not an official from
the bank.
6.2.6 Automated Incident/ event reporting mechanism in the bank was in a nascent
stage. The analysis of logs of Network Security devices were not shared with
user departments or put up to Senior Management. The vulnerability
assessment due to internal user activity was not adequately addressed. Data
log of user access and activity from various transactional applications was not
monitored.
6.2.7 The reconciliation of ATM balances issue pointed out in AF12012 report
persisted in the absence of ownership and control. The ATM-level non-

reconciliation between switch balances and ledger balances also persisted.
6.2.8 The assumption of zero RPO for all critical applications including CBS was
not realistic. The integrated DR was carried out in a planned manner -tailing
on holidays or post peak day time to ensure that RPO had not been tested.
The BCP did not have any provision for incident reporting to be don: by the
business unit/s after occurrence of an event/ disruption. It was fou d that,
though BCP/ DR policy was formulated by the Operation Risk Management
Department, no event/ disruption was reported to them and only th- 'near
miss' events were being communicated.
6.2.9 The bank has not entered into any SLA between the main service provider
BSNL) before migrating to MPLS. The old SLA with the Network In egrator
Vendor did not address the changes in the bank's network architectur - ( post
migration to MPLS), security issues and changes required due for r-quired
migration to IPV6 dual stack.
Control Activities
6.2.10 Changes required for new products were assessed from only the per-pective
of core banking, even if many products required additional configurItion in
alternate channels like ATM, Internet banking etc. Limitation of the IT system
and associated risk including its impact on existing products/sche s were
not adequately addressed and communicated to the business verti als for
review. In the absence of standardisation, and lack of awareness .mongst
branch user, such products and associated process were exposed to high
operational risk.
6.2.11 Many of the ATMs still used Windows XP operating system which lacked
official support. The bank had not yet assessed the extant of complia ce with
Payment Application Data Security Standards (PA-DSS), Payme t Card
Industry Data Security Standards (PCI-DSS) and identify gaps. There was no
assessment / monitoring of the Merchants adherence to minimum .ecurity
norms. The bank had very low percentage of EMV based card. The ecurity
standards in interface with Banc24 were not robust. There was no 'Ian for
migration to IPv6 Compliant network. The last mile connectivity with •ome of
the branches which had not been migrated to MPLS do not have etwork
level security with Financle.
6.2.12 The bank had two major websites, one was the corporate website Ind the
other for internet banking, each managed by separate teams with no formal
mechanism for segregating the nature of content to be posted. The current
corporate website had many content and pages from old website links were
still present in the parent domain and accessible to the viewer. Many non
transactional content were placed in transactional site including promotional
links to SBI overseas branch websites, SBI group companies, and also to non
SBI entities( for promotions) without relevant warning / disclaimers. The
websites for its overseas branches/subsidiaries lacked uniformity in their
domain/sub-domain nomenclature and website design.
7. Pillar II Risk: Aggregate Score: 2.131 (1.716)
Inherent Risk Score: 2.081 (1.548)

7.1
Strategy Risk
7.1.1 Insufficient planning process was manifest in negative variance of projected
PAT by 31.95% and the commission and fee income constituting 8.14% of the
total income. The priority sector lending at 34.33% fell short of the planned
40%. Actual Return on Assets (RoA), Return on Equity (RoE) and the Cost to
Income ratio were not as per plan. The Statement of Intent (S01) entered into
with government was signed despite recording that it was non-achievable.
7.1.2 The market share of the bank in loan business was projected to be under
threat as the bank continued to resort to undercutting of price under the threat
perception. Even under consortium arrangements, the bank fixed it's pricing
at 10 bps lower than the nearest bottom rate. The bank had also extended
loans below base rate.
Reputation Risk
7.1.3 As per 'The Banker and Brand Finance' rankings, the bank had a decrease of
32.20% in its brand value in 2014 to about USD 4000 mn (USD 6000 mn).
However, as per the 2015 valuation the same improved by 61% to about USD
6560 mn.
7.1.4 The market positioning was sub-par with revenue growth of 14.16% and
clients' growth of 15.69%. The general market perception was also reflected
in its rating and underperformance of bank's listed equity share by 0.63%.
The banks in Qatar and Middle East had stopped accepting LCs issued by the
bank.
7.1.5 The customer perception, measured by new customer litigations worked out
to 16.04% vis-a-vis total litigations handled by the bank. In February 2014, the
BCSBI accorded 'Average' rating based on code implementation and
compliance, 34th place among all member banks and 15th among all PSBs.
Residual Risks
7.1.6 The collateral management risk was considered significant inasmuch as the
realizable value of the securities were shown at values inflated by about
138.32%.
7.1.7 Foreign currency guarantees issued by the bank were invoked to the extent of
1.19%. The NII from foreign currency operations in domestic book was
negative.
7.1.8 About 7.35% (6.14 %) of banks capital were invested in group entities. The
fund and non fund based exposure of the bank to group entities was 48.31%.
Investments in securities (other than capital) issued by group entities formed
1.61% (1.67 %) of the total investments of the bank.
7.1.9 The pension fund obligation risk of the bank was undercounted as some of
the assumptions made in estimation of liabilities were not realistic.
7.2 Control Gap Score:2.249 (2.105)
Control Environment:
7.2.1 Role and responsibilities of the nominee directors in assisted companies /
RRBs had not been prescribed. There was no formal mechanism of reporting
the activities of such companies / sponsored bank by the nominee directors to
the bank.
7.2.2 Pension related complaints had increased. Complaints against BCs,
pensioners, internet banking, customers of SBI using other bank ATMs,
outsource vendors etc. were kept outside the purview of CMS.
Adequacy of Standards for Retained Risks:
7.2.3 There were signs of unfair sale of insurance products of group companies in a
few Circles to top the targets set by management. In one case, lower interest
rate was being charged to a firm where the partners bought SBI Life
Insurance product. Housing loan proposals not bundling SBI Life Rinn Raksha
Policy with their loans were treated as deviations requiring approval by higher
authority. Personal Accident Insurance Scheme (PAIS) products were sold to
farmers applying for KCC / Crop Loans.
Confidential Page of 45
r
Implementation and monitoring:

