Since the near collapse of financial markets across the world, strengthening risk management processes has jumped to the forefront for bankers as the top focus area. One only needs to look at the Global 100 list of top banks from 2006 to see that almost 25 banks on that list have since received government financial support or have been taken over by a stronger, better capitalized bank.
One thing that is becoming very clear about the financial crisis is that many bankers lost sight of the basics. Many of the banking basics are concepts that global banks, and banks in the Middle East and North Africa region, are now trying to re-learn.
Fundamental to sound risk management is a Board of Directors (BOD) that is committed and engaged in the risk management process. The BOD’s engagement on risk management does not mean that the it should get involved in day to day operations, but it means that the board has a proper risk committee responsible for approving the risk policies of the bank.
It also means that it sets, approves, and understands the risk appetite of the bank. Every bank should start by asking each of their board members if they have a good understanding of the risks being taken by the bank?
You cannot talk about risk management in banks without discussing corporate governance, and vice versa. Corporate governance refers to the structures and processes aimed at providing direction and control to the bank. Good corporate governance starts at the board level with a board that has well-structured committees, professional and appropriately skilled members, and properly defined work procedures.
Beyond the board level, good corporate governance is key to ensuring proper management control functions are in place – such as internal audit, external audit, internal control and compliance – and that shareholder rights are properly defined and protected.
Finally, good corporate governance helps ensure the bank maintains a healthy level of transparency and disclosure. Basel II (Pillar 3) provides particular disclosure guidance for banks regarding their risk profiles and risk management frameworks. Such transparency is critical in providing assurance to the market that the bank is governed properly and managing its risks effectively.
Every bank should build a framework that is tailor made for their own business model. A risk management framework is a set of processes and operating procedures governing the steps and hierarchy of managing risk within a bank. This includes all steps from setting the risk appetite at the BOD level to originating a loan at the branch level.
All risks should be addressed within this framework. Although we primarily think of bank risks as being related to credit or liquidity risks, there are many others such as operational, market, legal, reputational, etc. A bank CEO should be asking himself, do we have a documented risk management framework that all employees can understand?
James Gohary is Principal Operations Officer of International Finance Corporation’s Access to Finance business line for the Middle East and North Africa. He has over 20 years of experience in acquiring, integrating, and growing banks and non-bank financial institutions. This article was written exclusively for Daily News Egypt.
The findings, interpretations and conclusions expressed in this article are the authors own and do not necessarily reflect the views of IFC, a member of the World Bank Group.