ST.

MARY’S UNIVERSITY
SCHOOL OF GRADUATE STUDIES

RISK MANAGEMENT PRACTICE IN THE CASE OF COMMERCIAL

BANK OF ETHIOPIA

BY
AMSALE CHERINET YOHANNES

JUNE 2019
SMU, A.A

i
RISK MANAGEMNT PRACTICE IN THE CASE OF COMMERCIAL
BANK OF ETHIOPIA

BY
AMSALE CHERINET YOHANNES

ADVISOR
DR. WORKNEH KASSA

A THESIS SUBMITTED TO ST. MARY’S UNIVERSITY, SCHOOL OF

GRADUATE STUDIES IN PARTIAL FULFILLMENT OF THE
REQUIREMENTS FOR MBA IN GENERAL MANAGEMENT

JUNE, 2019
SMU, A.A

ii
 ST. MARY’S UNIVERSITY
SCHOOL OF GRADUATE STUDIES
SCHOOL OF BUSSINESS

RISK MANAGEMNT PRACTICE IN THE CASE OF

COMMERCIAL BANK OF ETHIOPIA

BY
AMSALE CHERINET YOHANNES

APPROVED BY BOARD OF EXAMINERS

________________________ __________________
Dean, Graduate Studies Signature

________________________ __________________
Advisor Signature

_______________________ __________________
External Examiner Signature

_______________________ __________________
Internal Examiner Signature

iii
 DECLARATION
I, the undersigned, declare that this thesis is my original work, prepared under the guidance of
Dr. Workneh Kassa. All sources of materials used for the thesis have been duly acknowledged. I
further confirm that the thesis has not been submitted either in part or in full to any other higher
learning institution for the purpose of earning any degree.
Amsale Cherinet Yohannes ______________________

Name Signature

St. Mary‟s University, Addis Ababa, Ethiopia, June 2019

iv
 ENDORSEMENT

This thesis has been submitted to St. Mary‟s University for examination with my approval as a
university advisor.
Dr. Workneh Kassa _______________________

Advisor Signature

St. Mary‟s University, Addis Ababa, Ethiopia, June 2019.

v
 ACKNOWLEDGMENT

I think all who in one way or another contributed in the completion of this thesis. First, I give
thanks to God and his mother, St. Virgin Mary, for protection and ability to do work. Secondly, I
would like to thank my thesis advisor Dr. Workneh Kassa for his guidance, insightful comments
and encouragement throughout the process of conducting this thesis.

I must express my very profound gratitude to my parents and my beloved spouse Daniel
Abraham for providing me with unfailing support and continuous encouragement throughout my
years of study and through the process of writing this thesis. This accomplishment would not
have been possible without them.

Thirdly, I would like to thank the experts who were involved in this study by filling the
questionnaire and provide in valuable documents for the conduct of my thesis.

i
 ABSTRACT

The purpose of this study was assessing the risk management practice including financial and
non-financial risks in the case of commercial bank of Ethiopia. The financial risks are credit,
liquidity, Market and the non-financial risks are operational, Strategic, reputational risk. In
doing this descriptive research design, qualitative research approach was used. Data were
collected from 26 risk department employees, 23 strategic department employees, 15
communication department employees, 20 marketing department employees. The study relied on
primary and secondary data. The primary data collected using questionnaires. The secondary
data collected from NBE guidelines and internets, Data analyzed with descriptive statistics such
as frequencies, Percentage, mean and standard deviation through statistical tool SPSS version
20. The data presented in tables. The study found out that the average mean of all variables are
above the mid-point this indicates that the credit, market, liquidity, operational, strategic and
reputational risk management practice of commercial bank of Ethiopia is at good stage. The
study recommends that the bank or the responsible person think about money market and capital
market in addition to deposit or remittance collection for contingency issue, the bank should
ensure good work place environment and employees satisfaction to minimize reputational risk,
the strategic and reputational risks are highly affect the banks industry so it will be better the
bank consider as a risk type and set rules and regulations.
Keywords: Credit risk. Liquidity risk, Market risk, Operational risk, strategic risk and
reputational risk.

ii
LIST OF ACRONYMS AND ABBRIVATIONS

CBE – Commercial bank of Ethiopia

CP- Contingency plan
ERM- Enterprise risk management
NBE- National bank of Ethiopia
NFR- Non financial risk
VAR- Value at Risk
RAROC- Risk Adjusted Rate of Return

iii
 Table of Contents

DECLARATION ........................................................................................................................... iv

ENDORSEMENT ........................................................................................................................... v

ACKNOWLEDGMENT.................................................................................................................. i

ABSTRACT...................................................................................................................................... ii

LIST OF ACRONYMS AND ABBRIVATIONS ......................................................................... iii

LIST OF TABLES ....................................................................................................................... viii

LIST OF FIGURES ..................................................................................................................... viii

CHAPTER ONE ........................................................................................................................... 1

INTRODUCTION......................................................................................................................... 1

1.1 Background of the Study .................................................................................................. 1

1.2 Statement of Problem ....................................................................................................... 5

1.3 Research Questions .......................................................................................................... 6

1.4 Research Objective ........................................................................................................... 6

1.4.1 General Objective ..................................................................................................... 6

1.4.2 Specific Objective ..................................................................................................... 6

1.5 Significance of the Study ................................................................................................. 7

1.6 Scope of the Study............................................................................................................ 7

1.7 Limitation of the Study .................................................................................................... 7

1.8 Organization of the study ................................................................................................. 7

1.9 Definition of Basic Terms ................................................................................................ 8

CHAPTER TWO .......................................................................................................................... 9

REVIEW OF RELATED LITERATURE.................................................................................. 9

2.1 Theoretical Review .......................................................................................................... 9

iv
2.2 Definition of Risk ............................................................................................................. 9

2.3 Financial risk .................................................................................................................. 10

2.3.1 Credit Risk .............................................................................................................. 10

2.3.2 Liquidity Risk ......................................................................................................... 11

2.3.3 Market Risk............................................................................................................. 12

2.4 Non-Financial Risk ........................................................................................................ 13

2.4.1 Operational Risk ..................................................................................................... 13

2.4.2 Strategic Risk .......................................................................................................... 14

2.4.3 Reputation Risk....................................................................................................... 17

2.5 Risk Management in Banking ........................................................................................ 19

2.5.1 Techniques of Risk Management............................................................................ 20

2.4.2 Rationales for Risk Management in Banking ......................................................... 22

2.6 Basic Elements of Sound Risk Management System..................................................... 23

2.7 Risk mitigation options .................................................................................................. 25

2.7.1 Risk avoidance ........................................................................................................ 25

2.7.2 Risk limitation......................................................................................................... 25

2.7.3 Risk transfer ............................................................................................................ 26

2.7.4 Risk acceptance (Retention) ................................................................................... 26

2.8 Related Theories............................................................................................................. 26

2.8.1 Risk management Theory ....................................................................................... 26

2.8.2 Enterprise Risk Management Theory ..................................................................... 27

2.8.3 Contingency planning Theory................................................................................. 28

2.9 Risk Management process .............................................................................................. 28

2.10 Empirical Literature Review .......................................................................................... 29

2.10.1 Related Empirical Studies in Ethiopia .................................................................... 31

v
 2.10.2 Summary and Knowledge gap ................................................................................ 33

2.11 Conceptual Framework .................................................................................................. 33

CHAPTER THREE .................................................................................................................... 34

RESEARCH METHODOLOGY .............................................................................................. 34

3.1 Research Design ............................................................................................................. 34

3.2 Research Approach ........................................................................................................ 34

3.3 Population and Sample Size ........................................................................................... 35

3.4 Sampling Technique ....................................................................................................... 35

3.5 Types of Data and Instruments of Data Collection ........................................................ 35

3.6 Procedures of Data Collection........................................................................................ 36

3.7 Method of Data Analysis................................................................................................ 36

CHAPTER FOUR ....................................................................................................................... 37

DATA ANALYSIS AND RESULT DISCUSSION .................................................................. 37

4.1 Validity and Reliability Test .......................................................................................... 37

4.2 The General Background of Risk Department Respondents ......................................... 38

4.2.1 Managing Credit Risk ............................................................................................. 40

4.2.2 Managing Liquidity risk ......................................................................................... 42

4.2.3 Managing Marketing risk ........................................................................................ 44

4.2.4 Managing operational risk ...................................................................................... 46

4.3 The General Background of Communication and marketing Department Respondents 48

4.3.1 Reputational Risk Management .............................................................................. 49

4.4 The General Background of Strategic Department Respondents................................... 52

4.4.1 Strategic risk management practice ........................................................................ 55

vi
CHAPTER FIVE ........................................................................................................................ 58

FINDINGS, CONCLUSIONS AND RECOMMENDATION ................................................ 58

5.1 Summary of Major Findings .......................................................................................... 58

5.2 Conclusion...................................................................................................................... 59

5.3 Recommendation............................................................................................................ 60

5.4 Future Research Recommendations ............................................................................... 61

Reference ........................................................................................................................................ 1

Annex 1 ........................................................................................................................................... 4

QUESTIONNAIRE ........................................................................................................................ 4

Annex 2 ........................................................................................................................................... 8

QUESTIONNAIRE ........................................................................................................................ 8

Annex 3 ......................................................................................................................................... 10

QUESTIONNAIRE ...................................................................................................................... 10

vii
 LIST OF TABLES

Table 1 Reliability statistics .......................................................................................................... 38

Table 2 Demographical characteristics of Risk Management Department questionnaire
respondents. .................................................................................................................................. 39
Table 3 Respondents response on Credit risk management practice ............................................ 40
The questionnaire has contained eight questions in order to assess the liquidity risk management
practice of the. The following table summarizes the responses by percentage, mean and standard
deviation. Table 4 Respondents response on liquidity risk management practice. ..................... 42
Table 5 Respondents response on Marketing risk management practice ..................................... 44
Table 6 Respondents response on managing operational risk management practice ................... 46
Table 7 Do you think risk management by the bank is a challenging issue? ............................... 47
Table 8 Demographical characteristics of Reputational Risk management questionnaire
respondents. .................................................................................................................................. 48
Table 9 Respondents response on reputational risk management practice ................................... 49
Table 10 Do you think reputational risk management by the bank is a challenging issue? ......... 52
Table 11 Demographical characteristics of Strategic Risk management questionnaire
respondents. .................................................................................................................................. 53
Table 12 Respondents response on strategic risk management practice ...................................... 55
Table 13 Do you think strategic risk management practice is a challenging issue ....................... 57

LIST OF FIGURES
Figure 1 Risks in Banking......................................................................................................................... 33

viii
ix
 CHAPTER ONE

INTRODUCTION

Chapter one provides the general overview of the study. In this chapter back ground of the study,
statement of the problem, objective (s) of the study, research question, significance of the study,
scope of the study, limitation of the study and organization of the paper are included.

1.1 Background of the Study

In the past decade the world has seen witnessing one of the most shocking financial meltdowns.
The effects of the crisis were pervasive and hit almost every sector of global businesses; one of
the most affected sector was the financial services industry, specially the banking sector
(Adarkwa, 2011).

The financial crisis has led to bank failures that have had a negative impact on the real economy;
therefore, a particular attention to the consequences of financial instability on the economy has
been established (Agnello and Sousa, 2012). Banks and financial institutions offer a diversity of
essential services that are key to the functioning of the global economy and at the sometime like
other business entities (firms), banks face a multitude of risks (Chockalingam et al, 2018).

Business grows mainly by taking risk, greater the risk, higher the profit and hence the business
unit must strike a tradeoff between the two. The essential functions of risk management are to
identify measure and more importantly monitor the profile of the bank (Bhardwaj, 2013) . One of
the goals of risk management is to find an efficient way to mitigate risk so that the bank can have
a tolerable risk level. For each identified risk, risk measurement helps to measure the risk level
and finds the right mitigation approach to protect the bank from taking unsustainable risk
(Skoglund and Chen, 2015).

Risk management in banking involves the process of evaluating the risks faced by a bank and
minimizing the costs accordingly. Although any risk classification is subjective, we can
distinguish, in essence, two major categories for banking risks namely: financial risk that refers
to losses arising from financial variables and operating risks or Non-financial risks concerning
losses arising from variables that have impact on the operations of a business (Banks, 2005).

1
Financial risk is a broad term covering many negative risks related to financing, for instance,
liquidity risk, funding risk, interest rate risk, investment risk, pricing risk, credit risk, and so on.
(CPA Australia, 2006).

Non-Financial (Operational risks ) are summarized as human risks, due to the discussion
that the human error leads to business operations failure. Nevertheless, operational risks
include all risks that incur from organizations‟ internal activities involving people, products or
services Offered, operational systems, and external factors (Global Association of Risk
Professionals, 2011).The strategic and reputational risks are also non-financial. The banking
sector is mainly exposed to liquidity risk, interest rate risk, credit risk, operational risk, strategic
risk and reputation risks (Chatterjee, 2005) .

The previous studies on risk management practices of banks in Ethiopia mainly focused on the
financial risks which is credit, liquidity and market risks and some researchers assessed the
operational risk for example:

Zerga (2016), assessed credit risk management in NIB international Bank s.c. Accordingly the
research found out that credit risk policy and strategy of the bank is not renewed timely, the bank
has no procedure to detect borrowers associated with crime, internal risk rating system is not
utilized to total portfolio and value and also existence of collateral is not checked periodically.

Mulat (2014), conducted research on Liquidity Risk Management Practices at Wegagen Bank
s.c, the analysis showed that the bank has been trying to establish independently organized
liquidity risk management function and establishes asset liability management committee and put
in place policies and limits through they are not effective in dealing with liquidity risks. Despite
the forgoing, the bank has weak management information system and there is a problem in
monitoring and controlling of liquidity risk exposures to the bank.

Mitiku (2015), conducted research on risk management and its impact on financial performance
of commercial banks in Ethiopia. The results of panel data regression analysis showed that credit
risk management indicator, liquidity risk management indicator and operational risk indicator
had negative and statistically significant impact on banks performance. Capital adequacy ratio
had positive statistically insignificant impact on banks performance.

2
Nigussie (2016), assessing determining factors of best risk management practice of Ethiopian
commercial banks. Regarding the hypothesis testing the result of the regression analysis shows
that: Risk assessment and analysis has significant effects on risk management, Risk identification
has insignificant effects on risk management, and risk monitoring has insignificant effects on risk
management. Risk Evaluation has significant effects on risk management. Understanding risk
Management has significant effects on risk management, and Required Policy has significant
effects on risk management.

