3 Agenda (1 Hour) Risk Management Initiative in Microfinance (RIM) What is the Risk Management Graduation Model (RMGM)Risk Management RefresherDefinition of risk in microfinanceThe Risk Management HouseInstitutional Graduation PathAssessor’s onsite agendaExpected outputsRisk Management House self-assessment
4 Ground Rules Turn off mobile devices Be on time Respect everyone’s thoughts and opinionsDiscussion of risks is not a reflection of department’s performanceNeed Flipchart
5 Risk management Initiative in Microfinance (RIM) Vision: a socially-focused microfinance sector through which clients are protected from the impacts of internal and external risks inherent to the delivery of inclusive financial services. Mission: To facilitate knowledge transfer through awareness building, industry collaboration, and the global adoption and implementation of appropriate risk management standards throughout the microfinance sector.Where RIM started:Initiative started in 2013Member-based initiative made up of organizations with vested interest in RM (investors, tech. service providers, consulting firms, networks, thought leaders, experts)Open and honest collaboration can make us better off, save resources, etc.Goal is to develop awareness, best practices, and appropriate standardsWhere RIM is headedDiscuss RIM’s strategic planReview RIM’s website for current members and active working groupsReview RIM’s news and events webpage for other information
6 Risk Management Graduation Model (RMGM) 21Risk Management Graduation Model (RMGM) is a list of risk management guidelines (policies, limits, risk management & monitoring tools) for different levels of institutional development. An MFI can assess its own capacity against the framework to identify risk management capacity building priority areas.Different levels of guidelines exist for different tiers of MFIs – high tiered means more complex guidelinesOnce tier level has been identified, MFI can then establish the guidelines appropriate to its own institution in various risk management categories and organizational foundations to identify risk management gapsWith risk management gaps known, an MFI can then proactively work risk management into strategic planning process and plan accordingly3
7 I am here to support you in the process of Identify, Assess, and Strategize the Institutional Graduation PathResponsibility for implementation is the MFI’s, not the Assessor’sDiscuss entire process and contextual how RMGM Assessment fits in
8 How is risk defined in microfinance? RIM defines as“the possibility of adverse events occurring and their potential for financial losses and negative social performance”Key points here are:MFIs have dual missions (social/financial). Cannot look at risk from just a financial perspective.Contrast against traditional view of risk as purely financial - but coming from a single bottom line industry such as commercial banking where profit is central motivation.Social performance relates to the social mission of our business. Each FI's social mission will be different so how we assess risk to social mission will be different.
9 Responsibility for Managing Risk Management (1st Line)Internal Compliance (2nd Line)Risk Management (2nd Line)Internal Audit (3rd Line)Board of DirectorsExternal AuditRegulatorWhose responsibility is it to manage these the house? Manage the risks?
10 Board Responsibilities within Risk Management Process Board member responsibilitiesRisk management processApprove risk management framework ensuring all current and future risks are being proactively identified by SMTApprove proposed changes to risk policies, procedures, and limits submitted by SMT1. Identify Risks2. Measure Risks3. Define Policies and Limits4. Mitigate & Manage Risks5. Monitor Risks6. Revise Policies, Procedures, and LimitsApprove risk management framework, including risk measurement approaches proposed by SMTOversee institutional performance and ensure risk taking remains aligned with risk appetiteDescribe risk management process highlighting board responsibilities within the processContrast board roles within process with that of senior managementApprove risk management policy, including risk limits which reflect institutional risk appetite proposed by SMTApprove risk mitigation and management strategies and ensure they are implemented
11 Risk Management House The Framework 2 sides of the coin of management – Growth (Goals) and RisksThe Organizational Foundation: the institutional base upon which formal risk management is builtThe Floor and Risk Management Pillars: the main risk categories that an MFI may face over its life cycleThe Roof: the financial and social goals of an MFI
12 The Foundation Governance and strategy, Risk culture Internal control and management information system (MIS)Governance and strategy sets the tone for the way the institution is run, from its social mission to its financial objectives. Governance and strategy includes the defining and monitoring of an institution’s risk appetite—the acceptable levels of risk the institution is willing to take on in order to reach its financial and social goals.***A formal risk management framework requires the involvement of the board of directors in the risk management process, beginning with the approval of the institution’s risk appetite vis-à-vis its business plan and strategy.Internal Control & MIS: Separation of functions ; A capable MIS; Formalization and dissemination of policies ; Ex post controls
13 The Floor & The Pillars Central part of the RM House Strategic Risk (the Floor)Credit Risk (Pillar 1)Financial Risk (Pillar 2)Operational Risk (Pillar 3)The risks and required policies, limits, and tools to manage these risks, will increase with the growth and increasing complexity of the MFI.The floor and pillars constitute the central part of the Risk Management House and together cover the risk areas of strategic risk, credit risk, financial risk, and operational risk. Because they are integral to the house’s structure, they represent the essence of an MFI’s risk management function: to develop and implement a comprehensive and formal risk management framework, including the policies, limits, processes, and tools to identify, measure, mitigate, and monitor risks.
