    SEPTEMBER 8 - 11, 2014

    Risk-Based Supervision

    Presentation Outline


    Significant Activities


    Inherent risks

    Quality of Risk ManagementResidual Risk

    Presentation Outline

    Direction of Risk

    Caital Assessment

    !arnings Assessment

    "i#uidity Assessment

    Comosite Rating

    Background$ Role of Prudential Suervision

    'he !ssence of Risk 'aking

    Experience taught me a fewthings. One is to listen to your

    gut, no matter how goodsomething sounds on paper.The second is that you'regenerally better off stickingwith what you know. And the

    third is that sometimes yourbest inestments are the onesyou don't make() Donald'rum

    Rationale for Risk*+ased Aroach

    Resources are not infinite , allocation of scarceresources

    Mechanism to rioriti-e &ork,on*sites . focus

    efforts on greatest risks/ocus on risks to institution0s aims and o+1ectives

    Basis for 1ustifying aroach2 action and decision

    Documented and consistent aroach to riskmanagement

    Risk Management Stages

    Decisionto +e Risk*


    Set RiskConte3t

    S"+i)'s 201. A**%"/ R#&)'

    Ste 4$ Identifying Significant Activities

    Our 'eam delivered net rofits of 56(7 +illion2

    &hich is 89 a+ove :;4: and our fourteenth

    consecutive year of rofit gro&th( Revenues &ere

    5e rovided 54?(8? +illion of insurance and

    annuity +enefits to our customers and their

    families in :;47( In addition2 &e managed the

    @!ASO and @PASO health +usiness on +ehalf of

    the @overnment of amaica and the largest ool

    of ension funds in amaica( 'hese are ma1or

    +usinesses from &hich &e ay out another

    almost 54; +illion annually( Our investment

    funds outerformed their resective +enchmarks

    for the most art and some &ere the +est

    erformers in their asset class)(!eft" #r. The

    $on. %.#. &illiams, hairman %ight" %ichard

    O. (yles, )resident * EO

    Ste I$ Identifying Significant Activities

    "ine of +usiness

    Business units

    !nterrise &ide rocess e(g( information technology

    Activities can +e identified from$ Organi-ation structure

    Strategic lans

    Oerational and Business lans

    Caital allocations2

    /inancial reorting internal,e3ternal

    Ste I$ Identifying Significant Activities

    >hat are the lines of +usiness,+usinessunits in an insurance firmE

    >hat are the lines of +usiness , +usinessunits in a credit unionE

    Ste I$ Identifying Significant Activities

    'yes of Insurance "ife insuranceF Gon*life insuranceF Reinsurance

    !(g( Activities , "ines of Business , Business Hnits Insurance





    %ealth +usiness Pension /unds Management


    Related Party 'ransactions

    Ste I$ Identifying Significant Activities

    !(g Activities , lines of +usiness , +usiness units ina credit unionE "oans


    Cash and lacements

    Deosits , share , savings

    Related Party 'ransactions

    Ste II$ Determining Materiality

    Assets generated +y the activity relative to total assetsi-e

    Revenue generated +y activity in relation to total

    revenueGet income +efore ta3,total net income +efore ta3

    Risk &eighted assets generated +y activity , totalR>A

    Caital allocation , total caital

    Strategic imortance

    Ste III$ Assess Inherent Risks

    Inherent risk is risk &hich cannot +esegregated from the activity( It is intrinsic toan activity and arises from e3osure to and

    uncertainty from otential future events(Inherent risks are evaluated +y consideringthe degree of ro+a+ility and the otential

    si-e of an adverse imact on an institutionscaital2 li#uidity or earnings(

    Inherent Risk Assessment

    Inherent Risk /rame&ork * 'raditional








    Inherent Risk /rame&ork * Revised








    Inherent Risk Rating

    Inherent Risk Rating

    Inherent Risk Rating * CAM!"S

    Inherent Risk Rating * CARAM!"S

    Asset Quality Assessment

    Soundness of risk identification ractices2credit under&riting standards and creditadministration ractices Credit Risk

    "evel2 distri+ution2 severity and trend ofro+lem2 classified2 non accrual2restructured2 delin#uent andnonerforming assets on and off +alancesheet Credit Risk

    Asset Quality Assessment

    Ade#uacy of allo&ances for loans andlease losses and other valuationreserves

    Credit risks arising from or induced +yoff*+alance sheet transactions2 e(g(

    unfunded commitments2 creditderivatives2 commercial and stand+yletters of credit and lines of credit(