Ayalew (2014), conducted research on risk management in Ethiopian Private Commercial

Banks. The researcher excludes the government banks so that commercial bank of Ethiopia risk
management practice is not assessed and also the researcher only assessed the financial risks.
The result of the study revealed that all banks have risk management structure in place, they all
developed written policies and procedures for risk management. The study also revealed a
number of risk management weaknesses. There is lack of capacity in understanding risk
management policies and procedures at all level. The most difficulties that banks are currently
facing in managing their risks are weak management information system, lack of competent and
experienced staffs, and lack of exposure to the outside world.

Ephream (2016), conducted research on risk management and its effect on financial performance
of commercial banks in the case of Ethiopian commercial banks. The study focus on credit,
operational, liquidity risk. The results of panel data regression analysis showed that credit risk
management indicator and operation risk management indicator had negative and statistically
significant impact on banks performance. However, liquidity risk management indicator had
negative and statistically insignificant impact on the banks performance

Tibebu (2017), assessed liquidity risk management case study in Bank of Abyssinia. The
findings of the study revealed that the bank experience seasonal fluctuation in the sources of
funds which exposed to liquidity risk. The bank has strong side in preparing strategies,
procedure, measurement & reporting systems. But, limited source of funds and lack of
coordination between departments face the bank to unable to meet short term obligation.

Tesfay (2016), conducted research on credit risk management practice and challenges the case of
commercial banks in Ethiopia. The findings showed that there is deviation on role and
responsibilities of board of director with respect to credit risk management process, lack of

3
accurate, reliable and consistent information or data base system, lack of variety of risk
controlling techniques and poor integration among department‟s are some of the challenges in
credit risk management practice in CBE‟s.

Awgchew (2017), assessed the liquidity risk management practices and challenges of private
commercial banks in Ethiopia. The findings of the study revealed that the liquidity risk
management practices of private commercial banks in Ethiopia is somewhat partially fulfilled
comparing against best principles of Basel. The main challenges most of the private commercial
banks faces as per this study are NBE bill purchase policy imposed on private commercial banks,
financial innovation, global market development and the increasing real time nature of payment
and settlement system.

Aragaw (2016), conducted research on Credit risk management practice in commercial bank of
Ethiopia. The result showed that all of the variables have a positive relationship with credit risk
management practice of the bank and lack of credit data base system, lack of management
information systems, lack of risk adjusting return pricing, lack of limit set on short term, medium
term and long term loans, disregard of portfolio management of government loans, lack of
trailing for staffs, are among the common problems.

In Ethiopia commercial bank of Ethiopia (CBE) play a very important role, since the bank has a
majority customer share, number of branches and many other services, some of which are only
available at this bank. The National Bank of Ethiopia (NBE) believes such growth should be
matched to strong risk management practices. As a result, NBE has revised the risk management
framework in 2010 E.C which was issued in 2003 E.C. This revised document, consistent with
international standards and best practices is expected to provide minimum risk management (risk
identification, measurement, monitoring and control) standards for all banks operating in the
country. It covers the most common and interrelated risks banks are facing namely credit,
liquidity, market and operational risks but this revisited framework still it does not consider
strategic and reputational risks. Therefore, the researcher aim were to assess risk management
practice in commercial bank of Ethiopia both financial, non-financial risks including strategic
and reputational risk management practices of the bank.

4
 1.2 Statement of Problem

Banking business involves several different activity classes for instance, taking deposits, making
loans, underwriting securities, trading, providing brokerage services, providing fiduciary
services, advising on a range of corporate finance issues, offering mutual funds, providing
services to hedge funds, Overall, banking activities create many unique risks, these risks are
related to a bank‟s credits, liquidity, trading, revenues and costs, earnings and solvency issues
(Tursoy, 2018).

Risk management in banks, while clearly important, is complicated by the very nature of banks
and the types of risks that they face. Banks are highly sensitive to fluctuations in the market
(market risk), can suffer defaults on loans (credit risk) and suffer losses due to internal
operational issues (operational risk). In addition to these forms of risk (which have been
extensively studied in the literature), banks also face risk resulting from changes in strategic
decisions and the business environment (e.g. competitors that enter the market or changing
customer demand). This form of risk is typically termed as strategic or business risk. According
to Chockalingam et al. (2018), a concrete example of this risk type is the impact the entrance of
online banks has had on the profitability of existing traditional banks. A bank faces reputational
risk which may be triggered by bank‟s activities, rumors about the bank, willing or unconscious
non-compliance with regulations, data manipulation, bad customer service, bad customer
experience inside bank branches and decisions taken by banks during critical situations
(Gangreddiwar, 2015).

According to Mok and Saha (2017), ignoring strategic risks could place an institution in peril, a
recent study published in the Harvard business review found that strategic risks were the most
damaging type of risk companies faced the analysis found that 86 % of significant losses in
market value over the last decade were caused by strategic risks. According to Adarkwa (2011),
a significant part of many successful companies share price is not made up of tangible asset such
as property and reserves but from the goodwill element. In a paper by the Economist
Intelligent Unit (EIU) 2005 reputation risk is seen as becoming one of the emerging and
increasingly important class of risk on the priority list of most managers.

5
To this end, as per the researcher‟s knowledge previous studies gave more emphasis to four types
of risk (credit, liquidity, market, operational). The operational risk is non-financial risk defined
as the risk of loss resulting from inadequate or failed internal processes, people and systems or
from external events. This definition includes legal risk but excludes strategic and reputational
risk (Basel Committee on Banking Supervision, 2011). There is no study specifically conducted
about strategic risks and reputational risk but theoretically these are considered as bank risk in
different books. Therefore, because of inconsistency on the results or findings and methodologies
on the previous findings about financial risk management practice and also based on the above
theory and empirical studies the researcher decided to assess strategic, reputational, operational
and financial risk management practices in commercial Bank of Ethiopia.

1.3 Research Questions

To address purpose and objectives of the study, the following research questions was exploited.

RQ 1. How the bank manages financial risks?

RQ 2. How the bank manages non-financial (operational) risks?

RQ 3. How the bank manages Strategic risk?

RQ 4. How the bank manages reputational risk?

RQ 3. What are the challenges that the bank facing on the risk management practices?

1.4 Research Objective

1.4.1 General Objective
The main objective of this study was to assess Risk management practices of the commercial
bank of Ethiopia.

1.4.2 Specific Objective

The specific objectives of this study was:

 To assess the financial risk management practices adopted by commercial bank of

Ethiopia.
 To assess operational risk management practices in commercial bank of Ethiopia.
 To assess strategic risk management practices in commercial bank of Ethiopia.

6
  To assess reputational risk management practices in commercial bank of Ethiopia.
 To assess the challenges that the bank is facing in the risk management process.

1.5 Significance of the Study

The main objective of this study was assessment of risk management practices in commercial
bank of Ethiopia. Therefore, the study is expected to provide how the risk management practice
looks like in Commercial Bank of Ethiopia both financial and non-financial risk management
practices. Furthermore, it will be used by other banks in evaluating their operations in identifying
and taking corrective actions about possible risk exposures. The findings of the study can serve
as a reference material for anyone who will undertake further study on the same or related topic.

1.6 Scope of the Study

When we talk about risk management it touches every kind of firm or industry, i.e. financial
industries which are banks, finance houses, investment banks, insurance companies and other
financial intermediaries. This research is focused on assessing the risk management practices of
banking industry specifically in Commercial bank of Ethiopia (CBE) excludes other institutions
and the private owned banks.

1.7 Limitation of the Study

The output of this research is mainly affected on selected bank employees understanding of risk
management practice of the bank, i.e. CBE is currently being changing its old structure, so that
because of this restructuring employees on the trailing place this so the timing of the study is a
limitation for this studies.

1.8 Organization of the study

The paper is organized in five chapters. Chapter one introduces the general overview of the
study. Chapter two is literature review it includes both literature and empirical reviews. The
methodology which was employed for conducting the research is organized in Chapter three. The
analysis and interpretation of the research findings is incorporated in Chapter four. Chapter five,
finally, encloses summary, conclusions, recommendations based on the findings of the study and
further research recommendations.

7
 1.9 Definition of Basic Terms
This part of the report defines and gives the meaning of words / terms and concepts used in this
study. It clarifies the main words / terms as well as relevant concepts as used in this study.
Credit Risk: Credit risk arises from the possibility that borrowers, bond issuers, and counter
parties in derivatives transactions may default.
Liquidity Risk : define as the unexpected raise in withdrawals by depositors that may
pursue banks to liquidate their assets in the shortest time period.

Market Risk: This risk is linked to the change in assets value due to systematic factors.
The market risk in banks emerges from different sources including securities
portfolios, instruments and equities or in shape of interest rate or foreign exchange risk.

Operational Risk: the risk of loss resulting from inadequate or failed internal processes, people
and systems or from external events.

Strategic Risk: is a function of how poorly a strategy will perform if the „wrong‟ scenario
occurs.

Reputational Risk: risk is associated with the trusts and beliefs of customers and other
stakeholders of the banking institutions.

8
 2 CHAPTER TWO

REVIEW OF RELATED LITERATURE

2.1 Theoretical Review
The initial search and review of existing literature helps researchers to generate and refine their
research ideas (Saunders et al, 2012). This chapter reviews the literature on risk management in
banking. It discusses issues on risk management from different perspectives and with the view of
giving a theoretical foundation to the study.

2.2 Definition of Risk

In the simplest words, risk may be defined as possibility of loss. It may be financial loss or loss
to the reputation/ image (Sharma, 2003). Risk is the possibility for danger, negatively unexpected
circumstance to occur (Oxford English Dictionary, 2013). In most of economic publications,
risk refers to the negative deviation from the plan (Maylor, 2010). Ghosh (2015), defines
risk in banks as a potential loss that may occur due to some antagonistic events such as economic
downturns, adverse changes in fiscal and trade policy, unfavorable movements in interest rates or
foreign exchange rates, or declining equity prices. Every business faces risk, some are
predictable and under management's control and some are unpredictable and hence uncontrolled.
We can take risks as an opportunity to get higher returns because higher risks are associated with
higher returns (Mehmood,and Zhang, 2010).

Osborne (2012), has indicated that, “Risks can arise as a result of our business‟s activities or as a
result of external factors such as legislation, market forces, and interest or exchange rate
fluctuations, the activities of others or even the weather. They can be a product of business
environment, the natural environment, and the political or economic climate or of human
inadequacies, failing or errors. The bottom line is that risk may impact on our ability to meet our
business objectives or even threaten the business itself.”

Risk is the deviation of the expected outcome. In one way, risk can be classified as business
risk and financial risk. Business risk arises from the nature of a firm‟s business which relates to
factors affecting the product market. Financial risk arises from possible losses in financial
markets due to movements in financial variables (Jorion, 1996).

9
 2.3 Financial risk
Financial risk management is the task of monitoring financial risks and managing their impact.
It is a sub-discipline of the wider function of risk management and an application of modern
financial theory and practice (Moles, 2016).

According to Raymond (2012), financial risk management is the quality control of finance. It is
a broad term used for different senses for different businesses or things but basically it involves
identification, analyzing, and taking measures to reduce or eliminate the exposures to loss
by an organization or individual.

Banking is the intermediation between financial savers on one hand and the funds seeking
business entrepreneurs on the other hand. As such, in the process of providing financial services,
banks assume various kinds of risk both financial and non-financial. Moreover, this risk inherent
in the provision of their services differs from one product or service to the other (Adarkwa,
2011).

These risks have been grouped by various writers in different ways to develop the frameworks
for their analyses. Crouhy et al. (2006) formulate a different classification of risks in banks that
encompasses credit risk, market risk, liquidity risk, operational risk, business risk, legal risk,
reputation risk and strategic risk.

2.3.1 Credit Risk

Greuning and Brajovic (2009), define credit risk as the chance that a debtor or issuer of a
financial instrument whether an individual, a company, or a country will not repay principal and
other investment-related cash flows according to the terms specified in a credit agreement.
Inherent to banking, credit risk means that payments may be delayed or not made at all, which
can cause cash flow problems and affect a bank„s liquidity. The goal of credit risk management
is to maximize a bank‟s risk-adjusted rate of return by maintaining credit risk exposure within
acceptable parameters .Credit risk includes both the risk that an obligor or counterparty fails to
comply with their obligation to service debt (default risk) and the risk of a decline in the credit
standing of the obligor or counterparty.

Hempel and Simonson (1999), have defined credit risk as the possibility of losses associated
with decrease in the credit quality of the borrower or the counter parties. In the bank's portfolio,

10
losses stem from outside default due to inability or unwillingness of the customer or the counter
party to meet the commitments, losses may also result from reduction in the portfolio value
arising from actual or perceived deterioration in credit quality.

According to Okehi (2014), credit risk is the consequence of borrower‟s refusal or inability to
pay what is owed when required. Credit risk therefore is the exposure faced by a bank as a result
of a borrow default in meeting a debt obligation at maturity. The cumulative effect of these
defaults could result to financial distress of a bank if not managed appropriately. Banks are
therefore expected to maintain their credit risk exposure within acceptable limit by maximizing
their risk adjusted rate of return for the enhancement of their profit.

2.3.2 Liquidity Risk

The second type of risk inherent in banking operation is the Liquidity risk. Liquidity is the ability
of a bank to fund increases in assets and meet obligations as they come due, without incurring
unacceptable losses. The issue of banks transforming short-term deposits into long term loans
makes banks inherently vulnerable to liquidity risk. Liquidity risk is therefore the possibility that
over a specific time period, the bank will become unable to settle obligations with immediacy
(Okehi 2014).

According to Greuning and Brajovic (2009), a bank faces liquidity risk when it does not have the
ability to efficiently accommodate the redemption of deposits and other liabilities and to cover
funding increases in the loan and investment portfolio. These authors go further to propose that a
bank has adequate liquidity potential when it can obtain needed funds (by increasing liabilities,
securitizing, or selling assets) promptly and at a reasonable cost.

Liquidity is the ability of a bank to fund increases in assets and meet obligations as they come
due, without incurring unacceptable losses (BCBS, 2008).

