ICICI Bank 2012 Annual Report Download - page 194

Download and view the complete annual report

Please find page 194 of the 2012 ICICI Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 212

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212

F116
The key elements in the operational risk management framework as defined in the Policy include:
 Identification and assessment of operational risks and controls;
 New product and processes approval framework;
 Measurement through incident and exposure reporting;
 Monitoring through key risk indicators; and
 Mitigation through process and controls enhancement and insurance.
The Bank has implemented Outsourcing Policy approved by the Board of Directors, which specifies the composition,
roles and responsibilities of Outsourcing Committee. The Outsourcing Committee is responsible for:
 Assessing the risk and ensure mitigation for the same for all material outsourced activities;
 Approving new outsourced activities;
 Ensuring that periodic review of outsourced agencies is conducted by the business/operations group; and
 Putting in place a central database on outsourcing.
Identification and assessment
Operational risks and controls across the Bank are documented and updated regularly. Each business and operations
group in the Bank has business operational risk managers within the group. ORMG along with these managers
facilitates the business and operation groups for carrying out risk and control self-assessments on a periodic basis
as per the plan approved by the ORMC. Risk mitigation plans are monitored to ensure timely mitigation of risks.
Internal controls are tested by Internal Audit Group in the Bank. The testing results are incorporated in the operational
risk assessment. The Bank has a comprehensive Product and Process Approval framework along with the detailed
operating guidelines for effective new product and process risk management. As per the framework, Bank has
a Product and Process Approval Committee (PAC) in place. The role of PAC is to assess the proposed product
offering/process improvement from the business and operational perspective, examine the feasibility of system
requirements for supporting the product/process and ascertain that adequate risk mitigation, legal and compliance
measures are considered. All the new products and processes including modifications thereof are reviewed by the
control groups such as risk, compliance, legal and audit, prior to being placed before the Committee for approval.
Measurement, monitoring, mitigation and reporting
Operational risk incidents are reported regularly and transactions resulting in losses are routed through operational
risk account. Root cause analysis is carried out for the significant operational risk incidents reported and corrective
actions are incorporated back into respective processes. The Bank has implemented incident reporting systems,
which facilitate capturing of operational risk incidents by the employees of the Bank.
The operational risk losses and incident analysis are submitted to the Risk Committee and to the Board on a periodic
basis. Operational risk exposures (risk and control self assessment results, operational risk incidents analysis, key
risk indicators and open risks) are monitored by the ORMC on a regular basis and reported to the business heads
in the form of dashboards on a periodic basis.
The Bank has initiated steps to adopt advanced approaches for operational risk capital computation. The Bank
had filed an application with the RBI for migration to The Standardised Approach (TSA) on a standalone basis in
September 2011. The Bank has taken steps for filing an application for migration to the Advanced Measurement
Approach (AMA). The Bank has been estimating Operational Value at Risk (OpVaR) for the purpose of Internal
Capital Adequacy Assessment Process (ICAAP). The OpVaR is estimated based on the principles of AMA by using
internal loss data, scenario analysis and external loss data. The OpVaR is stress tested on a periodic basis to ensure
adequacy of the capital provided for operational risk and is compared with trends of actual losses.
For facilitating effective operational risk management, the Bank has implemented a comprehensive operational risk
management system. The application software comprises five modules namely incident management, risk and
control self-assessment, key indicators, scenario analysis and issues and actions.
Operational risk management in overseas branches and banking subsidiaries
ORMG is responsible for design, development and continuous enhancement of the operational risk management
framework across the Bank including overseas banking subsidiaries and overseas branches. While the common
framework is adopted, suitable modifications in the processes are carried out depending upon the requirements
of the local regulatory guidelines. ORMG exercises oversight through the process of periodic review of operational
risk management in the international locations.
BASEL II – PILLAR 3 DISCLOSURES (CONSOLIDATED)
at March 31, 2012