    Asset Quality Assessment

    Diversification and #uality of the loanand investment

    !3tent of securities under&ritingactivities and e3osures tocounterarties in trading activities

    !3istence of asset concentration

    Asset Quality Assessment

    A+ility of management to roerlyadminister its assets2 including timelyidentification and collection of ro+lemassets

    Ade#uacy of internal controls and

    management information systemsJolume and nature of credit

    documentation e3cetion(

    Asset Quality Assessment

    Prudent investment ortfolioE CR

    Ade#uate sread of investments among asset tyesand counter arties CR

    Investment olicy in lace to ensure ongoingrudency of investment ortfolio CR

    Investment consistent &ith olicy CR

    Investment administered in a rudent mannerOR

    Mi3 of investment assets in line &ith deosit andinsurance fund re#uirements "RR

    Asset Quality Rating

    Asset Quality Rating

    Sensitivity to Market Risk Assessment

    Sensitivity of earnings or the economicvalue of caital to adverse changes ininterest rate2 foreign e3change rates2

    commodity rices or e#uity rices'he a+ility of management to identify2

    measure2 monitor and control e3osure to

    market risk given the si-e2 comle3ity andrisk rofile of the /I

    Sensitivity to Market Risk Assessment

    'he nature and comle3ity of interest raterisk e3osure arising from non tradingositions

    'he nature and comle3ity of market riske3osure arising from trading2 assetmanagement activities and foreign e3change


    Sensitivity to Market Risk Rating

    Sensitivity to Market Risk Rating

    Sensitivity to Market Risk Rating

    Sensitivity to Market Risk Rating

    Sensitivity to Market Risk Rating

    Reutational Risk Assessment

    Cororate @overnance

    Management integrity

    Staff cometence , suortCororate culture

    Risk management and controlenvironment

    Reutational Risk Assessment

    /inancial Soundness , Business via+ility

    Business ractices

    Customer satisfaction"egal , regulatory comliance

    Contagion risk , rumors

    Crisis management

    Disclosure and transarency

    Reutational Risk Rating

    Reutational Risk Rating

    Reutational Risk Rating

    Reutational Risk Rating

    Reutational Risk Rating

    Concentration Risk Assessment

    C)*#*'"i)* 'is can arise from unevendistri+ution of e3osures or loan to its+orro&ers( Such a risk is called Game

    Concentration risk( Another tye is SectoralConcentration risk &hich can arise fromuneven distri+ution of e3osures to

    articular sectors2 regions2 industries orroducts(

    Concentration Risk Assessment

    @eograhic concentration

    Single name

    Related arty

    Balance sheet

    Business , Product line

    Oerational Risk Assessment

    O'"i)*"/ 'isis Kthe risk of achange in value caused +y the fact thatactual losses2 incurred for inade#uateor failed internal rocesses2 eole andsystems2 or from e3ternal eventsincluding legal risk2 differ from thee3ected lossesK( Basel Definition

    Oerational Risk Assessment

    Internal /raud * misaroriation of assets2 ta3 evasion2 intentionalmismarking of ositions2 +ri+ery

    !3ternal /raud* theft of information2 hacking damage2 third*arty theftand forgery

    !mloyment Practices and >orklace Safety * discrimination2 &orkers

    comensation2 emloyee health and safety

    Clients2 Products2 L Business Practice* market maniulation2 antitrust2imroer trade2 roduct defects2 fiduciary +reaches2 account churning

    Damage to Physical Assets * natural disasters2 terrorism2 vandalism

    Business Disrution L Systems /ailures * utility disrutions2 soft&arefailures2 hard&are failures

    !3ecution2 Delivery2 L Process Management * data entry errors2accounting errors2 failed mandatory reorting2 negligent loss of clientassets

