RBI/2016-17/294
DBR.BP.BC.No.65/21.04.103/2016-17
April
27, 2017
The Chairman and Managing
Director/Chief Executive Officer
All Scheduled Commercial Banks
(Excluding Local Area Banks and Regional Rural Banks)
And
Small Finance Banks
Madam/Dear Sir,
Risk Management Systems – Role
of the Chief Risk Officer (CRO)
Please refer to the guidelines
on Risk Management Systems issued vide our circular DBOD.No.BP.(SC).BC.98/21.04.103/99
dated October 7, 1999 and the Guidance Notes on Management of Credit Risk
and Market Risk issued in terms of our circular DBOD. No. BP. 520/21.04.103/2002-03
dated October 12, 2002.
2. As part of effective risk
management, banks are required, inter-alia, to have a system of separation
of credit risk management function from the credit sanction process.
However, it is observed that the banks follow diverse practices in this
regard. In order to bring uniformity in approach followed by banks, as
also, to align the risk management system with the best practices, banks
are advised as under:
a.
They
shall lay down a Board-approved policy clearly defining the role and
responsibilities of the CRO.
b.
Appointment
of the CRO shall be for a fixed tenure with the approval of the Board of
Directors of the banks. The CRO may be transferred/removed from his post
before completion of the tenure only with the approval of the Board and
such premature transfer/removal shall be reported to the Department of
Banking Supervision, Reserve Bank of India, Mumbai. In case of listed
banks, any change in incumbency of CRO shall be reported to the stock
exchanges also.
c.
CRO
shall be a senior official in the banks’ hierarchy and shall have the
necessary and adequate professional qualification/experience in the areas
of risk management.
d.
The
CRO shall have direct reporting lines to the MD & CEO / Risk Management
Committee (RMC) of the Board. In case the CRO reports to the MD & CEO,
the RMC shall meet the CRO on one-to-one basis, without the presence of the
MD & CEO, at least on a quarterly basis.
e.
The
CRO shall not have any reporting relationship with the business verticals
of the bank and shall not be given any business targets.
f.
In
case the CRO is associated with the credit sanction process, it shall be
clearly enunciated whether the CRO’s role would be that of an adviser or a
decision maker. The policy shall include the necessary safeguards to ensure
the independence of the CRO.
g.
In
banks that follow committee approach in credit sanction process for high
value proposals, if the CRO is one of the decision makers in the credit
sanction process, he shall have voting power and all members who are part
of the credit sanction process, shall individually and severally be liable
for all the aspects, including risk perspective related to the credit
proposal. If the CRO is not a part of the credit sanction process, his role
will be limited to that of an adviser.
h.
In
banks which do not follow committee approach for sanction of high value
credits, the CRO can only be an adviser in the sanction process and shall
not have any sanctioning power.
i.
The
CRO in his role as an adviser shall be an invitee to the credit
sanction/approval committee without any voting rights in the proceedings of
the committee.
j.
There
shall not be any ‘dual hatting’ i.e. the CRO shall not be given the
responsibility of Chief Executive Officer, Chief Operating Officer, Chief
Financial Officer, Chief of the internal audit function or any other
function.
Yours faithfully,
(S. S. Barik)
Chief General Manager-in-Charge
|