Risk Management

Purpose

The basic motive of Risk Management Policy is to minimize the losses / prevent the occurrence of loss due to risks to which company is exposed to while dealing with the clients on day to day operations. BWC Markets (the “Company”) is committed to adopting appropriate measures and mechanisms towards ensuring minimizing occurrences of such losses. The Company hereby notifies that this Risk Management Policy is to be followed by all directors, officers & designated employees.

Scope

This policy applies to all the Company’s activities. It forms part of the Company’s governance framework and it applies to all employees and contractors.

Risk Governance

The Company has a well-established risk governance structure which facilitates identification and escalation whilst providing assurance to the Board. The governance structure is supported with an active and engaged Board of Directors of the Company (the “Board”) and a risk management function that is independent of the business units. The head of risk management has direct access to the chairman of the Board and the Risk Management Committee without impediment.

  • The Company’s risk management governance structure begins with oversight by the Board of Directors, either directly or through its committees to ensure that decision making is aligned with the Board’s approved risk appetite.
  • The executive management is responsible for translating the high-level overall guidance from the Board into operational aspects and then monitoring and reporting them back periodically to the Board/Board Committees.
  • The aggregate enterprise-wide risk profile and portfolio appetite are discussed at the respective risk management forums and at the Risk Management Committee on a quarterly basis

Risk Governance Structure

The Table below illustrates the inter-relationship between the Board, Board Committees and management committees that have the majority ofrisk oversight responsibilities forthe Company and their corresponding roles.

ConstitutionResponsibilities
Board ofDirectorsBoth executive and independent directorsThe Board is responsible to authorise management to maintain an effective risk framework, and oversees compliance with safe, ethical and sound banking practices
Board CommitteesA mixture of independent, experts and executive directors wherever allowedthe board committees which include primarily audit, risk management, strategy, corporate governance and conduct review, are responsible to advise board on risk profile, risk culture, risk appetite, risk strategy and risk management framework
Management ForumKey members of management including the Chief Executivesome of the forums are executive forum,investment forum, risk management forums (asset and liability management committee, operationalrisk forum, portfolio and credit risk forum), management credit forum.
Risk Management TeamPortfolio and Credit Risk Team, Market Risk Team and Operational Risk TeamThe team is responsible for identifying, measuring, monitoring and reporting significant risks across the organisation.

Risk Management Framework

The risk management framework is supported by a variety of risk management tools, which are regularly reviewed and updated to ensure consistency with risk-taking activities and relevance to the business strategies of the Company: Policies andLimits Policies related to specific types of risk or activities are used to manage risk exposure. Recommendations of risk management, internal audit, business units and senior executive management, industry best practices and regulatory requirements are factored into the policies. Prudential limits and tolerances are set as a prudent approach to manage risks. Limit setting establish accountability for key activities within the risk taking activities and establish the conditions under which transactions may be approved or executed. The Board approves all the policies which have clear accountability and ownership and the management is responsible and accountable for the effective implementation and monitoring of risk appetite.

The policies are designed based on the following principles & objectives;

  • 1. Accountability and ownership
  • 2. Effective management
  • 3. Clarity on purpose
  • 4. Risk appetite

Measurement, Monitoring and Reporting

The Company continuously monitors the risk exposures to ensure business activities are operating within approved limits or guidelines. Breaches, if any, are reported to senior management and/or to the Board.

Risk Bearing Capacity and Stress Testing

The risk-bearing capacity analysis is a key part of overall bank management and the Company’s the purpose is to ensure that sufficient capital is held for the risk profile of the Company at all times.

Risk Management Organization

Risk Management Objectives

The Board and senior executives of the Company place great emphasis on risk management. We constantly enhance the risk management practice as a way to strengthen our competitive advantage. The objectives of our risk management are not only to passively control the expected and unexpected losses of the business but also to actively increase the risk-adjusted return on capital. To utilize the capital more efficiently, we allocate the risk capital based on so called “risk appetite”, which takes into account the availability of liquid capital and the financial goals.

Risk Management Organization

  • 1. The Board is responsible for the Company’s overall risk management strategies and for approving the risk management framework and policies. The Board of the Company has appointed a risk committee to oversee the risk management matters.
  • 2. The duties of audit department are to ensure the completeness and adequacy of internal control system. It regularly performs internal audits among front, middle, and back offices to ensure related working procedures are indeed followed.
  • 3. The duties of legal department include legal advice, contracts drafting and review, material contracts and litigation management.
  • 4. The duties of compliance department include regulations guidance and training, consultation of securities and futures trading laws, as well as timely update of relevant laws and regulations. It is also responsible for supervising the periodic self-assessment of legal compliance among all units.
  • 5. The duties of risk management department are to manage risk through ongoing processes of risk identification, measurement, and monitoring, subject to risk limits and other controls. It periodically keeps the board updated regarding the Company’s risk management status and works closely with the Board to ensure the procedures are compliant with the overall risk framework.
  • 6. Other business units and back offices should abide by risk management related policies and procedures, and promptly report to the CEO if there is any exceptional case and its impact.

