November 09, 2017

Rate This Article
1 Star2 Stars3 Stars4 Stars5 Stars (2 Votes, Average Rating: 3.50 out of 5)

Current Risk Management Position In India

- Sonjai Kumar, CMIRM, Certified Member of IRM, London, Vice-President (Business Risk) [ Aviva India Life Insurance ]

Sonjai Kumar

Sonjai Kumar is currently working in Aviva Life Insurance Company India Ltd as Vice President (Business risk) in the Risk Management Department for over five years. He is providing oversight risk management in the areas of Insurance and Financial risk. His role also includes providing oversight risk management in the area of operational risk in the financial area.
+91-9810389622, +91-9971529922
New Delhi, India

The risk management function is set to become increasingly important over the next decade where shareholders will look to add value to their business and protect customers

This article covers the current risk management position in India and looks into the future from an opportunities’ point of view in the area of risk management. Key points discussed in the article are drivers of risk management, current corporate governance practices, challenges in the implementation of risk management and emerging future opportunities. The article looks into the present risk management position and advocates that there are plenty of opportunities in this field in time to come.

Corporate Governance Guidelines

Human existence is fraught with future uncertainties and managing the same in your own way is not something new, however, in recent times, with successive failure of businesses across the globe, there is greater focus on management of risk. The series of changes made to corporate governance guidelines across the globe is a testimony of the seriousness shown by different regulatory authorities. Some of the recent changes brought up by regulatory authorities across the globe are risk-based capital provision in the banking and insurance sector. The focus of different regulatory bodies has increased on setting up of Risk Management Committees and strengthening the role of these committees in providing risk oversight. It has been realized that risks cannot be eliminated but can only be managed, so their identification is a key step in the process of risk management. The recent changes in corporate governance guidelines made in Indian financial institutions are as follows:

  • IRDA (Insurance Regulatory and Development Authority) - 2016 Corporate Governance Guidelines are sharper and have described the objectives of risk management committee. The guidelines also state that certain positions cannot be helped by the same individual due to conflict of interest.
  • Reserve Bank of India - governs the risk management activities for Indian Banks.
  • SEBI (Security Exchange Board of India) - 2015 Corporate Governance Guidelines for listing companies. In 2017, SEBI has issued a circular on Board evaluation.
  • Company Laws - 2013 Company law requires having risk management assessment by the Board.

What is risk management?

Risk management is a proactive step of identification of risks, assessing their impact, and preparing an action plan should such risks occur in reality. Risk management is not just about identifying the risks; management action is an integral part of the process. Stressing the same point, the Chinese President quoted while addressing the National Financial Conference that “Failure to detect financial risk is a breach of duty; spotting risks without addressing them, a refusal to perform the duty”.

It is important to understand that risk management through a silo approach is no longer sufficient where risk management is performed by a few departments only. In the Enterprise Risk Management (ERM) concept, risk management is performed across the organization where every employee is a risk manager. The silo approach to risk management does not work as risks are highly correlated and cannot be segmented and managed independently. There is also a higher cost of management of risk if handled independently as the benefit of diversification does not come into force.

What does risk management do?

In business, risk identification not only helps in proactive action but also helps in giving risk diversification, better risk transfer to the third party, better allocation of capital, and enhancing the value of the Company including stabilization of flow of income.

  • Diversification effect - Many risks are correlated, so, managing one risk also helps in reducing another risk. In the insurance sector, when the lapse risks (policyholder leaving the portfolio earlier than expected) are reduced, this helps in reducing the claim risks as well.
  • Better risk transfer - Identification of risks helps in identifying those risks which the Company may not manage and need transfer to the third party. Example, derivative products.
  • Better allocation of capital - Risk management helps in the better deployment of capital based on the riskreturn ratio.
  • Impact on the valuation of the Company - For listed Companies, risk management helps in improving the share price and overall valuation of the Company.
  • Reduce earnings’ volatility - Reducing earnings’ volatility helps in stabilizing the steady flow of income.

It is imperative that risk management facilitates benefits to organizations which practice it; however, it has been seen that there are practical challenges in the Indian market in its implementation.

