In 2013, RBI implemented Risk Based Supervision (RBS) for over 30 banks in India, and plans to extend it to the remaining banks as well, writes Oscar Martins, a Director with Protiviti India’s Financial Services Industry (FSI) practice, which provides world-class professional services across governance, operations, risk, compliance and internal audit to global and local companies in the financial service industry.
RBS focuses on evaluating present and future risks, identifying incipient problems and facilitate early corrective action. This is intended to replace the present compliance-based and transaction-testing approach (CAMELS) which is more in the nature of a point in time assessment.
Under RBS, the supervisory stance would be determined based on a supervisory analysis of its position on a Risk-Impact Index Matrix rather than its volume of business.
The supervisor would also increasingly use thematic reviews as a tool of supervision, whereby review of a particular product, market or practice using a specialised team would be made to assess risks brewing within the sector or at system level for enabling prompt actions.
In 2015, SEBI also adopted a risk-based supervision model for capital market intermediaries (including stock brokers and mutual funds), who were categorised based on their risk levels, and the quantum of surveillance and number of inspections would increase as per the risk level.
The new model would follow four distinct steps — assessing the risks posed by a market entity, assigning ‘risk and impact rating’ to it, determine the supervisory risk rating score and then adopt a suitable supervisory approach. The overall risk profile of an entity would be computed as a function of two components — business or activity specific risk and the impact risk arising out of default or failure, rather than individual factors such as turnover, complaints, penalties, etc.
In September 2016, SEBI issued enhancements to the risk based supervision model for stock brokers and depository participants, by issuing detailed guidelines for monitoring their financial strength, uniform naming and tagging of bank and demat accounts, detecting any misutilisation of clients’ funds, and revamping the existing system of internal audit.
For monitoring financial strength, stock exchanges and depositories have to frame various event based monitoring criteria based on market dynamics and market intelligence.
For monitoring of clients funds with the stock broker, a sophisticated alerting and reconciliation mechanism, is to be established by stock exchanges to detect any misutilisation of client funds. Also, changes in the Internal Audit system include rotation of Internal Auditors, formulation of objective sampling criteria, monitoring of quality of Internal Audit Reports, timelines for submission etc.
Challenges are plenty both for the supervisors and the financial institutions as the industry grapples with wide-ranging issues including efficacy of risk management systems, cost of compliance, scalability of regulatory reporting processes and data quality.
Preparing for risk based supervision will require both banking and capital market entities to significantly improve their operations, risk and compliance monitoring and reporting capabilities, as well as demonstrate robust data governance, internal control and internal audit frameworks.
(Note: The FSI team consists of knowledgeable professionals with decades of experience working with FSI clients in multiple sectors.)