Friday, July 19, 2024

Risk management shouldn’t be limited to regulatory minimums

Root causes of financial crises have similarities. Consider three of the past 15 years: the global financial crisis (GFC), Indian corporate-loan crisis and Silicon Valley Bank (SVB) failure. Seeds for these were sowed by faulty assumptions, bolstered by narratives and selective data usage, that seemed reasonable at one time. For the GFC, US house prices were assumed never to fall. For the Indian banking crisis, it was assumed that Indian growth was decoupled from the world’s and 6-8% per year was up for grabs. For SVB, it was that US interest rates would remain low for long; so borrowing short-term funds at ultra low rates and exposure to long-term assets with higher yield looked reasonable.

In response to the recent banking turmoil in the West, India’s finance minister asked all public sector banks to take a health check. As reported, it includes a detailed scenario analysis of various risks and the ability of banks to handle such contingencies. While this is prudent, major risk concerns could still escape notice. There’s room for complacency. Indian bank balance sheets are at their strongest since 2010, systemic non-performing asset (NPA) rates are reducing, and corporates borrowers are showing lower aggregate leverage and better cash-flows. But our risk radars need to turn in another direction to spot future worries. Just focusing on past causes of blow-ups may offer false comfort.

Bankers are likely to focus on interest rate and liquidity risks over and above credit risk. Between 2010 and 2015, the US Fed’s interest rate was almost zero. However, between 2016 and June 2019, its rate rose to 2.375%. This eroded almost one-fifth the value of bonds purchased when the Fed funds rate was near zero (0.125%), but as it rose over a period of 30 months, the shock was not severe. After covid, the US Fed reduced that rate and then raised it sharply in response to inflation; it spiked from 0.125% in January 2022 to 4.8% in February 2023. Bond prices crashed by 30-35% in these 14 months. A portion of a bank’s securities portfolio is marked-to-market (MTM); i.e., revalued daily by market prices. Another part is held-to-maturity (HTM), with its value logged at original purchase prices. While MTM bond prices were adjusted down as the Fed’s rate rose, HTM holdings were not, even though their market value also crashed. When SVB was forced to sell HTM bonds, huge losses were booked which had to be adjusted against equity. As the Fed had raised its rate by 2 percentage points between 2016 and 2019, a popular post-covid narrative expected the rate to rise similarly at most. So this was the worst-case scenario for a stress test. On this, SVB was compliant with regulatory asks and peer practices. A 4.5 percentage point rate spike over 14 months was not seen as plausible. But it happened.

In India, since July 2020, the 10-year G-Sec yield rose from about 5.75% to 7.3%. It would have eroded bond prices by 12% to 14% over a 33-month period. In its published stress test, RBI uses stress scenarios that are 1.25-2.5 standard deviations away from average values. If a bank does not model a scenario of, say, a 4% interest rate spike in 12 months, it would still be compliant. This assumes such a steep rise cannot happen in India. In addition, the stress-testing capability of most Indian banks may not be robust enough for the rigour required. So, overall, banks are unlikely to give the finance minister much to worry about.

However, our banks still need to enhance their analytical capabilities to cover potential but unprecedented events that could spring nasty surprises.

One, retail lending: There is only a limited view available on Indian household leverage. While credit disbursed has risen, a look at coincidental NPA rates on an expanded lending base will fail to send a warning signal.

Two, climate risk: India will be significantly impacted. Most banks appear unaware of how heat waves might impact retail credit, not to mention a water crisis which may create stalled assets in long-term asset financing deals.

Three, cyber risk: Instances of customer data breaches at major banks are becoming worrisomely regular. Since banks are not meaningfully penalized for such breaches, investment in cyber security is often not a top priority for them. Careless banks, though, may lose more than customer data in a potential attack, which could impact their reputation and stock price.

Indian banks do look better placed than those in quite a few developed nations. But each banking regime has its own weaknesses and strengths. It’s a good time to build on our strengths and fortify India’s banking sector. Sticking to regulatory minimums for risk processes, however, will not lead us there.

Deep Mukherjee is a quantitative risk management professional and a visiting faculty of risk management at IIM Calcutta

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint.
Download The Mint News App to get Daily Market Updates.

More
Less

#Risk #management #shouldnt #limited #regulatory #minimums

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles