NO1 Certified Amil Baba In Lahore Kala Jadu In Lahore Best Amil In Lahore Ami...
Executive Summary Risk Management
1.
2. This workshop aims to familiarize the participants with the main concepts
of conventional and Islamic risk mitigation for financial institutions and
spur ideas on how to proceed with a Shariáh compliant risk mitigation
framework using Islamic products rather than replicate conventional risk
mitigation techniques such as derivatives.
The objective of the workshop is to provide an analysis of conventional
and Islamic risk mitigation in order to provide a clear understanding on
how an Islamic bank should conduct its risk mitigation strategy.
3. I will provide a snapshot of risks in conventional and Islamic banking,
conventional and Islamic risk mitigation techniques, reveal the Tense
Dichotomy Between Shariáh Compliance and the Economic Goals of an
Islamic Bank, explore Dispute Resolution and Financial Reporting as Risk
Mitigation Techniques, explain Risks in the Sukuk Structure, and discuss
Takaful as a Mitigation Technique, and the Risks Involved in Introducing
Takaful into the United States.
The Sukuk and Takaful presentations have a USA angle as I believe this is
an opportune time to enter the USA market with Islamic banking products.
4. Risks in finance can be classified as business and financial risks.
Business risk is due to the uncertainty arising from the nature of a firm’s
business.
It relates to factors affecting the product market.
Financial risk is the uncertainty arising from possible losses in financial
markets due to movement of financial variables.
It is usually associated with the risk that obligations and liabilities cannot
be met with current assets.
5. The implication of risk of outcomes can be assessed by examining the
likelihood and impact of the risk.
The likelihood can be termed in probability terms.
The impact can be measured as the total loss or value of assets lost.
In the case of subjective risks that cannot be quantified, the categorization
of both likelihood and impact can be high, medium, or low.
6. The goal of risk management is to take corrective actions to reduce the
impact and likelihood that the residual risks can be brought within the
tolerable loss range.
The impact can be reduced by controlling the sources from which they
arise and instituting limits to the exposures.
For example, credit risk can be reduced by controlling the exposure to
such risk by exercising due diligence to reduce the probability of default.
7. Risk entails both vulnerability and opportunities.
There are various costs associated with higher risk (volatility) of cash
flows.
These include higher expected bankruptcy costs, higher expected costs to
corporate stakeholders, and higher expected tax payments.
Successful firms are not those that reduce risks, but those that take
advantage of the opportunities offered by risk-taking.
8. The objectives of risk management are first and foremost to reduce the
volatility of cash income, cash flows, a firm’s market value, return on
equity, and cost of borrowing.
From the stakeholder’s perspective, managing risks would involve firm
value maximization, elimination of costly lower tail outcomes, and
maintaining a certain financial risk profile.
9. Risk management refers to the overall process that a financial institution
follows to define a business strategy, to identify the risks to which it is
exposed, to quantify those risks, and to understand and control the nature
of risks it faces.
While risk reduction is defensive and is used to protect firms from risk by
using hedging, insurance and derivatives, risk management is about using
the risk to an organization’s advantage by seeking it out to exploit
uncertainty and risks through various proactive policies to create value.
Risk management is strategic and should be part of the corporate strategy.
10. Risks facing financial institutions can be of three types: Risks that can be
eliminated, risks that be transferred to others, and risks that can be
managed to the institutions themselves.
The practice of the financial institution is to take up activities in which the
risks can be effectively managed and to shift the risks that can be
transferred.
11. Risk avoidance techniques would include the standardization of all
business-related activities and processes, construction of a diversified
portfolio, and implementation of an incentive-compatible scheme with
accountability of actions.
Some risks facing banks can be reduced or eliminated by transferring or
selling these in well-defined markets.
Risk transferring techniques include, among others, use of derivatives for
hedging, selling or buying of financial claims, changing borrowing terms,
etc.
12. There are some risks that cannot be either eliminated or transferred and
must be absorbed by the banks.
