Comprehensive Risk Management
The Board of Directors approves the business operations plan proposed by the Management Committee and determines the risks acceptable to the Group in view of the Bank’s capital and profit targets to be achieved. The Bank’s risk management operations are conducted by the Management Committee, the Asset and Liability Committee, the Integrated Risk Policy Committee, the Credit Committee, the Investment Committee, and the New Business/Product Committee. The Board of Directors is committed to maintaining appropriate corporate governance and business operations by approving material decisions by each committee, and receiving regular reports on risk management.
Comprehensive Risk Management System
Risk management is the process of controlling risks associated with the Bank’s business operations within the Bank’s capital, as determined by the Board of Directors. Acknowledging the importance of risk management activities, the Aozora Bank Group has established a basic policy on comprehensive risk management designed to properly measure and control each risk separately and the overall risk in an integrated manner. As the core components of the Group’s risk management structure, we have established a number of risk management committees which have authority delegated to them by the Board of Directors in order to implement risk management activities. Any important matters concerning risk management are determined and implemented after careful examination and active discussion by appropriate committees and the Risk Management Group. The basic policy on comprehensive risk management sets out the scope of target risk categories such as credit risk, market risk and operational risk, and their definitions. The policy also defines the risk management procedures which consist of the identification, assessment, monitoring and controls of the target risks. The Group is committed to managing risk according to its basic policy and improving its risk management system through the establishment of a risk management enhancement plan.
Capital Management System
One of the most important challenges for the Aozora Bank Group is increasing capital efficiency while securing financial soundness. Therefore, the establishment of an appropriate capital management system is one of the top priorities.
Capital management is comprised of risk capital management, namely economic capital management and regulatory capital management. The objectives of risk capital management are to control the Bank’s business size by allocating economic capital to individual business lines according to their characteristics and risk categories after setting certain limits on the total amount of capital.This allocation is carried out from the perspective of maintaining the financial soundness of the Bank and also to continuously secure adequate capital corresponding to the risk involved. Regulatory capital management is intended to ensure the minimum required capital for regulatory capital purposes and to conduct comparative verifications against the target capital ratios.
<Internal Capital Adequacy and Assessment Process>
An internal capital adequacy and assessment process is in place to ensure the adequacy of capital reserves against risk by monitoring the total capital amount for the fiscal year and the actual risk profile. The Group assesses its internal capital adequacy by periodically monitoring the risk capital and the risk capital usage through a comparison with capital (Tier 1) for the year and also by conducting stress tests whereby the Bank analyzes the effects of an estimated amount of loss in the event of extreme economic environment change on its capital position. Aozora Bank estimates risk capital for the major risks, i.e., credit, market, and operational risks using the following methodologies. Our approach for measuring the risk capital of credit risk is based on the concept of unexpected loss (credit value at risk).
First, we estimate probability of default (PD) rates based on our internal ratings transition analyses, recovery rates of loss given default (LGD) by collateral type and default correlations, and then calculate credit value at risk with a confidence level of 99.9% and a one-year holding period.The calculated credit value at risk corresponds to risk capital. We employ a VaR approach for the measurement of risk capital for market risk. The risk capital is estimated with a confidence level of 99.9% and the following holding period, depending on the business characteristics and liquidity of the asset:
| Trading | 10 days |
|---|---|
| ALM | 21 or 60 days |
| Investments | 21 to 250 days |
Our approach to estimating the risk capital for operational risk is based on both a Basel II operational risk measurement approach and a loss distribution approach. Among the operational risk measurement approaches under Basel II requirements, we adopt the Standardized Approach (TSA). Under the loss distribution approach, we estimate the risk capital for operational risk by inferring the frequency and severity of loss events based on actual loss data and scenarios assuming potential risk events. In this approach, we estimate the risk capital on the assumptions of a confidence level of 99.9% and a one year holding period.
<Risk Capital Allocation>
Risk capital is allocated to business groups according to their risk tolerance and expected income with the goal of improving the profitability and efficiency of the Bank as a whole.
The Board of Directors initially determines unallocated capital, i.e., the amount of capital required for continued business growth and future capital policies that will not be allocated, and subsequently allocates credit risk capital, market risk capital, and operational risk capital (limited to the amount of capital remaining after subtraction of unallocated capital) to business groups in line with the requirements of the management and business strategies. Business groups are responsible for conducting operations within their risk capital allocation, and capital usage is reported monthly to senior management.