Challenges in the Indian Market

The ERM in India is a relatively new concept where its implementation in some sectors has been made to meet minimum regulatory requirements. There are challenges in fully implementing ERM across different financial sectors; some of those challenges are discussed below:

  • Risk culture is not mature in India to fully implement the ERM; the behavior towards acceptance of risk has an element of reluctance; this may be driven by the attitude of not accepting the existence of risk. Such attitude could further be the output of audit mindset where audit findings are considered as a gap in the process. More research is needed in this area to find out the real reasons. The point to understand is that risk identification is not a gap because identifying the risks only help in locating the pitfalls that may come in the way of achievement of the business objective. Risk management is not a deterrent but an enabler.
  • The current business culture in India focuses on rewards based on year-on-year growth of the business; western markets, on the contrary, have elements of effectiveness of risk management as well as the growth factor in the reward structure. Such inclusion of controls will not only help in boosting the bottom line but also in creating the right risk culture within the organization.
  • Very few business organizations in India are using statistical models to project future scenarios and apply stress testing to look into the anticipated future and preempt the risks. Scenario and Stress Testing (SST) is becoming a very strong tool to assess the resilience of the business against various economic and demographic variables.
  • Currently, in many organizations, strategy and risk management are not integrated which results in strategy failing. Strategic risk management helps in keeping the strategy agile based on emerging market conditions.
  • Apart from these technical gaps, there are also shortages of qualified risk professionals; this is further aggravated by lack of quality risk management institutions to deliver risk education. Many B-Schools in India are yet to include risk management courses in their core curriculum. This however, is prevalent globally.
  • Most of the corporate governance guidelines issued in recent years have strengthened the role of the Board in providing risk management oversight. The 2008 economic crisis highlighted many gaps in providing risk oversight at the Board level that may be used as a reference point.

Future Opportunities

The application of risk management in India is likely to rise due to regulatory requirements by different financial regulators and requirement under Company law, where the Board is to report development and implementation of risk management policies.

Risk management in India is new, but it is going to stay because all financial regulators have recommended setting up a Risk Management Committee as part of the corporate governance process. This includes the establishment of separate risk management function within the Company headed by the Chief Risk Officer. The role of risk management function is a part of the three lines of defense model, where the first line of defense is the function which runs the business and does the operational management within the Company including owning the risk and its management. The second line of defense is the risk management function that provides the oversight and challenge on the risks identified by the first line of defense. The third line of defense is the Audit function that provides the assurance on the effectiveness of the risk management process and controls.

The SEBI has a listing requirement that top 100 listed companies must have a risk management committee, the 100 listed entities are determined on the basis of market capitalization at the end of the immediate previous financial year. On all the listed companies, the risk management practice of oversight is likely to increase because any adverse news about the Company may impact share price.

The Reserve Bank of India issued guidelines on Basel- III reforms on capital regulation in May 2012, to the extent applicable to banks operating in India. The Basel-III capital regulations have been implemented from April 1, 2013 in India in phases and will be fully implemented by March 2019. The Basel reform is based on a capital calculation based on the risks that banks undertake, so any bank taking undue risks will have a higher capital requirement. If risks are managed well, the bank will be benefited through optimal capital requirement; and that is where risk management will add value. It can be concluded that the application of risk management in the banking sector is likely to increase manifold.

Similarly, to make the insurance sector in India more resilient to internal and external changes, the insurance regulator, IRDA has set up a committee on risk-based capital which has given its report. Further communication from the insurance regulator in this regard is expected in the future. Post implementation of the risk-based capital regime in India, the application of risk management will rise as this will directly impact the shareholders’ optimization of capital.

Apart from these highly regulated financial industries in India, the requirement of risk management under Company law 2013 will further increase application of risk management across different sectors.

It is evident that risk management in the next decade will be a tool that shareholders will look into to add value to their business and protection of customers.

Disclaimer – The views expressed in this article are the personal views of the author and are purely informative in nature.

Related Post

follow us

Publication & Enquiries

phone icon  +91 8879635570/8879635571

mail icon