7.2.4 Delay in settlement of claims of deceased was not in conformity with
regulatory guidelines.
7.2.5 The bank had sold a Inter Bank Participation Certificate (IBPC) for non-
Priority SME loans against buying Priority Sector Loans (PSL) from the RRB
at 1% spread. The RRB neither disclosed this sale nor deducted the amount
from its PSL portfolio resulting in double counting of PSL by both the banks
and non-transparency.
Part II: MAJOR AREAS OF FINANCIAL DIVERGENCE
The summary of major areas of financial divergence, including assessed risk

weighted assets, which determined assessed capital of the bank, is given blow.
Details are in Annex 1.
1. Divergences (shortfall) in Provisioning
Areas/ Description @ Shortfall

(In Z mn)
Reclassification of Standard Loan Assets as NPAs 24935
Reclassification of Existing Loan related NPAs 17585
Reclassification of Standard Investments as NPIs 0
Shortfall in Standard Asset Provisioning 168
Other Assets 2080
Understatement of Expenditures / Liabilities 4787
Unamortised Expenses Adjusted to Tier I capital 0
Others ((Valuation of investment-MTM-) 728
Total Additional Provisions 50283
2. Divergence in Risk Weighted Assets (RWAs)
RWAs (In 3mn)

Risks Reported Assessed
Credit Risk 9659724 9771281

Market Risk 685153 685153
Operational Risk 923752 923752
Total RWAs 11268629 11380186
Part III: FINDINGS ON CAPITAL AND EARNINGS
1. Pillar I Capital & CRAR

The summary of reported and assessed capital position of the bank is given below.
Details are in Annex-4.
A. Basel III Capital as relevant for current year (2013-14)
Admissible Capital under Basel III (In Z mn)
Particulars Reported Assessed

Total capital (TC) 1401506 1351391
Common Equity Tier 1 (CETI) capital 1080303 1030020
Tier 1 (T1) capital 1095468 1045185
Tier 2 (T2) capital 306038 306206
Admissible CRAR under Basel III (in %)
Total capital (TC) 12.44 11.87

Common Equity Tier 1 (CETI) capital 9.59 9.05
Tier 1 (T1) capital 9.72 9.18
B. Basel III Capital as relevant for next year (2014-15)
Available Capital under Basel III (In Z mn)

Total capital (TC) 1401506 1351391
Common Equity Tier 1 (CETI) capital 1080303 1030020
Tier 1 (T1) capital 1095468 1045185
Tier 2 (T2) capital 306038 306206
Available CRAR under Basel III (in %)
Total capital (TC) 12.44 11.87

