XETRA: SNTReuters:

SNTS.VIBloomberg:

SNT AVUS-OTC: STSQY

www.snt.at

Risk Management in the Financial Services Industry

24 February 2004

Dan LISTEŞ,Business Development Manager, S&T Romania

IT in Emerging Europe

What Meridien Research says:

“ Whether planners and users of risk management systems realize it or not DATA is the single most important component of risk management. Planning and implementing a comprehensive data architecture to support risk is the only reliable way to ensure risk calculations are accurate, comprehensive, and available, to business decision makers …”

IT in Emerging Europe

Basel II - 3 Pillars

Banks MUST produce risk measures for Capital Adequacy Calculation: possible with standardized and internal measurement approach

They WANT to do this as accurately as possible to preserve profitability: possible with internal measurement approach

Minimum CapitalRequirements

•Meaningful differentiation of risk types

•Completeness and integrity of rating assessment

•Oversight of the rating system and processes

•Criteria of rating system•Estimation of PD•Data collection & IT systems•Use of internal rating systems•Internal validation•Disclosure

SupervisoryReview

Strong emphasis on risk reporting and disclosure of measures and techniques

MarketDiscipline

Data Model

Mapping

Data Management

Standard Analytics

Business Rules

Advanced Analytics

Disclosure

Standard Reports

Intelligence

IT in Emerging Europe

Basel II Minimum CapitalMinimum Capital

RequirementsRequirementsMarketMarket

DisciplineDiscipline

VariousReporting

Tools

Mark

et

Ris

kC

redit

Ris

kO

pera

tional

Ris

kStandardized Approach

Internal Measurement Approach

Standardized Approach

Basic Indicator Approach

Foundation Approach

Advanced Approach

InternalRatingsBasedApproach

Standardized Approach

Internal Measurement Approach

SupervisorySupervisoryReviewReview

Risk Warehouse

IT in Emerging Europe

SAS Risk Management For Banking

SASRegulatoryReporting

Portal

SAS Fraud Detection Solution

SAS Individual Credit Risk Solution

SAS Market Risk Solution

SAS It Management Solution

SAS Human Capital Solution

SAS Money Laundering Solution

SAS Financial Management Solution

SAS Fraud Detection Solution

SAS Portfolio Credit Risk SolutionSASRisk

Warehouse

SA

S R

isk

Pe

rfo

rma

nc

eM

ea

su

rem

en

t S

olu

t io

n

Mark

et

Ris

kO

pera

tion

al

Ris

kC

red

itR

isk

Standardized ApproachStandardized Approach

Internal MeasurementInternal Measurement Approach Approach

Standardized ApproachStandardized Approach

Basic Indicator ApproachBasic Indicator Approach

Foundation ApproachFoundation Approach

Advanced ApproachAdvanced Approach

InternalInternalRatingsRatingsBasedBased

Standardized ApproachStandardized Approach

Advanced Measurement Advanced Measurement Approaches Approaches

SupervisorySupervisoryReviewReview

MarketMarketDisciplineDiscipline

Basel II and More…Basel II and More…

IT in Emerging Europe

The Big Basel II Issue(s) for Banks

• Effectively integrating different risk types• Ensuring data integrity & timeliness of figures• Guaranteeing accurate calculation of risk

measures• Interpreting analytics for regulatory reporting–risk

disclosure• Implementing better risk management processes• Overcoming lack of data integration. • Conversion of market risk oriented systems to

meet Basel II requirements • Compliance with supervisory rules

IT in Emerging Europe

Basel II - Hot Topic

• Estimated cost of $2250bn to the world's 30,000 largest banks for Basel II compliance.

• Basel II should (if implemented correctly) help to increase shareholder value and profitability levels through improved enterprise risk management.

• Able to demonstrate that their supervisory and internal risk control processes are sufficiently robust and transparent to meet the new standards

• Responsible for allocating resources and overseeing Basel II program e.g: Tier 1 Bank budgeted approx $50m, Tier 2/3 Banks $10- 30m

• Must have a risk management strategy

IT in Emerging Europe

Basel II spending trends

0% 100%

2003

2004

2005

2006

2007

2008

ApplicationInfrastructure

50%

• The near term spend will be infrastructure based as banks seek to develop core IT infrastructure to support data management requirements

• Banks will focus on improving risk applications as parallel running nears in 2005

• Following implementation, banks will be required to make incremental investments in modelling and analytical applications to satisfy regulatory demands

IT in Emerging Europe

Rethinking Risk ... Value from Basel II ?