Bessis (2010), however considers liquidity risk from three distinct situations. The first angle is
where the bank has difficulties in raising funds at a reasonable cost due to relating to transaction
volumes, level of interest rates and their fluctuations and the difficulties in funding counterparty.
The second angle looks at liquidity as a safety cushion which helps to gain time under difficult
situations. In this case, liquidity risk is defined as a situation where short-term asset values are
not sufficient to match short term liabilities or unexpected outflows. The final angle from where

11
liquidity risk is considered as the extreme situation. Such a situation can arise from instances of
large losses which creates liquidity issues and doubts on the future of the bank. Such doubts can
result in massive withdrawal of funds or closing of credit lines by other institutions which try to
protect themselves against a possible default. Both can generate a brutal liquidity crisis which
possibly ends in bankruptcy.

2.3.3 Market Risk

Market risk is the risk of losses arising from changes in market risk factors. Market risk can arise
from changes in interest rates, foreign exchange rates, or equity and commodity price factors
(Crouhy et al, 2006). The risk of changes in income of the bank as a result of movements in
market interest rates. Interest rates risk is a major concern for banks due to the nominal nature of
their assets and the asset-liability maturity mismatch (Hasan, I., and Sarkar, 2002).

According to Gangreddiwar (2015), Market risk can be better understood by dividing it into 4
types depending on the potential cause of the risk:

Interest rate risk: Bessis (2002), describes interest rate risk as the risk of deterioration in
the earnings of a bank due to the change in the interest rates. Saunders and Cornett (2008),
highlight that this risk is strongly connected to market risk and an increase in the rate of
interest causes to fall in market values of assets and liabilities.

Equity risk or Commodity risk: This is the risk associated with volatility in stock prices. The
general market risk of equity refers to the sensitivity of an instrument or portfolio value to a
change in the level of broad stock market indices. The specific risk of equity refers to that
portion of a stock‟s price volatility that is determined by characteristics specific to the firm, such
as its line of business, the quality of its management, or a breakdown in its production process
(Crouhy et al,2006)

Currency risk: Potential losses due to international currency exchange rates (closely associated
with settlement risk. This risk arises due to an erratic transition in the foreign exchange rate
resulted into a negative impact on the obligations of banks (Tahir, 2006). Several factors
such as political stability, inflation, public debt, current account deficits and market
speculation may serve to drive the currency down (Ishfaq, 2006).

12
 2.4 Non-Financial Risk
Banks are accustomed to taking on financial risk and generating profit from it. It is the premise
of their business models. But non-financial risk (NFR), weather related to compliance failures,
misconduct, and technology or operational challenges (Kaminski et al, 2016). The following are
non-financial risks:

2.4.1 Operational Risk

Malfunction of the information systems, reporting systems, internal monitoring rules and internal
procedures designed to take timely corrective actions, or the compliance with the internal risk
policy rules result in operational risks (Bessis, 2010).

Moreover, human or technological errors, lack of control to prevent unauthorized or

inappropriate transactions being made, fraud and faulty reporting may lead to further losses
caused by internal process, people and operating system(Medova, 2001).

The operational risk mostly emerges from the inside activities of bank unlike some other
forms of risks like market and credit risk. However, a number of sources of operational
risk come from the external environment such as competitive actions, natural disasters
(such as floods, earthquakes) and terrorist attacks which are largely unpredictable and
uncontrollable by banks (Fayyaz, 2006 ).

According to Basel Committee on Banking Supervision (BCBS) definition, there are four causes
of operational risk which are Process, people, and system or external events.

1. Process risks: such as inefficiencies or ineffectiveness in the various business processes

within the firm. These include value-driving processes, such as sales and marketing, product
development and customer support, as well as value-supporting processes such as IT, HR, and
operations.

2. People risks: such as employee error, employee misdeeds, employee unavailability,

inadequate employee development, and recruitment.

3. Technology (or system) risks: as the system failures caused by breakdown, data quality and
integrity issues, inadequate capacity, and poor project management.

13
4. External risks: such as the risk of loss caused by the actions of external parties (for
example, competitor behavior, external fraud, and regulatory changes) as well as
macroeconomic and socioeconomic.

2.4.1.1 Operational Risk Management Process

According to PWC (2001), operational risk management process sets out the overall procedures
for operational risk management: Controls-definition of internal controls or selection of alternate
mitigation strategy such as insurance, for identified risks. Assessment programs to ensure that
controls and policies are being followed and determines the level of severity. These may include
process flows, self-assessment programs, and audit programs, Measurements of a combination
of financial and non-financial measures, risk indicators, escalation triggers and economic
capital to determine current risk levels and progress toward goals, reporting information for
management to increase awareness and prioritize resources.

2.4.2 Strategic Risk

This risk is one of the most important types of risks in banking activities and related to the
strategic decisions having implications for all other types of risks (Bessis, 2002).

Crouhy et al. (2006), define strategic risk as, “the risk of significant investments for which there
is a high uncertainty about success and profitability”. For instance, increased competition may
lead a bank to offer loans to new subprime customers having poor credit history or a sudden
increase in the interest rate generates a quick fall in the mortgage volumes of banks. Strategic
risk refers to potential losses deriving from top management‟s strategic choices (Tyrell, 2008).

Strategic risk is a possible source of loss that might arise from the pursuit of unsuccessful
business plan. For example, strategic risk might arise from making poor business decisions, from
the substandard execution of decisions, from inadequate resource allocation, or from a failure to
respond well to changes in the business environment (Bussiness, 2014).

Slywotzky and Drzik (2005), define strategic risk as the array of external events and trends that
can devastate a company‟s growth trajectory and shareholder value. Whiles these two authors
consider strategic risk as a sole consequence of external occurrences; other authors look at
strategic risk as the current and prospective impact on earnings and/or capital arising from

14
internal business activities such as adverse business decisions, improper implementation of
decisions, or lack of responsiveness to industry changes. They therefore consider strategic risk
as a function of the compatibility of an organization‟s strategic goals, the business strategies
developed to achieve those goals, the resources deployed against these goals, and the quality of
implementation.

Emblemsvag and Kjolstad (2002), also define strategic risk as risk which arises as a firm pursues
its business objectives either by exploiting opportunities and/or reducing threats. Whichever way
this is considered, strategic risk encompasses a variety of uncertainties which are not financial in
nature, but rather credit or operational related caused by macro-economic factors, industry trends
or lapses in a firm „s strategic choices which affects the firm „s earnings and shareholders „value
adversely. Strategic risks often constitute some of a firm„s biggest exposures and therefore can
be a more serious cause of value destruction.

Slywotzky and Drzik (2005), attempted to identify significant events which contribute to
strategic risk and categorized them into seven main classes. These include industry margin
squeeze, threat of technology shift which has the possibility of driving some products and
services out of the market, brand erosion, emergence of one-of-a-kind competitor to seize the
lion share of value in the market, customer priority shift, and new project failure and market
stagnation. The idea was to provide a framework for assessing a company‟s strategic risks and
develop counter measures to address them. The authors intimate that the key to surviving
strategic risks is; knowing how to assess and respond to them and therefore devoting resources to
it. They also advice management to adjust their capital allocation decisions by applying a higher
cost of capital to riskier projects and to build greater flexibility into their capital structure when
faced with riskier competitive environments.

The organization‟s internal characteristics must be evaluated against the impact of economic,
technological, competitive, regulatory, and other environmental changes. An effective strategic
risk management approach should embrace both the upside and downside of risk. It should seek
to counter all losses, both from accidents and from unfortunate business judgments, and seize
opportunities for gains through organizational innovation and growth. Seizing upside risk
involves searching for opportunities and developing plans to act on these opportunities when the
future presents them. Countering downside risk on the other hand is done by reducing the

15
possibility of occurring (probability) and scope (magnitude) of losses; and financing recovery
from these losses (Herman and Head, 2002).

2.4.2.1 Sources of Strategic Risk

In a business setting, managers must be sensitive to conditions that can cause specific
categories of risk to become dangerous. These conditions are a function of the business
strategy chosen by top managers. To effectively manage their business, all managers must assess
strategic risk an unexpected event or set of conditions that significantly reduces the ability of
managers to implement their intended business strategy. we consider three basic sources of
strategic risk that potentially affect every business: operations risk, asset impairment risk,
and competitive risk. If the magnitude of any of these risks becomes sufficiently large, the firm
becomes exposed to franchise risk (Simons, 1999).

2.4.2.2 Managing Strategic Risk

According to Lam, (2016) managing strategic risk includes:

Strategic Planning and Review

The start of the strategic risk management process is strategic planning. There are several
management frameworks that companies can choose from to plan out their strategy. They ma y
begin by analyzing their strengths, weaknesses, opportunities, and threats (SWOT) to determine
where best to focus new initiatives.

Risk Appetite

For strategic risks, the risk appetite metrics typically are defined through the potential impact on
earnings or enterprise value arising from adverse business decisions or lack of responsiveness to
industry changes.

Determining the Optimum Risk Profile

Although risk always takes the form of a bell curve, not all bell curves are alike.

16
Risk-Based Pricing Decisions

As discussed earlier, the most effective way for companies to ensure an appropriate return on the
risks that they are willing to accept is to incorporate the cost of risk into their pricing
methodologies.

Risk Transfer

Relative to its strategic risk profile and risk appetite, a company may find risk exposures
resulting from its M&A activities or core operations that are considered too concentrated or
inefficient to retain.

Scenario Analysis

Another useful strategic risk management tool is scenario analysis. A scenario analysis is a top-
down, “what-if” analysis that measures the impact that a certain event (or combination of events)
will have on the enterprise.

Developing Key Risk Indicators

The development of effective KRIs is a key challenge for most companies.

Integrated Performance and Risk Monitoring

ERM should focus on mitigating downside risk (i.e., worst-case performance) and also help
management optimize overall risk-return trade-offs.

2.4.3 Reputation Risk

Reputational risk refers to exposure to losses stemming from reputational impairment. The
reduced reputation may be due to perceived incompetence, negligence or misconduct of the
institution (Tyrell, 2008).

According to Basel (2009), reputation risk is the possibility of losses emerging from a negative
perception on the side of customers, depositors, counter parties, market analysts, investors,
shareholders, regulators and other concerned parties. This risk can have an unfavorable impact
on banks‟ ability to sustain existing or to develop new business affairs in order to maintain a
continuous source of funding (Ishfaq, 2006).

17
Reputational risk is multidimensional and reflects the perception of other market participants
Furthermore, it exists throughout the organization and exposure to reputational risk is essentially
a function of the adequacy of the bank‟s internal risk management processes, as well as the
manner and efficiency with which management responds to external influences on bank-related
transactions (Adarkwa, 2011).

2.4.3.1 Sources of Reputational Risk

According to Adarkwa (2011), the biggest threat to reputation is seen to be a failure to comply
with regulatory/legal obligations governing corporate conduct. However, the perception that an
organization is unable to manage such risks can plant doubt in the minds of its partners, clients
and regulators, diverting potential business elsewhere and causing a more intrusive and costlier
regulatory stance. These are the ultimate benchmarks against which conduct is measured and can
be the origins of key reputational losses.

2.4.3.2 Valuing Reputational Risk

Lerbinger (1997), argues that the “erosion of a company‟s reputation is the greatest danger of a
crisis.” In terms of vulnerability to reputational risk, it is important to note that not all firms are
alike in their reputation-sensitivity. There is a general consensus among reputational risk
specialists that financial firms are more reputation-sensitive than non-financial companies. One
reason for this may be that clients‟ switching and contracting costs are generally lower for
financial firms, and thus they are particularly open to the discipline of the markets. As well,
given that companies in the financial markets are operating with other people‟s money, they may
be especially sensitive to any wavering of confidence in their brand. For the majority of
enterprises, it is seen as the most critical risk, as reputation is becoming a key source of
competitive advantage as products and services become less differentiated. While firms today
recognize the value of brand definition as competitive advantage in the marketplace, reputation
remains an often underestimated component of a company‟s value(Adarkwa, 2011).

2.4.3.3 Reputational risk management framework

According to reputation institute consultancy there are seven dimensions:

 Product – the organization offers products that are high quality, offer products and
services that are of good value of money, meets customer needs.

18
  Innovation- the organization is innovative and brings new products to market.
 Work place – offer equal opportunities in the work place.
 Governance – the organization is open and honest in the way it does business.
 Citizenship – the organization is environmentally responsible, has appositive influence
on society.
 Leadership – the organization has a clear vision for its future, has a strong and appealing
leader.
 Performance – the organization delivers strong financial results that will ensure that the
company is around for years to come.

2.5 Risk Management in Banking

The essential functions of risk management are to identify measure and more importantly
monitor the profile of the bank. While Non-Performing Assets are the legacy of the past in the
present, risk management system is the pro-active action in the present for the future. (Bhardwaj,
2013).

State Bank of Pakistan (2003), describes the risk in banking institutions as: the possibility that
the outcome leader of an action or event could bring up adverse impacts. Such outcomes could
either result in a direct loss of earnings / capital or may result in imposition of constraints on
bank‟s ability to meet its business objectives.

Managing risk is nothing but managing the change before the risk manages. When we use the
term “Risk”, we all mean financial risk or uncertainty of financial loss. If we consider risk in
terms of probability of occurrence frequently, we measure risk on a scale, with certainty of
occurrence at one end and certainty of non-occurrence at the other end. Risk is the greatest where
the probability of occurrence or non-occurrence is equal (Bhardwaj, 2013).

The objectives of risk management include the minimization of foreign exchange losses,
reduction of the volatility of cash flows, protection of earnings fluctuations, and increment in
profitability and assurance of survival of the firm (Fatemi and Glaum, 2000).

Risk management evolved from a strictly banking activity, related to the quality of loans, to a
very complex set of procedures and instruments in the modern financial environment. It
underscores the fact that the survival of an organization depends heavily on its capabilities to

19
anticipate and prepare for the change rather than just waiting for the change and react to it
(Adarkwa, 2011).

Risk management can be regarded as an active, strategic, and integrated process that
encompasses both the measurement and the mitigation of risk, with the ultimate goal of
maximizing the value of a bank, while minimizing the risk of bankruptcy (Schroeck, 2002).

Bessis (2010), also adds that in addition to it being a process, risk management also involves a
set of tools and models for measuring and controlling risk. Risk is inherent in any walk of life
and can be associated with every human decision-making action of which the consequences are
uncertain.

Bank‟s overall financial soundness can be measured only by adopting a strong risk management
process communicating concise risk management standards to all concerned officials through
adequate policies, directives, operating procedures and training programs (Alma&Masukujjaman,
2011).

According to Stoneburner (2004), Risk management encompasses three processes: Risk

assessment, risk mitigation, evaluation and assessment. The risk assessment process includes
identification, evaluation of risk impact and recommendation of risk reducing measures.
Secondly, risk mitigation involves prioritizing, maintaining and implementing the
appropriate risk reducing controls recommended by the risk assessment process. Lastly, the
evaluation and assessment process emphasize on the continual evaluation process and the key
factors for a successful risk management program.

2.5.1 Techniques of Risk Management

A. GAP Analysis

It is an interest rate risk management tool based on the balance sheet which focuses on the
potential variability of net-interest income over specific time intervals. In this method a maturity/
re-pricing schedule that distributes interest sensitive assets, liabilities, and off-balance sheet
positions into time bands according to their maturity (if fixed rate) or time remaining to their
next re-pricing (if floating rate), is prepared. These schedules are then used to generate indicators
of interest-rate sensitivity of both earnings and economic value to changing interest rates (Alam
& Masukujjaman, 2011).

20
The information on GAP gives the management an idea about the effects on net-income due to
changes in the interest rate. Positive GAP indicates that an increase in future interest rate would
increase the net interest income as the change in interest income is greater than the change in
interest expenses and vice versa (Cumming et al. 2001).

B. Value at Risk (VAR)

Value at risk is a quantitative tool to measure the market risk. VAR is widely used by almost all
the famous financial institutions including banks, hedge funds and private equity firms to
measure risk. In the last decade, VAR has becomes the established measure of risk exposure in
financial service firms and has even begun to find acceptance in non-financial service firms.
Although there are also some other risk measuring techniques, but VAR is one of the best risk
measurement tools (Mehmood and Zhang, 2010).

The Value at Risk (VAR) indicates how much a firm can lose or make with a certain probability
in a given time horizon. VAR summarizes financial risk inherent in portfolios into a simple
number and also it incorporates many other risks like foreign currency, commodities, and
equities (P. Jorion, 2001)

C. Risk Adjusted Rate of Return on Capital (RAROC)

It gives an economic basis to measure all the relevant risks consistently and gives managers tools
to make the efficient decisions regarding risk/return tradeoff in different assets. As economic
capital protects financial institutions against unexpected losses, it is vital to allocate capital for
various risks that these institutions face. Risk Adjusted Rate of Return on Capital (RAROC)
analysis shows how much economic capital different products and businesses need and
determines the total return on capital of a firm (Crouhy et al. 2001).

D. Securitization
It is a procedure studied under the systems of structured finance or credit linked notes.
Securitization of a bank‟s assets and loans is a device for raising new funds and reducing bank‟s
risk exposures. The bank pools a group of income-earning assets (like mortgages) and sells
securities against these in the open market, thereby transforming illiquid assets into tradable asset
backed securities. As the returns from these securities depend on the cash flows of the underlying

21
assets, the burden of repayment is transferred from the originator to these pooled assets
(Alam&Masukujjaman, 2011).

E. Sensitivity Analysis
It is very useful when attempting to determine the impact, the actual outcome of a particular
variable will have if it differs from what was previously assumed. By creating a given set of
scenarios, the analyst can determine how changes in one variable(s) will impact the target
variable (Alam & Masukujjaman, 2011).

F. Internal Rating System

An internal rating system helps financial institutions manage and control credit risks they face
through lending and other operations by grouping and managing the credit-worthiness of
borrowers and the quality of credit transactions (Alam &Masukujjaman, 2011).

2.4.2 Rationales for Risk Management in Banking

In this section, the case for active risk management at the individual firm level is made from a
number of perspectives, including that of shareholders, debt holders, customers, managers, and
regulators. Overall, a strong case for risk management, resting on a number of market
imperfections becomes apparent. This suggests why, even though in stylized, perfect markets
risk management would be irrelevant, empirically, most financial institutions take risk
management very seriously (Tyrell, 2008).

The main aim of management of banks is to maximize expected profits taking into account its
variability/volatility (risk). This calls for an active management of the risk in order to get the
desired results. Risk management is therefore an attempt to reduce the volatility of profit, which
has the potential of lowering the value of shareholders‟ wealth. Various authors including Smith
et al (1990) and Froot et al (1993), have offered reasons why managers should concern
themselves with the active management of risks in their organizations

In the financial universe, risk and return are two sides of the same coin. It is easy to lend and to
obtain attractive revenues from risky borrowers. The price to pay is a risk that is higher than the
prudent bank‟s risk. The prudent bank limits risks and therefore, both future losses and expected
revenues, by restricting business volume and screening out risky borrowers. The prudent bank
avoids losses but it might suffer from lower market share and lower revenues. However, after a

22
while, the risk taker might find out that higher losses materialize, and obtain an ex post
performance lower than the prudent lender performance (Bessis, 2002).

Those banking institutions that actively manage their risks have a competitive advantage. They
take risks more consciously, they anticipate adverse changes, they protect themselves from
unexpected events and they gain the expertise to price risks. The competitors who lack such
abilities may gain business in the short term. Nevertheless, they will lose ground with time, when
those risks materialize into losses (Ayalew, 2014).

According to Oldfield and Santomero (1995), recent review of the literature presents four main
rationales for risk management. These include managers‟ self-interest of protecting their
positions and wealth in the firm. It is argued that due to their limited ability to diversify their
investments in their own firms, they are risk averse and prefer stability of the firm‟s earnings to
volatility. This is because, all things being equal, such stability improves their own utility.
Beyond managerial motives, the desire to ensure the shouldering of lower tax burden is another
rationale for mangers to seek for reduces volatility of profits through risk management. With
progressive tax schedule, the expected tax burden is reducing when income smoothens therefore
activities which reduce the volatility of reported taxable income are pursued as they help enhance
shareholders‟ value.

According to Adarkwa (2011), this undesirable outcome encourages managers to actively

embark upon volatility reducing strategies, which have the effect of reducing the variability of
earnings. It is believed that any of the above mentioned rationales is sufficient to motivate
management to concern itself with risk and embark upon a careful assessment of both the level
of risk associated with any financial product and potential risk mitigation techniques.

2.6 Basic Elements of Sound Risk Management System

The risk management guidelines are arranged by the risk category and designed to give a
brief overview of all the important actions which might be required from the banking
institutions. The principles incorporated in this set of guidelines are intended to integrate
the existing risk management standards released by the Basel Committee (Tahir, 2006).

According to NBE guideline sound risk management system of each bank should at least contain
the following elements:

23
 A. Board and senior Management oversight

Board of directors have ultimate responsibility for the level of risk taken by their banks. All
members of board of directors are responsible for understanding the nature of the risks
significant to their organizations and for insuring that the management is taking the steps
necessary to identify, measure, monitor and control these risks.

B. Senior management oversight

Senior management is responsible for implementing strategies in a manner that limits risks
associated the banks activities. Senior management is also responsible for establishing and
communicating a strong awareness of and need for effective internal control and high ethical
standards

C. Policies and procedures

The board of directors and senior managements should tailor their risk management policies and
procedures to the types of risks that arise from the activities of the bank. While all banks should
have policies and procedures that address their significant activities and risks.

D. Measurement, Monitoring and Control

Effective risk monitoring requires banks to identify and measure all material risk exposures.
Consequently, risk monitoring activities must be supported by information systems that provide
senior managers and directors with timely and accurate reports on the financial condition,
operating performance and risk exposure of the bank on consolidated basis.

E. Internal control

The banks internal control structure is critical to the safe and sound functioning of the bank.
Establishing and maintaining an effective system of control, including the enforcement of
official lines of authority and the appropriate separation of duties is one of managements more
important responsibilities. When properly structured, a system of internal controls promotes
effective operations and reliable financial and regularly reporting, safeguards assets and helps
to ensure compliance with relevant laws, regulations and institutional polices.

24
 F. Risk manager

At the organizational level, overall risk management should be assigned to an independent risk
manager that preferably reports directly to the board risk management committee. The risk
manager must be sufficiently independent of the business lines in order to ensure an adequate
separation of duties and the avoidance of conflicts of interest. The risk manager takes full
responsibility for evaluating the overall risks faced by the bank and determining the level of risks
that shall be in the best interest of the bank.

G. Contingency Planning

Contingency planning is an essential component of effective risk management. The process starts
with the assumption that unexpected event can occur at any time and as banks develop their
various risk management systems, they are expected to give due consideration to the occurrence
of such an unexpected event.

2.7 Risk mitigation options

According to Melissa (2013), risk mitigation can be achieved through any of the following risk
mitigation options:

2.7.1 Risk avoidance

Risk avoidance is the opposite of risk acceptance. It is the action that avoids any exposure to the
risk whatsoever. Risk avoidance is usually the most expensive of all risk mitigation options. An
extreme way of managing risk is to avoid it altogether. This can be done by not undertaking the
activity that entails risk. For example, a bank may decide not to lend to a particular industry
because the risk involved exceeds its risk bearing capacity. This should be used as an exception,
as avoiding risks means losing out on the potential gains that accepting (retaining) the risk may
have allowed. In other words, not entering business to avoid the risk of loss also avoids the
possibility of earning profits.

2.7.2 Risk limitation

Risk limitation is the most common risk management strategy used by business. This strategy
limits a company‟s exposure by taking some action. It is a strategy employing a bit of risk

25
acceptance along with a bit of risk avoidance or an average of both. It refers to the attempt to
reduce either the possibility (probability/frequency) of a loss or the quantum (magnitude/impact)
of loss. This is done by making adjustments in the day to day business activities.

2.7.3 Risk transfer

Risk is transferred when the bank is originally exposed to transfer it to another party, which is
willing to bear the risk. This may be done in three ways:

 The first is to transfer the asset itself. For example, a bank may like to transfer loan asset
A long with credit risk to another party, and thereby transfer the risk involved in it.
 The second way is to transfer the risk without transferring the title of the asset or liability.
This may be done by hedging through various derivative instruments like Forwards,
Futures, Swaps and options.
 The third way is through arranging for a third party to pay for losses if they occur,
without transferring the asset itself, for example, insurance.

2.7.4 Risk acceptance (Retention)

Risk acceptance does not reduce any effects however it is still considered a strategy. This
strategy is a common option when the cost of other risk management options such as avoidance
or limitation may outweigh the cost of the risk itself. A company that does not want to spend a
lot of money on avoiding risks that do not have a high possibility of occurring will use the risk
acceptance strategy.

2.8 Related Theories

2.8.1 Risk management Theory
Risk management model consists of risk identification, risk assessment and prioritization of risks
followed by coordinated and economical application of resources to minimize, monitor, and
control the probability and/or impact of unfortunate events or to maximize the realization of
opportunities (wenk, 2005). The strategies to manage risk typically include transferring the risk
to another party, avoiding the risk, reducing the negative effect or probability of the risk, or even
accepting some or all of the potential or actual consequences of a particular risk.

According to Dorfman (2007), ensuring that an organization makes cost effective use of risk
management first involves creating an approach built up of well- defined risk management and
26
then embedding them. These risk managements include financial risk management, operational
risk management, governance risk management, and strategic risk management.

The state bank of Pakistan (2003), in its risk management guideline for commercial banks has
claimed that, the risk management activities takes place at different hierarchical levels.
Hence, it has indicated the following hierarchical levels of risk management activities in every
financial institution.

I) Strategic level: at this level risk management functions performed by senior management and
BOD. For instance definition of risks, establishing institutions risk appetite, formulating
strategy and policies for managing risks and establish adequate systems and controls to ensure
that overall risk remain within acceptable level and the reward compensate for the risk taken.

II) Macro Level: This level incorporates risk management within a business area or
across business lines and all risk related activities performed by middle management or units
dedicated to risk reviews fall into this category.

III) Micro Level: It involves “On-the-line” risk management where risks are actually
created. The risk management in those areas is confined to following operational procedures and
guidelines set by management.

2.8.2 Enterprise Risk Management Theory

According to Tseng (2007), Enterprise Risk Management (ERM) is a framework that focuses on
adopting a systematic and consistent approach to manage all of the risks confronting an
organization.

In conducting ERM, the following are listed as some of the areas or aspects of the organization
that a risk manager need to look into namely: the people, intellectual assets, brand values,
business expertise and skills, principle source of profit stream and the regulatory environment
(Searle, 2008).

The main advantage of ERM over traditional risk management is the management of all risk
types together instead of using the older silo approach. By integrating decision making across all
risk types, firms can exploit natural hedges, thus avoiding the costs of the duplication of risk
management. Firms engaged in ERM should have a better understanding of the aggregated risk

27
of different business activities, providing them with a more objective basis for resource
allocation. This will improve return on equity (ROE) and capital efficiency (Meulbroek, 2002).

ERM provides a framework which combines all risk management activities, facilitating the
identification of interdependencies between risks. Thus an ERM strategy aims to reduce
volatility by preventing aggregation of risk across different sources(Hoyt, R. E., and Liebenberg,
2011).Enterprise risk management (ERM) was developed because the traditional form of risk
management did not produce effective results (Lam, 2000). COSO (2004), developed an ERM
Integrated framework to help organizations evaluate and improve their ERM.

COSO defines ERM with the following definition:

“Enterprise risk management is a process, effected by an entity‟s board of directors, management

and other personnel, applied in strategy setting and across the enterprise, designed to identify
potential events that may affect the entity, and manage risk to be within its risk appetite, to
provide reasonable assurance regarding the achievement of entity objectives”. The main
objective of ERM is to help management to deal with uncertainties and the associated risks and
opportunities in the process of creating value.

2.8.3 Contingency planning Theory

According to Hinson and Kowalski (2008), Contingency planning (CP) also known as business
continuity planning is a crucial element of risk management. The fundamental basis of
contingency planning (CP) is that, since all risks cannot be totally eliminated in practice, residual
risks always remain.

2.9 Risk Management process

The banking industry is no doubt a regulated sector as a result of the riskiness of its operation.
Consequently, risk management in banks is fast becoming a discipline that every participants and
players in the industry need to align with.