Common Equity Tier 1 (CETI) capital 9.59 9.05
2. Capital Management, ICR, ICAAP and Stress Tests
(a) Bank's Capital Planning and Business Projections
The capital plan of the bank based on the assumption of RoA growing from 0.65% to
1.07% for FY2014-FY2018 envisaged requirement of 2969270 mn capital infusion on
solo basis including 2107390 mn ( Z52150 mn CETI and 255240 mn AT-I/ T-II) for
FY2014 and 216739 mn (278160 mn CETI and 291400 mn AT-I / T-II) for FY2015. In
addition, the bank needed another 2261140 mn for capitalization of group
companies during the 5-years period. While the growth of advance was projected at
16.25%, the growth of RWAs was at 20% under 5-years rolling plan.
(b) Assessment of Pillar I & II Capital and Internal Capital Ratio (ICR)
The bank did not have system in place for generation of bank-wide capital under
Standardized Measurement Method and Standard Measurement Method (SMM)
capital charge computation for IBG data as of March 2014. System for inclusion of
forex risk in banking book under IMA was yet to be put in place. The bank's limit
management framework and bank wide market risk appetite was yet to be drafted.
The capital requirement under IMA was assessed at 22377 mn as on September 30,
2013 and was higher to the extent of Z 8333 mn under IMA as compared with SMM.
However, the bank did not have a plan for addressing the risks associated with this
scenario. Despite change in the bank's risk profile and business plans, the bank
continued with minimum internal capital ratio of 12%.
(c) ICAAP
The ICAAP did not cover specific risks and business partner risks which had
relevance to the business profile of the bank. The Use Test requirement of the
document was non-specific and actual embededness of the ICAAP in enhancing the
risk management practices and risk taking decisions of the bank.
(d) Stress Testing
The key issue with stress testing practices was limited level of the senior
management and board level engagement. The adverse scenarios or severe
adverse scenarios did not represent most pertinent threats to the bank. The
stressing results in terms of capital loss were lower than previously designed 2
severity scenarios in the currently designed 3 severity scenarios. While the overall
capital losses ranged between 8.97%-27.10% (11.11%-41.81%) of capital funds, the
dilution in shocking impact in credit risk at 0.54%-9.99% (0.49%-1.93%) of capital
funds and pillar II risks at 9.07%-30.81% (7.14%-19.73%).
3. Assessment of Internal Generation of Capital
3.1 Retained Earnings
With government mandate to declare a minimum of 20% of higher of capital or net

profit as dividend, the dividend pay-out ratio was at 20.56% (20.12%) on the face
declining RoE of 10.49 %( 15.94%). The retained earnings growth was negative for
consecutive years.
3.2 Quality of Earnings
(a) Sustainability Perspective - While the operating profit before provisions fell by
1.56% and the net profit registered a growth of -22.78 % (20.48%) due to 22.99 % (-
14.54%) decline in provisions. Top 2 components of earning, NH and income from
commission / fees were weak as the former grew at 11.17 % (2.40%) and the latter
increased by 9.82 % (-5.02%).
(b) Cash Flow Perspective: The cash flows from operating activities as a percentage
of Net Profit Before Tax was lower at 87.22% (108.53%) indicating contribution of
lowering of existing liabilities / provisions contributing to the net profit rather than
incremental earnings.
4. Scope & ability to infuse capital

Considering issued capital of 27,467 mn against authorized capital of 250,000 mn
and the scope to raise IPDIs / PNCPs, the total headroom available for Tier 1 was
determined at 2359236 mn (2359407 mn) and for Tier 2 Z 699504 mn (2605055 mn).
The ability to raise capital from the market was pegged to infusion by the Gol as a
minimum of 51% has to be statutorily held by it, leaving the bank fiscally dependent.
As per announcements made by the Government, the bank is likely to receive
229700 mn capital from it for meeting Basel III norms during FY2015. The Gol held
58.60% (62.31%) of bank's shares.
5. Assessment of Leverage Ratio