Credit Risk Management
Credit risk is the possibility that the Bank may suffer losses from the impairment or loss of asset values, including off-balance sheet transactions, due to the financial deterioration of its counterparties (including the government of a country). Aozora is committed to accurately identifying, measuring and pricing credit risk in order to offer successful financing solutions to our clients, and to safeguard our own balance sheet against problematic credit risk. Our approach to managing credit risk is both at the transaction level and at the portfolio level. This entails strict credit screening and ex post facto management of transactions, and a focus on eliminating credit risk concentration at the portfolio level in order to maintain a sound asset portfolio for the Bank and its consolidated subsidiaries. The Group’s credit portfolio is carefully monitored and reported to the Board of Directors and the Management Committee on a regular basis.
Approval Authority
<Credit Transactions>
All credit transactions, comprised mainly of loan transactions, are approved under the authority of the Credit Committee, whose members include the Executive Officers in charge. The Credit Committee grants authority partly to the Chief Credit Risk Officer, who in turn can delegate authority within a certain range to individuals in credit divisions or business divisions.
<Investment Transactions>
Approval authority for investment transactions, comprised mainly of equities and fund investments, resides with the Investment Committee, whose members include the responsible Executive Officers. The Investment Committee delegates part of its authority to the Chief Risk Officer and Senior Managing Executive Officers in charge.
Credit Rating System
Credit ratings are subject to review on a regular basis based on the updated financial results of our clients and, as appropriate, where changes are identified in the quality of their credit. Business unit analysts recommend a rating at the inception of a credit relationship, and these recommendations are approved by our credit divisions.The Asset Assessment Division has the authority to perform ratings examinations on a regular or as needed basis, and to make necessary amendments.
The Bank examines its credit rating system through benchmarking (comparative verification of our ratings with those assigned by external agencies or external models) and back testing (assessment of significance of credit rating system based on past default).
<Borrower Rating>
Our credit evaluation produces ratings for each borrower based on the probability of default. The rating process is determined by a qualitative and quantitative evaluation of each borrower.
<Facility Rating>
Credit transactions also receive facility ratings, which consider collectability with collateral and/or guarantee, so that the Bank is able to assess their risk/return profile and quantify credit risks. Our analysis of collateral dependent loans includes the evaluation of value in stress scenarios, and we recognize the credit mitigation effect of collateral while taking into consideration the level of correlation between default risk and collateral values. We assign internal ratings to guarantors in order to recognize the credit risk mitigation effect by replacing the credit quality of the obligors with that of the guarantors.
<Structured Finance Rating>
A structured finance rating is assigned to non-recourse transactions including securitization transactions represented by non-recourse real estate loans, CMBS, securitization of monetary claims and structured bonds in senior/junior tranches, by ranking the occurrence of loss.
<Utilization of Credit Ratings>
Credit ratings are an integral component of the approval system for credit assessment, interest rate spread, etc. They are also used to conduct self-assessment and are employed as benchmarks to quantify credit risks.
Quantification of Credit Risk
Our understanding of the credit risk exposure of our clients and their groups is the starting point for credit risk management. We centrally manage all assets with credit risk such as loans, securities, equities, funds, securitized transactions and off-balance sheet transactions (including commitment lines, derivative transactions, etc.). We employ the current exposure method in our management of a counterparty risk on derivative products transactions by setting a credit line for each relevant party. In our portfolio management, unexpected loss is calculated and analyzed on a monthly basis, and the comparisons between the derived unexpected loss and allocated capital are regularly reported to the Board of Directors and Management Committee. The Bank’s internal model employs a holding period of one year and a confidence interval of 99.9%. Unexpected loss is measured using parameters such as PD, LGD, intra-sector correlation, inter-sector correlation and parent–subsidiary correlation of the borrower group.
Credit Portfolio Management
We test our credit portfolio under stress scenarios such as rising interest rates, falling stock prices or declining real estate prices, and measure the resulting risk. The calculation and analysis of expected and unexpected loss allows us to anticipate the adequacy of the Bank’s capital in the event of the actual occurrence of one of the scenarios. Concentration risk is managed by setting guidelines on exposure by borrower categories. In some cases, we establish the credit limit by internal ratings, and for cases such as domestic real estate, we establish additional concentration limits to control such risk. For the sectors to which we have large credit exposure, we provide the Credit Committee with reports of the respective sectors on a quarterly basis.
Market Risk Management
Market risk is the risk of incurring losses due to fluctuations in the value of the assets and liabilities caused by market movements. The Bank performs a comprehensive analysis of the market risk affecting all assets, liabilities and off-balance transactions for its trading and banking businesses. We document our handling of products, utilizing risk management methods and market price valuation methods in order to manage market risk appropriately.