According to NBE guideline (2010), the risk management process are:

A. Risk Identification

Before taking any meaningful action to address our risk, risks must first be identified. Almost
every product and service offered by banks has a unique risk profile composed of multiple risks.

28
In order to properly manage risks, an institution must recognize and understand risks that
may arise from both existing and new business initiatives.

B. Risk Measurement

Once risks have been identified, they should be measured in order to determine their
impact on the banking institution‟s profitability and capital. This can be done using various
techniques ranging from simple to sophisticated models.

C. Risk Control

After measuring risk, an institution should establish and communicate risk limits through
policies, standards, and procedures that define responsibility and authority. These limits should
serve as a means to control exposure to various risks associated with the banking
institution‟s activities.

D. Risk Monitoring

Institutions should put in place an effective management information system (MIS) to monitor
risk levels and facilitate timely review of risk positions and exceptions. Monitoring reports
should be frequent, timely, accurate, and informative and should be distributed to appropriate
individuals to ensure action, when needed.

2.10 Empirical Literature Review

This section provides a summary of some of the published work on the management of risks by
banks. Agyepong (2015), conducted research on credit risk management practices of
Agricultural development bank limited. The study employed a qualitative descriptive approach in
its research methodology. The Head of Credit of ADB, head office, served as the respondent for
the study. The credit portfolio of ADB from the years 2012 to 2014 also served as a key source
of data for the study. The findings of the study proved that ADB has a good credit risk
management practices which is being reflected in its loan granting, evaluation and monitoring
processes. Per the findings of the study, loan applicants are assessed by credit officers based on
their capacity, character, capital, conditions and collateral which is popularly referred to as the
five C‟s of credit. The study concludes that to a greater extent ADB Bank Ltd has good credit
risk management practices that ensure a considerable level of profitability. The study therefore

29
recommended the need for the training of credit officers on better ways of assessing the
creditworthiness of clients in order to reduce the rate of repayment defaults among clients.
Further the study recommended the need for management of ADB to come up with a policy that
will ensure the disbursement of current loans whiles cutting down drastically the approval of
loans which have the potency of becoming doubtful or loss to the bank.

Adarkwa (2011), conducted research on risk management and bank performance a case study of
first Atlantic merchant bank Ghana limited ((FAMBL) with the aim of evaluating the bank „s
risk profile as well as assessing its risk management framework to ascertain its soundness and
conformity to international best practices. This study also investigates whether efficient risk
management translate into enhanced performance of banks. It combines and further develops
relevant previous findings from two major areas of research: risk management, enterprise risk
management (ERM), and their effect on bank performance. Analytical based approaches were
adopted in assessing the risk condition of FAMBL. By applying analytical tools such as ratios,
tables and charts, to the bank„s 2010 financial statements, and those of years 2009 and 2008
serving as references for comparison. Trends and relationships in the financial statements and
other financial data were also established. The study also revealed that FAMBL had a fairly
adequate risk management structures to ensure sound management of financial and operational
risks. There was an appropriate environment in place for managing risk, in that; the governance
structure was solid with clear obligations and lines of authority set out.

Hosna et al. (2009), describe the impact level of credit risk management on profitability in four
commercial banks in Sweden. The study is limited to identifying the relationship of credit risk
management and profitability of four commercial banks in Sweden. The data is collected from
the sample banks annual reports (2000-2008) and capital adequacy and risk management reports
(2007-2008). The findings and analysis reveal that credit risk management has effect on
profitability in all 4 banks. Among the two credit risk management indicators, NPLR has a
significant effect than CAR on profitability (ROE). The analysis on each bank level shows that
the impact of credit risk management on profitability is not the same.

30
Masenene (2015), assessed the effectiveness of operational risk management among Tanzanian
financial institutions the case study of selected Banks in DarEs Salaam. It was found that
operational risks policies, procedures and instruments are there in financial banks though to some
extent they are not effectively managed. Also methods used to manage operational risks were
not well implemented. Awareness of bankers on principles guiding operational risks was found
to be minimal among them. The results revealed that most of the respondents proved that
operation risk management in Tanzanian financial institutions were found not well implemented.
The study concluded that there were a lot of weaknesses in management of DOR including lack
of strong risk management departments, weak rules and principles, unimplemented policies and
biasness in the implementation of compensation. The study recommended a need for strong risk
control departments, training and availability of insurance that are active in organizations.

2.10.1 Related Empirical Studies in Ethiopia

The following section will present related studies conducted by different researchers in Ethiopia.

Fekadeselassie (2015), conducted research on Risk Management Practice of Ethiopian

Commercial Banks. The aim of this paper is to analyze the effectiveness of risk management
practice of commercial banks operating in Ethiopia. The main conclusions of the paper are: risk
managers perceive risk management as critical to their banks performance; the types of risks
causing the greatest exposures are credit risk, operational risk, liquidity risk, interest rate risk and
foreign exchange risk; there was a reasonable level of success with current risk management
practices and, banks are utilizing some of the approaches/techniques traditionally used to manage
risks. Overall, the findings suggest that banks operating in Ethiopia are indeed risk-focused.
Some recommendations were made and prominent amongst them were that banks should give
emphasis on staff training in the area of risk management and they must make risk visible,
measurable and manageable and ensure a meaningful risk culture throughout all processes and
activities.

Nigussie (2016), assessed determining factors of Best Risk Management Practice based on
fifteen commercial banks operating in Ethiopia. For this study there are six independent
variables: understanding risk and risk management (URM), risk assessment and analysis (RAA),
risk identification (RI), risk monitoring (RM), Risk Evaluation (RE), required policy in place
(RP) and one dependent variable, RMP. So regression model was applied to analyze the impact
31
of independent variables on dependent variables. From the analysis it was concluded that there
were five variables which have positive significance impact on the dependent variable RMP.

Awgchew (2017), the main purpose of this study was to assess the liquidity risk management
practices and challenges of private commercial banks in Ethiopia. To deal with the problem,
fundamental research questions were formulated weather banks are managed liquidity risk in
accordance with Basel principles or not. Moreover, liquidity risk exposures of each banks
performance were reviewed during this study. The findings of the study revealed that the
liquidity risk management practice of private commercial banks in Ethiopia is somewhat
partially fulfilled comparing against best principles of Basel. There are no standardized and
centralized liquidity risk management practices which can able to address the basic principles for
managing liquidity risk. The main challenges most of the private banks faced as per this study
are NBE bill purchase policy imposed on private commercial banks, financial innovation and
global market development and the increasing real time nature of payment and settlement
system. Moreover, all private commercial banks liquidity position has been deteriorated from
year to year and banks should work hard to overcome the problem. Finally, the study was
recommending that banks should improve or upgrade their liquidity risk management system in
crucial elements of liquidity risk management and they should also diversify their source of fund
and actively monitor their intraday liquidity position in order to meet their business objectives.

Aragaw (2016), assessed the level of credit risk management practice in commercial bank of
Ethiopia. The independent variables was establishment of an appropriate credit risk environment,
operating under sound credit granting process, maintaining an appropriate credit administration,
measurement and monitoring process and ensuring adequate control over credit risk and the
dependent variable was credit risk management practice. The overall finding shows that the
credit risk management practice is highly and positively related with establishment of
appropriate credit risk environment.

Firew (2012), this study assessed the operational risk factors and its impact in banks performance
the case of commercial banks in Ethiopia. The researcher used mixed research design (qualitative
and quantitative). The findings showed that there is a positive correlation coefficients between
the operational risk effect and operational risk factors, business disruption and system failure
have strong and positive relation with operational risk and finally the researcher tells us majority

32
of respondents were positively responded to the board approval of operational risk policies and
procedures of the banks.

2.10.2 Summary and Knowledge gap

There are limited studies providing empirical evidence to the risk management practices of
commercial banks in Ethiopia. However, as per the researcher knowledge no study is conducted
to see risk management practices of commercial banks related with strategic and reputational
risks almost all previous studies focused on financial risks which means Credit risk, Liquidity
risk, Market and Operational risk. Operational risk is nonfinancial risk but excludes strategic and
reputational risk. Theoretically, there are financial and non-financial risks in banks. So that this
study were aimed to fill the gap in the literature by focused on the nonfinancial risks
(operational, Strategic and Reputational risk) management practice and in addition to this the
researcher assessed the financial risks in commercial bank of Ethiopia.

2.11 Conceptual Framework

Figure 1 Risks in Banking

CREDIT RISK
BANK RISK

LIQUIDITY RISK

MARKET RISK

REPUTATIONAL RISK

STRATEGIC RISK

OPERATIONAL RISK

Source: Chatterjee, 2005

33
 3 CHAPTER THREE
RESEARCH METHODOLOGY
This chapter describes the research methodology was adopted to serve the objectives of the study
in a planned manner and also deals about research design, sampling and sampling techniques,
data collection instruments, data collection procedures and the method of data analysis. The
methodology used to meet the requirement of data and analysis has been discussed in this
chapter.

3.1 Research Design

Once the problem or opportunity identification and definition stage is complete, the process of
research design begins. Planning the research design is a crucial step in the research design
process. A research design is the actual framework of a research that provides specific details
regarding the process to be followed in conducting the research. The research is designed based
on the objectives formulated during the initial phases of the research (Sreejesh, 2014).

In this case to achieve the objectives of the study the researcher used descriptive design. In doing
so, the study was intend to describe and interpret the existing facts about risk management
practices in commercial bank of Ethiopia. A descriptive study tries to discover answers to the
questions who, what, when, where, and, sometimes, how (Cooper and Schindler, 2014).

3.2 Research Approach

The investigator has to decide about the types and combinations of research forms that best serve
the goals of the study. Broadly speaking, there are two main domains of research frequently
observed in the literature and these include Quantitative and Qualitative research (Adams,
2007).This study is qualitative it employs methods of data collection and analysis that are non-
quantitative, aims towards the exploration of social relations, and describes reality as
experienced by the respondents.

34
 3.3 Population and Sample Size

A population is the total collection of elements about which we wish to make some inferences
(Cooper, 2014). The population of this study were Commercial Bank of Ethiopia. The next step
is defining target population this is a crucial step, as the sampling frame would be drawn after the
target respondents are defined. The target population of this study were risk department, strategic
department, marketing and communication department these target groups were chosen based on
the fact that they were direct relation to the title and knowledgeable in that area. In Commercial
Bank of Ethiopia there are 26 employees in the risk department, 23 employees in the strategic
department and 15 employees in the Communication department and 20 employees in the
marketing department. So for this research all employees from the selected departments were
used.

3.4 Sampling Technique

According to Adams (2007), there are two basic sampling techniques: probability and non-
probability sampling, for this study purposive sampling technique was used from non-probability
sampling technique to select the targeted departments. The targeted departments were Risk
department, strategic department, communication and marketing department employees and
census method were used because all employees from each department selected for this study.

3.5 Types of Data and Instruments of Data Collection

According to Khan et al. (2007), there are two types of data: qualitative and quantitative.
Qualitative data are numerically non-measurable aims to achieve an in-depth understanding of a
situation; quantitative data can be measured numerically.

Cooper (2014), argues that qualitative research draws data from a variety of sources, for instance
People (individuals or groups), organizations or institutions, texts (published, including virtual
ones), settings and environments (visual/sensory and virtual material), objects, artifacts, media
products (textual/visual/sensory and virtual material). This research is qualitative and used both
primary and secondary data. Primary data collected by distributing self-administered
questionnaires for the respondents and secondary data obtained from NBE guideline, from
previous literatures and internets.

35
 3.6 Procedures of Data Collection
Primary data collected through by distributing questionnaire. Questionnaires were designed to
get data on risk management practice of the selected bank. Questionnaires consisted of mostly
close ended questions were the respondents have to select an answer from the given choices were
designed. However, to give the respondents the opportunity to answer the question in their own
words, some open ended questions have been included. Secondary data collected by the
researcher using desktop research.

3.7 Method of Data Analysis

Several statistical tools are used for data analysis, in order to make the analysis suitable for
effective decision-making (Sreejesh, 2014).This study were descriptive type of research, the
collected data analyzed by applying Statistical package for social scientist (SPSS 20) to present
the data in well organized and convenient manner. The collected data were analyzed by using
frequency, percentage, mean and standard deviation. To show and rank the respondent‟s
responses table format was used.

36
 4 CHAPTER FOUR

DATA ANALYSIS AND RESULT DISCUSSION

The interpretation of the data that have been collected by using different analytical techniques
according to the requirements of the management is called analysis. Several statistical tools are
used for data analysis, in order to make the analysis suitable for effective decision-making. The
statistical analysis of the data may range from simple frequency distribution tables to complex
multivariate analysis (Sreejesh, 2014).

This chapter deals with data presentation, analysis and interpretation. This study has also
collected primary data through questionnaire to assess the risk management practices banks in
Commercial bank of Ethiopia such as managing credit, managing market risk, managing
liquidity risk ,managing operational risk, Strategic risk, reputational risk .The data was
collected through from three departments which are, risk management department, strategic
department, and communication and marketing department. The number of respondents was 26
employees from risk department, 23 from strategic department and 35 employees from
marketing and communication department. Descriptive statistics has been utilized to analyze the
data. Statistical Package for Social Sciences (SPSS 20.0) has been run to perform various
tools regarding descriptive statistics, reliability test. To interpret the mean result used the
following standard:

 Mean score from 0.01 to 1 is (Strongly Disagree)

 From 1.01 to 2 is (Disagree)
 From 2.01 to 3 is (Neutral)
 3.01 to 4.00 is (Agree)
 Mean score from 4.01 to 5.00 is (Strongly Agree)

4.1 Validity and Reliability Test

Validity is the extent to which a test measures what we actually wish to measure (Cooper, 2014).
Validity is the most critical criterion and shows the degree to which an instrument measures what
it is supposed to measure. For this study to validate the instruments the researcher has ruled out

37
whether there were ambiguous, and poorly organized questions along with the instruments were
used to ascertain their validity and sustainability, by amending as per the respondents
understanding in collecting the required data. The advisor has examined all items one by one and
providing feedback and guidance on the questionnaire particulars that may be amended.

Reliability is essentially about consistency. That is, if we measure something many times and the
result is always the same, then we can say that our measurement instrument is reliable (Adams,
2007). Cronbach‟s alpha coefficient is the most frequently used index of reliability and the most
common way to assess reliability. An alpha score of higher than 0.70 acceptable it is a standard.
As we can see in table 1 the cronbach‟s alpha shows that above 0.70 so, we can confident that all
the variables have internal consistency.