These risks are accepted by the financial institutions as they are central to
their business and the banks are specialized in dealing with them.
Once a bank decides that it has a comparative advantage in taking certain
risks, it has to determine the role of its risk management in exploiting this
advantage.
13. Note that a firm’s ability to undertaking activities involving risk not only
depends on its risk management policy, but also on its capital structure
and general financial health.
Risk management and capital are in some ways substitutes for each other
in the protection against risks in financial exposures.
Hence, when firms lower their risks through efficient risk management,
the capital requirement is also reduced.
14. From an Islamic perspective, economic activities are not judged by their
inherent risks, but by whether they add value and/or create wealth.
Hassan (2009) identifies three types of risks from the Islamic perspective.
First is the essential risk that is inherent in all business transactions. This
business risk is necessary and must be undertaken to reap the associated
reward or profit.
15. Two legal maxims associating returns to essential risks form the basis of
Islamic economic transactions.
The first maxim states, “the detriment is as a return from the benefit (al
ghurm bil ghunm) (Majalla Art. 87). This maxim attaches the entitlement
of gain to the responsibility of loss. This maxim is usually used to propose
the preference for profit-and-loss (PLS) financing instruments.
The second maxim is derived from the Prophetic saying, “al kharaj bil
daman” stating “the benefit of a thing is a return for the liability for loss
from that thing” (Majalla Art. 85). The maxim asserts that the party
enjoying the full benefit of an asset or object should bear the risks of
ownership.
16. The second prohibited risk is in the form of excessive gharar.
The third form of risk is the permissible risk that does not fall in the above
two categories i.e. operational and liquidity risk. These risks can be either
accepted or avoided.
17. Al-Suwailem links risk with causality.
He asserts that there is a need to distinguish between causes and
uncertain outcomes.
In uncertain situations, individuals have control over the causal factors,
but not the outcome.
Citing the Prophetic saying of “tie the camel and then entrust it to God,” he
asserts that the Islamic approach to risk management would be to
understand and control the causes of risks and then leave the final
outcome to the will of God.
18. Al-Suwailem also discusses the ethics of risk management in Islam.
He asserts deeds are judged according to intentions and means are treated
in the same manner as ends.
Thus, if an action can lead to various outcomes, its value should be judged
by the most probable outcomes.
An economic activity creating value would be one in which the probability
of gain would exceed the probability of loss.
However, an individual’s attitude towards risk is not subject to rigid rules.
19. While some individuals may have the inclination to take more risks than
others, engaging in gambling like activities is discouraged.
This includes activities where the probability of success is less than the
probability of failure or loss.
20. As the objective of financial institutions is to create value for shareholders,
managing the resulting risks created to achieve this becomes an important
function of these institutions.
The returns need to be positive to compensate the investor for the time
the funds are committed, the expected rate of inflation, and the
uncertainty of future payments or risk.
21. The balance sheet of a financial institution gives us an indication of the
nature of risks that the institution faces.
A typical balance sheet of a bank will have the equity and deposits/debt on
the liabilities side and the banking and trading portfolios on the asset side.
Schroeck (2002) divides risks faced by IFI’s into two types.
First, risks related to the balance sheet or both assets and liabilities. These
risks include interest rate, exchange rate, and liquidity. Second, there are
transaction risks that relate to the assets side of the balance sheet only.
These risks are credit, market, and operational.
22. To understand the risks faced by Islamic banks, it is important to examine
their balance sheet.
Iqbal et.al. (1998) distinguished two models of Islamic banks based on the
structure of their assets.
The first is the two-tier mudarabah model that replaced interest by profit-sharing
modes on both liability and asset sides of the bank.
In particular, all assets in this model are financed by profit-sharing modes
of financing (mudarabah). This model of Islamic banking will also act as
an investment intermediary, rather than only a commercial bank.
23. The second model of Islamic banking is the one tier mudarabah with
multiple investment tools.
