Risk Management Calendar Program 200607
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Risk Management Calendar Program 200607 as PDF for free.
More details
- Words: 2,577
- Pages: 22
Risk Management Calendar Program for FY2006/07 VRBM Part II Building the Risk Adjusted Capital Model
Risk Management Mission & Goal MISSION To apply a consistent, best practise framework for the management of risk group wide.
STRATEGY •To instill risk management awareness through continuous learning •To facilitate integration of risk management culture and process into the business operations •To facilitate the learning process with the aim of building risk management capability group wide •To inculcate the ownership and accountability for both risks and controls •To integrate “risk return consideration” into business decisions GOALS •To avoid value destruction & reduce threats to value creation •To improve chances of meeting an objective •To maximize value creation opportunities.
2
Introduction To VRBM PART I
PART II
FRM
FRM
Investment Mandate/ALM
Financial Modeling & Scenario KRI linkage
IRM
Basic Measurements to Advanced Measurements
Cost of Capital Product Guidelines Embedded Value
IRM Cost of Capital by business line (CoC) Risk Based Capital (RBC) Risk Adjusted Return on Capital (RAROC) KRI linkage
ORM- Foundation Self Risk Assessment (RCSA) KRI Reporting
ORM
Loss data collection (IMDC)
OP risk analytics, OpVaR ,ORM capital charge, MIS, Risk adjusted performance
BCP
Risk Adjusted Capital ModelEconomic Capital 3
VALUE & RISK BASED MANAGEMENT (VRBM-PART 1) Shareholder
Basic Components VRBM
E V A R
Invested capital R B C
Free Surplus
E V
R M
Tied surplus ALM A M
ACTIVA ASSETS LIABILITIES
L M
"RISKS "RISKS ASSETS" LIABILITIES"
Cost of capital
P&L* FREE FREE CASH FLOW CASH FLOW
RAROC
4
VALUE & RISK BASED MANAGEMENT (VRBM) Value & Risk Based Management (VRBM) Building Blocks 2003
2004
Gap Analysis, Foundation, Governance Structure, Awareness, Capacity FRM Phase I Investment Mandates & ALCO ORM Blueprint & Foundation
2005
Policies, Procedures Guidelines, Operating Structure, Communication, Harmonization
Risk Self Assessment (RSA)
FRM Phase II Financial Modeling & Scenarios BRCP, BCP, Compliance, Group-wide ORM, Basel II ORM Programme
IRM Phase I Product Guidelines, Cost of Capital, Embedded Value, Actuarial Reporting KRI Analysis and Reporting
KRI Linkages and Integration
Operational Loss Data Collection & Categorization
Integrated Group-wide ORM Solutions Project IRM Phase II RBC, RAROC MIS, Risk Adjusted Performance Management IT Solutions for Loss Data Management
5
The Risk-Value Linkages PART 2 Risk, Capital, Risk Adjusted Returns On Capital (RAROC), Value at Risk (VaR) and Value of the business
Earning at Risk
Cost of Capital Capital Allocation
Risk Adjusted Capital ModelEconomic Capital
Embedded Value
RAROC Dividend Policy
6
OVERVIEW OF RISK CHARACTERISTICS Risk Management = Knowledge Management Shareholder Results = Business Results - Risk Results Managing Risk = Managing the Business = Managing the Knowledge of the Elements
The better the knowledge, the better the management of risk
7
Highlights of FY2006/07 Program • Integration/harmonization of risk management framework, governance & practices • Common risk language for the enlarged group • Review & standardization of product approval process, investment agreements & portfolio mandates • ORM Solution rollout (RCSA/scorecard, loss data collection & database/IMDC and KRI) • RBC rollout (parallel run 2006/07, compliance 2007/08) and RBC workshops • BCP/CMT/CMST for enlarged Mayban Fortis and Dataran Maybank • Establishment of Dataran disaster/crisis scenario command & recovery centre • Live testing of pre-merger MFHB entities’ BCP/CMT/CMST/DRP • Dashboard of total risk health check • Embedded Value reporting, analysis and EV workshop • Risk assessment/due diligence for outsourcing & shared service arrangements
8
FY2006/07 Risk Management Summarize Calendar Financial Risk Mgt
No. 1 2 3 4 5 6 7 8 9 10 11
Activity Financial Risk Management (FRM)
Jul
Aug
2006 Sep Oct
Nov
Dec
Jan
Feb
Review of Investment Management Guidelines Review of IIM Audit Report Guidelines on Investment Income for Investment Linked Funds Revision of Capital Management guideline Derivatives Adoption of Financial Risk Management framework & guidelines for MNI & TN Revision and harmonisation of Key Risk Indicators (KRI) Report for FRM ALM for MLA, MGAB, MTB, MNI & TN as at 30/06/2006 ALM - next steps Briefing on Financial Risk Management framework (with IIM) to IC members
