by C/A Staff
It’s the new buzz word sweeping the banking industry. Well, maybe a slight over exaggeration since the concept of enterprise-wide risk management (ERM) has been around for some time. But, it’s certainly something that many banks have either adopted or are in the process of implementing. Why? Banks recognize that strong risk management practices are important.
One of the most important reasons for implementing an ERM program is to improve the organizational decision-making process in hopes of achieving strategic goals and objectives. ERM is known to help this process by removing obstructions to information, which will yield better organization performance, thus creating the value-add proposition.
In practice, the ERM program involves processes to detect, measure and manage risks related to the achievement of the bank’s goals. This is accomplished by identifying events in the external environment (e.g., economy, regulatory landscape, and competition) and within a bank’s own internal environment (e.g., people, process, and infrastructure). When these events intersect with the bank’s strategic goals and objectives – they become risks.
Simply put – risk is the possibility that an event will occur that could adversely impact the bank’s strategic goal and objectives.
The generally accepted banking risks are compliance, credit, interest rate, liquidity, operational, reputation, and strategic. Historically, banks have managed these risks by utilizing certain departments or functional areas specialized in the particular risk. This approach, at times, may isolate the sharing and transparency of information, and likely impact the quality of strategic risk decisions.
By nature, ERM is designed to provide transparency across the entire organization. It’s known to break down “silos” and engage all parties with the intent of increased communications. Ideally, the collaboration will lead to better strategic alignment with everyone rowing in the same direction (My Minnesota banking friends will appreciate the nod to Gopher football!).
Now that we briefly highlighted the value-add ERM program, it’s important to also understand what ERM is not. Unlike risk elimination (approach of the military and law enforcement, and sometimes bank compliance departments – which is certainly needed), risk management includes the coordinated efforts used to direct and influence an organization’s management of risk. Further, it’s not meant to be a checklist, audit, or one-time project.
Those that have already implemented an ERM program can attest to it becoming the fabric of the organization. The goal of ERM is not to replace or duplicate existing risk functions, but instead leverage those functional area and bring together all the current risk management activities. This will happen in a coordinated and collaborated effort when possible, and lead to better strategic decision-making.
So, what is ERM? It’s a roadmap to get the organization where it wants to go while avoiding any potholes along the way. Safe travels!
The Coronavirus Aid, Relief, and Economic Security Act (CARES Act) provided for numerous forms of relief to businesses and borrowers and many banks were working with its borrowers to try to assist during these times of economic hardship. For many banks, the first round of accommodations is coming to a close and many are set to expire soon. Unfortunately, some borrowers will be ready and able to return to their normal payment schedules, but there are still countless number of people who are still continuing to face hardships. In trying to arrange further accommodations, there could be difficulty assessing the borrowers’ credit risk because of the lack of borrower financial data and the impact of COVID-related difficulties. Therefore, the Federal Financial Institutions Examination Council (FFIEC) has issued a joint statement to provide guidance for the banks to consider when working with the borrowers.
The biggest concern is not knowing what would happen in the future after this pandemic as it is difficult to grasp the long-term effects of the coronavirus. In working with the borrowers, the FFIEC emphasizes the importance of monitoring the loan information including the terms (i.e. payment changes, interest rate changes, and modified amortization terms). It also speaks to keeping track of the underlying collateral for all of these loans to help protect the bank and to ensure that the borrower has the ability to uphold the modified terms of the loan. This would apply to both consumer and commercial loans as the borrower’s future earnings could change drastically for some time even after the pandemic passes.
This isn’t to say that the underwriting for these accommodations should be so strict so that the borrowers are harmed. In the most recent guidance, the FFIEC continues to encourage banks to work with consumers with “available options for repaying any missed payments at the end of their accommodation to avoid delinquencies or other adverse consequences.” The guidance continues to list different methods of trying to work with borrowers such as by providing additional accommodation options that are affordable and sustainable, and communicating with the borrowers in a timely manner throughout the process.
The big issue here is that there is no bright line rule for any of these accommodations. On one end, the FFIEC is recommending using safe and sound practices in the banks’ underwriting policies so that the banks are protected. On the other, it recommends being flexible with the borrowers so that they could stay on track with the payment terms of the loan. Therefore, the biggest task in getting all of this done is finding the right balance between the two. There would definitely be scenarios that could bring too much pressure for either side, but until there is a little more certainty to the whole COVID pandemic and its long-term economic effects, it is all just a matter of risk assessments for the bank to try find a happy medium between accommodating borrowers while also ensuring that they are ultimately able to pay off the loan without defaulting.