24. On the assets side, Islamic banks use murabahah, instalment sale
(medium/long-term murabahah), bai-muajjal (price-deferred sale),
istisnaá/salam (object deferred sale or pre-paid sale), ijarah (leasing), and
profit-sharing modes of financing (musharakah and mudarabah).
On the liabilities side of the balance sheet of Islamic banks, savings and
investment deposits take the form of profit-sharing investment accounts
(PSIAs).
25. Demand deposits or checking/current accounts in Islamic banks take the
nature of qard hasan that are returned fully on demand.
Using the profit-sharing principle to reward depositors is a unique feature
of Islamic banks.
The returns on PSIAs are state-contingent and neither the principal nor a
return is guaranteed.
The owners of the PSIAs participate in the risks and share in the bank’s
profit and losses.
26. Investment Accounts can be further classified as restricted and
unrestricted (PSIA).
In the former, the bank can use the fund only in specific assets , while in
the latter, the bank has the freedom to use the funds as it deems best.
This feature, along with financing instruments, changes the nature of risks
that Islamic banks face.
27. As Islamic financial instruments are either asset-backed or equity-based,
market risks become important along with credit risks.
Transactions may involve transfer of cash or assets/goods that the IFI
owns either on the spot or at a future time.
As the IFI is engaged in financing and investment, its ultimate goal is to
finance trade or invest in assets or equity to earn a return.
Thus, the objective of the IFI is to liquidate the financing or investments at
the end of the contract period and not hold on to the assets or goods
forever.
28. When the IFI has cash in the current time period, there are no risks
involved.
If the IFI holds assets of goods on the spot, it needs to dispose of them.
In doing so, it is subject to market risk as the price of the assets or good
may change.
When an IFI is expecting cash from a transaction at the future date, it faces
credit risk as the debtor may not pay what is due on time.
29. Similarly, if an asset or good is due at a future date, market risk rises along
with credit risk, as the price of the asset may change during that time.
30. The IFI shall have in place a comprehensive risk management and
reporting process, including appropriate board and senior management
oversight, to identify, measure, monitor, report, and control relevant
categories of risks and, where appropriate, to hold adequate capital
against these risks.
The process shall take into account appropriate steps to comply with
Sharia’h rules and principles and to ensure the adequacy of relevant risk
reporting to the supervisory authority.
31. A comprehensive risk management system should encompass the
following three components:
1. Establishing Appropriate Risk Management System and Environment
2. Maintaining an Appropriate Risk Measurement System
3. Adequate Internal Controls
32. Senior management is responsible to implement the policies approved by
the Board through the establishment of a risk management system.
The Management needs to establish policies that would be used by the
institution to manage risks.
These include developing a risk management review process, setting
appropriate limits on risk-taking, developing adequate systems of risk
measurement, ensuring a comprehensive reporting system, and
maintaining effective internal controls.
33. Procedures should include appropriate approval processes, limits, and
mechanisms designed to assure the bank’s risk management objectives
are achieved.
Banks should clearly identify the individuals and committees responsible
for risk management and define the line of authority and responsibility.
34. There are four ways in which the risk management system can be
operationalized.
They are standards and reports, position limits and rules, investment
guidelines or strategies, and incentive contracts and compensation.
In setting the standards, the management identifies and categorizes the
risks and spells out the tools to control and manage these risks.
To assist in identifying these risks, there is a need for standardized
financial reporting that provides information on various aspects of a risk,
risk exposures, and asset quality in terms of inherent risk.
35. The second aspect of the risk management system is to have position
limits and rules that indicate the level of risk undertaking.
Clear rules and standards of risk undertaking regarding eligible features
for investments, limits of exposures to counter-parties, concentration
limits, exposure to various types of risks etc. should be provided.
36. The third element of a risk management system consists of investment
guidelines and strategies, the former for operational reasons, and the
latter for long-term directions.
Investment guidelines and strategies should be followed to limit the risks
involved in different activities.
