Risk management has assumed increased importance of regulatory compliance
point of view. Credit risk, being an important component of risk, has been
adequately focused upon. Credit risk management can be viewed at two levels–at
the level of an individual asset or exposure and at the portfolio level. Credit
risk management tools, therefore, have to work at both individual and portfolio
levels.
Traditional tools of credit risk management include loan policies, standards
for presentation of credit proposals, delegation of loan approving powers,
multi-tier credit approving systems, prudential limits on credit exposures to
companies and groups, stipulation of financial covenants, standards for
collaterals, limits on asset concentrations and independent loan review
mechanisms. Monitoring of non-performing loans has, however, a focus on remedy
rather than advance warning or prevention. Banks assign internal ratings to
borrowers, which will determine the interest spread charged over PLR. These
ratings are also used for monitoring of loans.
Some central banks like the RBI have suggested the use of rating models like
Altman’s Z score models at individual loan/company level and risk models like
CreditMetrics and CreditRisk+ at the portfolio level. While evaluating credit
and monitoring, banks use a number of financial ratios. There have been studies
of predictive ability of various ratios. Attempts at combining different ratios
into a single measure by using the statistical technique of "multiple
discriminant analysis" have also been made. Among these, Altman’s Z-Score
is well known.
It forecasts the probability of a company entering bankruptcy. The model
combines five financial ratios into a single index.
Practitioners, however, had difficulties in using the model, as the
classification error is high for more than one year in advance.
Thus, by the time the model could be applied on published financial data, it
would be too late for any action to be taken.
Recently, significant advances have been made in credit risk modeling at the
portfolio level. The interest is not confined to academicians alone. Policy
makers and practitioners are also working on applying these models.
CreditMetrics and CreditRisk+ were released in 1997.
CreditMetrics was developed by JP Morgan and focuses on estimating the
volatility of asset values caused by variations in the quality of assets. To
compute volatility, the model tracks the "rating migration"–the
probability that a borrower of one risk rating migrates to another risk rating.
CreditRisk+ was developed by Credit Suisse Financial Products. It is a
statistical method for measuring and accounting for credit risk. The model is
based on actuarial calculation of expected default rates and unexpected losses
from default. The model is based on insurance industry models of event risk.
Under CreditRisk+, each individual obligor has a default probability. The
default probability is not constant over time but changes in response to
background economic factors.
To the extent that more than obligors are sensitive to the same background
economic factors, their default probabilities move together, which can lead to
correlations in defaults. Can banks go ahead and adopt models in their credit
risk management process? Which model to go for? A direct comparison of models is
not simple, as different models may be presented with rather different
mathematical frameworks. For example, given the same portfolio of credit
exposures, the two models mentioned above have been found to be, in general,
yielding differing evaluations of credit risk.
The problem is not just that of selection of a model but that of validating
the model chosen. As credit risk models employ relatively longer time horizons
(one year to several years), their validation poses major difficulties in
requiring many years of historical data spanning multiple credit cycles for
estimating key parameters accurately. As a contrast, market risk models use a
much shorter time horizon and their "backtesting" becomes simpler.
Practitioners and researchers alike have reported "data insufficiency"
to be a key impediment to design and implementation. However, it is critical
that regulators are confident that models are conceptually sound and empirically
validated before they can be used in the process of supervisory process and
computation of capital requirements.
The task force has rightly recognized that data availability and model
validation are two hurdles to be crossed before the next step is taken. In fact,
the recent revisions to the 1988 Basel Accord, do not envisage permitting banks
to set their capital requirements solely on the basis of their own credit risk
models.
Internationally, the degree to which models have been incorporated into the
credit management and economic capital allocation process varies greatly between
banks. Large-sized banks across the world have put in place risk adjusted return
on capital framework for pricing of loans. Banks have implemented different
models for corporate and retail businesses.
While only a small number of banks are currently using models for active
credit risk management, the internal applications are varied and include setting
of concentration and exposure limits, risk-based pricing, evaluation of
risk-adjusted performance of business lines or managers and customer
profitability analysis. As discussed above, credit risk models require, most
importantly, historical loan loss data and other model variables, spanning
multiple credit cycles.
Banks must, therefore, as a first step, endeavor building adequate database
for implementing credit risk modeling over a period of time.
Most banks will need expert help in the preparatory and implementation phases
— education and training, study of available models, building models depending
on a bank’s business profile, model validation, data sufficiency studies and
building systems for ongoing data build up.
To be able to move swiftly in this area, banks need to work from the sides of
both the business analytics and the supporting technology infrastructure. It is
going to be some significant investment, but considering that it is "risk
management" that they are going to spend on, it should be worthwhile!
The author, H S
Rajashekhar, is with i-flex Consulting, India. The views expressed in
this article are his own.