enterprise risk management: commercial banks vis-a vis
TRANSCRIPT
ENTERPRISE RISK MANAGEMENT: COMMERCIAL BANKS VIS-À-VIS ISLAMIC BANKING
Fauziah Hanim Tafri,
Faculty of Information Technology and Quantitative Sciences,
Universiti Teknologi Mara Malaysia, 40450 Shah Alam, Selangor, Malaysia
*Email: [email protected]
Ahamed Kameel Mydin Meera,
Kulliyyah of Economics and Management Sciences
International Islamic University Malaysia, P.O. Box 10, 50728 Kuala Lumpur, Malaysia
Mohd Azmi Omar,
Kulliyyah of Economics and Management Sciences
International Islamic University Malaysia, P.O. Box 10, 50728 Kuala Lumpur, Malaysia
Zarinah Hamid
Kulliyyah of Economics and Management Sciences
International Islamic University Malaysia, P.O. Box 10, 50728 Kuala Lumpur, Malaysia
*Email: [email protected]
* corresponding authors
ENTERPRISE RISK MANAGEMENT: COMMERCIAL BANKS VIS-À-VIS ISLAMIC BANKS
Abstract
This paper seeks to conduct a comparative study on enterprise risk management (ERM) of the
conventional banks and Islamic banks in Malaysia as well as the Islamic banks outside Malaysia. The
results show that Islamic banks have not fully adopted ERM. Collectively, the conventional and
Islamic banks face moderate level of adequacy of risk management tools. However, Islamic banks
indicate that the three most critical areas are lack of information technology (IT) professionals with
relevant expertise, IT systems to cater for each Islamic instrument and the capacity of human capital
in the highly technical areas of risk management. The findings provide an indication that more
innovations are needed for the Islamic banking in managing risk.
Keywords: Comparative management, organizational structure, organizational culture, corporate
governance, risk management, enterprise risk management.
INTRODUCTION
Enterprise risk management (ERM) emphasizes a comprehensive view of risk and risk management
which moves away from the “silo” approach of managing different risks within an organization. The
key features of the ERM or the new risk management paradigm is that it is integrated as compared to
the old paradigm whereby the risks are managed independently by each department (Barton et
al.,2002).
According to Lam1 (1999) there are seven components of ERM that an organization needs to
consider, namely corporate governance, line management, portfolio management, risk transfer, risk
analysis, data and technology resources and stakeholders management. The practice of risk
management keeps on evolving over time from the classical risk management practices which consist
of setting up risk limits while ensuring that business remains profitable to modern best practices
which are more risk sensitive through the quantification of risk (Bessis, 2002). The financial
conglomerates embrace ERM as it provides the competitive edge against those who are lagging
behind in adopting it and is considered as “the final destination for companies wanting to demonstrate
advanced capabilities” (Deloitte Touche Tohmatsu, 2004: 17). Furthermore ERM recognises not only
the downside of risk but also the upside nature of risk (Miccolis et al., 2001, COSO, 2004).
1 He is the first person to use the title “Chief Risk Officer” at GE Capital in 1993, quoted in “A Short History of
Risk Management: 1900 to 2002” which is an adaptation from Risk Management Reports, Vol. 26, No.12,
December 1999.
2
This paper is organized as follows: The next section discusses about the objectives of the
study while the following section discusses about some of the previous studies on ERM. This is
followed by the research methodology and results while the last section concludes the paper.
OBJECTIVES AND HYPOTHESES
As the concept of ERM is still evolving and the definition (COSO 2003, CAS 2003, Miccolis
et al., 2001) and implementation varies widely and has not reached its full maturity, this study
explores the status of adoption of ERM, the motivating factors, the benefits in implementing ERM
and also the level of adequacy of risk management tools and instruments. This paper seeks to conduct
a comparative study on ERM of the conventional banks and Islamic banks in Malaysia as well as the
Islamic banks outside Malaysia. As most countries practice dual banking system whereby the Islamic
banks operate hand in hand with the conventional banks, it is interesting to compare and contrast the
way both systems manage their risks. Are there any major differences between the practices of the
Islamic and conventional banks? In principle, Islamic banks are different from the conventional ones
due to the prohibition of riba’2 and the need to comply with the Shari’ah
3. As such the nature and
characteristics of risks that the Islamic banks are exposed to should be different from the conventional
banks. However, in practice, Islamic banks offer products, which are quite similar to the conventional
banks and emulate the practices of the conventional banks. With regards to the tools used in
managing risks, this study would like to see whether there are any differences and similarities in the
practice of ERM between Islamic banking and conventional banks.
Most of the big conventional banks (Deloitte Touche Tohmatsu, 2004; KPMG International,
2004) in the developed countries have adopted the ERM concept of risk management. It is expected
that most banks in Malaysia are also embracing this concept. As ERM is the latest development in
managing the risks of the banking sector, the researcher would like to know the factors (drivers) that
2 Literally, an increase or addition. Technically it denotes, in a loan transaction, any increase or advantage
obtained by the lender as a condition of the loan. In a commodity exchange it denotes any disparity in the
quantity or time of delivery. 3 Islamic canon law derived from these sources – the Qur’an (The Muslim Holy Book), the Hadith (sayings of
the Prophet Muhammad (saw), and the Sunnah (practice and traditions of the Prophet Muhammad (saw)), Ijma
(concensus), Qiyas (reasoning by analogy) and Maslaha (consideration of the public good or common need)
3
motivate the adoption of ERM by the conventional banks in Malaysia as well as Islamic banks. Thus
the relevant hypotheses are:
Hypothesis 1: There is a significant difference in the primary drivers that motivates the
implementation of ERM between the Islamic and conventional banks
Hypothesis 2: There is a significant difference in the level of extensiveness of the usage of risk
management procedures between Islamic banks and conventional banks
Hypothesis 3: The level of adequacy of risk management tools and system of Islamic banks is
significantly different from the conventional banks.
PREVIOUS STUDIES
There are not many studies done on ERM for the banking sector. Two of the relevant studies mention
here are the ones conducted by Deloitte Touche Tohmatsu (2004) and Miccolis et al. (2001). Deloitte
Touche Tohmatsu’s global risk management survey on financial institutions conducted in 2004
received responses from 162 organizations across the globe with assets of nearly USD19 trillion. The
survey covers issues of risk governance, regulatory and economic capital, ERM, credit risk
management, market risk and ALM, operational risk management, risk systems and technology.
