Entire Section
PIB A4.1 PIB A4.1 Credit Risk Systems and Controls
PIB A4.1 Guidance
1. Depending on anAuthorised Firm's nature, scale, frequency, and complexity ofCredit Risk granted or incurred, theCredit Risk policy of anAuthorised Firm should address the following elements:a. how, with particular reference to its activities, theAuthorised Firm defines and measuresCredit Risk ;b. theAuthorised Firm's business aims in incurringCredit Risk including:i. identifying the types and sources ofCredit Risk to which theAuthorised Firm wishes to be exposed (and the limits on thatExposure ) and those to which theAuthorised Firm wishes not to be exposed;ii. specifying the level of diversification required by theAuthorised Firm and theAuthorised Firm's tolerance for risk concentrations and the limits on thoseExposures and concentrations; andiii. stating the risk-return that theAuthorised Firm is seeking to achieve onCredit Risk Exposures ;c. types of facilities to be offered, along with ceilings, pricing, profitability, maximum maturities and maximum debt-servicing ratios for each type of lending;d. a ceiling for the total loan portfolio, in terms, for example, of the loan-to-deposit ratio, undrawn commitment ratio, a maximum dollar amount or a percentage of capital base;e. portfolio limits for maximum aggregateExposures by country, industry, category of borrower/Counterparty (e.g. banks, non-bank financial institutions, corporates and retail), product (e.g. property lending),Groups of related parties and single borrowers;f. limits, terms and conditions, approval and review procedures and records kept forConnected lending — allAuthorised Firms should have a formal policy statement, endorsed by theGoverning Body , on such lending covering these matters;g. types of acceptableCollateral , loan-to-value ratios and the criteria for accepting guarantees; andh. howCredit Risk is assessed both when credit is granted or incurred and subsequently, including how the adequacy of any security and other risk mitigation techniques are assessed;i. the detailed limit structure forCredit Risk , which should:i. address all key risk factors, including intra-Group Exposures ;ii. be commensurate with the volume and complexity of activity; andiii. be consistent with theAuthorised Firm's business aims, historical performance, and the level of capital theAuthorised Firm is willing to risk;j. procedures for:i. approving new products and activities which give rise toCredit Risk ;ii. regular risk position and performance reporting;iii. limit exception reporting and approval; andiv. identifying and dealing with problemExposures ;k. the allocation of responsibilities for implementing theCredit Risk policy and for monitoring adherence to, and the effectiveness of, the policy; andl. the required information systems, staff and other resources.2. TheCredit Risk policy should emphasize the principles of prudence and should be enforced consistently. The policy and its implementation should ensure that credit facilities are only granted to credit-worthy customers and that risk concentrations are avoided.3. TheCredit Risk strategy and policy need to be clearly disseminated to, and understood by all relevant staff.4. TheCredit Risk policy of anAuthorised Firm should clearly specify the delegation of its credit approval authorities. Credit authority thus delegated should be appropriate for the products or portfolios assigned to the credit committee or individual credit officers and should be commensurate with their credit experience and expertise. An officer's credit authority may, however, be increased on the basis of his or her track record. AnAuthorised Firm should ensure that credit authority is required for acquiring any types of creditExposures , including the use ofCredit Derivatives for hedging or income generation.5. Credit authority delegated to the credit committee and each credit officer should be subject to regular review to ensure that it remains appropriate to current market conditions and the level of their performance.6. AnAuthorised Firm's remuneration policies should be consistent with itsCredit Risk strategy. The policies should not encourage officers to generate short-term profits by taking an unacceptably high level of risk.Counterparty Risk assessment7. TheAuthorised Firm should make a suitable assessment of the risk profile of itsCounterparties . The factors to be considered will vary according to both the type of credit andCounterparty such as whether theCounterparty is a company or a sovereignCounterparty and may include:a. the purpose of the credit and the source of repayment;b. an assessment of the skill, integrity and quality of management and overall reputation of theCounterparty ;c. the legal capacity of theCounterparty to assume the liability to theAuthorised Firm ;d. an assessment of the nature and amount of risk attached to theCounterparty in the context of the industrial sector or geographical region or country in which it operates and the potential impact on theCounterparty of political, economic and market changes; this assessment may include consideration of the extent and nature of theCounterparty's other financial obligations;e. theCounterparty's