= deliverables
9
2007 Mar Apr
May
Jun
FY2006/07 Risk Management Calendar Insurance Risk Management
No. Activity 1 Insurance Risk Management (IRM)
6
RBC Analysis RBC Workshop EV for MNI, MLA, TN and MTB (FYE 05/06) EV Reporting for MIG (quarterly) Product Approval Guideline
7
Revision of Cost of Capital Guidelines
2 3
4 5
8 9
Jul
Aug
2006 Sep Oct
Nov
Dec
Jan
Feb
IRM KRI revision and discussion with Risk Owners & Result Producers Monitoring Of Existing Products Profitability (Life)
= deliverables
10
2007 Mar Apr
May
Jun
FY2006/07 Risk Management Calendar Risk Policy and Standard
No. 1
Activity Policy & Standards (P&S)
2006 Jul Aug Sep Oct
Nov
Dec
Jan
Feb
Harmonization of MFHB Framework 2 3 4 5 6 7 8
Common Risk Language Booklet Risk Management Awareness Program Top KRIs Benchmarking and statistical compilation Updates of Regulation of BNM, PIAM and LIAM Knowledge Management System
= deliverables
11
2007 Mar Apr May
Jun
FY2006/07 Risk Management Calendar Operational Risk Management – ORM Solution 2006 No . 1 2 3 4
Activity
Nov
Dec
Jan
Feb
Mar
MLAB
MGAB
TN/MTB
Apr May Jun
Operational Risk Management (ORM) ORM Solution / OpVantage System - Phase 1 (IMDC) ORM Solution / OpVantage System - Phase 2 (RCSA & KRI) KRI, LED & Contingent Liability revision, update & assessment
5
Harmonisation & consolidation of existing RCSA & KRI
6
Risk Scorecard Half Yearly Review at Operating Entities Post Merger Risk Review (Quarterly)
7
Jul Aug Sep Oct
2007
Across all entities
= deliverables
12
MNI
FY2006/07 Risk Management Calendar Operational Risk Management – Outsourcing & BCP No. 1 2 3 4 5
6 7
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
Activity Operational Risk Management (ORM) Outsourcing Adoption of MF Outsourcing Policy MNIB TN Define scope & reponsibilities on outsourcing with Performance Mgt and Compliance Distribution of OS Risk Survey Quarterly reporting to RMM and RMC mapped to Maybank Group format to focus on: i. Audit Issues ii. Service Performance iii. Customer Complaints iv. Disputes vi. Risk Issues ORM - Business Continuity Planning BCP Integration Formation of BCP Structure Establishment of Dataran BCP CMT Establishment of Dataran BCP Secretariat Establishment of Dataran CMST BCP Test IT Disaster Recovery IT Disaster Recovery (MF) IT Disaster Recovery (Dataran) Checklist and Integrated table top testing Communication tree testing BCP Crisis Simulation at Dataran Awareness Program Wallet Card Distribution Talk & Campaign (Quarterly Basis) Digest (Bi-monthly basis) Survey (Half yearly basis)
= deliverables
Jul
Aug
2006 Sep Oct
Nov
Dec
Jan
Feb
Com pleted
13
2007 Mar Apr
May
Jun
Risk Management Function Roles & Responsibilities CFO
Head, Risk Management
Job: Identify, measure, mitigate and control group-wide risks to assure the achievement of goals and objectives through effective risk management
Role: Second line of defense, promoting good corporate governance and providing reasonable assurance on integrity and validity of risk measurement and reporting
• Develop and maintain comprehensive risk management policy, governance, framework and guidelines • Together with operating heads, drive identification, measurement, mitigation and control of group-wide risks • Facilitate development and improvement of risk management know-how, tools, methodologies and systems • Independent risk review and assessment on products, projects, assets, capital, investment and group-wide business activities • Apply global best-practices in the area of risk management • Supervise and develop risk management personnel in line with immediate objectives and long-term plans
• • • • • • •
Independent check-and-balance mechanism Provide second opinion Offer perspective on potential downsides Risk reviewer for business/insurance risk Central aggregator for financial risk Frontline and organizational support for operational risk Make risk a management agenda and risk awareness happen throughout the organization • Strengthen business cases and plans • Give assurance on the integrity and validity of self-assessment, measurements and KRIs
14