The leverage ratio of the bank as on March 31, 2014 based on reported numbers
was at 5.11 % (4.69 %) and was within the current regulatory prescription of 4.50 %
under Basel III. The assessed leverage ratio was 4.87%.
PART IV: MAJOR AREAS OF NON-COMPLIANCE (REGULATORY
GUIDELINES)
SI. Regulation Reference Area / Subject of Non- Nature & Description of Non-
No (Para & Circular no.) Compliance Compliance
1 Section 22(3)(a) of BR Solvency Certification Against total outside liabilities of !
Act 1949 16657367mn (214840804 mn),
the bank was considered to have
adequate assets to meet its
liabilities. It continued to maintain
in 'real or exchangeable value', the
minimum capital required as per
statutory requirements.
2 RPCD.CO.Plan.BC.9/04 Master Circular (MC)- The bank had not achieved
.09.01/2013-14 dated Lending to Priority Sector targets in respect of Total Priority
July 01, 2013 Sector Lending and Indirect
Agriculture Lending and
overstated lending *.o priority
sector by Z657766.65mn
3 DBOD.No.BP.BC.1/21.0 MC- Prudential norms Under various provisions of the
4.048/2013-14 dated on IRAC instant circular instances of non-
July 01, 2013 compliances were observed and
as a result additional NPAs and
shortfall in provisions were
observed. The details are
furnished in Annex 1.
4 Para 4.13 of Prime Minister's In some cases of PMEGP loans,
RPCD.MSME&NFS.BC. Employment Generation it was observed that subsidy
No.5/06.02.31/2013- Programme (PMEGP). (margin money) were received by
14 dated July 1, 2013 the branches and kept in TDR
with zero percent inte-est in the
name of borrowers. However
interest was being charged on the
subsidy part of the loan also, in
contravention of the extant
guidelines. The account
statements of some borrowers
showed that the package used by
the bank did not have the
provision to calculate interest on
the net amount of loar excluding
subsidy. Further, the reversal of
the excess interest charged was
not being done systematically
leading to discrepancy in the
interest being charged and the
amount to be reversed.
5 Para 4.2 of MC- Wilful Defaulters - In cases of personal loans to
DBOD.No.CID.BC.3/20. Monitoring of End Use salaried borrowers only one
16.003/2013- 14 dated month's salary slip/ certificate of
the employer for a particular
July 1, 2013
month's salary were obtained as
against the loan policy
requirement of obtaining of salary
certificate of employees along
with Form-16 or IT Returns for
past two years for ascertaining
the actual standing of the
borrowers. As a result
mechanism to monitor end use of
funds was not in place.
of Lending under It was observed that in certain
Para 2
Consortium Arrangement Multiple Banking Arrangements
DBOD.No.B.BC./46/08. 1
dated / Multiple Banking accounts exchange of information
2.00/2008-09
Arrangements about the conduct of borrowers'
September 19, 2008
accounts with other banks were
not done
of MC- Disbursement of Due to misinterpretation of certain
Para 31
Pension by Agency provisions, the bank paid out
DGBA.GAD.No.H-4/
Banks-Recovery/Refund excess pensions which it now has
31.05.001/2013-14
of overpayment of to refund to the government
dated July 01, 2013
pension to the immediately but is doing it
Government Account gradually as and when it recover
the funds.
Long Term Employee The previous settlement hikes
DBOD.No.BP.BC.78/C.6
Benefits were linked to the establishment
86/91-92 dated Feb 6,
& DBOD. The bank should include expenditures as against 10th
1992
other staff benefits like Bipartite agreement link it with
No.BP.BC.89/21 04.018/
provident fund, pension, Pay Slips. At the time of
2002-03dated March 29,
gratuity. leave fare estimating the liability, the
2003
Guidelines concessions, etc. under demands of union was 30-35%
IBA
PS&BT/Pension-DgN/ Operating expenses and as per bank's Board Memo. The
6816 dated February 23, it must comply with AS- current stalemate position is
15 issued by ICAI. stated to be 23% hike demand by
2013.
unions and 11% offer by IBA.
While the actual settlement level
is still unclear, the estimation
should have been statistically
tenable rather than branding the
previous settlement as exception.
RPCD.No.FSD.BC.71/ Interest Subvention Rate of Interest were applied

