BAI Center for Certification

Certified Risk Professional Program

Common Body of Knowledge (CBOK)

I. FINANCIAL SERVICES RISK MANAGEMENT THEORY, PRINCIPLES AND CONCEPTS

A. Definitions
1. Risk
2. Risk Management
3. Risk Categories
a. Strategic Risk
b. Reputation Risk
c. Credit Risk
d. Liquidity Risk
e. Interest Rate Risk
f. Market / Price Risk
g. Trading / Foreign Exchange Risk
h. Operating Risk
i. Regulatory / Compliance / Legal Risk
j. Capital / Solvency Risk

B. Other Areas of Risk

1. Supervision by Risk
2. Tying Capital to Risk

C. Stakeholders view

D. Board of Directors – Roles & Responsibilities

1. Establishing systems, control, & feedback
2. Establishing strategy
3. Ratifying policies & procedures, providing oversight

E. Senior Management – Roles & Responsibilities

1. Recommending policies & procedures
2. Ensuring appropriate communication at all levels of organization
a. Staff
b. Line Management
c. Senior Management
d. Committee
e. Board

F. Business Line Accountability

1. Understand risk / return trade-off
2. Expected and unexpected loss
3. Determining how risk relates directly to profit / loss
4. Implementing risk analysis during budget planning process

G. Risk Management Framework

1. Define scope of risks within institution
2. Define processes to manage risks
a. Risk management tactics:
1) Avoiding
2) Controlling
3) Mitigating
4) Pricing
5) Transferring
b. Risk Measurement:
1) Qualitative assessment models
2) Quantitative assessment models – Distribution theories / probabilities
a) Value at Risk (VAR)
b) Scenario testing / stress testing
c) Key performance indicators / Ratio Analysis
d) Benchmarking
c. Risk monitoring:
1) Metrics
2) Reporting Escalation and Continuous Feedback
a) Back testing
4) Quality key indicators / scorecards
d. Capital allocation for risk:
1) Allocation systems
2) Performance measurement

Rel. 1-31-02 Page: 1

 BAI Center for Certification
Certified Risk Professional Program
Common Body of Knowledge (CBOK)

a) Risk adjusted return on capital (RAROC)

b) Economic value added (EVA)
3. Roles & Responsibilities of Risk Manager
a. Provide sufficient training
b. Provide feedback to upper management on changes

H. System of Internal Controls

1. FDICIA Requirements
a. Senior Management Attestation
b. External Audit Assessment / opinion statement
c. Implementation of internal control framework
2. Internal Control Framework
a. Committee of Sponsoring Organizations (COSO):
1) Definition of internal control
2) Internal control elements:
a) Control environment
b) Risk Assessment
c) Control Activities
d) Communication & Information
e) Monitoring
3. Control Community
a. Internal / external audit
b. Business line managers
c. Risk Managers
4. Control Tools
a. Policies & procedures
b. Compliance reviews / loan reviews
c. Self assessments
d. Metrics / Key risk indicators:
1) Loss databases

II FINANCIAL SERVICES RISK MANAGEMENT PRACTICE AND APPLICATION

A. Strategic Risk
1. Key Business Term & Concepts
a. New Products, Businesses, and Mergers & Acquisitions
b. Strategic Planning
c. Forecasting and Budgeting
d. Earnings Volatility
e. Environmental / cultural risks
f. Competitor risk
g. New Technologies / system infrastructure, and Distribution Channels
2. Assessing Strategic Risk
a. Financial Measurements
b. Earnings volatility
c. Peer bank comparative review
d. “What if” calculations
e. Risk Appetite
3. Mitigating Strategic Risk
a. Product review process
b. Policies & procedures
c. Capital budget procedures
d. Project management procedures
e. Exit strategies
f. Senior Board committee responsibility
g. Organization Structure
h. Monitoring of business decisions

B. Reputation Risk
1. Assessing Reputation Risk
2. Mitigating Reputation Risk
a. Monitoring industry issues
b. Code of conduct (ethics)
c. Policies & procedures
d. How this risk interacts with other risks
e. Timely response to problems
f. Company wide standards
g. Corporate culture

Rel. 1-31-02 Page: 2

 BAI Center for Certification
Certified Risk Professional Program
Common Body of Knowledge (CBOK)

h. Service Level Agreements

i. Training
j. Corporate Internal Control Framework
3. Crisis management techniques

C. Credit Risk
1. Key Business Terms & Concepts
a. Credit Modeling
b. Grading
c. Loan classification
d. Life cycle of credit process
e. Credit analysis
f. Rating agencies
g. Types of credit products
h. Counter-party risk
i. Loan loss reserve
j. Country risk
k. Concentrations
2. Assessing Credit Risk
a. Credit Modeling
b. Grading
c. Concentrations
d. Loan classifications
e. Modeling / scoring
f. Agency ratings
g. Delinquencies & defaults
3. Mitigating Credit Risk
a. Concentrations
b. Policies
c. Reserving
d. Credit Analysis
e. Credit risk transfer:
1) Securitization
2) Loan Sales