Success Factors & Qualifiers Key Success Factors - Top management ownership and buy-in - Transparency and integrity of data - Consistency of approach throughout Mayban Fortis Group - Capability of the risk management function & systems - Meet (Basel II) AMA Qualifiers (below) 10-Point Basel II AMA (Advanced Measurement Approach) Qualifiers - Active oversight by the board and senior management - Sound risk management system implemented with integrity - Sufficient resources in major business lines, control and audit - Independent and capable risk management function - Integration of risk measurement into day-to-day risk management - Comprehensive, regular and timely risk reporting - Proper documentation of risk management system and processes - Regular review by internal and external auditors - Validation of risk measurement system by auditors and regulators - Sound AMA standards and risk model Regulators will accept advanced measurements based on AMA approach only upon meeting the above qualifiers. Although Basel II place the emphasis on Operational Risk, the principle applies equally to other types of risk
15
Proposed Structure Central Risk Management CFO
Head, Risk Management
Insurance Risk Management
Financial Risk Management
Operational Risk Management
• Develop, implement and maintain comprehensive risk framework, guidelines and programmes • Drive risk identification, profiling, reporting and mitigation processes • Independent review and assessment of risk control programs at operating units • Participate in projects requiring risk management review & signoff • Facilitate development and improvement of risk matrices, tools, methodologies and systems • Acquire/develop and maintain advanced risk measurement analytics & systems • Risk reporting, analysis and compliance with internal and external requirements • Program management for VRBM, BCP/CMT and other group-wide risk initiatives • Secretariat to ALCO, RMM and other risk-related governance and projects
Risk Policy & Standards
Embedded Risk Managers/Units
• Policy & procedures on adoption of regulations, standards & best-practices • Consolidate & integrate reports and returns • Risk reporting MIS & data integrity • Risk communication & change management programs • Effectiveness feedback, surveys & improvements • Risk benchmarking & knowledge management • “Educating” the organization on risk management
• Risk management ownership at operating level • Champion risk management programs at operating level • KRI development, reporting and management • Facilitate BCP programme at operating level • Facilitate RCSA and loss database management and reporting • Risk officer for respective entity/function
16
Proposed Structure Insurance Risk Management Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Life & Family Takaful Products • Risk review of product portfolio • Participate in product development & review activities • Review business case, profitability & pricing assumptions • Risk compliance and signoff for new products/business lines • Review reserve adequacy and reserving assumptions • Review liability/valuation/modelling assumptions and ensure compliance with guidelines • Review capital adequacy/solvency/ embedded value/RBC levels
17 FTEs exc. Administrator, Embedded Units
Head, Operational Risk Management (5)
Non-Life & General Takaful Products • Risk review of product portfolio • Participate in product development & review activities • Review business case, profitability & pricing assumptions • Risk compliance and signoff for new products/business lines • Review reserve adequacy and reserving assumptions • Review liability/valuation/modelling assumptions and ensure compliance with guidelines • Review capital adequacy/solvency/ RBC levels
Head, Risk Policy & Standards (4)
Embedded Risk Managers/Units
Embedded Risk Managers • Participate and coordinate the corresponding activities at the respective units
17
Proposed Structure Financial Risk Management Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Head, Operational Risk Management (5)
Head, Risk Policy & Standards (4)
Embedded Risk Managers/Units
Asset Management
Market Risk Analysis
ALM/Financial Modeling
Embedded Risk Managers
• Develop asset management risk framework • Formulate/update investment agreement & mandates • Develop hedging & derivative framework and procedures • Carry out portfolio riskperformance analysis • Financial risk compliance and review of operational procedures & processes
• Scan global economic outlook and risk factors • Carry out financial & market risk research • Analyse market, credit & liquidity risks • External benchmarking of portfolio performance • Interface with Group Market and Credit Risk units • Gather & analyse historical financial data & info and make forward projections
