> Add bookmark
> Add to print list
> Print page

My Bookmarks
    My Notes
    My Print List

      Information on Risk Management Policies Applied per Risk Types

      The Bank’s risk policies and related implementation procedures constitute the internal rules and principles which are approved and enforced by the Board considering Risk Management Division suggestions and executed by the senior management.

      These policies, which came into effect in line with the international best practices, are general standards including the organization and scope of risk management function, risk management methods, roles and responsibilities of the risk management group, methodology of setting risk limits, rules governing the breach of limits, affirmations and approvals necessary in various events and circumstances.

      To ensure its conformity with business plan and prevailing market environment, the Bank’s risk appetite is kept under control through the risk limits set by the Board of Directors.

      Credit Risk Policy
      Credit risk policy sets the framework for methodologies and responsibilities related to credit risk management and issues related to credit risk limits. Credit risk is defined as any situation where the counterparty obligation will not or cannot be fulfilled partially or fully on maturity as affirmed in the agreement.

      The Bank maintains identification, measurement and management of credit risk across all products and activities. The Board reviews credit risk policies and strategies annually at minimum. Senior Management is responsible for the execution of credit risk policies.

      All findings reached through independent review of loans and credit risk are reported to the Board and the Senior Management regularly. In addition to monitoring credits individually during the credit risk monitoring, the risk level and composition of the loan portfolio are also monitored. The monitoring process involves an approach containing monitoring and management of credit risks as a whole through parameters such as maturity, industry, collateral, geography, currency, loan type and credit risk ratings, in addition to the assessments on the obligor and the facility. Credit risk monitoring encompasses any additional risks that could stem from possible macroeconomic changes and potential adverse conditions.

      The Bank’s credit risk management policy entails credit portfolio diversification. Segmentation is used to execute dispersion of diversified risk strategy. Segmentation is the separation of portfolio into wide customer groups according to their common features like geography, sector, product and being similarly affected by the negative changes at the economic and financial sector.

      Internal audit and risk management functions regularly assess credit decision support systems as to its compatibility with the structure, size and complexity of the Bank’s operations. If diverse circumstances required, necessary adjustments and/or modifications are made to the system.

      Credit Risk audit implies independent auditing of the compatibility of credit quality and crediting process with the legal regulations and the Bank’s policy and codes of practice and assessment of the adequacy of provisions for loans and other receivables.

      Asset and Liability Management Risk Policy
      Asset and liability management risk is defined as; loss risk caused by the Bank’s failure to effectively manage all financial risks arising from the Bank’s assets, liabilities and off-balance sheet transactions. Market risk of trading book, structural interest rate risk of banking book and liquidity risk are all within the scope of asset and liability management risk.

      All principles and procedures related to constitution and management of the Bank’s asset-liability structure and the Bank’s risk appetite are established by the Board of Directors. Ensuring asset and liability management risk being within the levels imposed by legal legislation and internal risk limits, is the primary priority. Internal risk limits are determined by the Board of Directors taking into consideration liquidity, targeted income level, general expectations about the changes in risk factors and risk appetite of the Bank.

      Board of Directors and Audit Committee are obliged to track that the Bank’s capital is used optimally. For this purpose, they have to keep risk limits under control and ensure that necessary actions are taken.

      Asset-Liability Management Committee is responsible for governance of asset and liability management risk in accordance with the risk appetite and risk limits determined by the Board of Directors and within the framework of the principles and procedures expressed in risk policy.

      Measuring asset and liability management risk, reporting the results and monitoring the compliance with the risk limits are the responsibilities of Risk Management Division. The course of the risk taken is reviewed under different scenarios. Measurement results are tested in terms of reliability and integrity. Information on asset and liability management risk is reported by the Risk Management Division to the Risk Committee and through the Audit Committee it is reported to the Board of Directors.

      Asset and liability management processes and compliance with the policy rules are audited by internal audit system. The principles regarding the audit process, audit reports and fulfillment of action plans to eliminate the errors and gaps determined by internal audit are established by the Board of Directors.

      Operational Risk Policy
      Operational risk is defined as “the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events”. Risk Management Division is responsible for the risk management activity on this particular risk. Operational risk management activities comprise specifying, defining, measuring, analyzing, monitoring and reporting of operational risks, following up the new techniques on management of operational risks domestically and globally, improving the techniques and methods applied, as well as the necessary statutory reporting, notification and follow-up.

      Categorization of inherited operational risks within the activities and processes is made possible by the “Enterprise Risk Framework”. It serves as the basic document to define and classify the risks and is subject to alteration as conditions change.

      The methodology employed to identify operational risks is “Self-Assessment”. This methodology requires staff with roles and responsibilities in a particular activity to get involved in the risk and control assessment process of that activity. Operational risk management process combines both qualitative and quantitative approaches in measurement and assessment. The measurement process uses data obtained from “Impact - Likelihood Analysis” and “Lost Case Data Analysis”.

      All operational risks that are exposed to as a result of processes, risk levels of new products, services and operations, losses by the Bank due to operational risk and risk indicators are regularly monitored by the Risk Management Division and periodically reported to the Risk Committee and the Board of Directors.

      All employees of the Bank have the understanding of the Bank’s objective to attain a working environment aiming to reduce the probability of loss, considering that the entire internal rules and procedures, led by operational risk policy and act sensitively to the inherited operational risks and controls.

      Consolidated Risk Policies
      Compliance with risk management principles related to the Bank’s subsidiaries are monitored through Bank’s “Consolidated Risk Policies” by Subsidiary Risk Unit within the Risk Management Division. Subsidiaries identify their specific risk management policies considering their own organizational structure and in accordance with Consolidated Risk Policies. Subsidiary boards approve company risk policies that form the framework of their risk management systems and processes.

      Information Systems Management Policy
      The purpose of Information Systems Management Policy is to determine the principles which will constitute a basis for the management of information systems that the Bank uses to fulfill its activities and the procedures in order to define, measure, control, monitor, report and manage the risks derived from using information technologies. With the policy, it is aimed to deal with information systems management as part of corporate governance practices and to manage information technologies effectively, which is an important element for sustaining the Bank’s activities. On the management of the Bank’s information systems and all the elements relating to those systems, articles of this Policy are applied.

      Risks derived from information technologies are basically assessed within the scope of the Bank’s operational risk management. It is essential that those risks which could be seen as multipliers of the other risks derived from activities of the Bank are measured, closely monitored and controlled within the framework of Bank’s integrated risk management.


      Add note     Cancel