repayment history as well as an assessment of theCounterparty's current and future capacity to repay obligations based on financial statements, financial trends, cash flow projections and the potential impact of adverse economic scenarios;f. an analysis of the risk-return trade-off, with regard to the proposed price of the credit facility;g. the proposed terms and conditions attached to the granting of credit, including on-going provision of information by theCounterparty , covenants attached to the facility, the adequacy and enforceability ofCollateral and guarantees; andh. theAuthorised Firm's existingExposure to the individualCounterparty , sector, country or product and the availability of credit givenExposure limits.8. AnAuthorised Firm should document any variation from the usual credit policy.9. AnAuthorised Firm involved in loan syndications or consortia should not rely on other parties' assessments of theCredit Risks involved but should conduct a full assessment against its ownCredit Risk policy.10. AnAuthorised Firm granting credit to obligors in other countries should be cognisant of the additional risks — country risk and transfer risk — involved in such credits. AnAuthorised Firm should therefore consider the environment — economic and political — in the relevant countries, the potential effect of changes thereto on the obligors' ability to service the credit and the contagion effects in regions where economies are closely related.11. The exception reporting should be adequately supported by a management reporting system whereby relevant reports on the credit portfolio are generated to various levels of management on a timely basis.12.Connected Counterparties should be identified and the procedures for the management of the combinedCredit Risk considered. It may be appropriate forAuthorised Firms to monitor and report the aggregateExposure against combined limits in addition to monitoring the constituentExposures to the individualCounterparties .13. AnAuthorised Firm should consider whether it needs to assess the credit-worthiness of suppliers of goods and services to whom it makes material prepayments or advances.Risk assessment:
Derivative Counterparties 14. AnAuthorised Firm should include in itsCredit Risk policy an adequate description of:a. how it determines with which derivativeCounterparties to do business;b. how it assesses and continues to monitor the credit-worthiness of thoseCounterparties ;c. how it identifies its actual and contingentExposure to theCounterparty ; andd. whether and how it uses credit loss mitigation techniques, e.g. margining, taking security orCollateral or purchasing credit insurance.15. In assessing its contingentExposure to aCounterparty , theAuthorised Firm should identify the amount which would be due from theCounterparty if the value, index or other factor upon which that amount depends were to change.16. AnAuthorised Firm should clearly specify the delegation of its credit approval authorities. Credit authority thus delegated should be appropriate for the products or portfolios assigned to the credit committee or individual credit officers and should be commensurate with their credit experience and expertise. An officer's credit authority may, however, be increased on the basis of his her track record. AnAuthorised Firm should ensure that credit authority is required for acquiring any types of creditExposures , including the use ofCredit Derivatives for hedging or income generation.17. Credit authority delegated to the credit committee and each credit officer should be subject to regular review to ensure that it remains appropriate to current market conditions and the level of their performance.Credit approval procedures
18. AnAuthorised Firm should adhere closely to the "Know Your Customer" principle and should not lend purely on name and relationship without a comprehensive assessment of the credit quality of the borrower.19. Credit decisions should be supported by adequate evaluation of the borrower's repayment ability based on reliable information. Sufficient and up-to-date information should continue to be available to enable effective monitoring of the account.20. All credits should be granted on an arm's length basis. Credits to related borrowers should be monitored carefully and steps taken to control or reduce the risks ofConnected lending.21. AnAuthorised Firm should not rely excessively onCollateral or guarantees asCredit Risk mitigants. SuchCredit Risk mitigants may provide secondary protection to the lender if the borrower defaults, the primary consideration for credit approval should be the borrower's debt-servicing capacity.22. AnAuthorised Firm should be sensitive to rapid expansion of specific types of lending. Such trends may often be accompanied by deterioration of credit standards and thus merit increased focus on more marginal borrowers.23. AnAuthorised Firm should ensure through periodic independent audits that the credit approval function is being properly managed and that creditExposures comply with prudential standards and internal limits. The results of such audits should be reported directly to theGoverning Body , the credit committee or senior management as appropriate.Risk control
