Credit Risk Management has attracted a lot of attention in the recent times. The recent financial crisis has been a trigger for this new interest. The discipline itself, however, is as old as banking and money lending. In this paper, discussion will be focused on the credit risk management function in retail banking and the credit card world.
After the recent financial crisis, banks are investing heavily in strengthening their risk infrastructure by bringing in new technologies and tools like Business Intelligence (BI) Tools. These new tools will enhance timely delivery of key risk metrics that will help risk managers mitigate portfolio losses.
A commonly found definition for Credit Risk is that it is the risk of loss due to non payment on loans as agreed. When the borrower is unwilling or unable to adhere to the repayment schedule, the loan account becomes delinquent and is eventually charged off if no further payments are received. This is a real risk that directly impacts the lender’s bottom line. Identifying, quantifying and mitigating this risk of loss of capital and interest are the principal focus of Credit Risk (CR) Management , the subject of this primer.
CR is a key function in all banking and lending institutions - whether they are small, medium, or global financial institutions. It plays a pivotal role by designing the Bank’s loss management and regulatory compliance policies. The degree of sophistication, however, of the risk function varies across these organizations.
Organizationally, individual banks may have different structures for CR. Two common arrangements are generally found: In one, multiple responsibilities making up the CR role report to a single function or strategic unit.; In the second, CR reports to the Chief Credit Officer and the functions are often named differently.
Credit Risk Management Function
CRM functions in a bank typically include the following responsibilities:
Ø Credit Risk Policy
· New account acquiring system
· Portfolio Risk management (existing loan portfolio)
Ø Loss Forecasts
Ø Decision Sciences and Predictive analytics
Ø Risk IT
Ø Risk Governance , Compliance and Audit
Credit Risk Policy: This group is responsible for design, testing and approval of the bank’s credit risk policies. Policies include new account acquiring policy, portfolio risk management policy, fraud risk management policy, etc. For example, new account risk policy will determine the cut-off credit score above which new accounts / loans will be solicited. These decisions are supported by detailed and in-depth analytics on customer data that is often supplemented with additional data purchased from credit bureau or other external vendors. On the other hand, for loss mitigation on existing portfolio, customer retention strategies would constitute portfolio risk management policies.
Loss Forecasts: Banks compute Allowance for Loan and Lease Losses (ALLL) forecasts to provide for loss reserves. While several methodologies are available for computing loss estimates, the portfolio delinquency and flow rate methodology is widely used. This method uses loan past due information and rate of worsening delinquency to forecast losses. Many banks also use macroeconomic indicators / metric overlays like unemployment rate to fine tune their forecasts. Adequate loss reserves safeguard the bank as well as the depositors against expected losses in loan portfolio. Federal banking regulators such as Federal Reserve, Office of the Comptroller of the Currency (OCC), Federal Deposit Insurance Corporation (FDIC) and other Bank supervisory /regulatory agencies have issued detailed guidelines on loss reserves for banks.
Decision Sciences and Predictive Analytics: This group uses statistical and data mining techniques to review historical customer data to identify behavior patterns and predict future customer behavior. This group custom builds scoring models that are targeted to predict given outcomes. Smaller banks buy scoring models from credit bureaus or other vendors.
Collections: Often known as the Customer Support group, this group designs collection policies and strategies to recover receivables and past due payments from delinquent customers.
Risk IT is outside of the Information Systems (variously known as IS or IT in many financial institutions) and generally reports to the risk business leadership. They are charged with implementing / executing risk policies on the different platforms and IT infrastructure in use.
Risk Governance, Compliance and Audit group provides management oversight to CRM and ensures that all regulatory policies are in compliance.
Role of Data Analytics
Data analytics provides an important role in CR management. These can be regular or ad hoc analytics designed to provide specific information e.g., loan portfolio segments or customer responses to solicitations. Typically, large volumes of data are processed to segment the portfolio and compute key risk metrics. Banks usually use SAS, Cognos, Business Objects or MicroStrategy as their analytical toolset.
Risk Reports, Dashboards & KPIs play an important role in Credit Risk Management. Reports such as those which show 30-Day, 60-Day and 90-Day delinquent accounts provide quick insights into the state of the portfolio. Segmentation of delinquency by customer profiles like risk-score, household-income and credit-utilization bands quickly deepen Management’s understanding of portfolio performance. Many banks have separate group within Credit Risk Department dedicated to producing risk reports.