1.0. Introduction
Every business is exposed to small and big risks in its internal and external business environment and risk management strategies are directed to eliminate, avoid, or manage these risks. An effective mechanism for risk management ensures the long term survival, growth, and profitability of an organization. The importance of risk management is peaking in the modern business climate that is much more characterized by uncertainties and risks than its classical form. Financial institutions, as well as all other types of organizations, are also faced with certain threats within their business life, and several of them, if not managed properly, can tell badly upon their financial health, reputation, competitive strength, etc (Elliot, 2012).
This report sets out to provide risk management plan for a small bank namely SS Bank (supposed) located in a town having a population of 100000 individuals. Total ten risks are identified and analyzed in this paper from the perspective of enterprise level as well as traditional risk management.
2.0. Traditional Risk Management vs. Enterprise Risk Management
Before proceeding to the risk management plan, it is wise to differentiate between traditional risk management and enterprise risk management. The traditional approach to risk management sees risks as a hazard (only) and directs its efforts to eliminate or mitigate them in the best possible way. On the other hand, enterprise risk management is a contemporary concept and deals with potential risks in comparatively more sophisticated manner. Also termed as holistic risk management, it aims not only to avoid or mitigate but also to turn risks into opportunities. It involves aligning basic business strategies such as organizational purpose, workforce management plan, and any other according to the potential threats in the external business environment to treat them in the most effective manner and ensure long term survival (Liebenberg & Hoyt, 2003).
3.0. Risk Management
3.1. Potential Risks to be considered by SSB
Ten most potential risks identified and prioritized with respect to their impact and probabilities of occurrence for the financial institution under discussion are as follows:
Credit Risk
Interest Rate Risk
Exchange Rate Risk
Economic Downturn
Operational Risk
Business Risk
Reputational Risk
Liquidity Risk
Regulatory Risk
Moral Hazard
3.2. Risks and Management Strategies Explained
3.2.1. Credit Risk
In financial terms, credit risks refer to the fear that, due to any known or unknown reason, any number of bank borrower or the bank itself will fail to comply with the agreed terms and conditions in the contract for borrowing or lending the credit. Both defaults and delayed payments are included in that type of risk (Perez, 2014). SSB as well as all other banks have to consider this risk in their risk management strategy. While analyzed from an integrated approach to risk management, it is prioritized as the most potential risk due to its chances of occurrence and damage that it can bring to the business.
In the first place, the bank can condition the loans with appropriate securities. For example, every borrower will have to mortgage his property or share over the fund that he borrows from the bank. The worth of security must be in accordance with the amount of money taken from the bank as a loan. It will help minimize the impact of defaults in delayed payment and will give the lender significant advantage over the borrower.
Secondly, SSB can determine the interest rates with respect to the risk involved with the borrowing. This risk can be based either on the financial position of the borrower, or the nature of purpose for borrowing, or any other miscellaneous factor. A Higher percentage of interest rates for high risks will offset the impact of low interest rates for low risk borrowing. It is an enterprise strategy by nature because it will ultimately enhance the inflow of cash for the institution (given that most of the loans belong to high risk category) and will convert the threat into a potential and profitable opportunity.
3.2.2. Interest Rate Risks
Interest rate risk is a subtype of so-called ‘market risks’. It occurs when a bank or any other financial institution suffers losses due to critical fluctuations in interest rates. The high volatility of interest rates increases the short term probability of this type of risk. On the whole, it is rated as the second most hazardous threat on the basis of its chances of occurrences and potential of causing damage (Angbazo, 1997).
As the CRO of SSB, the writer (of this report) has devised a refined approach to avoid and tackle this threat (if encountered). Basically, there are two types of assets (including loans to customers) and bank liabilities i.e. ‘fixed’ and ‘rate sensitive’. Therefore, a sophisticated approach is needed to avoid this threat. The CRO categorizes the risk management for this threat into two categories including one for assets on fixed rates and another for assets on rate sensitive interest rates.
As for assets on fixed interest rates, the CRO, adhering to the traditional approach, considers this threat unavoidable. However, sudden rise or fall in interest rates and its negative or positive impact on the institution and opposite situations in future offset each other. So there is ‘tolerable uncertainty’. As for rate sensitive interest, it is essential to make sure that there is a match between rate sensitive liabilities and assets. In this way, the impact of rise or fall in interest rate relating to rate sensitive liabilities will be offset by the impact on rate sensitive assets to ensure the organization’s survival in the long run.
The institution can also turn this threat into an opportunity by working on enterprise level risk management. For example, short term interests will be issued on comparatively softer terms and conditions during the time period when interest rates are forecasted to remain higher. It will boost the organizational ‘profitability and growth’.