14 The Floor & The Pillars Credit Risk Financial Risk Operational Risk Risks related to the MFI’s credit activities; includes credit transaction risk and portfolio risk.Risks related to the management of an MFI’s assets and liabilities; includes liquidity risk, market risk, investment portfolio risk, and capital adequacy risk.Risks related to failed people, processes, and systems in an MFI’s daily operations; includes external events risk, and legal and compliance risk.Read through quickly, will go into each definition in the next slides.Strategic RiskRisks related to the management of strategic direction of the institution; includes governance risk and strategic risk.
15 The Floor: Strategic Risk Governance RiskStrategic RiskGovernance is the process through which the board of directors, balancing the interests of all stakeholders and working through management, guides an institution toward fulfilling its corporate mission and protecting the institution’s assets while preventing and overcoming crises.Strategic aspects such as the institution’s mission, vision, strategic plan, and mission alignment amongst shareholders. One of the most important aspects of strategic risk concerns the potential of an MFI to experience mission drift. Also discuss reputation risk.
16 Pillar 1: Credit Risk Credit Transaction Risk Portfolio Risk risk of financial losses and negative social performance related to loans to clients, caused by inadequate policies regarding loan disbursement, follow-up, and recovery.Portfolio Riskrisk of financial losses and negative social performance related to the composition of the overall loan portfolio, caused by inadequate portfolio diversification.
17 Pillar 2: Financial Risk Liquidity RiskMarket RiskInterest Rate RiskForeign Exchange RiskInvestment Portfolio RiskCapital Adequacy RiskLiquidity Riskrisk related to the inability to meet current cash obligations in a timely and cost-efficient manner, to have adequate liquidity to fund planned growth and survive through crisis. Liquidity risk often arises because of mismatches in the maturity and concentration profiles, as well as the behavioral nature of an institution’s assets and liabilities.Market RiskRisk related to changes in the value of an MFI’s assets and liabilities. These changes as determined by fluctuations in interest and foreign exchange rates in the market. The structure of an institution’s assets and liabilities has a direct impact on its resiliency against external shocks. This resiliency directly affects an institution’s ability to continue to provide products and services to its clients on a sustainable basis. Market risk is subdivided into interest rate risk and foreign exchange risk.Interest Rate Risk related to unfavorable changes in market interest rates that are caused by mismatches in the re-pricing structure (re-pricing risk) or caused by basis risk—the imperfect correlation between market reference rates and internally managed rates on an MFI’s interest-rate-sensitive assets and liabilities.Foreign Exchange Risk related to unfavorable changes in exchange rates, usually due to mismatches in the currency structure of assets and liabilities.Investment Portfolio RiskRisk related to an MFI’s investment portfolio. It covers the cases in which larger MFIs have a certain percentage of their assets in financial or non-financial investments. Investment portfolio risk also includes equity investments in MFIs or other companies, if applicable.Capital Adequacy RiskRisk related to the capacity of an institution’s equity base to absorb risk. An institution’s equity base is a capital cushion that must be large enough to absorb financial losses associated with all of the business’s other risk areas.
18 Pillar 3: Operational Risk People riskProcess riskSystems riskExternal events riskLegal and compliance risk.People RiskRisk related to inadequacies in human capital and the management of human resources. This encompasses the inability to attract, manage, motivate, develop, and retain competent resources and often results in human errors, fraud, or other unethical behavior, both internal and external to the institution.Process RiskRisk related to failed internal business processes within every aspect of the business. This can include product design flaws and internal project failures.Systems RiskRisk related to failed internal systems. This encompasses inter-branch connectivity, management information and core banking systems, information technology systems, power backup systems, and other technical systems.External Events RiskRisk related to the occurrence of external events typically outside of an MFI’s control. This encompasses both natural disasters such as hurricanes, flooding, earthquakes, and fires, as well as man-made events such as civil disruptions, war, robberies, arson, road blockades, and terrorist attacks.Legal and Compliance RiskRisk related to non-compliance with internal and external regulations and laws. This encompasses non-compliance with microfinance regulations, anti-money laundering (AML) requirements, tax laws, human resource laws, mandatory vehicle registration, internal codes of ethical conduct, and other regulations.