These guidelines should cover the structure of assets in terms of
concentration and maturity, asset-liability mismatching, hedging,
securitization and so on.
37. Banks must have adequate management information systems (MIS) for
measuring, monitoring, controlling, and reporting different risk exposures
on a periodic basis.
Steps that need to be taken for risk management and monitoring purposes
include the establishment of standards for categorization and review of
risks, consistent evaluation, and rating of exposures.
Periodic standardized risk and audit reports within the institution are also
important.
The bank can also use external sources to assess risk, such as using either
credit ratings or supervisory risk assessment criterion.
38. Banks should consider doing stress tests to see the effects on the portfolio
resulting from different plausible events.
Stress testing should be designed to identify the conditions under which a
bank’s positions would be vulnerable and the possible responses to such
situations.
The banks should have contingency plans that can be implemented under
different scenarios.
39. Banks should have internal controls to ensure the adherence of all relevant
policies.
An effective system of internal control includes an adequate process for
identifying and evaluating different risks and having sufficient information
systems to measure and report them.
The system would also establish policies and procedures and make sure
that adherence to them is continually reviewed.
This may include conducting periodic internal audits of different
processes and producing regular independent reports and evaluations to
identify areas of weakness.
40. Finally, an appropriate incentive and accountability structure that is
compatible with risk-taking activity forms part of the important elements
for reducing overall risks.
The incentives given to different risk undertakers should reflect the
objectives and the goals of the institutions.
A pre-requisite of these incentive-based contracts is accurate reporting of
the bank’s exposures and its internal control system.
An efficient incentive-compatible structure would limit individual
positions to acceptable levels and encourage decision-makers to manage
risks in a manner that is consistent with the bank’s goals and objectives.
41. As Islamic Banking is relatively new and lacks an adequate regulatory or
legal framework, this gives rise to risks at the macro-level such as systemic
risk, liquidity risk, Shari’ah- compliance risk, reputation risk, legal, and
regulatory risk.
I recommend the Dubai World Islamic Finance Arbitration Center
(DWIFAC) and Jurisprudence Office (DWIFACJO) as well as a centralized
regulatory authority for the industry.
42. There is a fiqh restriction on the securitization of the existing assets of
Islamic Banks, which are predominantly debt in nature.
Due to the slow development of innovative financial instruments, Islamic
banks are not able to raise funds from the markets very quickly.
There is a dearth of short-term Shariáh compliant securities or markets
for liquidity risk management.
This is mainly limited to Shariáh compliant interbank money markets.
Also, generally, the existing liquidity risk facilities are based on interest
and therefore, Islamic banks cannot benefit from these facilities.
43. Negative perceptions of stakeholders about Islamic products and practices
can lead to instability in the short-term and cause loss of trust and
credibility in the long-run.
The possibility of the SSB’s coming up with conflicting opinions within one
jurisdiction can increase the legal risks.
Conflicting fatwas can undermine customer confidence in the industry.
I recommend a centralized Shariáh Supervisory Board to oversee opinions
and fatwas and regulate Shariáh scholars.
44. Lack of standardized contracts at the national and international levels
makes the process of negotiation contracts costly.
I recommend the DWIFAC Jurisprudence Office to issue standardized
contracts for the industry.
As a result, IFIs are not protected against risks that they cannot anticipate
or may not be enforceable in courts.
Standardized contracts are easier to administer and monitor after the
contract is signed.
It is very risky to conduct Islamic financial business without a formal and
unique dispute settlement mechanism for the industry.
45. At the organizational level, the techniques of risk identification and
management available to Islamic banks could be of two types.
The first type comprises standard techniques that are used in
conventional finance and are consistent with the Islamic principles of
finance.
These include risk reporting, internal and external audit, GAP analysis,
Risk Adjusted Return on Capital (RAROC), internal ratings, etc.
The second type of technique is unique to IFIs and has to be developed or
adapted to satisfy Shariáh-compliance requirements.
This requires understanding the risks, principles, and values of Islamic
Law (Shariáh).