24. AnAuthorised Firm should consider setting credit limits for maximumExposures to single andConnected Counterparties , as well as limits for aggregateExposures to economic sectors, geographic areas, and on totalCredit Risk arising from specific types of products. By limitingExposures in these categories, anAuthorised Firm can manage creditExposure more carefully and avoid excessive concentrations of risk.25. TheCredit Risk policy of anAuthorised Firm should include a policy to control and monitorLarge Exposures and other risk concentrations. AnAuthorised Firm should carefully manage and avoid excessive risk concentrations of various kinds. These includeExposure to:a. individual borrowers (in particularExposure exceeding 10% of the firm's capital base);b.Groups of borrowers with similar characteristics, economic and geographical sectors; andc. types of lending with similar characteristics (e.g. those based on assets with similar price behaviour).26. Notwithstanding theConcentration Risk limit specified as part of the prudentialRules onLarge Exposures ,Authorised Firms should exercise particular care in relation to facilities exceeding 10% of capital base.27.Authorised Firms should recognise and control theCredit Risk arising from their new products and services. Well in advance of entering into business transactions involving new types of products and activities, they should ensure that they understand the risks fully and have established appropriateCredit Risk policies, procedures and controls, which should be approved by theGoverning Body or its appropriate delegated committee. A formal risk assessment of new products and activities should also be performed and documented.28. AnAuthorised Firm inCategory 1, 2, 3A or 5 is also subject to concentration limits and notification requirements as spelt out in PIB chapter 4.Risk measurement
29. AnAuthorised Firm should measure itsCredit Risk using a robust and consistent methodology, which should be described in itsCredit Risk policy. TheAuthorised Firm should consider whether the measurement methodology should be back-tested and the frequency of any such back-testing.30. AnAuthorised Firm should also be able to measure its totalExposure across the entire credit portfolio or within particular categories such asExposures to particular industries, economic sectors or geographical areas.31. Where anAuthorised Firm is a member of aGroup , theGroup should be able to monitor creditExposures on a consolidated basis.32. AnAuthorised Firm should have the capability to measure its creditExposure to individualCounterparties on at least a daily basis.33.Authorised Firms should analyse their credit portfolios to identify material inter-dependencies which can exaggerate risk concentrations. The importance can be illustrated by the contagion effects that a substantial decline in property or stock prices may have on the default rate of those commercial and industrial loans which rely heavily on such types ofCollateral .34.Authorised Firms should establish a system of regular independent credit and compliance audits. These audits should be performed by independent parties, e.g. internal audit and compliance, which report to theGoverning Body or the audit committee.35. Credit audits should be conducted to assess individual credits on a sampling basis and the overall quality of the credit portfolio. Such audits are useful for evaluating the performance of account officers and the effectiveness of the credit process. They can also enableAuthorised Firms to take early measures to protect their loans.Risk monitoring
36. AnAuthorised Firm should implement an effective system for monitoring itsCredit Risk , which should be described in itsCredit Risk policy. The system may monitor the use of facilities, adherence to servicing requirements and covenants, and monitor the value ofCollateral and identify problem accounts.37. AnAuthorised Firm should consider the implementation of a system of management reporting which provides relevant, accurate, comprehensive, timely and reliableCredit Risk reports to relevant functions within theAuthorised Firm .38. Adequacy and sophistication ofCredit Risk measurement tools required depends on the complexity and degree of the inherent risks of the products involved. AnAuthorised Firm should have information systems and analytical techniques that provide sufficient information on the risk profile and structure of the credit portfolio. These should be flexible to helpAuthorised Firm to identify risk concentrations. To achieve this, anAuthorised Firm system should be capable of analysing its credit portfolio by the following characteristics:a. size ofExposure ;b.Exposure toGroups of related borrowers;c. products;d. sectors, e.g. geographic, industrial;e. borrowers' demographic profile for consumer credits, e.g. age or income group, if appropriate;f. account performance;g. internal credit ratings;h. outstandings versus commitments; andi. types and coverage ofCollateral .39. AnAuthorised Firm should have procedures for taking appropriate action according to the information within the management reports, such as a review ofCounterparty limits.40. Particular attention should be given to the monitoring of credit that does not conform to usualCredit Risk policy, or which exceeds predetermined credit limits and criteria, but is sanctioned because of particular circumstances. Unauthorised exceptions to policies, procedures and limits should be reported in a timely manner to the appropriate level of management.41. Individual credit facilities and overall limits and sub-limits should be periodically reviewed in order to check their performance and appropriateness for both the current circumstances of theCounterparty and in theAuthorised Firm's current internal and external economic environment. The frequency of review will usually be more intense for higher-riskCounterparties or largerExposures or in fluctuating economic conditions.42. AnAuthorised Firm should have in place a system for monitoring the overall quality of itsCredit Risk Exposures under normal and stressful conditions. There should also be a reporting system which s management to aggregateExposures approaching various pre-set portfolio limits.43. AnAuthorised Firm should be mindful of business and economic cycles and regularly stress-test their portfolios against adverse market scenarios. Adequate contingency planning should be developed in conjunction with stress-testing to address the possibility of crises developing in a very rapid fashion.44. Appropriate stress testing of creditExposures can be an essential part of the credit management process. Examination of the potential effects of economic or industry downturns, market events, changes in interest rates, changes in foreign exchange rates and changes in liquidity conditions can provide valuable information about anAuthorised Firm's Credit Risk . This information can be utilised to inform theAuthorised Firm's on-going credit strategy.45. As new techniques forCredit Risk management, monitoring and reporting are developed, theAuthorised Firm should ensure they are tested and evaluated before undue reliance is placed upon them.46. Where the account officer for a credit (or customer relationship manager, branch manager or similar) moves on, the incoming officer should carry out a take-over review. The review should cover inter alia the credit-worthiness of the borrowers, the adequacy of the documentation, compliance with covenants, performance of each loan and the existence and value of anyCollateral .Problem
Exposures 47. AnAuthorised Firm should have processes for the timely identification and management of problemExposures . These processes should be described in theCredit Risk policy.48. AnAuthorised Firm involved in providing credit should establish a dedicated unit to handle the recovery and work-out of problem loans and should establish policies for the referral of loans to this unit.49. AnAuthorised Firm should ensure that its loan portfolio is properly classified and has an effective early-warning system for problem loans.50. AnAuthorised Firm should develop and implement internal risk rating systems for managingCredit Risk . The rating system should be consistent with the nature, size and complexity of theAuthorised Firm's activities. In using internal risk ratings, anAuthorised Firm should seek to achieve a high granularity in the rating system and adopt multiple grades for loans that are not yet irregular and to develop the ability to track the migration of individual loans through the various internal credit ratings.51. Depending on the size and nature of theAuthorised Firm , it may be appropriate for problemExposures to be managed by a specialised function, independent of the functions that originate the business or maintain the on-going business relationship with theCounterparty .52.Exposures identified as problems or potential problems should be closely monitored by management, and anAuthorised Firm should set out, for example, whether a loan grading system or a watch or problem list is used and, in the latter case, the criteria for adding an asset to or taking an asset off that list.53. It is recommended thatAuthorised Firms establish a dedicated unit to handle the recovery and work-out of problem loans and put in place policies for the referral of loans to this unit.54. AnAuthorised Firm should have adequate procedures for recoveringExposures in arrears or those which had provisions made against them. These should allocate responsibility both internally and externally for its arrears management and recovery and define the involvement of theAuthorised Firm's solicitors.55. Requirements relating to provisioning against loss on problemExposures are covered in PIB chapter 4.Risk mitigation
