Back Custom print Link Text Only Rich Text Print

  • CM-1.2 CM-1.2 Credit Risk Management Framework

    • CM-1.2.1

      Conventional bank licensees must establish a credit risk management unit (CRMU) within their organisational structure which will be responsible for identification, assessment, measurement, monitoring and controlling of credit risk inherent in the entire credit portfolios, as well as credit risk in individual credit exposures. The credit risk management framework must consider the relationship between credit risk and other risks.

      Added: June 2022

    • CM-1.2.2

      The CRMU must be independent and must ensure that it undertakes the credit risk management activities with no influence from business functions responsible for credit underwriting.

      Added: June 2022

    • CM-1.2.3

      The CRMU should not have management or financial responsibility related to credit operational business line or revenue generating functions.

      Added: June 2022

    • The Role of the Board of Directors

      • CM-1.2.4

        The Board of Directors of the conventional bank licensee is responsible for ensuring that the licensee has an effective CRMU and for approving and regularly reviewing, at least every two years, its credit risk policies, credit risk appetite and limits framework. Amendments made to such documents must also be approved by the Board. The Board may delegate some of its functions, such as approval of policies, amendments to policies and periodic reviews to a designated Board committee.

        Added: June 2022

      • CM-1.2.5

        Effective credit risk management is imperative to optimise the licensee’s risk-adjusted rate of return by maintaining credit risk exposure within acceptable parameters. A risk appetite statement is a written articulation of the aggregated level and types of risk exposures that the licensee will accept, or avoid, in order to achieve its business objectives.

        Added: June 2022

      • CM-1.2.6

        The Board must ensure that the credit risk policies cover all activities of the conventional bank licensee in which it incurs credit risk. The Board must also determine that the licensee’s capital level is adequate for the risks assumed throughout the entire organisation or group.

        Added: June 2022

      • CM-1.2.7

        The credit risk policy must document the licensee’s willingness to grant credit based on exposure type (commercial, consumer, real estate etc.), economic sector, geographical location, product, currency, maturity and anticipated profitability. This might also include the identification of target markets and the overall characteristics that the conventional bank licensee would want to achieve in its credit portfolio (including levels of diversification and concentration tolerances).

        Added: June 2022

      • CM-1.2.8

        The Board must ensure that the credit risk appetite framework delineates the delegated powers, lines of responsibility and accountability over credit risk management decisions, and must clearly define authorised instruments, hedging strategies and risk-taking opportunities.

        Added: June 2022

      • CM-1.2.9

        The Board must assess whether the conventional bank licensee is operating within the boundaries of the credit risk appetite and limits framework approved by the Board.

        Added: June 2022

      • CM-1.2.10

        The Board must ensure that it receives adequate management information reports and exception reports to meet its oversight requirements to monitor adherence to the licensee’s risk tolerance/appetite/limits. The Board must regularly evaluate whether it is receiving the right balance of detail and quantitative versus qualitative information.

        Added: June 2022

      • CM-1.2.11

        The Board must approve the structure in which the conventional bank licensee will organise its credit-granting functions, including independent review of the credit granting process and the overall portfolio.

        Added: June 2022

      • CM-1.2.12

        For branches of foreign bank licensees where no Board/Audit Committee exists, all references to the Board/Audit Committee should be interpreted as the Group Chief Risk Officer or equivalent person who has direct access or reports to the Board or Audit Committee of the parent bank, unless alternative structures that satisfy the primary objectives of such oversight are in place.

        Added: June 2022

    • The Role of the Senior Management

      • CM-1.2.13

        Senior management of the conventional bank licensee is responsible for developing, implementing and approving sound credit risk procedures in accordance with credit risk policies approved by the Board.

        Added: June 2022

      • CM-1.2.14

        Senior management must determine that the staff involved in any credit relationship, whether established or new, basic or complex, have the necessary knowledge, skill sets, experience and are fully capable of ensuring the relationship meets the highest standards and in compliance with the licensee’s policies and procedures.

        Added: June 2022

      • CM-1.2.15

        Senior management must ensure that risk monitoring systems are in place for effectively undertaking the activities of credit risk management.

