ICICI Bank 2013 Annual Report Download - page 199

Download and view the complete annual report

Please find page 199 of the 2013 ICICI Bank annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 220

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220

F121
• Monitoring through key risk indicators; and
• Mitigation through process and controls enhancement and insurance.
The Bank has implemented Outsourcing Policy approved by the Board of Directors, which specifies the
composition, roles and responsibilities of Outsourcing Committee. The Outsourcing Committee is
responsible for:
• Assessing the risk and ensure mitigation for the same for all material outsourced activities;
• Approving new outsourced activities;
• Ensuring that periodic review of outsourced agencies is conducted by the business/operations group;
and
• Putting in place a central database on outsourcing.
Identification and assessment
Operational risks and controls across the Bank are documented and updated regularly. Each business
and operations group in the Bank has business operational risk managers within the group. ORMG along
with these managers facilitates the business and operation groups for carrying out risk and control self-
assessments on a periodic basis as per the plan approved by the ORMC. Risk mitigation plans are monitored
to ensure timely mitigation of risks. Internal controls are tested by Internal Audit Group in the Bank. The
testing results are incorporated in the operational risk assessment. The Bank has a comprehensive Product
and Process Approval framework along with the detailed operating guidelines for effective new product and
process risk management. As per the framework, Bank has a Product and Process Approval Committee (PAC)
in place. The role of PAC is to assess the proposed product offering/process improvement from the business
and operational perspective, examine the feasibility of system requirements for supporting the product/
process and ascertain that adequate risk mitigation, legal and compliance measures are considered. All the
new products and processes including modifications thereof are reviewed by the control groups such as risk,
compliance, legal and audit, prior to being placed before the Committee for approval.
Measurement, monitoring, mitigation and reporting
Operational risk incidents are reported regularly and transactions resulting in losses are routed through
operational risk account. Root cause analysis is carried out for the significant operational risk incidents
reported and corrective actions are incorporated back into respective processes. The Bank has implemented
incident reporting systems, which facilitate capturing of operational risk incidents by the employees of the
Bank.
The operational risk losses and incident analysis are submitted to the Risk Committee and to the Board on a
periodic basis. Operational risk exposures (risk and control self assessment results, operational risk incidents
analysis, key risk indicators and open risks) are monitored by the ORMC on a regular basis and reported to
the business heads in the form of dashboards on a periodic basis.
The Bank has initiated steps to adopt advanced approaches for operational risk capital computation. The
Bank had filed an application with the RBI for migration to The Standardised Approach (TSA). The Bank has
been estimating Operational Value at Risk (OpVaR) for the purpose of Internal Capital Adequacy Assessment
Process (ICAAP). The OpVaR is estimated based on the principles of AMA by using internal loss data, scenario
analysis and external loss data. The OpVaR is stress tested on a quarterly basis to ensure adequacy of the
capital provided for operational risk and is compared with trends of actual losses.
For facilitating effective operational risk management, the Bank has implemented a comprehensive operational
risk management system. The application software comprises five modules namely incident management,
risk and control self-assessment, key indicators, scenario analysis and issues and action.
BASEL II – PILLAR 3 DISCLOSURES (CONSOLIDATED)
at March 31, 2013