Having developed your risk appetite statements and set the tolerance levels, the next step is to implement them operationally. Below is a real life example:
Policy: Credit Risk Management Policy
Section 1: Introduction
Detail the policy’s purpose, emphasizing the need for alignment with the bank’s risk appetite.
Section 2: Risk Appetite Statements
State the credit risk appetite:
“The bank maintains a moderate tolerance for credit risk, aiming to keep a balanced portfolio with a non-performing loan ratio not exceeding 3%.”
Section 3: Key Risk Indicators (KRIs)
Specify the KRIs for credit risk:
- Non-Performing Loans (NPL) Ratio: Thresholds are <1% (Minimal), 1-3% (Cautious), 3-5% (Open), >5% (Eager).
- Average Credit Rating: AAA-AA (Minimal), AA-A (Cautious), A-BBB (Open), BBB-B (Eager).
Section 4: Roles and Responsibilities
Allocate KRI ownership:
- Chief Risk Officer (CRO): Entrusted with the overall credit risk management.
- Head of Credit Risk: Responsible for monitoring the NPL ratio and reporting to the CRO.
Section 5: Monitoring and Reporting
Define monitoring and reporting mechanisms:
- Monthly KRI reports to be presented to the Risk Management Committee.
- Quarterly board reviews to evaluate adherence to the risk appetite.
Section 6: Training and Awareness
Plan training initiatives:
- Ongoing risk assessment and KRI monitoring training for credit officers.
- Yearly risk appetite seminars for top management, focusing on strategic decision-making.
Section 7: Continuous Improvement
Elaborate on the improvement process:
- An annual policy review, integrating stakeholder feedback and insights from KRI tracking.
- The aforementioned approach can be implemented across all essential risk policies. In this instance, the process should be overseen by the Credit Officers and assisted by the Credit Risk Management Team.
How integrated are your risk appetite statements and tolerance levels? Do they inform decision making?