        Added: June 2022

    • Credit Risk Policy and Procedures

      • CM-1.2.16

        A properly documented credit risk policy is an essential element of, and a prerequisite for, the credit risk management process. Consistent with the Board's objectives, it assists licensee’s management in the maintenance of proper credit standards and the avoidance of unnecessary risks. Additionally, periodic internal assessment should be undertaken by the internal audit. In the case of branches of foreign banks, the credit policy, limits and the procedures are normally those that are approved by the Head Office/Regional Office.

        Added: June 2022

      • CM-1.2.17

        Senior management, based on the approved credit risk policy, must develop credit risk procedures for identifying, measuring, monitoring and controlling credit risk. The procedures must address credit risk in all of the conventional bank licensee’s activities, and at both the individual credit and portfolio levels.

        Added: June 2022

      • CM-1.2.18

        Explicit guidelines in the credit risk policy provide the basis for effective credit risk management. A sound credit risk policy should consider which types of credit products and borrowers the licensee is looking for, and the underwriting standards the licensee will utilize.

        Added: June 2022

      • CM-1.2.19

        Conventional bank licensee’s credit risk framework must address all credit and credit risk related activities throughout the credit lifecycle covering matters of significance including, but not limited to:

        (a) Organisation and reporting structure of the credit risk function/activities;
        (b) Delegation of authority;
        (c) Role of credit committee and Board risk committee;
        (d) Designated markets and products;
        (e) Credit limit framework;
        (f) Desirable pricing levels and criteria;
        (g) Policy on country and transfer risks;
        (h) Credit granting criteria and authorisation procedures for the advancement of credit, including exceptions to set criteria and limits;
        (i) Credit risk analysis, reviews and credit risk ratings;
        (j) Assessment of concentration;
        (k) Large exposure policy;
        (l) Lending to connected counterparties;
        (m) Problem credit identification, remediation and administration;
        (n) Policies and procedures on write-offs and recoveries;
        (o) Monitoring and reporting.
        Added: June 2022

      • CM-1.2.20

        Conventional bank licensees must operate within sound, well-defined credit-granting criteria. These criteria must include a clear indication of the licensee’s target market and a thorough understanding of the borrower or counterparty, as well as the purpose and structure of the credit and its source of repayment. In addition, the criteria must set out who is eligible for credit and for how much, what types of credit are available, and under what terms and conditions the credit may be granted.

        Added: June 2022

      • CM-1.2.21

        In the case of branches of foreign bank licensees, the credit policies, credit limits and the procedures are those that are approved by the Head Office/Regional office.

        Added: June 2022

    • Effectiveness of Internal Control System

      • CM-1.2.22

        An effective internal control system for credit risk assessment and measurement is essential to enable senior management to carry out its duties. An effective internal control system must include:

        (a) Measures to comply with applicable laws, regulations and internal policies and procedures;
        (b) Measures to provide oversight of the integrity of information used and to reasonably ensure that the allowances reflected in the licensee’s financial statements and its supervisory reports are prepared in accordance with the applicable accounting framework and relevant supervisory guidance;
        (c) Well-defined credit risk assessment and measurement processes that are independent from (while taking appropriate account of) the lending function and include:
        (i) An effective credit risk rating/ scoring system that is consistently applied, accurately grades differing credit risk characteristics, identifies changes in credit risk on a timely basis, and prompts appropriate action;
        (ii) An effective process which ensures that all relevant/reasonable and supportable information, including forward-looking information, is appropriately considered in assessing and measuring expected credit loss (‘ECL’). This includes maintaining appropriate reports, details of reviews performed and identification and descriptions of the roles and responsibilities of the personnel involved;
        (iii) An assessment policy that ensures ECL measurement occurs not just at the individual lending exposure level, but also when necessary to appropriately measure ECL at the collective portfolio level by grouping exposures based on identified shared credit risk characteristics;
        (iv) An effective model validation process to ensure that the credit risk assessment and measurement models, including ECL models, are able to generate accurate, consistent and unbiased predictive estimates on an ongoing basis. This includes establishing policies and procedures which set out the accountability and reporting structure of the model validation process, internal standards for assessing and approving changes to the models and reporting of the outcome of the model validation (see also Paragraph CM-1.4.10);
        (v) Clear formal communication and coordination among the licensee’s credit risk staff, financial reporting staff, senior management, the Board and others who are involved in the credit risk assessment and measurement process for an ECL accounting framework, as applicable (e.g. evidenced by written policies and procedures, management reports and committee minutes); and
        (d) An internal audit function that independently evaluates the effectiveness of the licensee’s credit risk management framework, and in particular, assessment and measurement systems, models and processes, including the credit risk rating system. Refer to HC-6.5.
        Added: June 2022