D. Liquidity Risk
1. Key Business Terms & Concepts
a. Funding / Funding at corporate level
b. Stress-testing
c. Measure
d. Modeling
e. Cost / Cost of Funds
2. Assessing Liquidity Risk
a. Modeling / Measures
b. Stress-testing
c. Regulation D
3. Mitigating Liquidity Risk
a. Saleable assets
b. Liquidity plan
c. Cost / Funding:
1) Outside funding sources
a) Federal Reserve

E. Interest Rate Risk

1. Key Business Terms & Concepts
a. Asset / Liability Management
b. GAP analysis
c. Duration / DGAP analysis
d. Convexity
e. Stress-testing
f. Sensitivity
g. Simulation
h. Optionality
i. Basis Risk
j. Reference Rates / Benchmarking
k. Economic Value of Equity (EVE)
l. Hedging techniques
2. Assessing Interest Rate Risk

Rel. 1-31-02 Page: 3

 BAI Center for Certification
Certified Risk Professional Program
Common Body of Knowledge (CBOK)

a. GAP
b. Sensitivity
c. Stress-testing
d. Interest rate risk exposure
e. Duration / DGAP
3. Mitigating Interest Rate Risk
a. Transfer risk
b. Set policies
c. Set limits
d. Hedging techniques:
1) Futures / Forwards
2) Options
3) Swaps and Other Instruments

F. Market / Price Risk

1. Key Business Terms & Concepts
a. 1996 BIS U.S. Regulators amendments to the risk-based capital guidelines to include market risk
2. Assessing Market / Price Risk
a. VAR
b. Stress-testing
c. Models
3. Mitigating Market / Price Risk
a. Hedging:
1) Futures / Forwards
2) Options
3) Swaps and Other Instruments
b. Limits

G. Trading / Foreign Exchange Risk

1. Key Business Terms & Concepts
a. Futures
b. Country Risk
c. Trading
d. Liquidity
e. Correlation
2. Assessing Trading / Foreign Exchange Risk
3. Mitigating Trading / Foreign Exchange Risk
a. Hedging
1) Futures / Forwards
2) Options
3) Swaps and Other Instruments
4. Crisis management techniques

H. Operating Risk
1. Human Resource Risk
2. Operations Risk
a. Risk categories
1) Processing / Production / Transaction
2) Accounting & Reporting
3) Technology
4) Asset Safeguard
5) Fraud / Theft & Error

I. Regulatory Compliance Risk

1. Safety & Soundness Regulation
a. Key business terms & concepts:
1) Supervision by risk
2) Capital, Asset Quality, Management, Earnings, Liquidity, Sensitivity (CAMELS)
3) Federal Deposit Insurance Corporation Improvement Act (FDICIA)
4) Tier 1 & 2 Capital (covered in section I.)
5) Capital Adequacy
, 6) BSA
b. Assessing:
1) Monitor CAMELS ratings for trends
c. Mitigating
2. Consumer Compliance Regulations

Rel. 1-31-02 Page: 4

 BAI Center for Certification
Certified Risk Professional Program
Common Body of Knowledge (CBOK)

J. Financial Reporting Regulations Related to Trading

a. Key Business Terms & Concepts
1) SEC reporting
2) Call Reporting
3) Generally Accepted Accounting Principals
4) Financial Accounting Standards Board
5) Statement on Auditing Standards
6) Federal Deposit Insurance Corp. Improvement Act
7) Financial Disclosures
8) Segment Reporting
9) Investor Relations
10) Forecasts & projections
11) Risk management disclosure in Annual Report
12) Insider Trading
13) Debit cap self assessment
14) Regulation D reserve requirements
b. Assessing
1) Self assessment
c. Mitigating
1) Training
2) Procedures
3) Variance review with balance sheet
4) External auditor review
5) Internal auditor review
6) Quarterly attestation process / accounting representation letters

Rel. 1-31-02 Page: 5

 BAI Center for Certification
Certified Risk Professional Program
Common Body of Knowledge (CBOK)

References:

Koch, Timothy W. and S. Scott MacDonald. Bank Management, 4 th ed. Fort worth, TX: The
Dryden Press, 2000.

Fraser, Donald R., Benton E. Gup, and James W. Kolari. Commercial Banking: The
Management of Risk , 2 nd ed. Cincinnati, OH: South-Western College Publishing, 2001.

Hempel, George H. and Don G. Simonson. Bank Management: Text and Cases, 5 th ed. New
York, NY: John Wiley and Sons, Inc., 1999.

Van Greuning, Hennie and Brajovic-Bratanovic, Sonja, Analyzing Banking Risk : A Framework
for Assessing Corporate Governance and Financial Risk Management (World Bank
Monograph Series), 2000.

Comptroller’s Handbook, Comptroller’s Handbook for Asset Management, Comptroller’s

Handbook for Compliance from the OCC website (OCC. Treas.gov), November, 2001.

COSO Internal Controls – Integrated Framework

FDIC Improvement Act of 1991, Section 112

Trading and Capital-Markets Activities Manual from website

(www.federalreserve.gov), Federal Reserve System, 1998

This documented updated as of 3/20/2002.

Rel. 1-31-02 Page: 6