05.04.02/ 2013-14 dated Scheme manually by the branches while
December 04, 2013 opening the accounts. It was
observed that bank was not
extending interest subvention on
KCCs and agriculture gold loan
and gross violation of instructions
was observed in 21992 accounts
amounting to 21369 mn under
short term crop credit (KCCs) and
1093 accounts amounting to 1154
Page 36 of 45
Confidential
mn under short term agriculture
gold loan. It was observed that
Rol was charged in the range of
7.30% to 14% instead of
applicable Rol of 7% (applicable
to the borrowers up to : 0.3mn)
thereby the interest subvention
benefits were also not passed to
the eligible borrowers.
A branch had lodged a claim of Z
55682 for 2% & 3% Interest
Subvention in respect of 46
Agriculture Gold loans disbursed
during 2012-13 and Z.48852 for
37 gold loan accounts disbursed
during 2013-14 treating the
Agriculture Gold Loans as Crop
Loans which was not in
conformity with the instructions.
10 2.3.1.6of MC- Loans and Instances of non- compliance to
DBOD.No.Dir.BC.14/13. Advances — Statutory prescribed guidelines were
03.00/2013-14dated and Other Restrictions- observed in few cases,
July 1, 2013 Bank Loans for
Financing Promoters
Contribution
11 Para 4.2 of RPCD.SME Collateral security in The bank had obtained collateral
&NFS. BC. No. 05/ case of loans up toZ1 security in case of loans up to 1
06.02.31/2013-14 dated mn- MSE sector mn extended to 487 units in MSE
July 01, 2013 sector with total outstanding Z
213.52 mn as on reference date.
It was observed that the same
deficiency was also pointed out in
AFI 2012 but the Circle/branches
have been continuing the
violation.
12 Para 2.2.1.11 &2.2.2.5 MC-Loans and The branch had not obtained the
of DBOD. No. Dir. Advances-Statutory & requisite declaration from the
BC.14/13.03.00/ 2013- Other Restrictions borrowers to the effect that
14 dated July 01, 2013 "Directors/ Promoters/ proprietor
of the borrowing
company/concern were not
directors or specified near
relation of a director of a banking
company/ not related to any
senior officer(s) of the bank" in
some cases.
13 Para 2.3.17 (i) & (iii) of Guidelines regarding In few instances brarches had
DBOD.No. Dir. obtaining declaration permitted deviations from the
BC.4/13.03.00/2012-13, from borrower terms of sanction by releasing
dated July 2, 2013 reduced amount for LC. The
branch had also not adhered to
statutory guidelines regarding
obtaining declaration from
borrower in Annex 6 and
obtaining requisite certificates
from CAs/ CS etc., in both the
accounts.
Guidelines on the Base The bank had renewed /extended
14 DBOD.No.Dir.BC.88/
13.03.00/2009-10dated Rate-Advances below advances at below base
April 09, 2010 base rate
During the period under review,
15 Para 4.2.15.3.iv.of Provision for sacrifice for
diminution in fair value few accounts were restructured.lt
DBOD.No.BP.BC.1/
was observed that provision for
21.04.048/2013-14
sacrifice for diminution in fair
dated July 1, 2013
value relating to six accounts was
not created or short provision
made. Further, promoters'
contribution was also not
ascertained in such
cases. Provision for restructured
accounts for IRAC status of
standard accounts was also not
created
Guidelines on Settlement It was observed that in several
16 Para 3 of DBOD.
BP.BC.55/21.04.117/ of Non Performing cases where the bank had
2007-08 dated Assets - Obtaining initiated recovery actions in the
November 30, 2007 Consent Decree from Court/DRT, the bank later arrived
Court at compromise settlements with
the borrowers without obtaining a
consent decree from the Court/
Beneficiaries were It was observed that in two cases,
17 Para 2.2, 4.5 and 4.6 of.
receiving foreign the beneficiaries were receiving
DBOD. AML.BC.No.- 23/
2014-15 contribution/s in multiple foreign contribution/s in multiple
14.08.001/ these
accounts accounts. Further,
dated July 1, 2014
accounts were also used for
receiving credits from sources
other than the foreign
contributions in contravention of
para 4.6 of the above circular.
Reporting of transactions of 10
mn and above to Central
Government was not ensured.
Para B.6.iv.a of FED. MC- Exports of Goods Few EEFC accounts were
18
No.14/2013-14 dated and Services- continuing with foreign currency
Exchange Earners' balances without the same being
July 1, 2013
Foreign Currency either utilized by the exporter or
(EEFC) Account being converted to INR by end of
the successive month as per the
RBI instructions.The bank was
not following up export
outstanding with exporters
Page 38 of 45
Confidential
systematically and viglorously so
that action against defaulting
exporters was not delayed.
Further, the bank was also not
advising its clients to seek
extension for realization of
overdue export proceeds or to
seek write off.
19 Para B-8 and C-20 MC- Exports of Goods There was no system 1 the bank
ofFED. No.14/2013- and Services- to monitor advance r mittances
14 dated July 1, 2013 System in the bank to received against exports.
monitor advance Branches were not Maintaining
remittances received any record of Outstanding
against export advance remittances received
against exports.
Export bills written off during the
year under review were not
checked by internal/concurrent
auditors. The bank had not put in
place a system under hich their
internal inspectors o auditors
carryout random samp e check /
per cent check of Outstanding
export bills written off.
20 Circular No. AP (Dir Closing of Old Though in few instances some
Series) Circular No.62 Outstanding Bills : branches had written off the few
dated October 14, 2013 Export - Follow-up - XOS export bills but not followed the
Statements instructions meticulously as the
bank had not ensured that the
customers were not traceable
(not having any pro of non-
traceability). Furt er, the
branches had not fur ished the
details of written off accounts in
the prescribed format to RBI, as
stipulated in the above circular.
21 Para C-15.2. ofMaster MC on "Imports of Goods The bank was frequently remitting
Circular No.13/2013- and Services into India- the funds for Merchanfing Trade
14dated July 01, 2013 funds for Merchanting transactions but not ensuring
Trade compliance with prescribed
guidelines. Further, the bank was
not ensuring one-to-on matching
of each Merchantin Trade
transaction and not reporting
defaults in any leg by t, e traders
to the concerned Regidnal Office
of RBI, on half yearly basis within
15 days from the close of each
half year, i.e. Jt_ ne and
December.
22 Para 2.2.3 and para MC - Guarantees and The bank had extended only non-
2.7.1 DBOD. No Dir. Co-acceptances fund based facilities viz., Bank
BC.12/ 13.03.00/ 2013- Guarantee and LCs to 1491
14 dated July 01, 2013 customers who had not been
sanctioned any fund based
facilities
23 Para 2.A (iii) to (vii) & Security and Risk Instances of non-compliance and
para 2 B (iv) to (vii) of Mitigation Measures for non-adherence to the prescribed
DPSS (CO) PD. Electronic Payment time lines were observed.
No.1462/ 02.14.003 Transactions (ATM/POS
/2012-13 dated Feb 28, & Internet Banking)
2013
24 Para 8.2 of DPSS. MC - Mobile Banking- The bank has put a limit of
CO.PD.Mobile Transactions in India - 50000 per day with monthly limit
Banking.No.2/ Operative Guidelines for of 250000 for application based
02.23.001/2014 - Banks mobile transactions even if there
15 dated July 1. 2014 exist no end to end encryption
(no encryption between mobile
and Banc24 application)
25 Para 3.3 and 10 (i) MC — Housing Finance- The said conditions were not
ofDBOD. No. DIR.BC. Term Loans to Private stipulated in the sanction letters
17/ 08.12.001/2013-14 Builders - Incorporating while financing builders/
dated July 1, 2013 clause in the terms and developers for housing projects.
conditions to disclose in Environment Clearance certificate
Pamphlets / Brochures / was not obtained before
advertisements disbursement of loan.
information regarding
mortgage of property to
the bank
26 Para 2.4.a MC-KYC/AML/CFT It was observed from a sample of
ofDBOD.AML.BC.No.24/ Customer Identification Savings Accounts dump that
14.01.001/2013-14 Procedure (CIP) 10754 sample accounts extracted
dated July 01, 2013 from bank's CBS which were
opened with help of the 'Welcome
Kits. by branches between June
2007 and March 2014 and are
being operated so far without
changing the name and other
fields for KYC particulars. In
these accounts the KYC status
was marked as completed merely
by updating some ineligible valid
ID references. In violation of
instructions in terms of para 2.4
the bank had not established
identity of the customer by
obtaining the required
identification data.
27 Para 13 B (ii) of DBOD. MC — Housing Finance Branches had not obtained
No. Housing Loan for certificate from the Architect
DIR.BC.17/08.12.001/20 purchase of constructed appointed by the bank that the
13-14 dated July 1, property / built up 'built up property was strictly as
2013 property per sanctioned plan and/or
building bye-laws', before
disbursement of the loan
28 DPSS.PD.No.2632/02.1 Reconciliation of failed In a few cases the bank was
0.002/2010-2011 dated transactions at ATMs charging Z17 to the accounts of
May 27, 2011 under the the customer even if the number
provision of section 18 of such transactions were not
of the Payment and more than 5 in a month. The bank
Settlement Systems Act, could not ascertain the number of
2007 transactions made by a customer
in the ATM of anot er bank.
Further, the entry in the
customer's account as being
shown as a single combined
entry. Payment of co pensation
for the afore-said vio ation was
not observed. No such
compensation was p- id to the
customers.
In case of introduction of levy of
Z15 as sms cha ges, no
information was sent th ough sms
to the existing custo ers and
their consent to a ail such
services was obtained.
In case of issue of A M / debit
cards to the custome s, it was
observed that the ba k offered
three types of cards, t e charges
of which were different. However,
such information regarding
different charges to be paid for
the ATM card was no indicated
in the application form.
In case of withdrawal o money in
the ATM, it was observed that the
bank charges Z 20 or cases
where an individual fails to
withdraw the intended --. mount in
the first attempt and h s account
is debited by that a ount and
when he makes the n- ► t attempt
to withdraw cash th ough the
ATM, it shows "insufficient
balance" and debits th- account
with the afore-said a ount. The
bank was restoring the amount
•
after a gap of some time without