Table 1 Reliability statistics

Cronbach's N of Items Department

Alpha
.895 10 Communication and Marketing Dept.
0.901 12 Strategic Dept.
0.981 32 Risk management Dept.
Source own – survey, 2019

4.2 The General Background of Risk Department Respondents

In the following table, the demographic information of respondents is presented. These include
Gender, age, year of service, level of education and current profession. To get information on
these issues the respondents were asked a semi-structured question and their responses are
presented and analyzed as follows.

38
Table 2 Demographical characteristics of Risk Management Department questionnaire
respondents.

Demographics Frequency Percent Valid Percent Cumulative

Percent
Female 9 34.6 34.6 34.6
Gender Male 17 65.4 65.4 100.0

Total 26 100.0 100.0

26-30 3 11.5 11.5 11.5
31-45 6 23.1 23.1 34.6
Age (Years) 36-40 8 30.8 30.8 65.4
more than 41 9 34.6 34.6 100.0

Total 26 100.0 100.0

6-10 6 23.1 23.1 23.1

Service above ten years 20 76.9 76.9 100.0

Year
Total 26 100.0 100.0

1st degree 12 46.2 46.2 46.2

Education master‟s degree 14 53.8 53.8 100.0
(Years)
Total 26 100.0 100.0
managerial 4 15.4 15.4 15.4

Current supervisory 1 3.8 3.8 19.2

position professional 20 76.9 76.9 96.2
Other 1 3.8 3.8 100.0

Total 26 100.0 100.0

Source own – survey, 2019

According to Table 2 there is a clear overweight with male respondents. It indicates that out of
the total respondents the number of men more than female. This does not mean that the research
is targeted at only men, but rather it reveals the proportion of male and female respondents in the
study. The majority of Respondents age lies in the groups which is more than 36 and above this

39
group accounts for 65.4 % of respondents. This situation shows that the respondents they can
analyze things in different way they can make decisions by considering many things. The other
background information of the respondents is service year out of 26 respondents, 20 respondents
(76.9 % of total respondents) represent a group that covers above ten years of experience. The
rest 6 respondents, which represent 23.1 %, were under the ranges of 6-10 years of experience. It
implies that most of the staffs acquired enough experience to perform risk management
activities. Regarding educational level 53.8 % of respondents were master‟s degree holders in
different educational qualification and 46.2 % of respondents were BA or BSc degree these
results indicated that majorities are upgrading themselves by education which enables the
respondents to have a clue idea of the importance risk management. The last background
information is current position and 76.9 % of respondents are professionals.

4.2.1 Managing Credit Risk

Ten questions have been included in the study questionnaire in respect of the managing
credit risk. Table 3 summarizes the results of the responses.

Table 3 Respondents response on Credit risk management practice

40
 No Item Frequency % Mean SD
1 The Bank board of Director have adequate Neutral 11 42.31 3.73 0.72
Knowledge on credit risk management Area; Agree 11 42.31
Strongly Agree 4 15.38
Total 26 100
2 Before deciding to approve a loan, a bank assesses Neutral 1 3.85 4.31 0.55
the borrower‟s financial standing and credit Agree 16 61.54
worthiness as well as the value and legal security of Strongly Agree 9 34.62
its credit protection. Total 26 100
3 Senior Management Ensure that there is a periodic Neutral 7 26.92 3.96 0.72
independent internal or external assessment of the Agree 13 50.00
bank‟s credit risk management functions; Strongly Agree 6 23.08
Total 26 100
4 The credit risk strategy Approved by the Board of Neutral 7 26.92 3.96 0.72
Directors are effectively transformed and Agree 13 50.00
communicated within the bank. Strongly Agree 6 23.08
Total 26 100
5 The bank has an effective risk management Neutral 5 19.23 4.31 0.79
framework policies and Procedures in place for Agree 8 30.77
managing credit risk. Strongly Agree 13 50.00
Total 26 100
6 The bank has well-structured a credit risk rating Neutral 2 7.69 4.31 0.62
framework across all type of credit activities; Agree 14 53.85
Strongly Agree 10 38.46
Total 26 100
7 The Bank has Effective internal control system to Disagree 1 3.85 4.19 0.69
ensure the implementation of policies, procedures Neutral 1 3.85
and limits its credit function. Agree 16 61.54
Strongly Agree 8 30.77
Total 26 100
8 Management Information System /MIS/ Provide Disagree 1 3.85 3.85 0.73
Quality & detail information Timely. Neutral 6 23.08
Agree 15 57.69
Strongly Agree 4 15.38
Total 26 100
9 The Bank Management information system /MIS/ Neutral 5 19.23 4.12 0.71
and analytical techniques to Measure the credit Risk Agree 13 50.00
inherent in all on and off balance sheet Activities. Strongly Agree 8 30.77
Total 26 100
10 The bank regularly prepares periodic report to the Board Neutral 3 11.54 4.38 0.70
of Directors and senior Managements about credit risk Agree 10 38.46
Exposure of the bank.
Strongly Agree 13 50.00
Total 26 100
Source-own survey, 2019 Overall Scale Values 4.11 0.70

41
On the table 2 mean response of all item is range between 3.73 and 4.38. The tenth item has the
highest mean (4.38) or 88.5 % with a standard deviation of 0.70 which indicates that the bank
timely report the board on issues related to the management of credit risk this system provide the
board of directors and senior managements sufficient information to evaluate the performance of
account and condition of credit portfolio. The respondents asked about the bank assess the
borrowers financial standing and credit worthiness they replied 96.1% mean value (4.31) with
standard deviation 0.55 indicates that a bank assesses the borrower‟s financial standing and
credit worthiness as well as the value and legal security of its credit protection which means the
bank have well define credit granting criteria to became familiar with the borrower.

Item one has the lowest mean from the listed variables (3.73) or 57.7% with a standard deviation
0.72 still more than half of respondents agree that the board of directors have adequate
knowledge about credit risk area which means the board of director can easily identify or
understand the natures of risks, review and approve the banks credit risk strategy and polices. In
general the average mean score of all the items is (4.11) its more than the midpoint this implies
that commercial bank of Ethiopia have good credit risk management practice, but it does not
mean that the credit risk management is perfect because still they are week practices in that area
according to the table.

4.2.2 Managing Liquidity risk

The questionnaire has contained eight questions in order to assess the liquidity risk management
practice of the. The following table summarizes the responses by percentage, mean and standard
deviation. Table 4 Respondents response on liquidity risk management practice.

42
 No. Item Frequency % Mean SD
1 The Bank board of Director have adequate Neutral 10 38.46 3.81 0.75
Knowledge on liquidity risk management area Agree 11 42.31
Strongly Agree 5 19.23
Total 26 100
2 There is proper set of rules and guidelines, Neutral 3 11.54 4.23 0.65
for managing liquidity risk available in the Agree 14 53.85
bank Strongly Agree 9 34.62
Total 26 100
3 The liquidity risk strategy Approved by the Neutral 7 26.92 3.88 0.65
Board of Directors are effectively transformed Agree 15 57.69
and communicated within the bank Strongly Agree 4 15.38
Total 26 100
4 The bank has sound risk management Disagree 1 3.85 4.04 0.77
policies and Procedures in place for managing Neutral 4 15.38
liquidity risk Agree 14 53.85
Strongly Agree 7 26.92
Total 26 100
5 The Bank have adequate Management Neutral 3 11.54 4.04 0.53
information system/MIS/ for measuring and Agree 19 73.08
monitoring the liquidity Risk. Strongly Agree 4 15.38
Total 26 100
6 The bank has contingency plans for handling Disagree 2 7.69 3.27 0.60
unexpected liquidity problem. Neutral 15 57.69
Agree 9 34.62
Total 26 100
7 There is an effective controlling system to Neutral 5 19.23 4.04 0.66
ensure the implementation of policies, Agree 15 57.69
Procedures and limits. Strongly Agree 6 23.08
Total 26 100
8 The bank regularly prepares periodic report to Neutral 4 15.38 4.38 0.75
the Board of Directors and senior Agree 8 30.77
Managements about Liquidity risk Exposure Strongly Agree 14 53.85
of the bank.
Total 26 100
Overall Scale Values 3.96 0.67
Source – own survey, 2019

43
According to table 4 the mean response of individual item is varies between 3.27 and 4.38. The
eighth item has the highest mean (4.38) 0r 84.6 % with a standard deviation 0.75 this result
shows that the bank prepare periodic report to the board and senior managements this report is
important for the managements to evaluate the liquidity position of the bank. The sixth item has
the lowest mean (3.27) or 57.69 % respondents response is neutral and 34.6% of respondents are
agree with the contingency plan of the bank and the other 7.7% is disagree this implies that
majority of the respondents does not want to share his or her views on the particular item by
different reason even if the mean value is more than 3 it is difficult to judge about the
contingency plan of the bank is good or bad. Whereas, the average mean of all items is (3.96)
this result is approach to 4 so this indicates that the respondents are agree with the liquidity risk
management practice of the bank .

4.2.3 Managing Marketing risk

The questionnaire has contained seven items in order to assess the market risk management
practices. The following table 5 shows the percentage, mean and SD results of all responses.

Table 5 Respondents response on Marketing risk management practice

44
No. Item Frequency % Mean SD
1 The board have adequate Knowledge on Neutral 11 42.31 3.77 0.76
Marketing risk management Area; Agree 10 38.46
Strongly Agree 5 19.23
Total 26 100.00
2 There is a proper set of rules and Disagree 1 3.85 4.04 0.82
guidelines, for managing Marketing risk, Neutral 5 19.23
available in the bank Agree 12 46.15
Strongly Agree 8 30.77
Total 26 100.00
3 The market risk strategy approved by the Neutral 11 42.31 3.73 0.67
Board of Directors are effectively Agree 10 38.46
transformed and communicated within the Strongly Agree 5 19.23
bank Total 26 100.00
4 The bank has an effective risk Neutral 6 23.08 3.92 0.63
management policies and Procedures in Agree 16 61.54
place for managing Market risk Strongly Agree 4 15.38
Total 26 100.00
5 The bank‟s overall market risk exposure is Disagree 3 11.54 3.62 0.94
maintained at prudent levels and consistent Neutral 9 34.62
with the available capital. Agree 9 34.62
Strongly Agree 5 19.23
Total 26 100.00
6 The bank adopts multiple risk Neutral 6 23.08 4.04 0.72
measurement methodologies to capture Agree 13 50.00
market risk in various business activities. Strongly Agree 7 26.92
Total 26 100.00
7 The bank regularly prepares periodic Neutral 4 15.38 4.42 0.76
report to the Board of Directors and senior Agree 7 26.92
Managements about market risk Exposure Strongly Agree 15 57.69
of the bank. Total 26 100.00
Overall Scale Values 3.93 0.76
Source – own survey, 2019
According to Table 5 the mean response of each item varies between 3.62 and 4.42.The seventh
item is shows the highest mean value (4.42) or 84.6% with a standard deviation 0.76. This
implies the board of director and senior managements get report periodically this is important for
them to identify the market risk exposure of the bank. On the other hand the fifth item keeps the
lowest mean compared to other items which is (3.62) or 53.8 % still the respondents agree with
the banks overall market risk exposure maintained at prudent levels this implies that the banks

45
overall market risk exposure is not beyond their scope. The standard deviation is 0.94 as a
standard it‟s acceptable but as per the above table it‟s the highest value and it implies the
variability of responses. Whereas, the average mean (3.93) indicates the greater value than
midpoint so it is possible to say the Market risk management practice of the bank is good.
4.2.4 Managing operational risk
Table 6 Respondents response on managing operational risk management practice

No. Item Frequency % Mean SD

1 There is a proper set of rules and neutral 1 3.85 4.38 0.57
guidelines, for managing agree 14 53.85
operational risk, available in the strongly agree 11 42.31
bank. Total 26 100.00
2 Board and executive management neutral 5 19.23 4.15 0.73
of the bank recognizes, understands agree 12 46.15
and has defined all categories of strongly agree 9 34.62
operational risk applicable to their Total 26 100.00
institution.
3 Senior management of the bank neutral 4 15.38 4.04 0.60
translate the strategic direction agree 17 65.38
given by the board through strongly agree 5 19.23
operational risk management Total 26 100.00
policy.
4 The bank has contingency and disagree 1 3.85 4.04 0.66
business continuity plans to ensure neutral 2 7.69
its ability to operate as going agree 18 69.23
concern and minimize losses in the strongly agree 5 19.23
event of severe business disruption. Total 26 100.00
5 The Bank implemented effective disagree 3 11.54 3.73 0.92
ongoing monitoring system to neutral 6 23.08
detect operational losses quickly. agree 12 46.15
strongly agree 5 19.23
Total 26 100.00
6 There is an effective controlling neutral 3 11.54 4.19 0.63
system to ensure the agree 15 57.69
implementation of policies. strongly agree 8 30.77
Procedures and limits. Total 26 100.00
7 The bank regularly prepares neutral 1 3.85 4.50 0.58
periodic report to the Board of agree 11 42.31
Directors and senior Managements strongly agree 14 53.85
about operational risk Exposure of Total 26 100.00
the bank.
Overall Scale Values 4.15 0.67
Source – own survey, 2019

46
The mean response of all items lies between 3.73 and 4.50.The seventh item displays the highest
mean (4.50) or 96.1% with a standard deviation of 0.58 this confirms that there was lower
variability of responses and the respondents argue that the board of directors regularly review the
organizations operational risk exposure this implies the board periodically ensure operational
risk is adequately monitored or not this is important to make decision on time. On the other hand
the fifth item has the lowest mean compared to the listed items but according to the mean
standard it is above the mid-point which is (3.73) or 65.4% of the respondents agree that the
bank implement monitoring system to detect operational losses this implies the bank can quickly
detect and correct deficiencies in the policies, processes and procedures for managing
operational risk. The average mean score of all items is (4.15) it is more than the
midpoint. From this result it‟s possible to imply that the bank have good operational risk
management practice.

Table 7 Do you think risk management by the bank is a challenging issue?