• Carry out cash flow & asset modelling and VaR • Facilitate/coordinate/review embedded value reporting • Review/compute capital/ solvency/RBC charges • Review or perform scenario & stress/sensitivity tests • Establish risk acceptance limits and mandates based on ALM studies • CoC/capital charge, RAROC & capital allocation
• Participate and coordinate the corresponding activities at the respective units
18
Proposed Structure Operational Risk Management Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Head, Operational Risk Management (5)
Head, Risk Policy & Standards (4)
Integrated ORM Solutions
BCP, Events & Projects (2)
ORM Analytics
• Facilitate & coordinate risk profiling/RCSA/scorecard • Facilitate & coordinate rollout of ORM solutions • ORM compliance reviews • Continuous review of procedures and process for risk exposures • Risk assessment & due diligence for outsourcing • ORM mitigation, insurance & risk transfer
• Facilitate and coordinate establishment of BCP/CMT organization • BCP/CMT secretariat • Coordinate establishment of disaster recovery program • Organize BCP/CMT periodic testing & reporting • Review BCP/DRP program of outsourcing vendors • Implement BCP procedures for threats & outbreaks
• Loss event data collection, database maintenance and data integrity • ORM quantification, measurement & analysis • Review of loss & near miss, trends & benchmarking • Develop tools and data capture for Op Var analytics • Develop requirements for advanced measurements and capital charge
Embedded Risk Managers/Units
Embedded Risk Managers • Champion and coordinate corresponding activities at the respective units
19
Proposed Structure Risk Policy & Standards Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Head, Operational Risk Management (5)
Head, Risk Policy & Standards (4)
Policy, Standards & Regulations
Risk MIS & Reporting
Program/Change Management
• Coordinate application of standards, best-practices & regulations • Develop & implement risk language, policy & procedures • Knowledge management & benchmarking for risk • Develop & maintain internal risk ratings system • Coordinate input/feedback for market/industry studies
• Consolidate & integrate risk reporting and follow up on areas of concern • Review/validate results & responses to low ratings • Review adequacy of measurement systems & coordinate MIS acquisition • Ensure integrity of data/ information • Build risk management information assets
• Facilitate/coordinate risk communication and awareness programs • Coordinate introduction of new risk procedures • Conduct periodic surveys to gauge level of effectiveness for improvement • Administer awareness programs such as whistle blowing, fraud hotline, risk education, etc
Embedded Risk Managers
Embedded Risk Managers • Participate and coordinate the corresponding activities at the respective units
20
Organisation Structure Central Risk Management 17 FTEs exc. Administrator, Embedded Units Total Staff Required 17 Current Available 10 -------------------------------Staff Required 7 --------------------------------
Head, Insurance Risk Management Noor Nashriq
Head, Risk Management Razin Murat Administrator Noriati
Head, Financial Risk Management Rudie Erman Bahari
Head, Operational Risk Management Abd Razak Sulaiman
Life & Family Takaful Products Vacant
Asset Management Vacant
Integrated ORM Solutions Nik Mazli Mat Dalip
Non-Life & General Takaful Products Vacant
Market Risk Analysis Vacant ALM/Financial Modeling Vacant
Headcount Assumptions: - Financial Risk Management excludes potential increase in headcount requirement for monitoring and oversight of derivatives trading activities - Operational Risk Management excludes potential increase in headcount requirement for full maintenance of Dataran Maybank Secretariat for BCP and Crisis Management Support
Head, Risk Policy & Standards Azlan Md Alifiah
Embedded Risk Managers
Program/Change Management Vacant
Operations Ms. Fong
BCP Events & Projects Mohd Radzuan
Policy, Standards & Regulations Badrul Izham
Commercial Ghulam Hussein
BCP Events & Projects Vacant
Risk MIS & Reporting Vacant
For Conventional Insurance
ORM Analytics Nawal Ishak
& For Takaful
21
END
22
Risk Management Mission & Goal MISSION To apply a consistent, best practise framework for the management of risk group wide.