56. Various methods can be used to mitigateCredit Risk , such as taking security orCollateral , obtaining a guarantee from a third party, purchasing insurance orCredit Derivatives .Authorised Firms should view these as complementary to, rather than a replacement for, thorough credit analysis and procedures.57. In controllingCredit Risk , anAuthorised Firm may utilise certain mitigation techniques. Normally, they include:a. acceptingCollateral , standby letters of credit and guarantees;b. entering intoNetting arrangements,c. setting strict loan covenants; andd. usingCredit Derivatives and other hedging instruments.58. In determining which types of credit mitigation techniques should be used, firms should also consider:a. their own knowledge and experience in using such techniques;b. cost-effectiveness;c. type and financial strength of theCounterparties orIssuers ;d. correlation with the underlying credits;e. availability, liquidity and realisability of the credit mitigation instruments;f. the extent to which legally recognised documentation, e.g. ISDA Master Agreement, can be adopted; andg. the degree of supervisory recognition of the mitigation technique.59. While mitigation throughCollateral and guarantees is usually dealt with at the time of granting of credits,Credit Derivatives andNetting are often employed after the credit is in place, or used to manage the overall portfolio risk. When the mitigation arrangements are in place they should then be controlled.Authorised Firms should have written policies, procedures and controls for the use of credit mitigation techniques. They should also ensure adequate systems are in place to manage these activities.60.Authorised Firms should revalue theirCollateral and mitigation instruments on a regular basis. The method and frequency of revaluation depends on the nature of the hedge and the products involved.61. If anAuthorised Firm takes security orCollateral , on credit facilities, appropriate policies and procedures should be documented covering:a. the types of security orCollateral considered;b. procedures governing the valuation and revaluation of security orCollateral including the basis of valuation;c. policies governing the taking of security orCollateral , including obtaining appropriate legal title; andd. policies governing possession of security orCollateral .62. The value of security andCollateral should be monitored at an appropriate frequency. For example, commercial property might be revalued annually, whereasSecurities provided asCollateral should be marked to market usually on a daily basis. Residential property may not need to be revalued annually, but information should be sought as to general market conditions.63. When takingCollateral in support of anExposure , anAuthorised Firm should ensure that legal procedures have been followed, to ensure theCollateral can be enforced if required.64. AnAuthorised Firm should consider the legal and financial ability of a guarantor to fulfil the guarantee if called upon to do so.65. AnAuthorised Firm should analyse carefully the protection afforded by risk mitigants such asNetting agreements orCredit Derivatives , to ensure that any residualCredit Risk is identified, measured, monitored and controlled.66. AnAuthorised Firm providing mortgages at high loan-to-value ratios should consider the need for alternative forms of protection against the risks of such lending, including mortgage indemnity insurance, to protect against the risk of a fall in the value of the property.Record keeping
67. TheAuthorised Firm should maintain appropriate records of:a. creditExposures , including aggregations of creditExposures , by:i.Groups ofConnected Counterparties ; andii. types ofCounterparty as defined, for example, by the nature or geographical location of theCounterparty ;b. credit decisions, including details of the facts or circumstances upon which a decision was made; andc. information relevant to assessing current credit quality.68. Credit records should be retained for at least six years, subject to any requirement in theRules requiring such records to be kept for a longer period.69. It is important that sound and legally enforceable documentation is in place for each credit agreement as this may be called upon in the event of a default or dispute. AnAuthorised Firm should therefore consider whether it is appropriate for an independent legal opinion to be sought on documentation used by theAuthorised Firm . Documentation should be in place before theAuthorised Firm enters into a contractual obligation or releases funds.Country and transfer risk
Exposure 70. PIB chapter 4 does not provide limits on the size of anAuthorised Firm's Exposure to a particular country or region. However, anAuthorised Firm which hasLarge Exposures in a country or region should include in itsCredit Risk policy:a. the geographical areas in which theAuthorised Firm does or intends to do business;b. its definition ofCredit Risk Exposure and transfer risks (such as exchange restrictions) associated with doing business in each country or region;c. how to measure its totalExposure in each country or region and across several countries or regions;d. the types of business theAuthorised Firm intends to undertake in each country or region;e. limits onExposures to an individual country or region which theAuthorised Firm deals with, and sub-limits for different types of business if appropriate;f. the procedure for setting and reviewing country or regional limits; andg. the process by which theAuthorised Firm's actual country or regionalExposures will be monitored against limits and the procedure to be followed if the limits are breached.71. When setting country or regional limits, anAuthorised Firm should consider:a. the economic and political circumstances prevailing in the country or region;b. the transfer risks associated with any particular country or region;c. the type and maturity of business undertaken by theAuthorised Firm in a particular country or region;d. theAuthorised Firm's existing concentration of country or regional risk;e. the source of funding for the country or regionalExposure ; andf. sovereign or other guarantees offered.Provisioning
