Icaap policy final 2018 PDF

Preview

Summary

Download Icaap policy final 2018 PDF

Description

Table of Contents EXECUTIVE SUMMARY...........................................................................................................................2 BACKGROUND OF THE ICAAP PROCESS.........................................................................................3 STATEMENT OF BANK’S ATTITUDE TO RISK.....................................................................................5 BUSINESS STRATEGY............................................................................................................................9 Risk Strategy and Risk Appetite by Risk Types................................................................................10 Target Risk Profile................................................................................................................................11 PLANNING................................................................................................................................................ 13 Business Plan and Capital Plan.........................................................................................................13 Risk limits and use of these limits in capital allocation....................................................................14 Target Capital Adequacy......................................................................................................................16 RISK ASSESSMENT...............................................................................................................................17 Risk Definitions.....................................................................................................................................17 Description of Risk assessment methods by Risks.........................................................................19 Assessment for aggregated Risks.....................................................................................................23 Description of Risk aggregation methodology..................................................................................24 Risk assessment and capital need by Risks.....................................................................................24 Composition of Capital Outcome, its Coverage Area and Risk Mitigation....................................25 STRESS AND SCENARIO TESTING....................................................................................................26 IMPLEMENTATION OF ICAAP..............................................................................................................31 MONITORING & REPORTING...............................................................................................................31 COMMITTEE.............................................................................................................................................31 Annexure 1................................................................................................................................................ 32 Checklist for Board and senior management of Bank.........................................................................32

1

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

EXECUTIVE SUMMARY Internal Capital Adequacy Assessment Process (ICAAP) policy is a comprehensive paper furnishing detailed information on the ongoing assessment of the Bank’s entire spectrum of risks, how the Bank intends to mitigate those risks and how much current and future capital is necessary for the Bank, reckoning other mitigating factors. The purpose of this ICAAP document is to apprise the Board of Directors (BOD) of the Bank on these aspects as also to explain to NRB Bank’s Internal Capital Adequacy Assessment Process and the Banks’ approach to capital management. The ICAAP is based on the existing internal documentation of the Bank as well. Assessment of Risk and its management is being performed by the Bank through prudent Banking practices and Nepal Rastra Bank guidelines. Bank has been following the approach for calculating capital requirement as required under Pillar I of Capital Adequacy Framework issued by NRB for credit, operational and market risk while this document outlines the process for identification, measurement, control/management of other possible risks partially covered or not covered by Pillar I along with other external factors together developing prudent measures/system to mitigate them and ascertain the level of additional capital requirement. Moreover, this policy is intended to further strengthen and improvise the processes the Bank has been following until now. This document covers risk management processes followed by the Bank, business strategy and capital plan to measure the level of required capital, types and identification of material risks the Bank is exposed to and how the Bank intends to access, monitor, report and control the same ensuring the adequate level of capital and possible sources. The document also covers the measurement process & quantifying techniques/tools for material risk, prescription of risk limits and assessment of aggregate risk to ascertain additional capital if required. The implementation, monitoring, reporting has also been defined along with the controlling aspect. This document is an update of the initial ICAAP policy approved by the Board of Directors of the Bank on its 67th meeting dated 29th Poush 2069.

2

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

BACKGROUND OF THE ICAAP PROCESS Banking is critically related to the management and control of numerous risks associated with the business. To safeguard the interest of the public and other stakeholders, adequacy of capital level is equally important to absorb adverse impact on stressed situation. Risk management as commonly perceived, does not mean only minimizing risk rather the goal of risk management is to optimize risk-reward trade-off. The distinction of a successful Bank from the rest is the quality of its risk management process. Realizing the importance of this aspect, in order to improve the Corporate Governance structure of the Bank and in order to ensure effective and comprehensive risk management practices in the Bank, the Board of Directors of Mega Bank Nepal Ltd. has formed a Risk Management Committee (RMC) that comprises of Non-Executive Directors and members from the management in accordance with the prevailing directives/guidelines of Nepal Rastra Bank on Risk Management. Moreover Mega Bank Nepal Limited has always been sensitive towards risk associated with every events and activities since inception. That is why the Bank established a separate Risk Unit independent from Business Units to mitigate risk as much as possible. The functions of Business Units and Operations Units have been clearly segregated. Further to maintain check and balance, Bank has also established a separate Legal & Compliance Department and Internal Audit Department since its inception. The Bank has also established a Delivery Unit to monitor the operation of the Bank. There is a clear demarcation of front and back office of functioning of Treasury Department. Mega Bank Nepal Limited (MBNL) is the 28 th Commercial Bank in a row. MBNL not only advocates for the best practices of risk management but also opts for implementing all possible measures for risk management. As per NRB directive, a Bank must have an ICAAP policy in place. In line with this, MBNL has prepared this document to ensure that the Bank’s overall capital is adequate in relation to the level of risk it takes or is exposed to. The purpose of this ICAAP document is to: 1. Inform Bank’s Board of Directors of the ongoing assessment of all the risks; which includes: a. Risk that are not fully covered during the Pillar 1 process such as concentration risks, residual risks that arise from credit risk mitigation etc. b. Risk that are not taken into account in the Pillar 1 process such as Liquidity Risk, Interest Rate Risk, Strategic Risk, Reputation Risk, Concentration Risk etc. c. Risk factors that is external to the Bank such as risk arising due to regulatory, economic, business environment etc. 2. Inform the BOD and Senior Management of the key results of the Risk Assessment, how the Bank intends to mitigate those risks and how much current and future capital is necessary and any issues that could arise. 3