    Strategic Risk Assessment

    S'"#+i Ris is the risk of current orrosective imact on the financialinstitutions earnings2 caital2 reutation

    or standing arising from change in theenvironment and from adverse strategicdecisions2 imroer imlementation of

    decisions or lack of resonsiveness toindustry2 economic or technologicalchanges(

    Strategic Risk Assessment

    /our ey !lements$

    Strategic Planning

    Alignment and change managementImlementation and monitoring

    Performance evaluation and feed+ack

    Strategic Risk Assessment

    Comati+ility or suita+ility of theinstitutions goals and o+1ectivesconsistent &ith * cororate vision2 values2

    culture2 +usiness direction2 risk tolerance/inancial o+1ectives consistent &ith

    strategic goals

    Strategic decisions are rudent relative tosi-e and comle3ity

    Strategic Risk Assessment

    Resonsiveness to changes inenvironment

    Ade#uacy of resources in carrying outstrategic decisions

    Imlementation of strategic decisions

    Imact of strategic decisions

    Reinsurance Risk Assessment

    /inancial soundness of insurers reinsurance comaniesCredit Risk

    Ade#uacy of diversification of ceded remiums amongreinsurance comanies Credit Risk

    Aroriateness of insurers reinsurance strategyHnder&riting,"ia+ility Risk

    Ade#uacy of Insurers rotection against catastrohiceventsHnder&riting,"ia+ility Risk

    Aroriateness of insurers reinsurance contractsOerational Risk

    Aroriateness of the administration of reinsurancerelationshis +y the insurer Oerational Risk

    Actuarial "ia+ility Risk Assessment

    Insurers lia+ility aroriatelyestimated and reorted

    Product Design Risk

    Are regulatory re#uirements +eing met+y Insurer regarding technical

    rovisions "egal,Regulatory Risk

    Self Dealing and Related Parties Risk

    Self Dealing and Related Parties RiskAssessment

    Process in lace to revie& related artytransactions Oerational Risk

    Related arties dealings in accordance&ith ethical standards Reutation Risk

    >ritten code of ethics olicy in lace

    for emloyees Reutation RiskSignificant related arty revenue2

    e3enses2 assets or lia+ilitiesE

    Proosed Risk Assessment System . Inherent Risks

    @rou !3ercise N :

    4( Hsing a scale of 4 . ? 4 Strong and ? CriticallyDeficient2 develo a risk scoring definition matri3 for thefollo&ing inherent risks$ @rou A

    Strategic Risk

    Oerational Risk Concentration Risk

    :( :( Hsing a scale of 4 . ? 4 Strong and ? CriticallyDeficient2 develo a risk scoring definition matri3 for the

    follo&ing inherent risks$ @rou B Reinsurance

    Actuarial lia+ilities

    Self dealing and related arties

    @rou !3ercise N 7

    4(Identify the inherent risks in each of thesignificant activities and score on the scale of 4 . ?for each suervised entity credit unions and

    insurance comanies(

    Quality of Risk Management and Oversight

    Oerational ManagementComliance /unction

    Internal Audit , Suervisory Committee /unction

    !3ternal Audit /unctionRisk Management /unction

    Senior Management

    Board Oversight

    Quality of Risk Management Assessment

    Oerational management Day to day management of significant activities

    Ade#uate and aroriate for nature2 si-e and comle3ityof the financial institution

    Sufficient and effective in managing and mitigating keyrisks


    rocesses Control systems

    Staff levels and e3erience

    Quality of Risk Management Assessment

    Board Oversight Jary +ased on si-e2 structure and comle3ity of institutions

    Institutions re#uired to have in lace an effective +oard ofdirectors and senior management

    Board agree risk aetite e(g( aggressive or conservative Board of directors ultimately accounta+le for management and

    oversight of the institution

    Business lan in lace and aroriate . deosit,savings

    gro&th or remium gro&th too aggressiveE Deending on si-e2 +oard may delegate some oversight

    resonsi+ilities to +oard su+*committees e(g(( audit2 riskmanagement and human resource

    Quality of Risk Management Assessment

    Senior Management OversightDeending on si-e2 senior management may

    delegate some oversight resonsi+ilities to other

    oversight functions$ Risk management

    Suervisory Committee,Internal Audit


    Quality of Risk Management Assessment

    "evel and #uality of oversight andsuort of all institution activities +y the+oard of directors and management

    'he a+ility of the +oard of directors andmanagement2 in their resective roles tolan for2 and resond to risks that may

    arise from changing +usiness conditionsor the initiation of ne& activities orroducts

    Quality of Risk Management Assessment

    Ade#uacy of2 and comliance &itharoriate internal olicies andcontrols addressing oerations andrisks of significant activities

    Accuracy2 timeliness and effectiveness

    of management information and riskmonitoring systems aroriate for the/Is si-e2 comle3ity and risk rofile(