STRATEGY •To instill risk management awareness through continuous learning •To facilitate integration of risk management culture and process into the business operations •To facilitate the learning process with the aim of building risk management capability group wide •To inculcate the ownership and accountability for both risks and controls •To integrate “risk return consideration” into business decisions GOALS •To avoid value destruction & reduce threats to value creation •To improve chances of meeting an objective •To maximize value creation opportunities.
2
Introduction To VRBM PART I
PART II
FRM
FRM
Investment Mandate/ALM
Financial Modeling & Scenario KRI linkage
IRM
Basic Measurements to Advanced Measurements
Cost of Capital Product Guidelines Embedded Value
IRM Cost of Capital by business line (CoC) Risk Based Capital (RBC) Risk Adjusted Return on Capital (RAROC) KRI linkage
ORM- Foundation Self Risk Assessment (RCSA) KRI Reporting
ORM
Loss data collection (IMDC)
OP risk analytics, OpVaR ,ORM capital charge, MIS, Risk adjusted performance
BCP
Risk Adjusted Capital ModelEconomic Capital 3
VALUE & RISK BASED MANAGEMENT (VRBM-PART 1) Shareholder
Basic Components VRBM
E V A R
Invested capital R B C
Free Surplus
E V
R M
Tied surplus ALM A M
ACTIVA ASSETS LIABILITIES
L M
"RISKS "RISKS ASSETS" LIABILITIES"
Cost of capital
P&L* FREE FREE CASH FLOW CASH FLOW
RAROC
4
VALUE & RISK BASED MANAGEMENT (VRBM) Value & Risk Based Management (VRBM) Building Blocks 2003
2004
Gap Analysis, Foundation, Governance Structure, Awareness, Capacity FRM Phase I Investment Mandates & ALCO ORM Blueprint & Foundation
2005
Policies, Procedures Guidelines, Operating Structure, Communication, Harmonization
Risk Self Assessment (RSA)
FRM Phase II Financial Modeling & Scenarios BRCP, BCP, Compliance, Group-wide ORM, Basel II ORM Programme
IRM Phase I Product Guidelines, Cost of Capital, Embedded Value, Actuarial Reporting KRI Analysis and Reporting
KRI Linkages and Integration
Operational Loss Data Collection & Categorization
Integrated Group-wide ORM Solutions Project IRM Phase II RBC, RAROC MIS, Risk Adjusted Performance Management IT Solutions for Loss Data Management
5
The Risk-Value Linkages PART 2 Risk, Capital, Risk Adjusted Returns On Capital (RAROC), Value at Risk (VaR) and Value of the business
Earning at Risk
Cost of Capital Capital Allocation
Risk Adjusted Capital ModelEconomic Capital
Embedded Value
RAROC Dividend Policy
6
OVERVIEW OF RISK CHARACTERISTICS Risk Management = Knowledge Management Shareholder Results = Business Results - Risk Results Managing Risk = Managing the Business = Managing the Knowledge of the Elements
The better the knowledge, the better the management of risk
7
Highlights of FY2006/07 Program • Integration/harmonization of risk management framework, governance & practices • Common risk language for the enlarged group • Review & standardization of product approval process, investment agreements & portfolio mandates • ORM Solution rollout (RCSA/scorecard, loss data collection & database/IMDC and KRI) • RBC rollout (parallel run 2006/07, compliance 2007/08) and RBC workshops • BCP/CMT/CMST for enlarged Mayban Fortis and Dataran Maybank • Establishment of Dataran disaster/crisis scenario command & recovery centre • Live testing of pre-merger MFHB entities’ BCP/CMT/CMST/DRP • Dashboard of total risk health check • Embedded Value reporting, analysis and EV workshop • Risk assessment/due diligence for outsourcing & shared service arrangements
8
FY2006/07 Risk Management Summarize Calendar Financial Risk Mgt
No. 1 2 3 4 5 6 7 8 9 10 11
Activity Financial Risk Management (FRM)
Jul
Aug
2006 Sep Oct
Nov
Dec
Jan
Feb
Review of Investment Management Guidelines Review of IIM Audit Report Guidelines on Investment Income for Investment Linked Funds Revision of Capital Management guideline Derivatives Adoption of Financial Risk Management framework & guidelines for MNI & TN Revision and harmonisation of Key Risk Indicators (KRI) Report for FRM ALM for MLA, MGAB, MTB, MNI & TN as at 30/06/2006 ALM - next steps Briefing on Financial Risk Management framework (with IIM) to IC members
= deliverables
9
2007 Mar Apr
May
Jun
FY2006/07 Risk Management Calendar Insurance Risk Management
No. Activity 1 Insurance Risk Management (IRM)
6
RBC Analysis RBC Workshop EV for MNI, MLA, TN and MTB (FYE 05/06) EV Reporting for MIG (quarterly) Product Approval Guideline