Frequency Percent

Yes 8 30.8

No 18 69.2

Total 26 100.0
Source – own survey, 2019

The risk department employees were asked about risk management by the bank is a challenging
issue or not. According to the above table majorities of respondents (69.2 %) answered no so by
depend on this data the researcher considered risk management by the bank is not a challenging
issue which indicates the bank has its own polices procedures so that the process is not a
challenging issue.

47
 4.3 The General Background of Communication and marketing
Department Respondents
In the following table, the demographic information of respondents is presented. These include
Gender, age, year of service, level of education and current profession. To get information on
these issues the respondents were asked a semi-structured question and their responses are
presented and analyzed as follows.

Table 8 Demographical characteristics of Reputational Risk management questionnaire

respondents.
Demographics Frequency Percent Valid Percent Cumulative
Percent
Female 9 25.7 25.7 25.7
Gender Male 26 74.3 74.3 100.0
Total 35 100.0 100.0
20-25 3 8.6 8.6 8.6
26-30 6 17.1 17.1 25.7
Age (Years) 31-35 17 48.6 48.6 74.3
36-40 4 11.4 11.4 85.7
more than 41 5 14.3 14.3 100.0
1-5 18 51.4 51.4 51.4
Service Year 6-10 3 8.6 8.6 60.0
above 10 years 14 40.0 40.0 100.0
1St Degree 10 28.6 28.6 28.6
Education (Years) Master‟s degree 25 71.4 71.4 100.0
Total 35 100.0 100.0
Managerial 6 17.1 17.1 17.1
Current position professional 26 74.3 74.3 91.4
Others 3 8.6 8.6 100.0
Total 35 100.0 100.0

Source own – survey, 2019

48
Table 8 revealed that out of the total respondents 74.3 % of respondents were male and 25.7%
were females there is a clear overweight with male respondents. It indicates that the number of
male and female respondents are not proportional instead male covers the majority of the
respondents. The majority of Respondents age lies in the groups which is 31-35. This implies the
employees are effective and fully use their power. The other background information of the
respondents is service year out of 35 respondents, 18 respondents (51.4 % of total respondents)
represent a group that covers 1-5 years of experience. The rest 14 respondents (40%), which
represent above ten years of experience. It implies the majorities of the respondents were not
experienced but 40% of respondents were seniors acquired enough experience to perform risk
management activities so they can share experiences. Out of 35 respondents 71.4 % have
master‟s degree in different educational qualification and 28.6 % of respondents have BA or BSc
degree. These results indicated that majorities are upgrading themselves by education which
enables the respondents to have a clue idea, understand the subject matter and capable to
contribute important information for the case under study. The last background information is
current position and 76.9 % of respondents are professionals.

4.3.1 Reputational Risk Management

Table 9 Respondents response on reputational risk management practice

49
No
Frequency % Mean SD
. Item
1 The bank has frequent Strongly Disagree 3 8.57 3.31 1.21
communication with customers and Disagree 7 20.00
also engages their own employees Neutral 6 17.14
serve as a brand ambassador in the Agree 14 40.00
community. Strongly Agree 5 14.29
Total 35 100.00
2 The bank talk about their values Disagree 6 17.14 3.49 0.89
and provide declarations of people
Neutral 9 25.71
that helped
Agree 17 48.57
Strongly Agree 3 8.57
Total 35 100.00
3 The bank address customer Disagree 9 25.71 3.37 0.91
problem on time. Neutral 5 14.29
Agree 20 57.14
Strongly Agree 1 2.86
Total 35 100.00
4 The bank products and services are Disagree 10 28.57 3.46 1.09
high in quality, value and meet the Neutral 5 14.29
customer expectations. Agree 14 40.00
Strongly Agree 6 17.14
Total 35 100.00
5 The bank is environmentally Disagree 2 5.71 4.23 0.81
friendly, a supporter of good causes Neutral 2 5.71
and a positive contributor to the Agree 17 48.57
society. Strongly Agree 14 40.00
Total 35 100.00
6 The bank is innovate and adaptive. Strongly Disagree 1 2.86 3.80 1.02
Disagree 5 14.29
Neutral 1 2.86
Agree 21 60.00
Strongly Agree 7 20.00
Total 35 100.00
7 The bank has strong overall Strongly Disagree 1 2.86 4.54 0.82
financial performance and growth Neutral 1 2.86
prospects. Agree 10 28.57
Strongly Agree 23 65.71
Total 35 100.00
8 The Bank maintain good Strongly Disagree 3 8.60 2.94 1.19
workplaces and ensure the Disagree 13 37.14
employees satisfaction Neutral 5 14.29
Agree 11 31.43

50
 No
Frequency % Mean SD
. Item
Strongly Agree 3 8.57
Total 35 100.03
9 The bank participates on Goodwill Strongly Disagree 1 2.86 4.00 1.00
building activities Disagree 3 8.57
Neutral 2 5.71
Agree 18 51.43
Strongly Agree 11 31.43
Total 35 100.00
10 The bank is flexible if the crises Strongly Disagree 2 5.71 3.57 1.14
happen. Disagree 3 8.57
Neutral 12 34.29
Agree 9 25.71
Strongly Agree 9 25.71
Total 35 100.00
Overall Scale Values 3.67 1.01

Source – own survey, 2019

Table 9 shows the mean of each items is varies between 2.94 and 4.54. The seventh item has
highest mean (4.54) in which the participants have been viewed to assess the overall financial
performance and growth prospects 94.28% of respondents are agree with the bank has strong
financial performance compared to other private banks this creates good reputation. Item eighth
has the lowest mean (2.94) this indicates the banks consideration about good work places and
employees satisfaction is low. The bank has no good work environment the employees will be
dissatisfied then the outcome is treating customers negatively finally the banks face reputational
risk. Item first has the next lowest mean with the group (3.31) 54.29 % indicates respondents
agree with the bank has frequent communication with customers this is important to build its
image, but as a group the mean is still lower. In general the average mean score of all items is
(3.67) it‟s also more than the midpoint. The result reveals that the bank has good reputation but
there are items it needs modification to increase the banks reputation.

51
Table 10 Do you think reputational risk management by the bank is a challenging issue?

Frequency Percent
Valid Yes 11 31.4
No 24 68.6
Total 35 100.0
Source own – survey, 2019

The total number of respondents was 35 out of these 24 respondents said no which means
reputational risk management practice by the bank it not the challenging issue but the other 11
respondents said yes and put some challenges that the bank faces. According to the above table
11.4% of respondents agree that social media is a big challenge which means false and fake
information is being circulated on social media about the bank affect its overall reputation. The
other one is political situation now a day‟s political nature of the country is affecting its
reputation. Employees dissatisfaction is also affect its reputation because the employees are
ambassadors of the bank especially front makers which means customers daily communicate
with them if those employees are dissatisfied treat customers wrongly. The other points are
competitiveness with international commercial banks and doing work beyond its scope this
implies the bank involve in many activities beyond its scope those activities will have a negative
impact on the banks reputation for instance 40/60 condominium. In general all these issues are
affect the banks reputation.

4.4 The General Background of Strategic Department Respondents

In the following table, the demographic information of respondents is presented. These include
Gender, age, year of service, level of education and current profession. To get information on
these issues the respondents were asked a semi-structured question and their responses are
presented and analyzed as follows.

52
 Table 11 Demographical characteristics of Strategic Risk management questionnaire
respondents.

Demographics Frequency Percent Valid Cumulative

Percent Percent
Female 7 30.4 30.4 30.4

Gender Male 16 69.6 69.6 100.0

Total 23 100.0 100.0

20-25 1 4.3 4.3 4.3

26-30 9 39.1 39.1 43.5

Age (Years) 31-35 8 34.8 34.8 78.3

36-40 3 13.0 13.0 91.3

More than 41 2 8.7 8.7 100.0

1-5 6 26.1 26.1 26.1

Service Year 6-10 10 43.5 43.5 69.6

Above 10 years 7 30.4 30.4 100.0

Diploma 1 4.3 4.3 4.3

Education 1st Degree 7 30.4 30.4 34.8
(Years)
Master‟s degree 15 65.2 65.2 100.0

Managerial 1 4.3 4.3 4.3

Supervisory 1 4.3 4.3 8.7

Current position
Professional 19 82.6 82.6 91.3

Other 2 8.7 8.7 100.0

Total 23 100.0 100.0

Source own – survey, 2019

According to Table 11 there is a clear oversight with male respondents. This does not mean that
the research is targeted only men rather it reveals the proportion of male and female. Regarding
age 4.3 % of respondent‟s lies between 20-25, 39.1 % of respondents were between 26-30, 34.8
% of respondents were between 31-35 and 13% is 36-40 the highest no of Respondents age lies
in the groups which is 26-30 this implies the employees are young to supply their mental
physical efforts to the company. The other background information of the respondents is service

53
year out of 23 respondents, 10 respondents (43.5) % of total respondents represent a group that
covers 6-10 years of experience. The rest respondents (30.4%) above ten years and 26.1% of
respondents 1-5 years. It implies the majorities acquired enough experience to perform risk
management activities. Out of 23 respondents 65.2 % have master‟s degree in different
educational qualification and 30.4 % of respondents have BA or BSc degree and the rest 1
respondent have diploma these results indicated that majorities are upgrading themselves by
education which enables the respondents to have a clue idea of the topic. The last
background information is current position and 82.6 % of respondents are professionals.

54
 4.4.1 Strategic risk management practice
Table 12 Respondents response on strategic risk management practice

No. Item Frequency % Mean SD

1 The bank strategic objective is SMART Strongly 1 4.35 3.91 1.12
(specific, measurable, achievable, Disagree
relevance, time bounded). Disagree 2 8.70
Neutral 3 13.04
Agree 9 39.13
Strongly Agree 8 34.78
Total 23 100
2 The bank has the right talent or capabilities Disagree 2 8.70 3.70 0.88
to execute on its chosen strategy. Neutral 7 30.43
Agree 10 43.48
Strongly Agree 4 17.39
Total 23 100
3 The bank environment scanning process Disagree 5 21.74 3.61 1.08
(internal & external) is Exhaustive when Neutral 4 17.39
formulate its strategy. Agree 9 39.13
Strongly Agree 5 21.74
Total 23 100
4 The Bank properly defines its business Disagree 3 13.04 3.96 1.02
strategy and objectives by analyzing their Neutral 3 13.04
strength, weakness, opportunities and Agree 9 39.13
treats. Strongly Agree 8 34.78
Total 23 100
5 The bank key performance indicators are Strongly 3 13.04 3.52 1.34
easily quantifiable and efficient to measure Disagree
results. Disagree 2 8.70
Neutral 4 17.39
Agree 8 34.78
Strongly Agree 6 26.09
Total 23 100
6 The bank identify strategic risks that can Strongly 3 13.04 2.96 1.15
drive variability in performance. Disagree
Disagree 5 21.74
Neutral 6 26.09
Agree 8 34.78
Strongly Agree 1 4.35
Total 23 100
7 The bank establishes key risk indicators Strongly 2 8.70 3.04 1.15
and tolerance levels for critical risks. Disagree

55
No. Item Frequency % Mean SD
Disagree 6 26.09
Neutral 6 26.09
Agree 7 30.43
Strongly Agree 2 8.70
Total 23 100
8 The board approves high level approach to Disagree 2 8.70 3.65 0.88
strategic risk. Neutral 8 34.78
Agree 9 39.13
Strongly Agree 4 17.39
Total 23 100
9 The chosen strategy creates unintended Strongly 1 4.35 3.00 1.09
consequences or new risks for the bank. Disagree
Disagree 8 34.78
Neutral 6 26.09
Agree 6 26.09
Strongly Agree 2 8.70
23 100.00
10 The bank strategic implementation process Disagree 4 17.39 3.70 1.02
is successive. Neutral 4 17.39
Agree 10 43.48
Strongly Agree 5 21.74
Total 23 100.00
11 The bank effectively controls the strategic Strongly 1 4.35 3.43 0.95
management process. Disagree
Disagree 2 8.70
Neutral 8 34.78
Agree 10 43.48
Strongly Agree 2 8.70
23 100.00
12 The bank prepares integrated report on a Disagree 1 4.35 4.04 0.77
continuous basis for the senior Neutral 3 13.04
managements. Agree 13 56.52
Strongly Agree 6 26.09
Total 23 100.00
Overall Scale Values 3.54 1.04
Source own – survey, 2019

According to Table 12 the mean value varies between 2.96 and 4.04. The last item has the
highest mean value (4.04) or 82.6 %which is the bank prepared integrated report to the board of
directors on a continuous basis this is important to make decision quickly. The lowest mean item

56
(2.96) or 39.1 % is agree with this statement the other are disagree and neutral this implies the
bank it does not identify strategic risks so it can be said the bank strategic risk identification
process is poor. The next lowest mean from the table is the ninth item the 39.13 % of
respondents disagree this indicates the strategic consequence risks are low or in other words the
bank have appropriate structure in place to assess risks to its strategic choices, 34.79% of
respondents agree with this statement which means the chosen strategy creates new risks, other
respondents are neutral this result is supported by mean value is 3.00 as per the standard we
conclude that the respondent does not want to share his/her views or impartial attitude towards
this statement. The other lowest mean is the seventh item 39.13% of respondents agree with the
bank established key risk indicators and tolerance levels for critical risks, the others are 34.79%
disagree and the lefts are neutral the mean is 3.04 its greater than the midpoint but it does not
mean that the key risk indicators are effective. In general the average mean score of all items is
3.54 it is more than the midpoint as per the standard the result reveals that commercial bank of
Ethiopia is good in the strategic management.

Table 13 Do you think strategic risk management practice is a challenging issue

Frequency Percent
Valid Yes 7 30.4
No 16 69.6
Total 23 100.0
Source own – survey, 2019
The total number of respondents was 23 out of these 16 respondents said no which means
strategic risk management practice is not a challenging issue, the other 7 respondents agree with
the strategic risk is a challenging issue and put some points. Government intervention is the
major challenge according to the table which means commercial bank of Ethiopia is government
bank so its strategy is related to the government policy and some of the strategic risks are due to
macroeconomic and political instability of the country which is difficult to be managed by the
bank. The next point is poor internal communication which indicates and volatility of business
environment the challenges.

57
 5 CHAPTER FIVE

FINDINGS, CONCLUSIONS AND RECOMMENDATION

Introduction
This chapter has four sections the first section talks about the summary of the study. In the
second section the research findings are presented. In the third section the study
recommendations are included. Finally the researcher gave further research recommendations for
future researchers in section four.