46. One of the challenges facing IFIs is the lack of qualified professionals
(capacity and capability) who can understand and manage risks in Islamic
financial operations.
Given the uniqueness of Islamic banking, the computer software available
in the market for conventional banks may not be appropriate for Islamic
banks.
Furthermore, the MIS systems that can measure and monitor risks are
very costly.
This gives rise to system risks of developing and using informational
technologies at Islamic banks.
47. It is important to have accurate data for a good approximation of the
distribution of returns on various assets.
Once the loss distribution has been identified, than an estimation of
sufficient capital can be set aside to absorb losses.
Secondly, economic capital is held to provide comprehensive coverage of
losses for the institution as a whole and is an important tool for integrated
risk management.
The amount of capital held by any bank will depend on the risks
associated with the assets.
48. Given the profit-sharing nature of PSIA’s in Islamic Banks, there are
suggestions that the PSIA may be treated as capital. There is, however, a
need for caution in treating all PSIAs as capital. Fund providers in PSIAs
are risk averse and too much downside in their returns can lead to
withdrawals that can create systemic risks.
Thus, to minimize the withdrawal and systemic risk, none or only a very
small portion of PSIAs should be treated as capital.
When assets are funded by PSIAs, however, a larger part of the funds can
be treated as capital.
49. The IFI may be able to estimate the risk distribution accurately, but fail to
take the necessary steps to mitigate and transfer them using various
means and processes.
I.E. IFIs should hold sufficient loan loss reserves to protect against
expected credit losses.
The effectiveness of these reserves depends on the credibility of the
systems in place within banks to calculate the expected losses.
50. Recent developments in credit risk management techniques have enabled
large traditional banks to identify their expected losses accurately.
Islamic banks are also required to maintain the mandatory loan loss
reserves subject to the regulatory requirements in different jurisdictions.
51. The Islamic modes of finance are diverse as compared to interest-based
credit and therefore requires a more rigorous and credible system for
expected loss calculation.
There is also a need for uniform standards of loss recognition across
modes of finance, Islamic banks, and their regulatory jurisdictions.
In addition to mandatory reserves, some Islamic banks have established
PER (Profit Equalization Reserve) and IRR (Investment Risk Reserve).
These reserves provide protection for capital as well as PSIA against risk
of loss (including default) and to minimize the withdrawal risk.
52. The profit equalization reserve (PER) is the amount appropriated by an
Islamic bank or financial institution out of the mudaraba income before
allocating the share of al-mudarib. This reserve aims to maintain a
specified level of return on investment (ROI) for investment account
holders (IAHs). In other words, it represents a measure of profit
stabilization over different financial periods. The PER is also formed for
the purpose of increasing owners’ equity.
The investment risk reserve (IRR) refers to the amount appropriated by
an Islamic bank or financial institution out of the income of investment
account holders (IAHs), after the mudarib share is allocated. This reserve
is used as a cushion against future losses that IAHs may incur.
53. PER
Mudarabah Income
Before Mudarib Share is Allocated
Profit Stabilization/Smoothing
IAHs and al-Mudarib
IRR
IAH
After Mudarib Share is Allocated
Cushion Against Future Losses
IAHs
54. Risk Management can involve avoidance, transfer, or acceptance of risks.
Risk avoidance techniques in IFIs include the standardization of all
business-related activities and processes, construction of a diversified
portfolio, and implementation of an incentive-compatible scheme with
accountability of actions.
The guiding principle of risk management and mitigation at the
instruments level from an Islamic perspective should be to improve asset
quality with the focus on risk-sharing.
55. Possibilities of shifting risks to other participants creates incentive to take
on higher risks.
Using equity modes of financing may induce stringent due diligence and
monitoring of assets by financial institutions, which can prevent systemic
risks arising from transferring risks.
56. It is important to see a Shariáh compliant risk mitigation framework
emerge for the Islamic Banking Industry rather than one based on reverse
engineered conventional products.