Information on Risk Management Policies Applied Per Risk Types
Bank risk policies and procedures constitute the internal rules and principles which are approved and enforced by the Board
considering Risk Management Division suggestions and executed by the senior management.
These policies that have been put into effect in accordance with international standards, stipulate general standards regarding the
organization and scope of risk management function, risk measurement methods, roles and responsibilities of the risk management
group, risk limit setting methodology, rules governing the breach of limits and confirmations that have to be given in various
situations.
As a result of the main business of the Bank, credit risk is considered as the most important financial risk factor the Bank is exposed
to. Aside from credit risk, due to the asset and liability mismatch prevalent in the Turkish banking sector, liquidity risk and interest
rate risk are other financial risks that are regarded as prominent. In addition to these financial risks, although direct influence to
the Bank’s financial statements is fairly limited, currency risk is regarded as one of the important financial risks of the Bank due to
its characteristic to increase the credit risk profile of the Bank through exposure to the credit customers bearing short currency
position against Turkish Lira.
Apart from the financial risks mentioned above, the most important non-financial risk of the Bank appears to be business
environment risk. It is concluded that geopolitical risks arising from political instability in nearby geography of Turkey, upcoming
fierce competition in local market and new banking regulations are the main drivers of business environment risk. The above
mentioned assessments are presented in financial statements.
To ensure the conformity of the Bank’s risk appetite with business plan and prevailing market environment, risk limits set by the
Board of Directors are monitored. In this context, breaches in market, liquidity, structural interest rate and credit risk limits are
analyzed by Risk Management Division taking market and industry conditions into consideration, and findings are reported to the
Audit Committee.
Capital Adequacy Policy
Capital Adequacy Policy defines the level of capital, on consolidated and unconsolidated basis, that the Bank must hold against
potential losses arising from financial risks associated with on and off-balance sheet items in addition to non-financial risks caused
by the Bank’s operations; and establishes the principles for maintaining and monitoring the minimum capital levels determined in
accordance with the legal regulations and the Internal Capital Adequacy Assessment Process. Risk management policies form an
integral part of the Capital Adequacy Policy.
Credit Risk Policy
Credit risk is defined as any situation where the counterparty obligation will not or can not be fulfilled partially or fully on maturity
as affirmed in the agreement. Credit risk policy sets the framework for credit risk management, control and monitoring, roles and
responsibilities and credit risk limits.
İşbank maintains identification, measurement and management of credit risk across all products and activities. The Board reviews
credit risk policies and strategies annually at minimum. Senior management is responsible for the execution of credit risk policies.
The findings of independent review of loans and credit risk are reported to the Board and the senior management regularly.
Monitoring credit risk includes parameters such as maturity, industry, collateral, geography, currency, loan type, and credit risk
ratings as a whole, in addition to the assessments on the obligor and the facility.
In managing credit risk, İşbank implements internal risk limits specified by the Board of Directors that restrict the maximum credit
risk based on parameters such as risk groups and sectors in addition to the credit risk limits that are mandated by legal regulations.
These internal limits are determined in a way that does not lead to risk concentrations.
Breaching risk limits until the regulatory limits are treated as “exceptional procedure”. The authorization for exceptional procedure
resides with the Board of Directors. The results of controls and assessments related to risk limit breaches are presented to senior
management and the Board of Directors by Internal Audit and Risk Management Functions.
İşbank employs internal credit risk rating systems that are developed to service the needs for credit management, credit granting
decisions, credit process audits and credit provision calculations. Internal audit and risk management functions regularly assess the
internal credit risk rating systems according to their compatibility with the structure, size and complexity of the Bank’s operations.
If diverse circumstances required, necessary adjustments and/or modifications are made to the system. Internal credit risk rating
systems are assessed by the Risk Committee and approved by the Board of Directors.
Financial Information and Risk Management
94
İşbank
Annual Report 2013