3.2.3. Exchange Rate Risk
Exchange rate risk occurs as a result of a change in the value of currency in exchange for the value of another currency. This is another type of market risk and is prioritized as third most probable and impactful threat (Perez, 2014).
SSB deals in different currencies in its business matters. Therefore, exposure to foreign exchange is a potential risk for the institution. As mapped by the CRO, the organization is faced with both transactional and translation exposure. These are short, medium, and long terms risks. To avoid threats relating to fluctuations in exchange rates, the CRO advises to go with currency hedging.
However, the CRO aims to go at it with an enterprise approach to risk management and prefers ‘active’ strategies of hedging. In other words, the experts hired for this purpose will utilize the hedging instruments to generate profits by keeping positions in the market direction. It will not only minimize the risk but can also be a source of additional profit. In other words, SSB aims to treat this threat as an opportunity and capitalize on that. In this way, the institution will be able to maintain the predictable earning patterns or earning stability in the long run.
3.2.4. Economic Downturn
Today’s business is much more dynamic than ever before, and its dynamism is at increase with newer and newer developments in the external environment. Recessions are highly probable in such situation. The number of recessions that took place over the past 50 years (including one faced in 2008) is indicative of its high probability of occurrence. Each recession causes closure of businesses on a large scale, so it is a potential threat to the institution in hand (Icon Group International, n.d.).
The CRO has devised a traditional risk management strategy to ensure the ‘continuity of businesses during any such period of disruption as a recession. He uses the examples of some of the banks that survived during past recession and position themselves well enough to handle another one (Frankel, 2015). Following into their footstep, it is advised that the bank consistently reduces its reliance on interest expenses and interest income by gradually shifting to noninterest costs and revenue. It will add to the bank’s chances of survival during any recession that takes place in years to come. Apart from this, it is already suggested in the risk management plan that the bank would issue loans over securities. These measures will help the SSB to mitigate the impact of any downtrend in future.
3.2.5. Operational Risk
Operational risk refers to the failure of operations of an organization on internal level or the failure of management. Failure to comply with legal obligations can also be categorized as a type of operational failure. It can either be a result of human error in carrying out important tasks or can be based on leakage or loss of confidential or important information due to system failure. It causes potential damages, and in the extreme situation may even lead to the closure of an institution (Perez, 2014).
SSB follows a comprehensive set of policies towards its human resource management from recruitment and selection to training and development. So there are already low chances of human error. In other words, it is a tolerable uncertainty. As far as system failure is concerned, it is critically hazardous because most of the processes at the company are automated with least human input and major reliance on technology. Therefore, any system failure or disaster can put a big question mark on the survival and profitability of the company. In order to avoid this threat, SSB should consistently upgrade and update its IT infrastructure. Furthermore, copies of highly important information and the database should also be stored on reliable and premium online directories, so they can be retrieved in the event of any system disaster to maintain the continuity of business in the long run.
3.2.6. Business Risk
The business risk lies at the base of an institution, because (normally) it occurs as a failure of an organization’s ability to maintain its competitive strength, profitability, or earnings. In a nutshell, it may cause declining profits, losses, or business closure (in extreme cases). Most of the times, these failures are the result of defective business strategies (Perez, 2014).
Business risk can be avoided through thoughtfully constructed business strategies. The CRO deeply investigates into all the business concerns in relation to the outlook of different indicators in the external environment of SSB. It is advised that the institution should not rush towards growth, but let it be a slow and steady process. It should not get involved in competition with large industry players, but should keep offering its services on small scale till it establishes brand identity and recognition. Too early exposure to the competition on large scale can restrict opportunities for further expansion (and may cause negative implications on competitive strength). Therefore, each step towards growth or business expansion must be taken in a strategic and well-directed manner.
3.2.7. Reputational Risk
Reputational risk is defined as the loss of reputational capital of an organization. Here, it is important to mention that reputational capital is the intangible capital that a financial institution generates by contributing to community or social growth. It symbolizes the organization’s approach to corporate social responsibility (CSR). It may cause an institution lose high percentage of its potential customers, especially those who are given to ethical consumerism (Perez, 2014).
The CRO assumes that SSB may face reputational threats either as a result of failure of its own efforts to satisfy the some potential customers or rumors raised by rivals to bring down the image of the organization on social level. False financial statements can also lead to this situation. Through ERM approach, the company will make corporate social responsibility the essence of its business and will embed it within the organizational culture. This will also be the essential part of its marketing and advertising campaign. It will also conduct seminars on social level with special focus on how the institution can and is contributing to the betterment of society. Through these platforms, the company will also be able to respond to the holistic attacks on the institution’s reputational capital. In this way, SSB will also be able to cash in the growing trends of social responsibility and ethical consumerism in the world of business (Flammer, 2012). Furthermore, it will also be made sure that the organization is abiding by legal obligation in all its business matters.
3.2.8. Liquidity Risk
Liquidity risk is a situation wherein a bank cannot fulfill its financial obligations (i.e. carrying out day-to-day transactions) due to inappropriate turnaround involved in buying or selling securities. Temporary unavailability of cash to carry out business matters (i.e. paying out the investors) is one of the most evident examples of this threat (Perez, 2014). It is a highly potential risk, as it puts question mark on the financial ability of an institution and may cause the customers, investors, and all other stakeholders to lose their trust in such that (Perez, 2014). However, the probability of its occurrence is low in case of SSB due to its financial stability. Therefore, it is prioritized as 8th most hazardous risk.
3.2.9. Regulatory Risk
Regulatory risks create challenge for financial institutions and it requires sophisticated approach to conduct a mitigating strategy against these challenges. This risk occurs when the government or regulatory authorities bring unfavorable changes in the regulations relating to finance. Imposing restrictions on maximum investment or amount to be kept in an account are two of its examples (Perez, 2014).
Even though regulatory changes are potential threats, the CRO seeks to create opportunities out of them. It happens that banks and institutions, normally, suffer decline in their profitability as a result of change in regulatory policies because they are not well prepared for them and have to restructure their business policies to create a harmony (Culp, 2012). The institution will keep its business policies flexible so it can respond to any change in the regulatory framework. There will be predefined strategies to tackle any unfavorable situation. In this way, the bank can perform better than its competitors in such adverse situation. It will, certainly, bring handsome growth in its customer base in the long run.
3.2.10. Moral Hazard
Moral hazard associates a decision taken by a very large financial institution that, if gone wrong, may affect the whole industry. Very large groups of organizations are very likely to take such decisions every now and then considering themselves “too-big-to-fail”. One such scenario has taken place a few years ago (in 2008) (Perez, 2014).
Same mitigating strategy will be adopted against this threat as suggested in case of economic downturn.
4.0. Conclusion
The risk management plan provided in this report is comprehensive and covers all probable external and internal considerations. Some of the strategies are directed towards avoiding some potential threats, while other aims to turn them into opportunities. In this way, the institution will be using a combination of traditional and enterprise risk management. The essence of the underlying plan is to build the business strategies on solid base, so it may not be in the need of changing the whole business style and structure to tackle the emerging scenarios that are not aligning to its business plan.
Furthermore, SSB may also be faced with some critical risks that are not covered in the list of threats provided in this paper. However, it is important for the organization to stay ready to treat such risks in an effective manner. For this purpose, there will be a proper mechanism of planning, and management. Internal and external audits will be prepared on a regular basis, and potential weaknesses that are indicative of business risks will be identified in these analyses. Then, strategies will be devised to improve those weaknesses.
Risk management, in this way, will allow the company to maintain and improve its competitive strength on a consistent basis. By the same token, it also will maintain the business continuity through all thick and thin enjoying consistent growth in customer base, revenue, and profitability. Then, incorporation of CSR in the organizational mission will be a source of attraction for a large number of customers.
References
Angbazo, L. (1997). Commercial bank net interest margins, default risk, interest-rate risk, and off-balance sheet banking. Journal of Banking & Finance, 21(1), 55-87. doi: 10.1016/s0378-4266(96)00025-8
Culp, S. (2012). Managing Regulatory Risk a Major Hurdle for Banks. Forbes. Retrieved June 2, 2016, from http://www.forbes.com/sites/steveculp/2012/05/08/managing-regulatory-risk-a-major-hurdle-for-banks/#496255fc1962
Elliot, M. (2012). Risk Management Principles and Practices. New York: The Institutes
Flammer, C. (2012). Corporate Social Responsibility and Shareholder Reaction: The Environmental Awareness of Investors. Academy of Management Journal, 56(3), 758-781. doi:10.5465/amj.2011.0744
Frankel, M. (2015). 3 Banks Best Positioned to Survive the Next Recession. The Motley Fool. Retrieved June 2, 2016, from http://www.fool.com/investing/general/2015/04/30/3-banks-best-positioned-to-survive-the-next-recess.aspx
Icon Group International. (n.d.). Recessions: Webster’s Timeline History, 1735 – 2007. California: Icon Group International Inc.
Liebenberg, A. P., & Hoyt, R. E. (2003). The Determinants of Enterprise Risk Management: Evidence From the Appointment of Chief Risk Officers. Risk Management Insurance Review, 6(1), 37-52. doi:10.1111/1098-1616.00019
Perez. (2014). Overview: What you need to know about banking risks. Market Realist. Retrieved June 2, 2016, from http://marketrealist.com/2014/09/overview-need-know-banking-risks/