      • CM-1.2.23

        Conventional bank licensees must ensure that the credit risk policy establishes the objectives that guide the licensee’s credit-granting activities.

        Added: June 2022

      • CM-1.2.24

        The credit risk policy must give recognition to the goals of credit quality, earnings quality and sustainability and growth. Conventional bank licensees, regardless of their size, must determine the acceptable risk/reward trade-off for their activities, factoring in the cost of capital.

        Added: June 2022

      • CM-1.2.25

        The credit risk appetite/limits framework of conventional bank licensees must take into consideration the cyclical aspects of the economy and the resulting shifts in the composition and quality of the overall credit portfolio. The credit granting criteria must be periodically assessed and amended and it must be viable in the long-run and through various economic cycles. The credit risk procedures must be reviewed at least once every three years or more frequently as may be necessary if there are changes in internal or regulatory requirements.

        Added: June 2022

      • CM-1.2.26

        The credit granting criteria must be designed and implemented within the context of internal and external factors, such as the licensee’s market position, trade area, staff capabilities and technology.

        Added: June 2022

      • CM-1.2.27

        Conventional bank licensees must have a clearly defined credit risk appetite statement which is implemented through comprehensive policies and procedures for limiting and controlling credit risk. Conventional bank licensees must also establish credit limits in a meaningful manner for different types of exposures, both on and off-balance sheet.

        Added: June 2022

      • CM-1.2.28

        Bahraini conventional bank licensees must consider the results of stress testing in the overall limit setting and monitoring process. Such stress testing must take into consideration economic cycles, interest rates and other market movements and liquidity conditions.

        Added: June 2022

    • Country and Transfer Risks

      • CM-1.2.29

        Conventional bank licensees must set out their policy on country and transfer risks within their Board approved credit risk policy. Such policy must include:

        (a) the risk appetite/tolerance levels for country and transfer risks;
        (b) country exposure limits;
        (c) basis and frequency for periodic reviews and assessments;
        (d) the criteria for downgrading a country exposure from Stage 1 to Stages 2 or 3, and related provisioning policy; and
        (e) the policy for recategorization of exposure to a higher grade.
        Amended: October 2022
        Added: June 2022

      • CM-1.2.30

        Country risk is the exposure to a loss in cross-border lending, caused by events in the country to which the licensee has exposure and includes all forms of lending whether to the government, a bank, a private enterprise or an individual. Country risk is therefore a broader concept than sovereign risk, which is restricted to the risk of lending to the government of a sovereign nation. Transfer risk, on the other hand, represents the risk of loss due to repatriation or remittance restrictions imposed by a foreign government that make it impossible to remit, fully or partially, the proceeds of debt owed to the licensee.

        Added: June 2022

      • CM-1.2.31

        In the case of exposure to borrowers, conventional bank licensees must examine any associated country and transfer risks keeping in view factors such as domicile of the counterparty, the legal structure of the counterparty, the existence of special purpose vehicles, conduits and/ or other related factors that may affect the transferability of proceeds of repayment.

        Added: June 2022

      • CM-1.2.32

        Branches of foreign bank licensees must satisfy the CBB that equivalent arrangements are in place at the parent entity level, otherwise a policy is required in line with Paragraph CM-1.2.28.

        Added: June 2022

      • CM-1.2.33

        Branches of foreign bank licensees are normally subject to country limits that are set at a global level by the head office or by the regional office. The branch should be able to demonstrate that it is subject to limits imposed on it by the head office or regional office as appropriate.

        Added: June 2022