Miccolis et al. (2001) conducted a survey on ERM to gauge the current state of ERM across
various industries and their achievements. It was found that quite a number of organizations
especially the larger ones are undertaking ERM. Some of these organizations have successfully
integrated ERM with other processes while some have successfully developed new tools and metrics.
However, ERM is still in its early stage as none of them have acknowledged having completed the
process.
Miccolis et al., (2001) also conducted a multi industry global benchmark survey in 2000 to
better understand the issues that surround ERM. The survey indicated that some of the success factors
and drivers are strong support from the senior management and also a dedicated group of cross-
functional staff to drive ERM implementation and continue to push it in its operational stage. They
believe that ERM should be introduced as an enhancement to the existing process and not as a new
stand alone process.
4
At the present moment, there is not much literature on the risk management practices of
Islamic banking especially on empirical works. The current study looks at the comparison between
the conventional banks, conventional banks with Islamic banking windows and full fledged Islamic
banks, in the implementation of ERM as no comparative studies have been previously conducted in
this area. Therefore this study hopes to enhance and enrich the literature in this area.
METHODOLOGY AND DATA
Survey method is used in this study whereby the samples are the commercial and Islamic banks in
Malaysia and Islamic banks outside Malaysia. This study on ERM is part of the researcher’s major
study on risk management (Fauziah Hanim, 2008). Thus the questions (see appendix II for the
questions) on ERM are part of the main survey questionnaire. The questions on ERM were aimed at
extracting information about the banks’ implementation of ERM.
Parametric tests were employed whereby, specifically the one-sample t-test was conducted on
all the banks surveyed while the ANOVA test was used for the comparison between the banks
groups. Fisher’s LSD test was also conducted in order to identify the pair that contributed to the
difference.
In order to study the level of strength of the primary drivers to the bank’s ERM activities,
level of adequacy of the risk management tools and systems regarding the risk management practices,
Three ranges of composite scores with equal class interval were applied. The scale scores were
developed by subtracting the minimum score (of the responses on a five-point Likert scale ranging
from 1 to 5) from the maximum score and dividing it by three.
FINDINGS
Forty-five survey questionnaires were sent out, of which 25 were distributed to the risk managers of
local commercial banks and Islamic banks in Malaysia whilst 20 were sent out to the risk managers of
Islamic banks outside Malaysia. Only one questionnaire was sent out to each bank. The response rate
of 34 usable replies is 75.6%, which is very encouraging. The summary of the response is presented in
Table 1.
5
[insert table 1 here]
Questions 1 to 7 extracted information about the organizational structure of risk management of the
banks especially the organizational approach and organizational culture that they employ. In terms of
the organizational culture, all the conventional banks with Islamic banking (windows) surveyed used
the combination approach while 50% of the conventional and Islamic banks surveyed used the
centralised approach (Table 2).
[insert table 2 here]
However, for organizational approach, 69.7% of the banks surveyed embrace the combination of
top-down and bottom-up approach. Specifically this approach is being used by all the conventional
banks with Islamic banking (windows), 75% of the conventional banks and 57.9% of the Islamic
banks.
The current level of adoption of ERM is extracted from question 8 and the results are
tabulated in Table 3. Although ERM is still in its early stages of application most banks have
implemented some form of ERM activities. However, not many organizations have fully
implemented a full-scale ERM program. On the whole, 40% of the banks surveyed have fully
implemented the ERM framework, 26.7% have partially implemented, 23.3% do not have ERM
framework but plan to implement one, 6.7% are still investigating the framework while 3.3% do not
have and do not intend to implement the ERM framework.
[insert table 3 here]
In comparing between the types of banks, 62.5% of the conventional banks have fully implemented
ERM framework while for conventional banks with Islamic banking windows and Islamic banks, it is
66.7% and 25.0%, respectively. 12.5% of the conventional banks have partially implemented ERM
framework while 25% do not have ERM framework yet, however they are planning to implement it.
As for the conventional banks with Islamic banking (windows), 16.7% of them have partially
implemented the ERM framework while another 16.7% of them do not have any ERM framework yet,
but are planning to implement the framework.
In the case of Islamic banks, the percentages of implementation is lower than the
conventional, of which 40.0% have a partial ERM framework while 20.0% of them do not have ERM
6
framework, but they are planning to implement one. On the other hand, 10.0% of the Islamic banks
are still investigating the concept of ERM while 5.0% claimed that they do not have ERM framework
and have no intention of implementing it.
As ERM is a multidimensional activity, there are various implementation approaches.
Banks can implement ERM globally and holistically across all risk factors and business units or they
can take incremental approaches by focusing on specific risks and/or specific operations and /or
specific risk management processes. Thus Question 10 identifies the banks approaches to the
implementation of ERM. Table 3 shows that 54.3% of the banks surveyed have implemented ERM
globally and in a holistic manner while 35.5% have done it on an incremental basis by business
segment, 12.9% by region and 32.3% by type of risk.
Looking at each specific type of banks, 75% of the conventional banks and 100% of the
conventional banks with Islamic banking scheme respectively have implement them on a holistic
manner. Not many of them have implemented ERM on an incremental basis. The opposite is true for
Islamic banks whereby only 29.4% have done it in on a holistic manner while 47.1% of the Islamic
banks have implemented ERM on an incremental basis by types of risk, 41.2% by business segment,
and 11.8% by region.
Question 9 elicited information about the duration of adoption of ERM framework since its
inception. This is presented in Table 4. It can be seen that, all the conventional banks have fully
implement the ERM framework whereby 60% of the conventional banks have adopted it for more
than five years, while 40% have adopted it between 3 to 4 years. On the other hand, all of the
conventional banks that have partially implemented ERM framework have been operating it for more
than five years.
[insert table 4 here]
As for the conventional banks with Islamic banking (windows), 50% of those that have fully
implemented ERM have been operating under this framework for more than 5 years, while 25% of
them have been operating it between 1 to 2 years and between 3 to 4 years. As for those that have
partially implemented ERM framework, they have been operating it under the framework between 3
to 4 years.
7
In the case of Islamic banks, 40% of those who have fully implemented ERM framework
have been operating under this framework between 3 to 4 years and more than 5 years respectively,
while 20% of them were operating between 1 to 2 years. On the other hand, the banks that have
partially implemented the framework, 87.5% of those have been operating between 1 to 2 years while
another 12.5% of them have been operating for about 3 to 4 years.
Many factors have motivated the banks in the adoption of ERM framework. Some of the
factors are external factors while some are internal factors. The objective of Question 11 is to seek
information about the factors that motivate ERM activity of the banks The motivating factors that
have been identified are shown in Table 5.