reversal of the charges. In the
process, the customers were
paying the charges for no fault of
their action.
The bank had fixed a charge of
2102/- for reissue / revalidation /
cancellation of bank draft /
banker's cheque whereas for
issue of such instruments the
charges starts from a minimum of
Z25. Levying of charges four
times the minimum charges for
issue of such instruments did not
appear to be just and supported
by reason. As issue of duplicate
DD/PO, revalidation, cancellation
of such instruments were treated
as 'basic banking service'.
Clean Note Policy Implementation of Clean Note
29 DCM.(NPD).No.5133/09
Policy, especially exchange of
.39.000/2012-
soiled, cut notes at the branch
13dated May 10, 2013
level needed improvement and
proper monitoring at the
Controlling office level. The
activities of branches where the
currency chests were closed with
the approval of the RBI required
strict monitoring with regard to the
compliance to the terms and
conditions specified by the
Reserve Bank for such closure.
30 Para 5.9 of Acceptance of cash over In case of branches having Cash
the counter Acceptor machines, it was
DBOD.No. Leg. BC.22/09
observed that the customers of
.07.006/2013-14 dated
the branches were forced to
July 1,2013
deposit their cash through such
machines and the facility of
acceptance of cash over the
counter was denied to them.
Para 2.16 of DBOD. MC- KYC/AML/CFT In case of 1586 Relationship
31
AML.BC.No.24/14.01.00 Correspondent Banking Management Arrangements SBI
1/2013-14dated July 01, had with other financial entities
for services viz. cash / funds
2013
management, international wire
transfers, there were no system
for obtaining board approval for
their appointment. There was no
due diligence process as
indicated in the above prescribed
instructions.
Page 42 of 45
Confidential
32 Para 3.1.4 of DBS. Frauds — Classification As on March 31, 2014 fraud
FrMC.BC.No.1/23.04.00 and Reporting of Frauds cases (101) with amount involved
1/2013-14dated July 1, 3601.75 mn were detected
2013. before March 31, 2014 but
reported after March 31, 2014.
Hence, as on March 31, 2014
shortage in provis on were
observed.
33 DBOD.No.Leg.BC.35/09 Financial Inclusion- In respect of BSBDA, account
.07.005/2012-13 dated Access to Banking holders are allowed a maximum
August 10,2012, Services — Basic Savings of 4 withdrawal a month.
Bank Deposit Account However, as per data dumps
received from DWP, there were
about 3211448 such accounts
where the no. of withdrawals
were reported as > 4.
34 DBOD.No.BP.40/21.04. Guidelines on Managing Many of the activities that were
158/2006-07 dated Risks and Code of outsourced at Foreign Offices
November 3, 2006 Conduct in Outsourcing were not subjected to Annual
And of Financial Services by Review and whole bank review.
DBS.CO.PPD.BC.5/11.0 banks- Monitoring and Activity outsourced is being risk
1.005/2008-09 dated Control of Outsourced rated differently at different
April 22, 2009 Activities LHOs/Bus.
35 Para 5.7 & 5.8 of Compliance function in Each Department in the Head
DBS.CO.PP.BC.6/11.01 banks - compliance Office and controlling offices and
.005/2006-07dated April structure the branches (and / or Strategic
20, 2007 Business Units did not have
distinct compliance function and
such designated compliance
official did not report to the Chief
Compliance Officer. The staff in
the Compliance Department at
the Head Office as also
Compliance Officers at controlling
offices and branches / SBUs
focus were assigned with other
functions as detailed above
hence diluting the focus on
compliance function.
36 Para 1.1 of DBOD No. MC-Customer Service- The bank did not have a Board
Leg.BC. 22/ Policy for general approved policy for general
09.07.006/2013-14 management of the management of the branches
dated July 01, 2013 branches
37 Para 2.1.1 of DBOD No. MC-Customer Service The Annual review of depositors
Leg.BC. 22/ satisfaction was not done and
09.07.006/2013-14 operational guidelines for
dated July 01, 2013 conducting such surveys was not
in place.
38 Para 13 of DBOD No. MC-Customer Service - The branches in the Circle were
Leg.BC. 22/ Cheque Drop Box not accepting cheques over the
c.
Facility counters and giving