7
Revision of Cost of Capital Guidelines
2 3
4 5
8 9
Jul
Aug
2006 Sep Oct
Nov
Dec
Jan
Feb
IRM KRI revision and discussion with Risk Owners & Result Producers Monitoring Of Existing Products Profitability (Life)
= deliverables
10
2007 Mar Apr
May
Jun
FY2006/07 Risk Management Calendar Risk Policy and Standard
No. 1
Activity Policy & Standards (P&S)
2006 Jul Aug Sep Oct
Nov
Dec
Jan
Feb
Harmonization of MFHB Framework 2 3 4 5 6 7 8
Common Risk Language Booklet Risk Management Awareness Program Top KRIs Benchmarking and statistical compilation Updates of Regulation of BNM, PIAM and LIAM Knowledge Management System
= deliverables
11
2007 Mar Apr May
Jun
FY2006/07 Risk Management Calendar Operational Risk Management – ORM Solution 2006 No . 1 2 3 4
Activity
Nov
Dec
Jan
Feb
Mar
MLAB
MGAB
TN/MTB
Apr May Jun
Operational Risk Management (ORM) ORM Solution / OpVantage System - Phase 1 (IMDC) ORM Solution / OpVantage System - Phase 2 (RCSA & KRI) KRI, LED & Contingent Liability revision, update & assessment
5
Harmonisation & consolidation of existing RCSA & KRI
6
Risk Scorecard Half Yearly Review at Operating Entities Post Merger Risk Review (Quarterly)
7
Jul Aug Sep Oct
2007
Across all entities
= deliverables
12
MNI
FY2006/07 Risk Management Calendar Operational Risk Management – Outsourcing & BCP No. 1 2 3 4 5
6 7
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
Activity Operational Risk Management (ORM) Outsourcing Adoption of MF Outsourcing Policy MNIB TN Define scope & reponsibilities on outsourcing with Performance Mgt and Compliance Distribution of OS Risk Survey Quarterly reporting to RMM and RMC mapped to Maybank Group format to focus on: i. Audit Issues ii. Service Performance iii. Customer Complaints iv. Disputes vi. Risk Issues ORM - Business Continuity Planning BCP Integration Formation of BCP Structure Establishment of Dataran BCP CMT Establishment of Dataran BCP Secretariat Establishment of Dataran CMST BCP Test IT Disaster Recovery IT Disaster Recovery (MF) IT Disaster Recovery (Dataran) Checklist and Integrated table top testing Communication tree testing BCP Crisis Simulation at Dataran Awareness Program Wallet Card Distribution Talk & Campaign (Quarterly Basis) Digest (Bi-monthly basis) Survey (Half yearly basis)
= deliverables
Jul
Aug
2006 Sep Oct
Nov
Dec
Jan
Feb
Com pleted
13
2007 Mar Apr
May
Jun
Risk Management Function Roles & Responsibilities CFO
Head, Risk Management
Job: Identify, measure, mitigate and control group-wide risks to assure the achievement of goals and objectives through effective risk management
Role: Second line of defense, promoting good corporate governance and providing reasonable assurance on integrity and validity of risk measurement and reporting
• Develop and maintain comprehensive risk management policy, governance, framework and guidelines • Together with operating heads, drive identification, measurement, mitigation and control of group-wide risks • Facilitate development and improvement of risk management know-how, tools, methodologies and systems • Independent risk review and assessment on products, projects, assets, capital, investment and group-wide business activities • Apply global best-practices in the area of risk management • Supervise and develop risk management personnel in line with immediate objectives and long-term plans
• • • • • • •
Independent check-and-balance mechanism Provide second opinion Offer perspective on potential downsides Risk reviewer for business/insurance risk Central aggregator for financial risk Frontline and organizational support for operational risk Make risk a management agenda and risk awareness happen throughout the organization • Strengthen business cases and plans • Give assurance on the integrity and validity of self-assessment, measurements and KRIs
14