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

3. Report its Internal Capital Adequacy Assessment Process to the supervisor. 4. Identify and measure risks while implementing strategies and policies in the Bank. 5. Strengthen on a continuous basis appropriate Risk Management Systems to mitigate the risks identified. 6. Determine risks to be charged in the Capital on periodic basis. 7. Assess Bank’s future Capital requirement based on the future business plan and associated Risk profile of the Bank. 8. Manage required capital based on the capital assessment if so required. 9. Get feedback from the existing practices and recommend/adopt further improvement for effective Capital Management.

4

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

STATEMENT OF BANK’S ATTITUDE TO RISK Bank is exposed to different types of risks that may have a potentially negative effect on its business. Risk-taking is an inherent element of Banking and the reward for successful risk taking business comes in the form of profits. However, excessive and poorly managed risk can lead to losses and thus endanger the safety of the Bank's depositors. Risks are considered warranted when they are understandable, measurable, controllable and within the Bank’s capacity to readily withstand adverse results. Sound risk management systems enable management to take risks knowingly, reduce risks where appropriate and strive to prepare for a future, which by its nature cannot be predicted. MBNL considers risk as an important component and inevitable factor for its sustainable business. Hence in order to mitigate the risks the Bank has designed and implemented various control mechanisms for safe and sound operations. Bank has given high priority towards compliance with regulatory and corporate governance norms as set by the Central Bank, those prescribed by the Acts related to the Banking business and best practices into effect. The risk management process has been set for mitigating credit, market, operations and other material risks applicable for the Bank, also mentioned hereunder. Risk Management Processes Risk refers to the possibility that the outcome of an action or event could bring adverse impacts on the Bank’s capital, earnings or the going concern. Such outcomes could either result in direct loss of earnings and erosion of capital or may result in imposition of constraints on the Bank’s ability to meet its business objectives. These constraints could hinder the Bank’s capability to conduct its business or to take advantage of opportunities that would enhance its business. As such, the management will put its concerted effort to warrantee the risk it takes in the forms outlined in this policy. Risk Management is a discipline at the core of the Bank and encompasses all activities that affect its risk profile. It involves identification, measurement, monitoring and controlling risks to ensure that: a) The individuals who take or manage risks clearly understand it. b) The organization’s Risk exposure is within the limits established by Board of Directors. c) Risk taking decisions are in line with the business strategy and objectives set by BOD. d) The expected payoffs compensate for the risks taken. e) Risk taking decisions are explicit and clear. f) Sufficient capital as a buffer is available to take risk. The Bank will adhere to a sound risk management system which will be systematically ensured through the following elements: • • •

Active Board and Senior Management oversight Adequate policies, procedures and limits Adequate risk measurement, monitoring and management information system 5

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

• Comprehensive internal controls. For this, the Bank has the following practices and processes which are subject to review on a regular interval for further strengthening depending upon various internal and external conditions: Credit Risk a. The Risk Unit is independent from other business functions. The unit is adequately manned and oversees all risk aspects including but not limited to Credit, Operational and Market risks. b. Risk Management Policy, Credit Risk Management Framework, Credit Risk Strategy Paper are formulated to monitor and manage risk pertinent to credit. c. Risk Management Committee comprising of Non-Executive Directors has been enacted, which reviews various risk factors on a periodic basis. In addition to reviewing of associated risks, reports generated and discussed on Credit Risk Management Committee is escalated to Risk Management Committee through Management Risk Monitoring Committee. d. Loans and facilities are only sanctioned after the joint approval of the Risk Unit along with Business Units e. Lending authority has been amended and delegated to executive for smooth operation considering the experience and risk exposure. f. Risk Management Committee meetings are conducted every month to review credit risk. g. Review of concentrations and identification of potential as well problematic sectors for lending are discussed at various committees such as Credit Risk Management Committee, Management Risk Monitoring Committee, Risk Management Committee (RMC), Asset Liability Management Committee (ALCO). h. The Risk unit continuously reviews the existing Credit Policy Guidelines (CPG), Credit Manual and Lending Authority Matrix of the Bank as per market development in order to ensure that all immediate and potential risks are addressed. The risk unit also recommends for appropriate suggestions to the senior management on further steps that can be taken to strengthen the credit portfolio of the Bank. i. Credit Policy guides all underwriting activities, which is periodically revised to ensure that all immediate and potential risks are addressed. j. Recovery Unit of the Bank has been established for effective recovery process. k. NPA management team of the Bank comprises of Head Credit Administration Department (CAD) and Heads of Business Units i.e. Corporate, SME, Consumer Lending and Micro Unit for minimization of NPA by exploring all legally possible avenues for the settlement of the overdue accounts. Operation Risk a. Various operation related policies, circulars, manuals and guidelines have been formulated and implemented for all areas of the Bank Operations. 6