09.07.006/2013-14
acknowledgement for receiving
dated July 01, 2013
and forcing the customers to drop
the cheques in the cheque—drop
box. The boxes also did not
display the notice that Customers
can also tender the cheques at
the counter and obtain
acknowledgment on the pay-in-
slips.
Para 3.7.5 of No.FID. MC- Prudential norms for The bank's valuation process of
39
FIC.3/01.02.00/2013-14 Classification, Valuation unquoted equity was not
dated July 01, 2013 and Operation of compliant with the instructions as
Investment Portfolio - the break-up value was arrived at
Unquoted Non-SLR without considering intangible
securities - Equity assets, qualifications available in
Shares the audit report for under
provisioning etc.
40 Appendix 1 of DBOD. Guidelines on Banks' The gap appeared understated
No.BP.BC. 59 / Asset Liability on factors viz. term deposits'
21.04.098/2010-11 Management Framework bucketing was based on residual
dated November 4, — Interest Rate Risk - maturity without being based on
2010 Guidelines on Bucketing behavioral analysis, coupon rate
of various items of for calculation of MD of term
Assets and Liabilities in deposits assumed by the bank
the was actual rate of that particular
Interest Rate Sensitivity account as against average
Statement, along with coupon based on the term
the coupons and yields deposits by comparing the
to be used interest paid / accrued during the
relevant accounting period on
term deposits to the monthly
average outstanding term
deposits. Further, appropriate
assumptions based for CASA
deposits with special features viz.
auto sweep were not considered
by the bank.
41 Para 1.11 (h) of FE. Internal Control System was not in place for most
CO.FMD. No. 18380/ Guidelines of the portfolios. Even in case of
02.03.137/2010-11 forex spot interbank deals it was
Scan reports are done only once a day. In case of
dated February 3, 2011
prepared at least thrice a
derivative deals the leg to be
day (viz. at opening
booked by the respective treasury
hours, afternoon and
closing hours) and deals marketing units at the branches
at wide variance with the for deals entered with the