Success Factors & Qualifiers Key Success Factors - Top management ownership and buy-in - Transparency and integrity of data - Consistency of approach throughout Mayban Fortis Group - Capability of the risk management function & systems - Meet (Basel II) AMA Qualifiers (below) 10-Point Basel II AMA (Advanced Measurement Approach) Qualifiers - Active oversight by the board and senior management - Sound risk management system implemented with integrity - Sufficient resources in major business lines, control and audit - Independent and capable risk management function - Integration of risk measurement into day-to-day risk management - Comprehensive, regular and timely risk reporting - Proper documentation of risk management system and processes - Regular review by internal and external auditors - Validation of risk measurement system by auditors and regulators - Sound AMA standards and risk model Regulators will accept advanced measurements based on AMA approach only upon meeting the above qualifiers. Although Basel II place the emphasis on Operational Risk, the principle applies equally to other types of risk
15
Proposed Structure Central Risk Management CFO
Head, Risk Management
Insurance Risk Management
Financial Risk Management
Operational Risk Management
• Develop, implement and maintain comprehensive risk framework, guidelines and programmes • Drive risk identification, profiling, reporting and mitigation processes • Independent review and assessment of risk control programs at operating units • Participate in projects requiring risk management review & signoff • Facilitate development and improvement of risk matrices, tools, methodologies and systems • Acquire/develop and maintain advanced risk measurement analytics & systems • Risk reporting, analysis and compliance with internal and external requirements • Program management for VRBM, BCP/CMT and other group-wide risk initiatives • Secretariat to ALCO, RMM and other risk-related governance and projects
Risk Policy & Standards
Embedded Risk Managers/Units
• Policy & procedures on adoption of regulations, standards & best-practices • Consolidate & integrate reports and returns • Risk reporting MIS & data integrity • Risk communication & change management programs • Effectiveness feedback, surveys & improvements • Risk benchmarking & knowledge management • “Educating” the organization on risk management
• Risk management ownership at operating level • Champion risk management programs at operating level • KRI development, reporting and management • Facilitate BCP programme at operating level • Facilitate RCSA and loss database management and reporting • Risk officer for respective entity/function
16
Proposed Structure Insurance Risk Management Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Life & Family Takaful Products • Risk review of product portfolio • Participate in product development & review activities • Review business case, profitability & pricing assumptions • Risk compliance and signoff for new products/business lines • Review reserve adequacy and reserving assumptions • Review liability/valuation/modelling assumptions and ensure compliance with guidelines • Review capital adequacy/solvency/ embedded value/RBC levels
17 FTEs exc. Administrator, Embedded Units
Head, Operational Risk Management (5)
Non-Life & General Takaful Products • Risk review of product portfolio • Participate in product development & review activities • Review business case, profitability & pricing assumptions • Risk compliance and signoff for new products/business lines • Review reserve adequacy and reserving assumptions • Review liability/valuation/modelling assumptions and ensure compliance with guidelines • Review capital adequacy/solvency/ RBC levels
Head, Risk Policy & Standards (4)
Embedded Risk Managers/Units
Embedded Risk Managers • Participate and coordinate the corresponding activities at the respective units
17
Proposed Structure Financial Risk Management Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Head, Operational Risk Management (5)
Head, Risk Policy & Standards (4)
Embedded Risk Managers/Units
Asset Management
Market Risk Analysis
ALM/Financial Modeling
Embedded Risk Managers
• Develop asset management risk framework • Formulate/update investment agreement & mandates • Develop hedging & derivative framework and procedures • Carry out portfolio riskperformance analysis • Financial risk compliance and review of operational procedures & processes
• Scan global economic outlook and risk factors • Carry out financial & market risk research • Analyse market, credit & liquidity risks • External benchmarking of portfolio performance • Interface with Group Market and Credit Risk units • Gather & analyse historical financial data & info and make forward projections