19 The Roof: Financial & Social Goals Social Results – an MFI’s capacity to stay true to its social mission and attain its social goalsProfitability – an MFI’s capacity to maintain or increase its current level of capital adequacy and attract new investors and shareholders while achieving its social goalsEfficiency and Productivity - an MFI’s ability to achieveits goals in a cost-efficient manner.The responsibility for reaching these financial and social goal lies on the MFI’s board and senior management and is not part of the risk management function.
20 Interdependence & Evolution 1. Good performance drives resources to invest in better risk management2. Better risk managemen drives positive bottom line3. Good risk management improves foundations4. Solid foundations are the basis for building strong risk management.Evolution:- As institution matures and grows (increased tiers) each element of the model gains in complexity (pillars, floor, foundation etc.)
21 RMGM Graduation Path RMGM has three graduation, or tier, categories Lowest to highest tier offer increasingly more formal risk management guidelines with respect to policies, limits, and risk management and monitoring tools.Tier 1 – highest tierTier 3 – lowest tier
22 MFI Tier Definition by MicroRate Sustainability: ROA, calculated as net operating income less taxes as a percentage of average total assets, serves as an indicator for profitability, sustainability, and efficient use of capital.Size: Size is an objective indicator of maturity and total assets is a reasonable criterion for tier purposes. Smaller Tier-3 MFIs (below USD $5 million) are usually either young, operate in a small market, or have not been able to grow organically. Larger institutions are typically stable and consistent.Transparency: Transparency serves as a proxy for maturity by reflecting both the MFI’s willingness and ability to be accountable to the public. Regulated financial institutions represent the highest level of transparency because of the high standards imposed by most local banking authorities. In countries that lack adequate regulation, or for MFIs that do not pursue regulation, Tier 1 transparency can also be assigned to MFIs that have been rated at least once in the last two years.What Tier is Your Institution?What Tier do you plan to be in XX years from now?
23 Other Considerations Approaching and applying the RMGM flexibly Setting realistic expectationsThe role of the RMGM vis-à-vis national microfinance regulationsApproaching and applying the RMGM flexibly: Although MicroRate’s tier system allows for an objective identification of MFIs and classification into the three categories, each MFI should also take into account its individual institutional realities, future projections, and external context. An MFI will need to make decisions on which RMGM guidelines it will prioritize vis-à-vis its future strategy and available resources.A large, regulated, mature, and sustainable MFI could experience an exceptional event, for instance a very large fraud, which could have significant consequences in terms of profitability and decrease its ROA to less than -5%; in this case, the MFI should still be classified as Tier 1 and meet the RMGM’s Tier 1 guidelines.The RMGM should serve as a roadmap of policies, limits, and tools to implement in relation to an MFI’s institutional development.Setting realistic expectations: Although the Tier 1 guidelines represent a set of policies, limits, and tools that all the MFIs should strive towards, many MFIs will not necessarily meet all of them. Meeting the Tier 3 guidelines already represents an achievement and even a significant challenge for some MFIs.The role of the RMGM vis-à-vis national microfinance regulations: National microfinance regulators are the bodies responsible for the enforcement of regulations relating to best-practice risk management frameworks within a given country or region. The RMGM is not meant to replace the risk management frameworks that regulators put forward, but rather provide regulators with scalable standards through which they can add value to their existing risk management frameworks or provide an appropriate basis from which to develop a new national risk management framework. Similarly, the RMGM framework also provides valuable approaches which can be incorporated into the strengthening of on-site supervision of regulated microfinance institutions.
24 On-site RMGM Assessment Agenda LocationDateAssessor NamePlay an Ice Breaker –NameDepartmentPositionNumber of Years at FI
25 On-site RMGM Assessment Agenda Inception MeetingOn-site Assessment InterviewsAnalyzing ResultsGraduation Path WorkshopConclusionShow agenda and discuss. Here is a sample.
26 How does your Risk Management House look? Risk Management House Self-assessmentDue: [[[INSERT DATE OF LAST DAY OF ON-SITE ASSESSMENT INTERVIEWS]]]Contact Info:Assessor’s Contact InformationFor more information:Note to Assessors:Hand out copies of the Practical Tool Risk Management House Self-Assessment TemplateThis is a take-home exercise for all those in attending at the introduction meetingRead the instruction on the RIM House Self-Assessment TemplateGive them a deadline – ideally by the last day of on-site assessment interviews (will review during Analyzing Results)