72. Depending upon the nature of theAuthorised Firm and its business, theAuthorised Firm's provisioning policy should set out:a. who has responsibility for reviewing the provisioning policy and approving any changes;b. how frequently the policy should be reviewed;c. when the review will take place, including the circumstances in which a review might be more frequent;d. who has primary responsibility for ensuring the provisioning policy remains appropriate, including any division of responsibilities;e. the areas of its business to which the provisioning policy relates — it should include both on balance sheet and off balance sheetExposures and assets;f. where it takes different approaches to different lines of its business and the key features of those differences;g. who has responsibility for monitoring its asset portfolio on a regular basis in order to identify problem or potential problem assets and the factors it takes into account in identifying them;h. whether a loan grading system or a watch or problem list is used and, in the latter case, the criteria for adding an asset to or taking an asset off that list;i. the extent to which the value of anyCollateral , guarantees or insurance which theAuthorised Firm holds affects the need for or size of provision;j. on what basis theAuthorised Firm makes its provisions, including the extent to which the level of provisioning is left to managerial judgement or to a committee or involves specified formulae and the methodologies or debt management systems and other formulae used to determine provisioning levels for different business lines and the factors applied within these methodologies;k. who is responsible for ensuring that theAuthorised Firm's provisioning policy is being implemented properly, and the measures theAuthorised Firm has in place if its provisioning polices are not adhered to;l. who is responsible for the regular reviews of theAuthorised Firm's specific and general provisions and who decides whether provision levels are satisfactory. The reviews should take account of changes in the status of theExposures and potential losses and changes in the conditions associated with them;m. the reports used to enable management to ensure that theAuthorised Firm's provisioning levels remain satisfactory, the frequency and purpose of those reports and their circulation;n. the procedures for recoveringExposures in arrears orExposures which have had provisions made against them, including who has responsibility both internally and externally for its arrears management and recovery and the involvement of theAuthorised Firm's solicitors;o. the procedures and methodologies for writing off and writing back provisions, including treatment of interest and who has the relevant responsibility for determining these;p. the frequency of any review of its write off experience against provisions raised; such a review can help identify whether anAuthorised Firm's policies result in over or under provisioning across the business cycle, and contribute to a general review of anAuthorised Firm's provisioning policy and the design of any loan grading systems,Credit Risk models, and risk pricing; andq. theAuthorised Firm's procedures and methodologies for calculating and raising provisions for contingent and other liabilities, how frequently they should be reviewed and who has the relevant responsibilities. Other liabilities include the crystallisation of contingent liabilities such as acceptances, endorsements, guarantees, performance bonds, indemnities, irrevocable letters of credit and the confirmation of documentary credits.73. Provisions may be general (against the whole of a given portfolio) or specific (against particularExposures identified as bad or doubtful), or both. TheDFSA expects contingent liabilities and anticipated losses to be recognised in accordance with the applicable accounting standards.74. Appropriate systems and controls for provisions vary with the nature, scale and complexity of the credit granted. AnAuthorised Firm for which the extension of credit is a substantial part of its business is expected to have greater regard to developing, implementing and documenting a provisioning policy than anAuthorised Firm for whichCredit Risk is incidental to the operation of its business.75. TheDFSA recognises that the frequency with which anAuthorised Firm reviews its provisioning policy once it has been established will vary from firm to firm. However, theDFSA expects anAuthorised Firm to review its policy to ensure it remains appropriate for the business it undertakes and the economic environment in which it operates. The provisioning policy should be reviewed at least annually by theGoverning Body .Derived from RM111/2012 (Made 15th October 2012). [VER20/12-12]