[insert table 5 here]
From the table, it can be seen that all respondents of the conventional banks agreed that the main
motivating factor in the adoption of ERM framework is the desire for unifying framework for risk
management and capital management. Other motivating factors are compliance with Basel II
guidelines (87.5%), asset allocation (75%), compliance with Central Bank’s guidelines (75%), desire
for earnings stability (62.5%), price volatility (50%) and mandate from Board of Directors (50%).
As for the conventional banks with Islamic banking windows the main factors that motivate
the banks to adopt ERM are their desire for unifying framework for risk management and capital
management with 83.3% of respondents agreeing with that statement. This is followed by
competitive pressure (66.7%), desire for earnings stability (66.7%), mandate from Board of Directors
(66.7%), compliance with Basel II guidelines (66.7%), asset allocation (50%), compliance with
IFSB’s guidelines (50.0%), deregulation (33.3%), ‘price volatility’ (33.3%). Meanwhile the factors
that motivate most of the Islamic banks respondents are compliance with Basel II guidelines (94.7%),
compliance with Central Bank’s guidelines (89.5%), desire for unifying framework for risk
assessment (73.7%), compliance with IFSB’s guidelines (52.6%) and desire for unifying framework
for capital management (52.6%).
The benefits of ERM framework have been explored with the objective of indicating the
strength of the primary drivers that help to motivate the ERM activities of the banks. Question 12
deliberated on the benefits of ERM framework. In Table 6, all ERM potential benefits are significant
8
to all the three types of bank. All the banks surveyed agreed that ERM helps to align risk appetite and
strategy. Other significant potential benefits of ERM are that it helps to minimize operational
surprises and losses, helps to identify and manage cross-enterprise risks, links growth, risk and return,
enhances risk response decision, and provides integrated response to multiple tasks. The banks also
perceived that ERM helps them to seize opportunities and rationalizes their capital.
[insert table 6 here]
Table 7 shows the frequency of responses for the strength of the primary drivers to the bank’s
activities according to the types of bank. Conventional bank’s respondents responded that almost all
primary drivers have very strong influence towards the bank’s activities, the least being seizing
opportunities (mean 3.87).
[insert table 7 here]
In the case of the conventional banks with Islamic banking (windows), all the factors have means
above three indicating that these are strong drivers to the banks whereby six drivers have means above
4.00. The six primary drivers are; align risk appetite and strategy, link growth, risk and return,
enhance risk response decision, minimize operational surprises and losses, identify and manage cross-
enterprise risks and rationalize capital.
For Islamic banks, four of the primary drivers have mean scores above 3.00 while another
four have mean scores of above 4.00 indicating that these drivers have very strong influence to the
banks. The drivers that have very strong influence towards the bank’s activities are align risk appetite
and strategy, link growth, risk and return, minimize operational surprises and losses and identify and
manage cross-enterprise risks.
Table 8 represents the results of the comparison of means between types of bank. The
ANOVA test result shows that the p-value is 0.348 which is greater than 0.05. Therefore there is not
enough statistical evidence to reject the null hypothesis that there is no difference in the primary
drivers that motivates the implementation of enterprise wide risk management between the Islamic
and conventional banks. Thus the result does not support the research hypothesis 1.
[insert table 8 here]
9
The minimum and maximum scores of the responses are 22 and 40 respectively. By categorising the
scores into three levels of low, medium and high with each level ranging between 22-28, 29-35 and
36-42 respectively, it can be seen in Table 9 that majority of the respondents for the three types of
commercial banks considered that these benefits provide moderate drivers to the banks’ activities.
[insert table 9 here]
In managing risk, banks are moving towards the more advanced procedures in relation to firm
wide risk management. Information about the level of extensiveness of the usage of these risk
management procedures employed by the banks has been extracted. Question 13 identified the level
of extensiveness of the usage of risk management procedures employed by the banks. The results
tabulated in Table 10 shows that Islamic banks do not extensively used these risk management
procedures as compared to the conventional banks and also conventional banks with Islamic
windows.
[insert table 10]
The ANOVA test conducted to determine whether there is any significant difference in the level of
extensiveness of the usage of the risk management procedures employed by the banks. The result
indicated in Table 11 shows that the difference is significant at 1% level of significance. Thus there is
enough statistical evidence to reject the null hypothesis, implying that there is a significant difference
in the level of usage of risk management procedures between the conventional and Islamic banks.
Since the ANOVA result is significant, Fisher’s LSD test was conducted.
[insert table 11 here]
The LSD test result in Table 12 indicates that there is a significant difference in the level of usage of
the risk management procedures between the conventional bank and Islamic banks and also
significant difference in the level of usage between the conventional banks with Islamic banking
(windows) and Islamic banks. This confirms the earlier results which show that the Islamic banks
have not extensively use these advance procedures as compared to the conventional banks. For most
of the procedures listed, the Islamic banks are still in the planning stage whereby they intend to use
the procedures in the future as compared to the conventional banks which have already adopted most
of the procedures. Most of the procedures are the procedures used in managing risk at the enterprise
10
level; this indicates that collectively the Islamic banks are still in the earlier stage of the adoption of
ERM.
[insert table 12 here]
This section attempts to test research hypothesis 3. The information extracted about the level
of adequacy of risk management tools and systems of all the banks surveyed is tabulated in table 13.
[insert table 13 here]
Table 13 indicates that statements 1,2,3,4 and 8 are highly significant at 1% level of significance;
statements 9 and 10 significant at 5% level of significance and statements 7 and 11 are significant at
10% level of significance. This implies that the banks’ respondents agreed with these statements
that relate to the adequacy of risk management tools, and systems of the banks. The factors are
bank’s on going risk monitoring and periodic reporting capabilities, bank’s on going risk monitoring
and real-time reporting on changing conditions capabilities, bank’s internal communication channels
in the risk management process, bank’s external communication channels in the risk management
process, bank’s on going training of human capital in technical areas of risk management, bank’s on
going training of human capital on Islamic business ethics and work culture, and bank’s employees
understanding of the different types of bank’s risks.
From table 14, it can be seen that the entire mean of the responses for the conventional banks
ranges from 2.67 to 4.00. The conventional banks surveyed agreed that the tools and systems for their
risk management practices are adequate. As for the conventional banks with Islamic banking
(windows), the entire mean of the responses ranges from 2.83 to 4.33. The highest mean is for bank’s
on going risk monitoring and periodic reporting capabilities and bank’s internal communication
channels in the risk management processes while the lowest mean is for IT systems to cater for each
Islamic instrument.
