Risk Management at ANZ Banking Group

Jun 18, 2008

Patrick ZhuHead of Retail RiskChina Partnerships

2

ANZ is a leading bank in Australia, and the largest bank in New Zealand

• Established in 1835

• Strong market positions in chosen markets

Australian “Bank of the Year” six years in a row

New Zealand’s largest bank

Leading bank in the South Pacific

Leading Australian bank in Asia

• Over 5 million customers, across 30 countries

• 34,353 employees; 1,265 points of representation

• Strong annual performance as at 30 September 2007

Annual profit AUD$4.2 billion

Total Assets AUD$392 billion

Cost/Income ratio 44.8%

• Rated AA

3ANZ Risk Management structure is aligned to business and meets Basel requirements for consistency

Chief Risk OfficerChief Risk Officer

Head of RiskPersonal & Chief

Retail Credit Officer

Head of RiskPersonal & Chief

Retail Credit Officer

Chief Risk Officer ANZNB

Chief Risk Officer ANZNB

Head of Operational &

Technology Risk

Head of Operational &

Technology Risk

Head ofRisk, Institutional

Head ofRisk, Institutional

Institutional

Group General Manager,

Compliance

Group General Manager,

Compliance

Head of Risk Services

Head of Risk Services

Centre Risk

Respective Group Managing Directors

Chief Executive Officer,

New Zealand

Head of Risk, Asia Pacific

Head of Risk, Asia Pacific

PersonalAsia PacificOTRNew Zealand

Chief Executive OfficerANZ Board Risk Committee

4The following key principles which are aligned with Basel II underpin the establishment of the ANZ risk function:

1. Board of Directors should be aware of major aspects of bank’s risks. It should approve and review the bank’s risk management framework which outlines the approach for the identification, assessment, monitoring and control / mitigation of risks.

2. Board of Directors should ensure the bank’s risk management framework is subject to effective and comprehensive internal audit by operationally independent, appropriately trained and competent staff.

3. Senior management should have responsibility for implementing the risk management framework. The framework should be consistently implemented throughout the whole banking organisation. Senior management should also have responsibility for developing policies, processes and procedures for managing risk across all of the bank’s material products, activities, processes and systems.

The principles fundamentally require that Risk Management exist as an independent and centralised function. As long as Risk Management is independent and centralised, it can be organised by:

–Risk type (credit, market, operational etc) or –Line of Business (Retail, SME, Corporate etc)

Typically in order to be more responsive to customer needs, the Risk Management function tends to be organised by Line of Business. Refer to the Appendices for options on organisational structure.

5

Centralised Risk Credit Risk in the Business

RISK MANAGEMENT

Policy & Framework

Reporting & Analysis

Risk Modelling

Credit Assessment & Approval

Problem Credit

Management

•Set and assure policies and frameworks•Set the Credit Approval Discretion framework•Provide risk reporting and analysis•Specify risk measurement tools (eg. statistical risk grade models)

Market Risk

Operational Risk

Portfolio Management

Policy & Framework

Reporting & Analysis

Portfolio Management

Risk ModellingRisk Assessment &

Approval

Policy & Framework

Reporting & Analysis

Portfolio Management

Risk Modelling

Risk Assessment

Business Continuity Planning

Whether the Risk Management Function is organised by risk types or Line of Business, there are fundamental risk capabilities that are required as outlined below:

•Operate within framework set by Centralised Credit Risk

6

Define Risk Appetite

Develop framework to ensure management of risk within acceptable range including:

• Policies• Credit Approval Discretions• Risk measurement (e.g. Models)• Portfolio Management

Operate within risk management framework set by Centralised Risk Management

Centralised Risk Management

Risk Management in the Business

Centralised Risk Management and Risk Management in the Business

7

Risk principles (Level 1)Risk principles (Level 1)

Risk frameworks (Level 2)Risk frameworks (Level 2)

Risk policies (Level 3)Risk policies (Level 3)

Risk operating procedures (Level 4)

Risk operating procedures (Level 4)

Formulate Maintain Approve Oversee

Chief Risk OfficerBoard of Directors

Chief Risk Officer

Centralised Risk Management Department

Executive Risk Committee

Chief Risk Officer

Line of Business (LOB) Risk Management Department

Centralised Risk Management

Head of LOB Risk Mgmt

Dept

LOB / Relevant Risk Management Department

Head of LOB / Relevant Risk Department (or delegate)

The level of policy will determine the owners and approvers, and level of oversight.

Policies: Roles and Responsibilities

8Risk committees are key governance mechanisms

Risk Committee

• Defines risk appetite, strategy• Authorises Group Limit framework • Delegates authority to committees

Group Asset & Liability Committee (ALCO)

ANZ Board

Operational Risk Executive Committee

(OREC)

Audit CommitteeAudit Committee

Review risk control framework and compliance

(CTC)Credit & Trading Risk

Committee (CTC)

• Policy framework• Credit risk• Market (traded) risk

• Approve major lending decisions

• Approve asset writing strategies

• Manage bank portfolio

• Policy framework for all balance sheet risks and operations.

• Interest rate risk• Liquidity & funding• Balance sheet structure• Structural FX exposures• Funds transfer pricing

• Operational Risk

• Compliance

• Information Security

9

Relationship Management

Assessment and Administration• Assess and Grade Risk• Structure Loans and Facilities• Execute – Internal and External

documentation• Security Management

Credit Approval

Front Office Loan Processing LOB Risk Management

Follow rules

Centralised Risk ManagementFramework & Portfolio

Process: Credit Assessment and Approval

Ensure compliance to framework

10Six Key Benefits of a Risk Grading System

Earning Warning System that identifies treatment of NPLs

Timely and cost-effective decision making and customer response (automation)

Centralised understanding and management of risk at

the portfolio level

Objective, business outcome based staff performance

management

Guides asset writing and pricing

RiskGrading

Enables low risk revenue growth – data mining of behavioural scoring

11

Expanded performing risk grade scale

provides the capability to build an effective early

warning system

Risk Grading System – Expanded Scale Equals Expanded Capability

1 Standard

2 Special Mention

3 Substandard

4 Doubtful

5 Loss

Rating 1

Rating 2

Rating 3

Rating 4

Rating 5

Rating 6

Rating 7

Rating 8

Rating 9

Rating 10

ANZ’s Credit Rating Scale

Estimate of Comparative

Scale

Traditional rating scales in China

12

Risk Grading System – Fundamentals

Predicts likelihood of loss, using 2 distinct dimensions:

• Risk/Likelihood of default - ability of the customer to repay the loan

• Loss given default - loss in the event of non-payment of the loan

Customer Security

Ability to service/repay

Risk of default

Customer Credit Rating

Loan security cover

Security Indicator

RISK GRADE

13