Procedures for Market Risk Management
The Board of Directors and the Management Committee determine the economic capital allocation for the entire Aozora Group including front office business units and divisions, commensurate with market risk exposure. Market risk and loss limits are set in accordance with the capital allocation.
The usage and compliance with these limits are centrally monitored by the Market Risk Management Division, which is independent from the front offices in terms of organization and human resources. The Market Risk Management Division monitors the market risk and profit/loss (P/L) for the trading businesses daily and for the banking businesses on a daily or weekly basis. The division makes periodic reports to the Chief Risk Officer, the Executive Officers in charge of the front offices, the Asset and Liability Committee, the Management Committee and the Board of Directors.
Overview of Market Risk Measurement Methods
Aozora Bank uses VaR to quantify the market risk for the trading and banking businesses and as a basis for setting market risk limits and for monitoring risk.
VaR is a statistical measure of estimated maximum losses that could arise for a defined period at a given confidence level. VaR serves as a common standard of measurement to estimate maximum losses that could arise as a result of fluctuations in risk factors such as interest rates, stock prices and exchange rates.
The VaR for the linear risk of interest rates, foreign exchange rates and stock prices is calculated using an internal model utilizing the variance-covariance method reflecting the correlation effect among risk factors. The VaR for nonlinear risk, credit derivatives and funds is calculated using the delta-plus method, the internal model based on past data, and the estimated price volatilities from historical data, respectively.
Interest rate risk in the banking book is measured in such a way that the interest due date under contract for each transaction is recognized as the maturity date, and that no prepayment is assumed. Also, the interest rate risk for ‘core deposits’ (liquid deposits which are to remain in a bank for a long period without withdrawal) is calculated by setting the maximum maturity of 5 years (2.5 years on average) for whichever is the lowest amount over the past 1 year among the following three criteria: (1) the minimum balance over the past 5 years, (2) the balance derived by subtracting the largest annual outflow over the past 5 years from the current balance, or (3) 50% of the current balance.
Market Risk for the Entire Bank
Back Testing
Aozora Bank conducts back testing to verify the reliability of VaR by comparing daily computed VaR with daily gains or losses. The following graph represents the results of the back testing for trading businesses with internal models over the 245 business days from April 1, 2010 to March 31, 2011. The actual daily losses did not exceed the daily VaR on any business day. This result supports the reliability of the Bank’s VaR.
Stress Testing
To complement VaR, Aozora Bank regularly conducts stress tests to assess the potential impact of volatile market movements that could exceed statistical estimates.The Bank sets stress scenarios that simulate the impact of the largest fluctuations in market risk factors in the past 20 years, including those in interest rates, stock prices and foreign exchange rates on the Bank’s current positions, and market situations that influence the slope of the yield curves. The anticipated amount of loss in such hypothetical circumstances is reported to the Asset and Liability Committee and other management bodies.
Amount of Regulatory Capital for Market Risk
In the calculation of the capital adequacy ratio as of March 31, 2010 and March 31, 2011, the regulatory capital for market risk and its breakdown are as follows:
Market Risk Management of Funds
The Bank sets VaR and loss limits on the market risk associated with our investments in funds etc., and the associated risk is managed using the same method as trading and banking positions. The risk and P/L associated with these investments are reported to management periodically.
Market Liquidity Risk Management
Market liquidity risk is the potential for losses caused by the inability to execute market transactions as a result of market turbulence and thin trading, or by the necessity to carry out transactions at extremely unfavorable prices. The Market Risk Management Division monitors the Bank’s position relative to market size to ensure that the position does not become excessive.
Funding Liquidity Risk Management
The Financial Management Division centrally monitors the funding liquidity risk of yen and foreign currency-denominated funds and ensures that the Bank’s funding capabilities are sufficient to meet its contractual obligations by holding a sufficient level of securities with high liquidity. The Board of Directors and other management bodies approve the Sources and Uses Plan on a monthly and annual basis. The Financial Management Division reports the liquidity status directly to the Bank’s senior management on a daily basis.
Operational Risk Management
Operational risk is the risk of loss resulting from inadequate or failed internal procedures, officers and employees or systems, or from external events. The Bank recognizes the importance of appropriate operational risk management and conducts management operations in compliance with risk management policies approved by the Board of Directors. Risk management policies include comprehensive management policies for operational risk, as well as systems risk, legal and compliance risk, human risk, tangible assets risk and disaster situations. As described in the chart below, the Bank has established organizational units responsible for each type of operational risk as well as the Integrated Risk Management Division, which is responsible for the comprehensive control of operational risk, and the monitoring of materialized risk, risk assessment, risk measurement, etc.