[insert table 14 here]
In the case of Islamic banks, the entire mean of the responses for Islamic banks ranges from 2.75 to
3.60 indicating that the tools and systems for risk management practices are barely adequate. The
three most critical areas are the lack of IT professionals with relevant expertise in the process
11
integration and risk analytics, IT systems to cater for each Islamic instrument and also the capacity of
human capital in the highly technical areas of risk measurement.
Table 15 indicates that the risk management tools and systems regarding the risk management
practices for the three types of banks are at a moderate level of adequacy.
[insert table 15 here]
Furthermore, the analysis of variance (ANOVA) test conducted to evaluate whether there is
any significant difference in the agreement about the level of adequacy of risk management tools and
systems between the different types of banks showed a p-value of 0.348. Since this value is greater
than 0.05, there is not enough statistical evidence to reject the null hypothesis that the level of
adequacy of risk management tools and systems of Islamic banks is the same as the conventional
banks (refer to Table 16). Thus the result of the one-way ANOVA implies that the level of adequacy
of risk management tools and systems of Islamic bank is statistically the same as the conventional
banks.
[insert table 16 here]
PROBLEMS AND LIMITATION OF THE STUDY
Two main problems faced by the researcher were the limited number of respondents and the problem
of getting the banks to participate and subsequently to complete the questionnaire. The data
collection process took about six months which was from November 2006 to April 2007. The limited
number of respondents is due to the fact that the unit of analysis is the bank, meaning that only one
questionnaire is answered by each bank, thus the number is very small. In the case of Islamic banks
outside Malaysia, most of the addresses of the banks were obtained through their websites. However,
not many of the Islamic banks have their own websites. Thus the researcher had to be contented with
the limited number of banks with websites.
CONCLUSIONS
Based on the results of the survey questionnaire, it can be seen that the level of adoption of ERM by
the Islamic banks is lower than the conventional banks. In fact some of the Islamic banks have not
implemented it. In the process of implementing ERM, there is no statistical difference between the
banks with regards to the reasons and the drivers in implementing it. However, it is found that there
12
are differences in the level of adoption of those risk management procedures between the
conventional and Islamic banks. The Islamic banks have not extensively used those procedures yet as
compared to the conventional banks. Most of the Islamic banks are still in the planning stage of
adopting these procedures. A study conducted by Miccolis et al. (2001) on ERM found that the items
listed in table 17 were considered important while the most important items are to conduct firm-wide
risk identification and rank the materiality of individual risks from the firm-wide perspective as
agreed by 82% and 86% the respondents, respectively. The respondents also agreed that it is
important to use a coherent framework to guide the risk management activities. The key to the
successful implementation is a structured approach (Warrier and Chandrashekhar, 2006). As
profitability is the bottom line of any financial institutions, it is imperative for the banks to practice
effective risk management as “superior risk management practices are really good for the bottom-
line” (Bird and Skinner, 2005: 10).
The conventional as well as the Islamic banks agree that the tools and systems for risk
management practices are barely adequate. In the case of Islamic banks, the three most critical areas
are lack of IT professionals with relevant expertise in the process integration and risk analytics, IT
systems to cater for each Islamic instrument and also the capacity of human capital in the highly
technical areas of risk measurement. Since the finding shows that risk management tools for Islamic
banking are inadequate, the Islamic banks should innovate or develop more tools which are Shari’ah
compliant to cater for the needs of the Islamic banking. As the existing products such as derivatives
and credit derivatives are not Shari’ah compliance, similar products which are Shari’ah compliance
should be in the top priority list. This should be the driving factor to the Islamic banks. Innovation of
new products, requires properly trained and qualified personnel. Thus the Islamic banks should
allocate greater resources for research and development.
With regards to ERM, findings show that now most banks are still in the early stage of
implementation. Therefore in the future, it is interesting to study the impact, the costs and benefits to
the banks after many years of implementation. There are still a lot of avenues and opportunities to
explore further in this area. As a matter of fact, further studies should not be limited to the banking
industry only but should also be extended to other industries as well.
13
REFERENCES
Barton, T. L., Shenkir, W. G., & Walker, P. L. (2002). Making Enterprise Risk Management Pay Off.
USA: Prentice Hall PTR/ Financial Times.
Bessis, J. (2002). Risk Management in Banking. England: John Wiley & Sons, Inc.
Bird, A., & Skinner, T. H. (2005). Enterprise Risk Management Not for You? Wrong. American
Banker, 170(67).
Casualty Actuarial Society (2003), Overview of Enterprise Risk Management, Casualty Actuarial
Society Enterprise Risk Management Committee.
COSO (2004), Enterprise Risk Management – Integrated Framework: Executive Summary.
http://www.coco.org/Publications/ERM/COSO_ERM.ExecutiveSummary.pdf
Deloitte Touche Tohmatsu. (2004). 2004 Global Risk Management Survey.
Fauziah Hanim Tafri (2008), Risk Management Practices and Profitability of Commercial Banks vis-a
vis Islamic Banks. Unpublished doctoral dissertation, International Islamic University Malaysia,
Kulliyah of Economics and Management Sciences.
KPMG International (2004). Ready for Basel II – How Prepared Are Banks?
Lam, James (2000), Enterprise Risk Management and the Role of Chief Risk Officer. ERisk.com
http://www.erisk.com/Learning/Research/011_lamriskoff.pdf retrieved 18/6/08.
Miccolis, J. A., Hively, K., & Merkly, B. W. (2001). Enterprise Risk Management: Trends and
Emerging Practices. USA: The Institute of Internal Auditors Research Foundation.
Warrier, S.R. & Chandrashekhar, P. (2006), Enterprise Risk Management: From the Boardroom to
Shop Floor. Paper presented in the Asia Pacific Risk and Insurance Conference, Tokyo
2006.