    Quality of Risk Management Assessment

    Quality of Risk Management AssessmentAudit and Internal Controls

    Comliance &ith la&s and regulationsResonsiveness to recommendations

    from auditors and suervisory authorities

    Management deth and succession

    !3tent that +oard of directors or

    management is affected +y2 or susceti+leto2 dominant influence or concentrationof authority(

    Quality of Risk Management Assessment

    Quality of Risk Management AssessmentAudit and Internal Controls

    Reasona+leness of comensation olicies andavoidance of self dealing

    Demonstrated &illingness to serve the legitimate

    /I needs of the communityClaims aid +y insurer in a fair and timely


    Insurer comliant &ith market conductre#uirements

    'he overall erformance of the institution and itsrisk rofile

    Quality of Risk Management Rating

    Quality of Risk Management Rating

    Quality of Risk Management Assessment

    Quality of Risk Management Assessment

    Residual Risk Assessment

    %o& key risks are managed in eachsignificant activity . oerational management

    !ffectiveness of oversight functions @overnance , Board Internal audit , Internal controls


    !ach key inherent risk is consideredsearately for each significant activity

    Determine aggregate residual risk

    Residual Risk Rating

    Residual Risk Rating

    Residual Risk Assessment

    Direction of Risk


    Risk Imact

    Caital Ade#uacy Assessment

    "evel and #uality of caitalOverall financial condition

    Managements a+ility to addressemerging caital needs

    Gature2 trend and volume of ro+lem

    assets and ade#uacy of rovision forloans and investment losses andade#uacy of other reserves

    Risk Imact

    Caital Ade#uacy Assessment

    Sufficient caital relative to lia+ilitiesand volumes of +usiness

    Aroriateness of tye of caital

    In comliance &ith share caital2solvency margin2 deosit and fund

    re#uirements as set out in la& and regs(

    Risk Imact

    Caital Ade#uacy Assessment

    Off +alance risk e3osures@ro&th rosects and ast e3eriences

    in managing gro&th

    Balance sheet comosition2 natureamount of intangi+le assets2

    concentration risks2 market risks2 risksin non traditional activities

    Access to caital

    Caital Ade#uacy Rating

    Caital Ade#uacy Rating

    Risk Imact

    !arnings Risk Assessment

    "evels of earnings including trends and sta+ility ,#uality of earnings sources

    !arnings track record to augment caital

    A+ility to rovide for ade#uate caital throughretained earnings

    Go reatriation of rofits , ayments of dividends+efore full comliance &ith Acts(

    "evel of e3enses in relation to oerations

    Hnder&riting revenues relative to incurred claimsroduct design and under&riting risks

    Risk Imact

    !arnings Risk Assessment

    Ade#uacy of the +udgeting systems2forecasting rocesses2 managementinformation systems

    Ade#uacy of rovisions to maintain theallo&ance for loan and lease losses andother valuation allo&ance

    'he earnings e3osure to market risk2such as interest rate2 foreign e3change andrice risks

    !arnings Risk Rating

    !arnings Risk Rating

    !arnings Risk Rating

    !arnings Risk Rating

    Risk Imact

    "i#uidity Risk Assessment

    Availa+ility of assets readily converti+le to cash&ithout undue loss

    Access to money markets and other sources of funding

    "evel of diversification of funding sources2 +oth onand off*+alance sheet

    'he degree of reliance on short*term2 volatile sourcesof funds2 including +orro&ings and +rokered deosits2

    to fund longer term assetsAroriate matching of assets and lia+ilities

    "evel of / assets relative to lia+ilities

    Risk Imact

    "i#uidity Risk Assessment

    'he trend and sta+ility of deosits , li#uid assets>ritten olicies in lace for interest rate2 / and

    li#uidity risks

    'he a+ility to securiti-e and sell certain ools ofassets

    'he caa+ility of management to roerly identify2measure2 monitor and control institutions li#uidity

    osition2 including the effectiveness of fundsmanagement strategies2 li#uidity olicies2management information systems2 and contingencyfunding lans

    "i#uidity Risk Rating

    "i#uidity Risk Rating

    "i#uidity Risk Rating

    "i#uidity Risk Rating

    Comosite Risk Assessment

    Comosite Risk Assessment

    /rame&ork for Risk*+ased Suervision


    /rame&ork for Risk*+ased Suervision

    Thank you+Any uestions-