• Carry out cash flow & asset modelling and VaR • Facilitate/coordinate/review embedded value reporting • Review/compute capital/ solvency/RBC charges • Review or perform scenario & stress/sensitivity tests • Establish risk acceptance limits and mandates based on ALM studies • CoC/capital charge, RAROC & capital allocation
• Participate and coordinate the corresponding activities at the respective units
18
Proposed Structure Operational Risk Management Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Head, Operational Risk Management (5)
Head, Risk Policy & Standards (4)
Integrated ORM Solutions
BCP, Events & Projects (2)
ORM Analytics
• Facilitate & coordinate risk profiling/RCSA/scorecard • Facilitate & coordinate rollout of ORM solutions • ORM compliance reviews • Continuous review of procedures and process for risk exposures • Risk assessment & due diligence for outsourcing • ORM mitigation, insurance & risk transfer
• Facilitate and coordinate establishment of BCP/CMT organization • BCP/CMT secretariat • Coordinate establishment of disaster recovery program • Organize BCP/CMT periodic testing & reporting • Review BCP/DRP program of outsourcing vendors • Implement BCP procedures for threats & outbreaks
• Loss event data collection, database maintenance and data integrity • ORM quantification, measurement & analysis • Review of loss & near miss, trends & benchmarking • Develop tools and data capture for Op Var analytics • Develop requirements for advanced measurements and capital charge
Embedded Risk Managers/Units
Embedded Risk Managers • Champion and coordinate corresponding activities at the respective units
19
Proposed Structure Risk Policy & Standards Head, Risk Management
Head, Insurance Risk Management (3)
Head, Financial Risk Management (4)
Head, Operational Risk Management (5)
Head, Risk Policy & Standards (4)
Policy, Standards & Regulations
Risk MIS & Reporting
Program/Change Management
• Coordinate application of standards, best-practices & regulations • Develop & implement risk language, policy & procedures • Knowledge management & benchmarking for risk • Develop & maintain internal risk ratings system • Coordinate input/feedback for market/industry studies
• Consolidate & integrate risk reporting and follow up on areas of concern • Review/validate results & responses to low ratings • Review adequacy of measurement systems & coordinate MIS acquisition • Ensure integrity of data/ information • Build risk management information assets
• Facilitate/coordinate risk communication and awareness programs • Coordinate introduction of new risk procedures • Conduct periodic surveys to gauge level of effectiveness for improvement • Administer awareness programs such as whistle blowing, fraud hotline, risk education, etc
Embedded Risk Managers
Embedded Risk Managers • Participate and coordinate the corresponding activities at the respective units
20
Organisation Structure Central Risk Management 17 FTEs exc. Administrator, Embedded Units Total Staff Required 17 Current Available 10 -------------------------------Staff Required 7 --------------------------------
Head, Insurance Risk Management Noor Nashriq
Head, Risk Management Razin Murat Administrator Noriati
Head, Financial Risk Management Rudie Erman Bahari
Head, Operational Risk Management Abd Razak Sulaiman
Life & Family Takaful Products Vacant
Asset Management Vacant
Integrated ORM Solutions Nik Mazli Mat Dalip
Non-Life & General Takaful Products Vacant
Market Risk Analysis Vacant ALM/Financial Modeling Vacant
Headcount Assumptions: - Financial Risk Management excludes potential increase in headcount requirement for monitoring and oversight of derivatives trading activities - Operational Risk Management excludes potential increase in headcount requirement for full maintenance of Dataran Maybank Secretariat for BCP and Crisis Management Support
Head, Risk Policy & Standards Azlan Md Alifiah
Embedded Risk Managers
Program/Change Management Vacant
Operations Ms. Fong
BCP Events & Projects Mohd Radzuan
Policy, Standards & Regulations Badrul Izham
Commercial Ghulam Hussein
BCP Events & Projects Vacant
Risk MIS & Reporting Vacant
For Conventional Insurance
ORM Analytics Nawal Ishak
& For Takaful
21
END
22
Related Documents
Risk Management Calendar Program 200607
November 2019 16
Risk Management
June 2020 20
Risk Management
June 2020 17
Risk Management
June 2020 11
Risk Management
May 2020 10