Читать книгу Liquidity Management - Soprano Aldo - Страница 9

Funding liquidity is closely monitored by banking regulators and it is increasingly the focus of internal projects as well as of staff search companies and specialized training firms; it is nowadays considered of strategic importance. It has followed somewhat the same development as the operational risk in banking: once it was considered somehow of lesser importance compared to credit or market risk exposure, then liquidity risk management became a pivotal element of banks' strategic plans, investments and organization. Besides liquidity risk measurement and control, the very change in relevance of such a risk to banks has assured the greatest importance and management role. Banks then need to ensure a comprehensive review and assessment of liquidity risk exposure, control and management processes is in place. An integral element of the overall risk culture framework is ensuring that there is a widespread understanding throughout the organization of liquidity exposure and how this needs to be managed, and how liquidity is specifically reflected in the risk appetite.

1.2.1 Liquidity risk's framework

We should first point out that banks should develop their risk culture through policies, examples, communication and training of staff regarding their responsibilities on risk. Staff should be fully aware of their responsibilities relating to risk management and this should not be confined to risk specialists or control functions. Business units, under the oversight of the management body, should be primarily responsible for managing risks on a day-to-day basis, taking into account the bank risk tolerance/appetite and in line with its policies, procedures and controls.

As repeatedly addressed in previous Basel capital accords, banks should have a risk management framework extending across all their business, support and control units, recognizing fully the economic substance of its risk exposures and encompassing all relevant risks (e.g. financial and non-financial, on and off balance sheet, and whether or not contingent or contractual). Its scope should not be limited to credit, market, liquidity and operational risks, but should also include concentration, reputation, compliance and strategic risks.

The liquidity risk framework should enable the institution to make informed decisions based on information derived from identification, measurement or assessment and monitoring of risks. Risks should be evaluated bottom-up and top-down, through the management chain as well as across business lines, using consistent terminology and compatible methodologies throughout the institution and its group.

The liquidity risk management framework should be subject to independent internal or external review and reassessed regularly against the institution's risk tolerance/appetite, taking into account information from the risk control function and, where relevant, the risk committee. Factors that should be considered include internal and external developments, including balance sheet and revenue growth, increasing complexity of the institution's business, risk profile and operating structure, geographic expansion, mergers and acquisitions and the introduction of new products or business lines. The remuneration policy and practices should be consistent with its risk profile and promote sound and effective risk management. The bank remuneration policy should be coherent with its values, business strategy, risk tolerance/appetite and long-term interests. It should not encourage excessive risk-taking. Guaranteed variable remuneration or severance payments that end up rewarding failure are not consistent with sound risk management nor the pay-for-performance principle and should, as a general rule, be prohibited.

For staff whose professional activities have a material impact on the risk profile of an institution (e.g. management body members, senior management, risk-takers in business units, staff responsible for internal control and any employee receiving total remuneration that takes them into the same remuneration bracket as senior management and risk takers), the remuneration policy should set up specific arrangements to ensure their remuneration is aligned with sound and effective risk management.

It is of the utmost importance that control function staff should be adequately rewarded so as to ensure they fulfil their objectives and that performance is not linked to that of the business they are monitoring. In particular, where a variable component is included, it should relate to that of the overall risk division compensation, while defining individual valuation factors that are not purely economic/results related is also necessary. The performance assessment for bonus/variable pay should include adjustments for the different risks, including that of liquidity risk. The bank's management should be ensured a balanced percentage of basic salary and variable bonus payments. A significant bonus as a percentage of basic salary should not be composed solely of cash but should be flexible and include risk-adjusted weights, while timing of the bonus payment should ensure it considers the bank's risk performance. We should have liquidity funding in the overall risk management framework and this needs to include policies, procedures, limits and controls providing adequate, timely and daily identification. It is necessary to be assessing, monitoring and reporting the risks of the individual desks and business lines as well as the overall exposure. The risk management framework needs to encompass specific guidance on the implementation of strategies, ensuring and maintaining appropriate risk limits given the set risk appetite, available capital base and strategies. The bank aggregate risk exposures should respect these set limits; the bank's management should follow up any relevant breaches of limits and ensure these are escalated and resolved (see Chapter 5).

When we are identifying and measuring risks, we should combine forward and backward looking analysis with the monitoring of daily risk exposures, considering the combination of different risk types and businesses, so as to control concentration exposure. Scenario analysis and stress testing are analyses meant to spot potential risk exposures, while standard historical controls are designed to identify the current risk exposure.

Management decisions on setting the risk limits should not only rely on quantitative information or model outputs, but consider the limitations of metrics and models following a qualitative approach such as expert assessment or an internal analysis. Macroeconomic trends and data are other important factors to include on exposure and portfolio risk assessment, remembering that we also need to base decisions on these analyses.

We need established regular and clear reporting to the senior management, business and other control functions involved: we need to design reports that are distributed in a timely manner, are accurate and highlight the key risk factors, so that management can understand anomalies or jump in exposures and proceed then to the necessary course of action.

We need to bear in mind that the reporting framework isn't just a document for information, it is key evidence for auditors and regulators and the base for presenting and assessing exposure: so management attention and effort must be devoted to its regular preparation and discussion and it needs to represent appropriately the business set-up and its changes over time. We need to ensure the reporting responsibilities are part of dedicated internal policies and there are specific internal procedures. We must also consider report production in the contingency plans. We need to make sure that the bank risk committee receives regular formal reports from the designated risk control functions.

We need a structured liquidity internal control framework, independent from business and risk takers, with appropriate skills, staffing, systems and budget to ensure they comply with responsibilities. The risk control framework should be designed to ensure effective and efficient processes, adequate control of risks in compliance with laws, regulations, supervisory requirements, internal rules and decisions taken. The internal control framework should cover the entire bank and should be tailored to its business structure, with adequate administrative and accounting procedures.

In developing the liquidity internal control framework, we need to outline a clear, transparent and documented decision-making process, setting out responsibilities for implementing internal rules and decisions. In order to implement such a robust liquidity internal control framework in all areas of the institution, the business and support units should be responsible in the first place for setting and maintaining control policies and procedures.

A functioning liquidity internal control framework also requires that an internal audit verifies that these policies and procedures are correctly applied. Second level control functions must not report to the risk-taking functions and also ought to be independent from each other, as are those performing types of control (compliance, audit, risk management). For smaller banks, risk control and compliance functions may be combined.