14
Table 1
Response to the Survey
Subjects Distributed Received Usable Replies
(n)
Usable Response Rate (%)
Conventional Banks in Malaysia 15 12 12 80%
Islamic Banks in Malaysia 10 8 8 80%
Foreign Islamic Banks (Outside Malaysia) 20 15 14 70%
Total 45 35 34 75.6%
Table 2 The Organizational Culture of the Banks in Terms of Risk Management
According to Types of Bank
Types of Bank
Conventional Banks
Conventional Bank with
Islamic Banking
Islamic Banks Overall
(%) (%) (%) (%) Organizational Culture
Decentralised Approach 12.5 0.0 10.0 8.8
Combination Approach 37.5 100.0 40.0 50.0
Centralised Approach 50.0 0.0 50.0 41.2
Organizational Approach
Top down approach 25.0 0.0 36.8 27.3
Bottom-up approach 0.0 0.0 5.3 3.0
Combination of top-down and
bottom-up approach
75.0 100.0 57.9 69.7
Table 3 Status and Mode of Implementation of ERM Framework
Types of Bank
Conventional Banks
Conventional Banks with
Islamic Banking
Islamic Banks
Overall
(%) (%) (%) (%)
Status of Implementation of ERM
We have a fully implemented ERM
framework currently in place 62.5 66.7 25.0 41.2
We have a partial ERM framework
currently in place 12.5 16.7 40.0 29.4
We do not have ERM framework now, but
we are planning to implement one 25.0 16.7 20.0 20.6
We are investigating the concept of ERM. 0.0 0.0 10.0 5.9
We do not have ERM) framework and we 0.0 0.0 5.0 2.9
APPENDIX I
15
are not planning to implement one
Mode of Implementation of ERM
Globally and holistically 75.0 100.0 29.4 54.8
Incrementally, by business segment 25.0 33.3 41.2 35.5
Incrementally, by region 12.5 16.7 11.8 12.9
Incrementally, by type of risk 0.0 33.3 47.1 32.3
Incrementally, others 0.0 0.0 11.8 6.5
Table 4 Duration of Implementation of ERM Framework According to Types of Bank
Types of Bank
Conventional Banks
Conventional Banks with
Islamic Banking Islamic Banks
Status of Implementation of
ERM No. of Years
(%) (%) (%)
< 1 year 0.0 0.0 0.0
1-2 years 0.0 25.0 20.0
3-4 years 40.0 25.0 40.0
Fully Implemented
ERM Framework
> 5 years 60.0 50.0 40.0
< 1 year 0.0 0.0 0.0
1-2 years 0.0 0.0 87.5
3-4 years 0.0 100.0 12.5
Partially
Implemented ERM
Framework
> 5 years 100.0 0.0 0.0
Table 5 Frequency of Responses for Factors that Motivate ERM
Types of Bank
Motivating Factors Conventional Banks
Conventional Banks with
Islamic Banking
Islamic Banks
Overall
(%) (%) (%) (%)
Deregulation 37.5 33.3 10.5 21.2
Price volatility 50.0 33.3 31.6 36.4
Asset allocation 75.0 50.0 36.8 48.5
Competitive pressure 12.5 66.7 31.6 33.3
Recent catastrophic event 25.0 33.3 15.8 21.2
Desire for earnings stability 62.5 66.7 42.1 51.5
Mandate from Board of Directors 50.0 66.7 36.8 45.5
Compliance with Basel II guidelines 87.5 66.7 94.7 87.9
Compliance with IFSB’s guidelines 0.0 50.0 52.6 39.4
Compliance with Central Bank ’s guidelines 75.0 33.3 89.5 75.8
Desire for unifying framework for risk
assessment
100.0 83.3 73.7 81.8
Desire for unifying framework for capital
management
100.0 83.3 52.6 69.7
16
Table 6 Descriptive Statistics for ERM Potential Benefits
Item N Mean Standard Deviation
t-statistic p-value
Align Risk Appetite and Strategy 32 4.28 0.772 9.390 0.000***
Link Growth, Risk and Return 32 4.38 0.707 11.000 0.000***
Enhance Risk Response Decision 31 4.06 0.629 9.422 0.000***
Minimize Operational Surprises and Loses 32 4.25 0.672 10.522 0.000***
Identify and Manage Cross-Enterprise Risks 31 4.26 0.631 11.105 0.000***
Provide Integrated Response to Multiple
Tasks
31 3.90 0.790 6.368 0.000***
Seize Opportunities 32 3.63 0.833 4.245 0.000***
Rationalize Capital 32 3.97 0.782 7.006 0.000***
Note. ***, **, and * indicate significance at the 1%, 5% and 10% levels, respectively.
Table 7
Frequency of Responses for the Strength of the Primary Drivers to the Bank’s Activities According to the Types of Banks
Type of Bank
Item Type of Banks 1 2 3 4 5
Mean Score
Conventional Bank 1 0.0 0.0 12.5 50.0 37.5 4.25
Conventional Bank 2 0.0 0.0 0.0 33.3 66.7 4.67
Align Risk
Appetite and
Strategy Islamic Bank 0.0 0.0 27.8 27.8 44.4 4.17
Conventional Bank 1 0.0 0.0 12.5 50.0 37.5 4.25
Conventional Bank 2 0.0 0.0 0.0 33.3 66.7 4.67
Link Growth,
Risk and Return
Islamic Bank 0.0 0.0 16.7 33.3 50.0 4.33
Conventional Bank 1 0.0 0.0 12.5 75.0 12.5 4.00
Conventional Bank 2 0.0 0.0 0.0 66.7 33.3 4.33
Enhance Risk
Response
Decision Islamic Bank 0.0 5.9 5.9 70.6 17.6 4.00
Conventional Bank 1 0.0 0.0 25.0 37.5 37.5 4.13
Conventional Bank 2 0.0 0.0 0.0 50.0 50.0 4.50
Minimize
Operational
Surprises and
Loses Islamic Bank 0.0 0.0 11.1 55.6 33.3 4.22
Conventional Bank 1 0.0 0.0 0.0 75.0 25.0 4.25
Conventional Bank 2 0.0 0.0 0.0 50.0 50.0 4.50
Identify and
manage cross-
enterprise risks Islamic Bank 0.0 0.0 17.6 47.1 35.3 4.18
Conventional Bank 1 0.0 0.0 12.5 62.5 25.0 4.13
Conventional Bank 2 0.0 0.0 33.3 33.3 33.3 4.00
Provide
integrated
response to
multiple tasks Islamic Bank 0.0 5.9 29.4 47.1 17.5 3.76
Conventional Bank 1 0.0 0.0 25.0 62.5 12.5 3.87
Conventional Bank 2 0.0 16.7 16.7 33.3 33.3 3.83
Seize
opportunities
Islamic Bank 0.0 5.6 55.6 27.8 11.1 3.44
Conventional Bank 1 0.0 0.0 25.0 37.5 37.5 4.13
Conventional Bank 2 0.0 0.0 0.0 66.7 33.3 4.33
Rationalize
capital
Islamic Bank 0.0 0.0 44.4 33.3 22.2 3.78
Note. Response:
1 = not very strong, 2 = not strong, 3 = neutral, 4 = strong, 5 = very strong
Conventional Bank 1 = Conventional bank without Islamic Banking
Conventional Bank 2 = Conventional bank with Islamic Banking
17
Table 8 Results of ANOVA Test for the Primary Drivers to the Bank’s Activities
According to the Types of Banks
Aspect Type of Banks N Mean F-
Statistics p-
value Conclusion
Conventional Banks 8 4.13
Conventional Banks
with Islamic Banking 6 4.35
ERM Framework
provides benefits
that are primary
drivers to bank’s
activities Islamic Banks 18 3.98
1.096 0.348 No
Difference
Table 9
Level of Strength of the Primary Drivers to the Bank’s ERM Activities According to the Types of Banks
Types of Bank
Conventional Banks
Conventional Banks with
Islamic Banking
Islamic Banks
Aspect Level of Strength
No. % No. % No. %
Low (22 – 28) 2 25.0 0 0.0 5 27.8
Moderate (29 – 35) 6 75.0 6 100.0 13 72.2
Drivers that
motivates the bank’s
ERM Framework High (36 – 42) 0 0.0 0 0.0 0 0.0
Table 10 Frequency of Responses of the Usage of the Risk Management
Procedures Employed According to Types of Bank
Responses (%) Item Type of Banks
1 2 3 4 5 Mean Conventional Bank 1 0.0 0.0 12.5 37.5 50.0 4.37
Conventional Bank 2 0.0 0.0 0.0 33.3 66.7 4.67 1
Islamic Bank 0.0 0.0 36.8 42.1 21.1 3.84
Conventional Bank 1 0.0 12.5 12.5 50.0 25.0 3.88
Conventional Bank 2 0.0 0.0 16.7 16.7 66.7 4.50 2
Islamic Bank 0.0 0.0 26.3 73.7 0.0 3.74
Conventional Bank 1 0.0 12.5 50.0 12.5 25.0 3.50
Conventional Bank 2 0.0 0.0 16.7 33.3 50.0 4.33 3
Islamic Bank 0.0 11.1 38.9 33.3 16.7 3.56
Conventional Bank 1 0.0 0.0 12.5 62.5 25.0 4.25
Conventional Bank 2 0.0 0.0 20.0 20.0 60.0 4.40 4
Islamic Bank 0.0 15.8 36.8 36.8 10.5 3.42
Conventional Bank 1 0.0 0.0 12.5 50.0 37.5 4.25
Conventional Bank 2 0.0 16.7 0.0 33.3 50.0 4.17 5
Islamic Bank 0.0 10.5 63.2 15.8 10.5 3.26
Conventional Bank 1 0.0 0.0 25.0 25.0 50.0 4.25
Conventional Bank 2 0.0 16.7 16.7 16.7 50.0 4.00 6
Islamic Bank 0.0 0.0 52.6 36.8 10.5 3.58
7 Conventional Bank 1 0.0 0.0 50.0 0.0 50.0 4.00
18
Responses (%) Item Type of Banks
1 2 3 4 5 Mean Conventional Bank 2 0.0 0.0 33.3 16.7 50.0 4.17
Islamic Bank 0.0 0.0 57.9 21.1 21.1 3.83
Conventional Bank 1 0.0 0.0 37.5 25.0 37.5 4.00
Conventional Bank 2 0.0 16.7 33.3 16.7 33.3 3.67 8
Islamic Bank 0.0 5.3 68.4 21.1 5.3 3.26
Conventional Bank 1 0.0 12.5 25.0 25.0 37.5 3.88
Conventional Bank 2 0.0 0.0 16.7 16.7 66.7 4.50 9
Islamic Bank 0.0 0.0 57.9 31.6 10.5 3.53
Conventional Bank 1 0.0 0.0 25.0 37.5 37.5 4.13
Conventional Bank 2 0.0 0.0 33.3 33.3 33.3 4.00 10
Islamic Bank 0.0 0.0 63.2 31.6 5.3 3.42
Conventional Bank 1 0.0 12.5 25.0 37.5 25.0 3.75
Conventional Bank 2 0.0 16.7 16.7 0.0 66.7 4.17 11
Islamic Bank 0.0 5.3 73.7 21.1 18.2 3.16
12 Conventional Bank 1 0.0 12.5 12.5 50.0 25.0 3.88
Conventional Bank 2 0.0 16.7 0.0 16.7 66.7 4.33 12
Islamic Bank 0.0 5.3 47.4 47.4 0.0 3.42
Conventional Bank 1 0.0 0.0 12.5 62.5 25.0 4.13
Conventional Bank 2 0.0 0.0 16.7 50.0 33.3 4.17 13
Islamic Bank 5.3 10.5 42.1 36.8 5.3 3.26
Conventional Bank 1 0.0 0.0 28.6 42.9 28.6 4.00
Conventional Bank 2 0.0 0.0 50.0 33.3 16.7 3.67 14
Islamic Bank 5.3 15.8 52.6 21.1 5.3 3.05
Conventional Bank 1 0.0 0.0 12.5 50.0 37.5 4.25
Conventional Bank 2 0.0 0.0 0.0 33.3 66.7 4.67 15
Islamic Bank
0.0 10.5 36.8 47.4 5.3 3.47
Conventional Bank 1 0.0 0.0 12.5 37.5 50.0 4.37
Conventional Bank 2 0.0 0.0 16.7 16.7 66.7 4.50 16
Islamic Bank 0.0 0.0 52.6 26.3 21.1 3.68
Note. Response:
1 = no plan to use, 2 = do not use, 3 = plan to use, 4 = somewhat used, 5 = extensively used
Conventional Bank 1 = Conventional bank without Islamic Banking
Conventional Bank 2 = Conventional bank with Islamic Banking
Item:
1 Conducting Formal, Firm-Wide Risk Identification
2 Ranking the materiality of individual risks from a firm-wide perspectives
3 Consolidating the ranking of various risks using a common metric
4 Incorporating formal risk assessment into the bank's due diligence process for mergers, acquisition or
major investments
5 Using probabilistic modeling techniques to measure relevant risks
6 Measuring portfolio effect or diversification benefit of combining independent and/or negatively
correlated risks
7 Using economic capital as capital allocation
8 Calculating economic capital using RAROC
9 Evaluating performance of your risk management strategies in light of your risk/return requirements
10 Using portfolio enhancement techniques
11 Incorporating risk management into your personnel management and/or executive compensation programs
12 Implementing risk management programs through formal change management approaches
13 Exploiting integrated risk financing products (e.g. insurance/capital market solution)
14 Securitizing risks
15 Delegating risk assessments and response duties to operating units
16 Using a coherent framework to guide the above activities
19
Table 11 Results of ANOVA Test for Usage of the Risk Management Procedures According to Types of Banks
Aspect Type of Banks N Mean F-
Statistics p-value Conclusion
Conventional Banks 8 4.05
Conventional Banks
with Islamic Banking 6 4.23
Usage of the
Risk
Management
Procedures Islamic Bank 19 3.46
6.763 0.004*** Significant
Difference
Note. ***, **, and * indicate significance at the 1%, 5% and 10% levels, respectively.