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

b. Middle Office unit within Risk Department has been set up which reviews the operations of the Bank in terms of compliance of internal/external rules and procedures. c. Central Operations unit of the Bank monitors various MIS and references generated by the Bank’s MIS such as Daily Operations report, Daily GL monitoring report, Weekly Operations report, Monthly Operations report, AML and KYC related reports such as Threshold Transaction Report (TTR) and Suspicious Transaction Report (STR) to observe any deviations that could occur from operations for further strengthening operational activities. d. All the new staff members during the time of recruitment are trained in Core Banking System (CBS) and other operations related guidelines. In order to improve capabilities of employees, training calendars are developed and implemented based on their need assessments. e. The comments of internal/external auditors are duly notified and informed to the concerned personnel for strict adherence to guidelines laid out in the operational manuals. f. With an objective of minimizing the risk relating to operation, the Bank has a separate unit named as Delivery Unit. The main function of this unit is to monitor overall risk exposure relating to regular internal operation of the Bank. Market Risk a. Changes in interest rates can significantly alter net income depending on the mismatch of assets and liabilities held by the Bank and there is possibility of decline in earnings due to adverse movements of interest rates in the market. ALCO (Assets Liability Committee) continuously determines mismatch in limit for each time bucket to minimize interest rate risk with the basic objective to maximize Net Interest Income (NII) or interest spread according to the market situation. b. ALCO monitors the rationale and need of further enhancement of foreign exchange related alertness besides regularly monitoring the effective implementation of existing operational control guidelines. c. Global Market Department ensures constant monitoring of positions and normally squares off its position immediately or by end of the day. The same is monitored by TBO. d. Global Market Department updates the management on ALCO and IMC meetings on exchange rate risks currently prevalent in the market whereas in case of volatile situation, upon occurrence. e. Daily PNL from Investments and Foreign Currency Trading is monitored on a daily basis by the Senior Management. f. All dealings and trading positions are guided by the Investment Policy of the Bank. Legal & Compliance Risk a. Legal & Compliance review of various functions of the Bank is conducted at periodic intervals. The findings and comments of these reviews are circulated

7

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

b. c.

d.

e. f.

8

to the concerned departments and their response are sought in order to ensure compliance. All concerned within the Bank are disseminated about legal provisions that may affect the Bank such as circulars/directives issued by NRB. Self-assessment tool Key Control Self-Assessment (KCSA) has been formulated and implemented in order to strengthen the Bank's internal control system. Necessary trainings on legal and compliance issues are provided to the concerned staff members of the Bank so that the concern business unit/s can conduct its business transactions within compliance purview. The Bank is working towards establishing ZERO tolerance culture in the Bank in terms of compliance i.e. no issues raised or fully compliant. AML, KYC Policy has been updated as per new provisions on AML, KYC issued by NRB. The same is monitored by the Head of Compliance.

Internal Capital Adequacy Assessment Process (ICAAP) Policy of Mega Bank Nepal Limited January 2013 (Updated August 2018)

BUSINESS STRATEGY The Bank has in place a five year strategic plan which is supplemented by annual budget. These are strategic documents and provide guidance on the future business prospects of the Bank. These documents establish the desired nature and size of the business portfolio at a future period. While preparing these documents, capital assessment is taken as one of the most important factors. Bank understands the various forms of risks associated with the business and the importance of capital in mitigating these risks. Hence, the present as well as future capital requirements of the Bank are thoroughly assessed to ensure that it is more than adequate to support the business needs of the Bank. Business strategies are keys to any management success. The analysis of current and future capital requirements of the Bank in relation to its strategic objectives is a vital element of the strategic planning process. The strategic plan clearly outlines the Bank’s planned business activities such as lending, deposit, investment, scope of operations, products, anticipated capital expenditures, desirable capital leve...