Sbi Rar 2014 Part 1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Sbi Rar 2014 Part 1

Uploaded by

Copyright:

Available Formats

RESERVE BANK OF INDIA

State Bank of India

or for period April 1, 2013 to

PART I: RISK ASSESSMENT REPORT

Summary of Aggregate Risk at Bank Level

Operational (non-IT) Risk 2.383

Operational (IT) Risk 2.351

Other Pillar II Risk 2.081

BANK LEVEL AGGREGATE RISK

1. Governance & Oversight: Aggregate Score: 1.904 (2.061)

Major findings / observations

Composition and competencies

branches in March 2014 was identified by Central Management Committee

Risk Management Framework & functions

Centre Credit Committee (CCCC).

1.3.2 There was no development of risk appetite statement to be used as

management framework was yet to be effectively established.

including take-over cases. The risk mitigation plans were expected to be

yet to be effectively established and implemented.

2. Credit Risk: Aggregate Score: 2.623 (2.330)

Inherent Risk Score: 2.891 (2 452)

(12.22%) with share of financial collaterals declining to 7.93% (17.02%). In

settlements continued to be high at 32.46% (43.05%) and waiver of accrued

Performance Guarantees with assignability clause, adding currency and tenor

documentation in the absence of MRA.

(a) Control failures leading to a large number of accounts with de ciencies

3. Market Risk: Aggregate Score: 2.281 (1.926)

3.1 Inherent Risk Score: 2.370 (1.899)

3.2 Control Gap Score: 2.072 (1.989)

4. Liquidity Risk: Aggregate Score: 2.024 (1.754)

4.1 Inherent Risk Score: 2.043 (1.721)

5. Operational (Non- IT) Risk: Aggregate Score: 2.419 (2.402)

5.1 Inherent Risk Score: 2.383 (2.389)

Confidential Page lof 45

5.2.3 Process for development of new products, changes in systems and

6. Operational (IT) Risk: Aggregate Score: 2.362 (2.381)

6.1 Inherent Risk Score: 2.351 (2.412)

enhancements were too frequent.

6.2 Control Gap Score: 2.389 (2.309)

configuration, management, database architecture. DBA activities and

persisted in the absence of ownership and control. The ATM-level non-

7. Pillar II Risk: Aggregate Score: 2.131 (1.716)

Inherent Risk Score: 2.081 (1.548)

Implementation and monitoring:

The summary of major areas of financial divergence, including assessed risk

1. Divergences (shortfall) in Provisioning

Areas/ Description @ Shortfall

2. Divergence in Risk Weighted Assets (RWAs)

RWAs (In 3mn)

Credit Risk 9659724 9771281

1. Pillar I Capital & CRAR

A. Basel III Capital as relevant for current year (2013-14)

Admissible Capital under Basel III (In Z mn)

Particulars Reported Assessed

Admissible CRAR under Basel III (in %)

Particulars Reported Assessed

Total capital (TC) 12.44 11.87

B. Basel III Capital as relevant for next year (2014-15)

Available Capital under Basel III (In Z mn)

Particulars Reported Assessed

Available CRAR under Basel III (in %)

Particulars Reported Assessed

Total capital (TC) 12.44 11.87