Table 12 Result of LSD Test for Usage of the Risk Management Procedures
LSD Test Type of Banks Conventional Banks
Conventional Banks with
Islamic Banking
Islamic Banks
Conventional Banks 1.000 0.531 0.012*
Conventional Banks
with Islamic Banking 0.531 1.000 0.004*
Usage of the Risk
Management
Procedures Islamic Bank 0.012* 0.004* 1.000
Note. ***, **, and * indicate significance at the 1%, 5% and 10% levels, respectively.
Table 13 Descriptive Statistics for the level of Adequacy of Risk Management Tools and Systems of the Banks
No. Statement n Mean Std Dev
t-
stats p-value
1. Bank’s on going risk monitoring and
periodic reporting capabilities 34 3.76 0.819 5.447 0.000***
2.
Bank’s on going risk monitoring and real-
time reporting on changing conditions
capabilities
34 3.53 1.022 3.020 0.005***
3.
Your bank’s internal communication
channels in the risk management process? 34 3.79 0.845 5.480 0.000***
4.
Your bank’s external communication
channels in the risk management process? 34 3.59 0.821 4.179 0.000***
5.
IT professionals with relevant expertise in
process integration and risk analytics 34 3.12 0.844 0.812 0.422
6.
Capacity of human capital in highly
technical area of risk measurement 34 3.15 0.958 0.895 0.377
7.
Capability of human capital in highly
technical area of risk measurement 34 3.29 0.970 1.768 0.086*
8.
Bank’s on going training of human capital
in technical areas of risk management. 34 3.62 0.922 3.908 0.000***
9.
Bank’s on going training of human capital
on Islamic business ethics and work culture 32 3.38 0.907 2.339 0.026**
10.
Bank’s employees understanding of the
different types of bank’s risks 33 3.39 0.966 2.342 0.026**
20
No. Statement n Mean Std Dev
t-
stats p-value
11. IT systems to cater for each Islamic
instruments 32 2.75 0.803 -1.761 0.088*
Note. ***, **, and * indicate significance at the 1%, 5% and 10% levels, respectively.
Table 14 Percentage of Responses to the Level of Adequacy of Risk Management Tools and Systems in the Banks
Responses (%)
Statement Type of Banks 1 2 3 4 5
Mean
Conventional Bank 1 0.0 0.0 12.5 75.0 12.5 4.00
Conventional Bank 2 0.0 0.0 0.0 66.7 33.3 4.33
Bank’s on going risk
monitoring and periodic
reporting capabilities Islamic Bank 0.0 15.0 30.0 45.0 10.0 3.50
Conventional Bank 1 0.0 12.5 25.0 37.5 25.0 3.75
Conventional Bank 2 0.0 0.0 0.0 66.7 33.3 3.83
Bank’s on going risk
monitoring and real-time
reporting on changing
conditions capabilities Islamic Bank 0.0 15.0 30.0 45.0 10.0 3.35
Conventional Bank 1 0.0 0.0 25.0 50.0 25.0 4.00
Conventional Bank 2 0.0 0.0 16.7 33.3 50.0 4.33
Bank’s internal
communication channels
in the risk management
process Islamic Bank 0.0 10.0 35.0 45.0 10.0 3.55
Conventional Bank 1 0.0 0.0 37.5 62.5 0.0 3.62
Conventional Bank 2 0.0 0.0 16.7 50.0 33.3 4.17
Bank’s external
communication channels
in the risk management
process Islamic Bank 0.0 15.0 40.0 35.0 10.0 3.40
Conventional Bank 1 0.0 0.0 62.5 25.0 12.5 3.50
Conventional Bank 2 0.0 33.3 16.7 50.0 0.0 3.17
IT professionals with
relevant expertise in
process integration and
risk analytics Islamic Bank 0.0 30.0 50.0 15.0 5.0 2.95
Conventional Bank 1 0.0 12.5 37.5 37.5 12.5 3.50
Conventional Bank 2 0.0 33.3 0.0 50.0 16.7 3.50
Capacity of human
capital in highly
technical area of risk
measurement Islamic Bank 0.0 35.0 45.0 15.0 5.0 2.90
Conventional Bank 1 0.0 12.5 25.0 50.0 12.5 3.63
Conventional Bank 2 0.0 33.3 0.0 66.7 0.0 3.33
Capability of human
capital in highly
technical area of risk
measurement Islamic Bank 0.0 30.0 35.0 25.0 10.0 3.15
Conventional Bank 1 0.0 0.0 37.5 37.5 25.0 3.88
Conventional Bank 2 0.0 33.3 0.0 66.7 0.0 3.33
Bank’s on going training
of human capital in
technical areas of risk
management. Islamic Bank 0.0 10.0 40.0 30.0 20.0 3.60
Conventional Bank 1 0.0 33.3 50.0 16.7 0.0 2.83
Conventional Bank 2 0.0 16.7 16.7 66.7 0.0 3.50
Bank’s on going training
of human capital on
Islamic business ethics
and work culture Islamic Bank 0.0 15.0 35.0 35.0 15.0 3.50
Conventional Bank 1 0.0 0.0 25.0 50.0 25.0 4.00
Conventional Bank 2 0.0 33.3 0.0 66.7 0.0 3.33
Bank’s employees
understanding of the
different types of bank’s
risks Islamic Bank 5.3 10.5 57.9 15.8 0.0 3.16
Conventional Bank 1 0.0 33.3 66.7 0.0 0.0 2.67 IT systems to cater for
each Islamic instruments Conventional Bank 2 16.7 16.7 33.3 33.3 0.0 2.83
21
Responses (%) Statement Type of Banks
1 2 3 4 5 Mean
Islamic Bank 0.0 40.0 50.0 5.0 0.0 2.75
Note. Response:
1 = not concern, 2 = least concern, 3 = concern, 4 = great concern, 5 = greatest concern
Conventional Bank 1 = Conventional bank without Islamic Banking
Conventional Bank 2 = Conventional bank with Islamic Banking
Table 15 Level of Adequacy of the Risk Management Tools and Systems Regarding the Risk Management
Practices of the Banks.