Comprehensive Management of Operational Risk
The Bank manages operations risk, systems risk and other operational risks in a comprehensive manner through common methods and indicators. In addition to managing the occurrence of realized loss, potential risks are also addressed. Actual loss arising from operational errors, compliance incidents, systems trouble, disasters/accidents, damage to tangible assets and external fraudulent acts are monitored by each risk management division and identified as operational risk. Occurrences of loss are compiled and reported by the Integrated Risk Management Division. Any significant loss events must be individually reported to management according to risk management policies. Potential risks are identified and assessed through risk mapping and control self-assessments (CSA). Risk mapping is an approach in which all business headquarters assess the strength of risk management within the Group, and identify the extent to which risk management could be insufficient. CSAs are conducted in all operational units including business divisions and branches to identify material risk. Appropriate measures and scenarios are developed for risks identified through risk mapping and CSAs. The Bank’s operational risk amount is estimated using internal model simulations, based on the Bank’s loss events and the adopted scenarios, and capital is allocated in consideration of this calculation and Basel II regulatory capital.
Operations Risk Management
Aozora Bank has documented all administrative procedures in the form of manuals for each business operation in order to improve the reliability of routine procedures. The Operations Management Division, which is independent of business divisions, handles operations risks. It is also responsible for building an effective administrative system by providing guidance on specific processes and training, as well as reviewing organizational arrangements. Further automation, systemization and centralization of routine procedures are being implemented in order to mitigate human error arising from administrative processes.
System Risk Management
The Bank has documented policy and rules on systems risk management and works to ensure stable system operation by taking appropriate measures for prevention of systems risk realization and response to system problems. Specifically, duplex system infrastructure, improved backup centers, test and review frameworks for system development, system operation monitoring, manuals for response to disasters and training drills have been established. Information security measures such as the use of thin clients as internal LAN terminals (no data stored on individual terminals, but managed centrally in a server) and user authentication with IC cards have been implemented to maintain sound system security.
Other Operational Risk Management
The Bank also defines legal and compliance risk, human resource risk and tangible asset risk as operational risks. The Legal & Compliance Division monitors the risk of damage arising from illegal activities, the violation of internal rules, and issues such as lawsuits, in an integrated manner. It conducts investigation and analysis, and implements measures to mitigate the occurrence or recurrence of incidents. The Bank mitigates its human risk by reflecting its risk management policies in its human resource operations, as well as monitoring the status of human risk. Tangible assets risk, which describes loss resulting from damage to fixed assets caused by external factors such as natural disasters or accidents, is mitigated through the monitoring of inventory and the implementation of preventative measures. We also analyze potential risk to the reputation of the Bank arising from adverse rumors when planning new business and/or products, through the monitoring of information sources such as the media. Officers and employees are obliged to inform management in the event that they become aware of any such risk. The occurrence of a crisis resulting from damage to the reputation of the Bank will be managed in the same way as a disaster situation, described below.
Disaster Situation Management
One of the components of the management of operational risk is addressing the risk of potential disruption to normal business operations due to exceptional events that may impact facilities, systems, infrastructure, human resources and other areas of the Bank’s operations. Business Continuity Management (BCM) identifies the potential impact of events that threaten the organization and provides the framework for building resilience together with capabilities for an effective response to disruptive events. The objective of the Business Continuity Plan is to define the parameters for prevention of severe losses due to disruptive events and provide a baseline to continue the minimum level of critical business operations between the disruption and return to business as usual. The Crisis Management Division defines disruptive events, potential impacts and assumptions, and provides all business groups with the template of a Business Continuity Plan. During a crisis (natural disaster, major infrastructure outage, etc.), a Command Center is established to address crisis responses, recovery actions and Business Continuity Plan implementation. Under the Command Center operations, the CEO has decision-making authority and centrally manages internal and external communications, which will be kept in records for post-crisis evaluation. Upon the return to normal operations, the Crisis Management Division will report the actions taken in response to the event and the lessons learned from the experience including the estimate of losses incurred. By evaluating the effectiveness of the plans and identifying the weaknesses where plans could not adequately meet the response and recovery requirements of the situation, necessary improvements to the plans will be made following the return to normal operations.