Source: Crouhy et al. (2001). Risk Management, McGraw-Hill

Operational Risk 20%Operational Risk 20%

Current Capital AllocationCurrent Capital Allocation Future Capital AllocationFuture Capital Allocation

Market Risk 10%Market Risk 10%

Credit Risk 70%Credit Risk 70%

Operational Risk 30%Operational Risk 30%

Credit Risk 50%Credit Risk 50%

Market Risk 20%Market Risk 20%

IT in Emerging Europe

Unique Positioning of SAS for Basel II

• Existing external credit, operational and market risk banking references

• Proven successes in the delivery of the core quantitative and qualitative components in the Basel II frameworkProbability of Default via credit scoringExposure calculation via SAS for Risk ManagementRisk and regulatory reporting capabilitiesCompliance with all data delivery aspects in the Minimum Requirements

Operational risk framework and supporting solutionsProven data management expertise  

IT in Emerging Europe

SAS Enterprise Risk Management – Value of Data Integration

Performance Data

Loss DataRisk Data

Risk Management

Bank Operations/ Platforms

Finance

INTEGRATED RISK

MANAGEMENT

IT in Emerging Europe

Basel II compliant SAS Enterprise Risk Management

MARKET

RISK

OPERATIONAL

RISK

CREDIT

RISK

ENTERPRISE

RISK

MANAGEMENT

IT in Emerging Europe

Risk types covered

Market RiskMark to Market and P/LVaR algorithms

Parametric: delta normal, riskmetrics, delta gammaNon-parametric: historical simulation, monte carlo

Sensitivity analysis and scenario analysis

Credit RiskCurrent & potential exposureCredit Metrics, Credit Risk

PoDPerformanceCalculation & AllocationRetail and Corporate

Operational RiskHuman, IT, Legal, ProcessesStrategic Performance

Management (Link to KPIs)

IT in Emerging Europe

The Basel Capital Accord:Credit Risk

SAS Credit Risk Solution

Credit Scoring for RetailPortfolio Risk Management

for Corporate

‘Foundation’ ‘Advanced’

IT in Emerging Europe

Types of Credit Scoring

Application ScoringPerformed at time of credit applicationResults in Accept / Reject

Behavioural ScoringRisk within existing clientsProfitability ModellingUp-Sell / Cross-Sell Potential

Collection Scoringpredict recovery value of outstanding credit

IT in Emerging Europe

Credit Portfolio Risk

Expected LossExpectedExposure

Loss in the eventof default

DefaultProbability= x x

RatingCustomerSegment

Limit UtilisationCollateral

ValueCollateral

Type

CounterpartySpecific

TransactionSpecific

Unexpected Loss = Volatility of actual versus Expected Loss experience

IT in Emerging Europe

Operational Risk - Defined

Operational Risk is the current or prospective risk to earnings and capital arising from failures in transactions with customers or counter parties, ineffective decision making, and inadequate, insufficient human resources

Types of Operational RiskPre-transaction riskProcessing riskSettlement and payments riskManagement information riskHuman resources risk

IT in Emerging Europe

Access

DataManagement

Analysis

Reporting Operational Risk Dashboard and Reporting

SAS Strategic Performance Management

Data Mining, Analytics, Value at Risk Modeling

(SAS Risk Dimensions / SAS Enterprise Miner)

Data Repository, Data Cleansing, Definitions

SAS Warehousing Suite, SAS BIM (Data Models)

Risk Self Assessment Data Repository, Operational Data Sources (legacy systems, database systems, ERP Systems, etc.), Loss Databases

Access to 50+ data sources, multi-platform

Basel II compliant SAS® Enterprise Risk

Management

Risk M

anagement O

ptimization

Strategic Advantage

IT in Emerging Europe

ATHU

CZSK

PL

UA

TR

CY

RULV

SI HR

BA YU

RO

MD

BGMK

GR

AT Austria

MD MoldovaSL Slovenia

Headquarter BA Bosnia and Herzegovina

MKRepublic of MacedoniaSK Slovak Republic

S&T Countries BG Bulgaria

PL Poland

TR TurkeyCZ Czech Republic

RO Romania

UA Ukraine

CY Cyprus RU RussiaHUHungary

Serbia and Montenegro

LV Latvia

Success in CEE

GR Greece

MT MaltaHR Croatia

MT

YU

IT in Emerging Europe

References in FSI• Ministry of Public Finance• BRD – Societe Generale• Romanian Commercial Bank• Romanian National Bank• Savings Bank• “Ion Tiriac” Commercial Bank• UniCredito• Alpha Bank• HVB• Banque Franco-Roumaine• Transilvania Bank• Transfond (deployment)

Our experience in FSI• Public Key Security

Infrastructure• Core banking infrastructure• Information system

management• Signature Scanning• SalesForce Automation• Payment Orders Tracking• Report Generation automation• Business continuity • Internet Banking• Consumer Loans

Risk Management Competence• Experienced Business

Consultants• Certified Technical Resources• Assesements/pilots on role

References in Romania

IT in Emerging Europe

What Meridien Research says:

“We believe that, in order to be in a position to comply with changes in regulation, financial institutions will have to start investing now in changes to the processes and technologies that support risk management. Significant efforts, especially in data identification and aggregation, will be needed to meet new validation and verification requirements for credit risk management”