Conventional Banks
Conventional Banks with
Islamic Banking Islamic Banks
Factor Level of Adequacy
n. % n % n %
Low (21 – 32) 0 0.0 1 16.7 5 25.0
Moderate (33 – 44) 7 87.5 3 50.0 12 60.0 Risk Management
Tools and Systems
High (45 -56) 1 12.5 2 33.3 3 15.0
Table 16 Result of ANOVA Test of the Adequacy of risk management Tools, and Systems
With Regards to the Risk Management Practices in Banks
Issue Type of Banks N Mean F-
Statistics p-
value Conclusion
Conventional Bank 8 3.65
Conventional Banks with
Islamic Banking 6 3.61
Adequacy of
Risk
Management
Tools and
Systems Islamic Bank 20 3.26
1.092 0.348 No
Difference
22
Survey Questions on ERM
1. What is the organizational approach of risk management embraced by
your organization?
Decentralized approach Combination approach
Centralized approach
2. What is the organizational culture of your bank in terms of risk management?
Top-Down Approach Bottom-Up Approach
Combination of Top-Down Approach and Bottom-Up Approach
3. What is the percentage of total employees principally assigned to risk management
tasks?
% 4. With reference to question 3, what is the proportion assigned to the following risk?
Credit Risk: % Market Risk: % Operational Risk: %
5. Who accepts the overall responsibility for managing risk in the bank? (Please tick
all that apply)
Board of Directors
Board Level Risk Committee
Chief Risk Officer
Management Level Risk Committee
Chief Executive Officer
Head of Business Units
Chief Financial Officer
Internal Auditor
Independent Risk Oversight (IRO)
Other (please specify)
6. Please indicate your managerial and/or board committees that regularly deal with
risk management and compliance issues. (Please tick all that apply)
Audit Committee Risk Management Committee
Investment committee Asset/Liability management committee
Executive committee Compliance/market conduct committee
Other (please specify)
APPENDIX II
23
7. How are your various risk management and compliance committees/activities coordinated overall? (Please tick all that apply)
Report to single executive officer (please specify which officer)
Chief Executive Officer (CEO)
Chief Financial Officer (CFO)
Chief Risk Officer (CRO)
Chief Auditor
Chief Legal Officer
Other (please specify)
Activities guided by board mandate
Other (please specify)
Not coordinated or informal coordination
8. Which of the following best describes the status of your bank’s risk management
framework (Please tick one).
We have a fully implemented Enterprise-Wide Risk Management (ERM)
framework currently in place
We have a partial Enterprise-Wide Risk Management (ERM) framework
currently in place
We do not have an Enterprise-Wide Risk Management (ERM) framework now,
but we are planning to implement one (please go to question 10)
We are investigating the concept of Enterprise-Wide Risk Management (ERM).
(please go to question 11)
We do not have an Enterprise-Wide Risk Management (ERM) framework and
we are not planning to implement one (please go to question 14)
9. How long have your organization been operating under this framework (Please tick
one)
Less than a year One or two years
Three or four years Five years or more
10. How did you implement, or how do you plan to implement, your Enterprise-Wide Risk
Management (ERM) activities? (Please tick all that apply)
Globally and holistically Incrementally, by business segment
Incrementally, by region Incrementally, by type of risk
Incrementally, others
24
11. What motivated your Enterprise-Wide Risk Management (ERM) activity? (Please tick
all that apply)
Deregulation
Price volatility
Asset allocation,
Competitive pressure
Recent catastrophic event
Desire for earnings stability
Mandate from Board of Directors
Compliance with Basel II guidelines
Compliance with IFSB’s guidelines
Compliance with Central Bank ’s guidelines
Desire for unifying framework for risk assessment
Desire for unifying framework for capital management
Other (please specify)
12. The Enterprise-Wide Risk Management (ERM) framework provides several potential benefits. The following benefits are ‘primary drivers’ (i.e. motivates management) to your bank’s activities. Please indicate the strength of the driver by circling the appropriate number based on the following scale:
Not very strong
Not strong Neutral Strong Very Strong
1 2 3 4 5
a. Align risk appetite and strategy 1 2 3 4 5
b. Link growth, risk and return 1 2 3 4 5
c. Enhance risk response decision 1 2 3 4 5
d. Minimize operational surprises and losses 1 2 3 4 5
e. Identify and manage cross-enterprise risks 1 2 3 4 5
f. Provide integrated response to multiple tasks 1 2 3 4 5
g. Seize opportunities 1 2 3 4 5
h. Rationalize capital 1 2 3 4 5
25
For question 13, please identify the level of extensiveness of the usage of the risk management procedures employed by your bank by circling/highlighting the appropriate number using the following coding:
No plan to use
Do not use Plan to use Somewhat used
Extensively used
1 2 3 4 5
13. How extensiveness is the usage of the risk management procedure listed below?
a. Conducting formal, firm-wide risk identification 1 2 3 4 5
b. Ranking the materiality of individual risks from a 1 2 3 4 5
firm-wide perspective
c. Consolidating the ranking of various risks using a 1 2 3 4 5
common metric
d. Incorporating formal risk assessment into the 1 2 3 4 5
bank’s due diligence process for mergers, acquisition
or major investments
e. Using probabilistic modeling techniques to measure 1 2 3 4 5
relevant risks
f. Measuring the portfolio effect or diversification 1 2 3 4 5
benefit of combining independent and/or negatively
correlated risks (i.e., natural hedges)
g. Using economic capital as capital allocation 1 2 3 4 5
h. Calculating economic capital using RAROC 1 2 3 4 5
i. Evaluating performance of your risk management 1 2 3 4 5
strategies in light of your risk/return requirements
j. Using portfolio enhancement techniques 1 2 3 4 5
k. Incorporating risk management into your personnel 1 2 3 4 5
management and/or executive compensation programs
l. Implementing risk management programs through 1 2 3 4 5
formal change management approaches
m. Exploiting integrated risk financing products (e.g. 1 2 3 4 5
insurance/ capital markets solution)
n. Securitizing risks 1 2 3 4 5
o. Delegating risk assessments and response duties to 1 2 3 4 5
operating units
p. Using a coherent framework to guide the above 1 2 3 4 5
activities