Risk Categories

Key RiskArising FromMeasurement, monitoring and management ofrisk
Credit Risk
Credit risk is defined as the risk that the banking Company will suffer economic loss due to a Company borrower or counterparty failing to fulfil its financial or other contractual obligationsCredit risk arises when funds are extended, committed, invested, or otherwise exposed through actual or implied contractual agreements, whether reflected on- or off- balance sheet. Amongst the risks faced by SBM, credit risk generates the largest regulatory capital requirement.Credit risk is: □ Measured as risk weighted exposures for performing and non- performing exposures. □ Monitored within regulatory and prudential limits by borrowers, portfolios, country and bank, approved by the Board within a framework of delegated authorities. Regular review of portfolio to proactively manage any delinquency and minimising any undue credit concentrations. □ Managed through a robust risk control framework which outlines clear and consistent policies, principles and guidance.
OperationalRisk
Operational risk is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events.Operational risk arises from human error, inappropriate conduct, failures in systems, processes and controls or natural and man- made disasters. It is inherent in all products, activities, processes and systems and is generated in all business and support areas.Operational risk is: □ Measured using the risk and control assessment process which allows identification and evaluation of risks and effectiveness of controls; □ Monitored through regular risk assessment procedures, key risk indicators and internal loss database; and □ Managed through a conducive control environment with robust operationalrisk policies, processes, systems as well as appropriate risk culture within the organisation which contribute in maintaining a low operational loss experience over the years.
LiquidityRisk
The inability to meet contractual and contingent financial obligations, on- and off- balance sheet as they may come due. Our primary liquidity objective is to provide adequate funding for our business throughout market cycles, including periods of financial stress.Liquidity risk arises from mismatches in the timing of cash flows. Funding risk arises when the liquidity needed to fund illiquid asset positions cannot be obtained at the expected terms and whenrequired.Liquidity and funding risk is: □ Measured using internal metrics including stressed cash flow projections, coverage ratios and advances to core funding ratios; □ Monitored against the Company’s liquidity and funding risk framework and overseen by the Asset and Liability of different entities and the Board Risk Management Committee.

Risk Reporting

Risks shall be monitored and controlled on an ongoing basis, as part of the Risk Management Process. Ultimate responsibility for monitoring and control lies with the - Risk Manager , and should be ongoing at the appropriate levels. At each of these levels, Risk Registers should be regularly reviewed and revised according to any changes affecting the status of a risk, the risk score or progress made in completing mitigating actions. Each of these elements are revisited on an ongoing basis; for example, mitigating actions are regularly reviewed for their impact and effectiveness in controlling the risk and in reducing the risk score. Where a mitigating action is complete, it is removed from the relevant column and where appropriate, referred to under Current Controls. Where a risk score has escalated, action is taken to identify and implement control measures in order to reduce the risk score. Reporting arrangements also provide an additional level of monitoring and control. The Board will receive a high-level report on risk twice per year. The report will provide a summary update on the risks included in the Risk Register, giving current risk scores and notification of any significant changes. The Risk Committee will receive a more detailed report on all risks rated as high. the Company’s management will receive more detailed report on risk for the Strategic Risk Register. Risks will be monitored and controlled as part of the company’s planning process, risk registers will be monitored as part of established management processes within each functional unit.

Statement on Risk Appetite

Risk appetite is an articulation and allocation of the risk capacity or quantum of risk the Company is willing to accept in pursuit of its strategy, Risk bearing capacity represents the ability to bear risk in terms of available capital, and ability to raise additional capital. It also covers strength of operational processes and operating culture in the organisation The Company maintains a comprehensive risk appetite framework, providing a robust foundation for risk appetite setting and management across the Company. The framework provides a structured approach to the identification, measurement, and control of risk. It encompasses a suite of policies, processes, controls and systems for assessing the appropriate level of risk appetite required to constrain its overall risk profile. It is intended to ensure that the Company maintains an acceptable risk profile by providing a common framework and a comparable set of risk appetite measures, supported by management level limit structures and controls for senior management and the Board to clearly indicate the level ofrisk the Company is willing to accept.

The framework is guided by the following strategic risk objectives:

  • • Early identification and control of all types of possible risks.
  • • Maintaining adequate Company-side capital under stressed conditions to absorb losses, if any.
  • • Promoting stability of earnings to avoid unexpected losses. Company-wide risk appetite is determined in conjunction with the overall strategy and capital planning process on an annual basis, based on bottom up forecasts that reflect planned risk-usage by the businesses and top-down, Board-driven strategic risk objectives and risk appetite. Scenario stress testing of financial and capital plans is an essential element in the risk appetite calibration process.

Review and approval

This risk management policy shall be reviewed and approved by the board every once a year.