5.1 Summary of Major Findings

In this section summarized the overall process of the research in a formative manner. The main
objective of this study was assessing the risk management practices of commercial bank of
Ethiopia. The questionnaire data collected to assess both financial and non-financial risk
management practices of the bank. The financial risk management practice includes credit risk,
liquidity risk and market risk and the non-financial risk management includes operational risk in
addition to this the study assessed strategic and reputational risk management practices of the
bank. The total populations was all the commercial bank of Ethiopia risk department employees,
strategic department, and marketing and communication department.
The risk department includes credit, liquidity, market and operational. The total number of
employees was 26 and the questionnaire distributed for them about the above these risks and the
overall finding shows the commercial bank of Ethiopia manages the risks as per the NBE
guideline and the bank has strong monitoring and controlling activities.
The researcher distribute questionnaires for the communication and marketing department
employees to collect data about reputational risk management practice and the total number of
respondents were 35 which means 15 from communication and 20 from marketing department.
The findings shows the bank has appropriate Reputational risk management practice because the
bank is a government bank so that support the societies and the growth and transformation plan.
The other banks aim is making profit but commercial bank of Ethiopia is service provider so
those activities creates good image in the society.
The other one is strategic risk and to assess this risk management practice in commercial bank of
Ethiopia the researcher distribute questionnaires to the strategic departments the number of
respondents were 23 and the overall finding shows that the bank has good strategic management

58
practice because the bank properly done the environment scanning process, clearly state the
mission, vision, values of the bank and also the strategic implementation process is successful.
Finally, this research last objective was assessing the challenges that the bank is facing in the
risk management practice and the finding shows risk management is not a challenging issue in
the Bank.
5.2 Conclusion
According to the uncertainty of conditions, the financial industries are facing a large number of
risks. For this reason, the financial industries emphasize risk management. This research
discussed and analyzed the risk management practice of commercial bank of Ethiopia tested to
answer the research question: What are the financial risk management practices of the bank, how
the bank manages non-financial risks specifically operational, strategic and reputational risks?
What are the challenges that the bank facing on the risk management practices? Then the
researcher needed to collect data to answer the stipulated research question. A qualitative
research approach, namely a structured questionnaire, was used to collect data. The
questionnaires was prepared and distributed to three departments the questions was different for
each department and the total number of respondents were 84 employees of risk management
department, strategic department and communication and marketing department.

The study analyzed variables by descriptive statistical techniques (mean, standard deviation).
Considering all findings described in the discussion part a researcher concludes by the following
points: The credit risk management practices the average mean value of all item is 4.11 this
result shows commercial bank of Ethiopia is good in credit risk management practice. The
average mean score of liquidity risk management is 3.96 this indicates the bank has good
liquidity risk management practice. The operational risk management practice over all items
average value is 4.15 it indicates the bank has good operational risk management practice. The
strategic risk management practice average mean score of all items is 3.54 this implies the bank
has good practice and the reputational risk management practice average mean score is 3.67 this
also implies the bank has good reputational risk management practice but these result does not
mean the risk management practice is perfect, there are items it needs some reformations as per
the research finding which are contingency plan, ongoing monitoring system, work place and
employees satisfaction, the banks key risk indicator and tolerance level, identifying strategic

59
risks these variables have the smallest mean value. The researcher concludes the bank has good
risk management practice.

According to the finding majorities of the respondents agree that risk management practice by
the bank is not challenging issue and the other respondents agree with risk management by the
bank is challenging issue and list some points which are rapid growth and expansion of the bank,
ways of risk management process by itself, social media, political situation, volatility of
business, government intervention, poor internal control.

5.3 Recommendation
Despite a fairly good risk management framework in place to adequately manage the various
types of risk commercial bank of Ethiopia faces, the researcher would like to make some
recommendations which are believed to help strengthen risk management practices and make the
bank more competitive. These are:

The bank / the responsible person should review and update its contingency funding plan
with any changes and innumerate additional possible course of actions for addressing
liquidity shortfalls in emergency situation for example money market and capital market
related to contingency plans in addition to deposit, remittance and loan collection.
To stay ahead of the competition at all times, banks should ensure there is a
continuous monitoring process to ensure the integrity of risk management controls and
systems.
The bank should create good work place environment and ensure the employees
satisfaction, understand all actions can affect public perception to minimize reputational
risk
Strategic risk comes in many different forms so managers or the responsible persons
should assess the nature of the risks facing their business that can be drive variability in
performance.
Key risk indicators (KRI) are critical predictors of unfavorable events that can adversely
affect organizations and key risk indicators must be linked to company‟s strategic
priorities so the bank should establish KRI to monitor risks and to take early action.
The strategic and reputational risks are highly affect the banks industry so the bank
should consider as a risk type and set rules regulations.
60
 5.4 Future Research Recommendations
The following issues are believed by the researcher as future research areas:
 The study recommends that factors affecting the banks strategic and reputational risk
management practice needs further investigation.
 The study recommends that assessment of strategic and reputational risk management
practice needed research on private owned banks. This study focused on only government
bank which is commercial bank of Ethiopia.
 Ethiopia is in the process of joining world trade organization. Therefore, sooner or later
international financial institutions will join the financial market in Ethiopia and as a result
the banking risk exposure will change. In order to be competitive and remain in the
market, financial institutions capacity should be strengthen to manage their risks. Thus,
compressive research including both private and government banks, insurance companies
and micro finance institutions is required to strengthen the risk management process in all
financial institutions.

61
 Reference
Adarkwa, O. R. (2011). RISK MANAGEMENTAND BANK PERFORMANCE. A CASE STUDY OF FIRST
ATLANTIC MERCHANT BANK GHANA LIMITED (FAMBL). Kwame Nkrumah University of
Science and Technology.
Agnello, L. and Sousa, R. M. (2012). How Does Fiscal Consolidation Impact on Income Inequality? (No.
382).
Aragaw, T. (2016). Assessment of credit Risk Managemet Practices the Case of Comercial bank Of
Ethiopia:Unpublished Master’s Thesis. St. Mary‟s University.
Arby, M. F. (2006). Managing Risk in Financial Sector. The Institute of Bankers Pakistan, 124–139.
Awgchew, S. (2017). Assessment of Liquidity Risk Managemet Practices & Challenges:Unpublished
Master’s Thesis. St. Mary‟s University.
Ayalew, D. (2014). Risk Managemet in Etiopian Private Comercial Banks:Unpublished Master’s Thesis.
St. Mary‟s University.
Banks, E. (2005). Liquidity Risk, Managing Asset and Funding Risk. New York.
Basel. (2009). Proposed Enhancements to The Basel II Framework. Retrieved from Basel Committee On
Banking Supervision website: http://www.bis.org/Publ/Bcbs150.Pdf
Bessis, J. (2002). Risk Management in Banking (2nd ed.). West Sussex, United Kingdom: John Wiley and
Sons, Inc.
Bessis, J. (2010). Risk Management in Banking (Third Edit). Wiley.
Bhardwaj, T. (2013). CREDIT RISK MANAGEMENT PRACTICES: A COMPARATIVE STUDY OF
STATE BANK OF INDIA AND PUNJAB NATIONAL BANK. Punjab Agricultural University.
Chockalingam, A. , Dabadghao, S. and Soetekouw, R. (2018). Strategic risk, banks, and Basel III:
estimating economic capital requirements. The Journal of Risk Finance, 19(3), pp.225-246.
CPA Australia. (2006).
Crouhy, M., Galai, D. and Mark, R. (2006). The Essentials of Risk Management. New York, USA:
McGraw Hill.
Crouhy, Michel, Dan, G. and Robert, M. (2001). Risk Management. New York, USA: Mcgraw Hill.
Cumming, Christine and Beverly, J. H. (2001). The Challenges of Risk Management In Diversified
Financial Companies. Economic Policy Review, Federal Reserve Bank Of New York, 7, 1–17.
Duong, L. (2009). EFFECTIVE RISK MANAGEMENT STRATEGIES FOR SMALL-MEDIUM
ENTERPRISES AND MICRO COMPANIES A CASE STUDY FOR VIOPE SOLUTIONS Ltd.
Arcada.
Emblemsvag, J. and Kjolstad, L. E. (2002). Strategic Risk Analysis – A Field Version. Management
Decision, 40(9), 842–852.
Ephream, Y. (2016). Risk Management and Its Effect on Financial Performance of Commerial Banks in
the Case of Ethiopian Commercial Banks:Unpublished Master’s Thesis. St. Mary‟s University.
Fatemi, A and Glaum, M. (2000). Risk Management Practices of German Firms. Journal Of Managerial

1
 Finance, 26(3), 1–17.
Gangreddiwar, A. (2015). 8 Risks in the Banking Industry Faced by Every Bank. Retrieved from
gomedici.com website: https://gomedici.com/8-risks-in-the-banking-industry-faced-by-every-bank/
Ghosh, A. (2015). Managing Risks in Commercial and Retail Banking. Chichester: John Wiley and Sons
Inc.
Green, P. (1992). Reputation Risk Management. London, United Kingdom: Pitman Publishing.
Greuning, H., and Brajovic, B. . . (2009). Analyzing Banking Risk a Framework for Assessing Corporate
Governance and Risk Management (3rd ed.). Washington, D. C: The World Bank.
Hasan, I., and Sarkar, S. (2002). Banks‟ Option to Lend, Interest Rate Sensitivity, and Credit Availability.
Review of Derivatives Research, 5(3), 213–250.
Hoyt, R. E., and Liebenberg, A. P. (2011). The Value of Enterprise Risk Management. Journal Of Risk
and Insurance, 78(4), 795–822.
Ishfaq, M. (2006). Managing Risk In Financial Sector. The Institute of Bankers Pakistan.
Jorion, P. (2001). Value at Risk, The New Benchmark for Managing Financial Risk. New York, USA:
Mcgraw Hill.
Jorion, P. and S. J. K. (1996). Financial Risk Management Domestic and International Dimensions.
Cambridge, Massachusetts: Blackwell Publishers.
Kumar, A., Chatterjee, D.P., Chandrasekhar, C. & Patwardhan, D. G. (2005). Risk Management. Mumbai:
Indian Institute of Banking and Finance.
Lam, J. (2000). Enterprise-Wide Risk Management and The Role of the Chief Risk Officer. White Paper.
Erisk.Com.
Maylor, H. (2010). Project Management. London, United Kingdom: Financial Times Prentice Hall.
Medova, E. A. (2001). Operational Risk Capital Allocation and Integration of Risks. Centre for Financial
Research, 1–23.
Mehmood, S. AND Zhang, M. (2010). No TitleFinancial Risk Management In An Integrated
Framework:Unpublished Master’s Thesis. Blekinge Institute of Technology.
Meulbroek, L. K. (2002). A Senior Manager‟s Guide to Integrated Risk Management. Journal Of Applied
Corporate Finance, 14((4), 56–70.
Mitiku, E. (2015). Risk Management and Its Impact on Financial Performance of Commerial Banks in
Ethiopian:Unpublished Master’s Thesis. Addis Ababa University.
Mok, A. and Saha, R. (2017). strategic risk. Inside Magazine, 16.
Mulat, D. (2014). Assessment of Liquidity Risk Managemet Practices at Wegagen Bank:Unpublished
Master’s Thesis. St. Mary‟s University.
Nigussie, W. (2016). Assesing Determining Factors of Best Risk management Pracites of Ethiopian
Commercial Banks. Addis Ababa University.
Oxford English Dictionary. (2013). Retrieved from WWW.OxfordEnglishDictionary.com
Raymond, S. (2012). RELATIONSHIP BETWEEN FINANCIAL RISK MANAGEMENT AND FINANCIAL

2
 PERFORMANCE OF COMMERCIAL BANKS IN KENYA:Unpublished Master’s Thesis.
UNIVERSITY OF NAIROBI.
Rejda, G. E. (1998). Principles of risk management and insurance. Toledo, OH: Addison-Wesley
Longman, Incorporated.
Santomero, A. . (1995). Financial Risk Management: The Whys and How‟s. Financial Markets,
Institutions and Instruments, 4(5), 1–14.
Saunders, M., Lewis, P. and Thornhill, A. (2012). Research Methods for Business Students (5th ed.).
Essex, England: Pearson Education Limited.
Schroeck, G. (2002). Risk management and value creation in financial institutions. New Jersey: John
Wiley and Son, Inc.
Sharma, B. R. (2003). Bank Frauds- Prevention & Detection. Universal law Publishing Co. Pvt. Ltd.
Skoglund, J. and Chen, W. (2015). No Title.
Slywotzky, A. J. and Drzik, J. (2005). Countering The Biggest Risk of All. Harvard Business Review, 82,
78–88.
Tesfay, G. (2016). Assessment of credit Risk Managemet Practices in Commercial Bank of
Ethiopia.Unpublished Master’s Thesis. St. Mary‟s University.
Tibebu, R. (2017). Assessment of Liquidity Risk Managemet a case study in Bank of
Abyssinia:Unpublished Master’s Thesis. St. Mary‟s University.
Tursoy, T. (2018). Risk management process in banking industry (No. 86427).
Zerga, F. (2016). Assessment of credit Risk Managemet in Nib International Bank S.C. :Unpublished
Master’s Thesis. St. Mary‟s University.

3
 Annex 1
QUESTIONNAIRE
ST.MARY’S UNIVERSITY
SCHOOL OF GRADUATE STUDIES
This questionnaire is designed to collect information about the risk management practice
in Commercial Bank of Ethiopia. The data or information collected in such a way shall be used
as primary data in my thesis, which I am conducting as a partial fulfillment for the requirement
of MBA in General Management. The researcher would like to thank you in advance for your
kind response in giving your precious time in filling the questionnaire.
No need to mention your name and the information provided is to be used only for this study and
any information given will be kept confidential.

Thank you for your Co-operation!!

Part one - Background Information

Instructions: Please use this √ mark for each question to indicate your response.
1. Gender: Female Male

2. Age: 20 – 25 Year 26 – 30 31-35 36 – 40 More than 41

3. Years of service (Experience): 1- 5 years 6-10 years above 10 years

4. Level of education: Diploma 1st Degree (BA, BSc)

Master‟s degree PhD

5. What is your current position in your organization?

Managerial Supervisory Professional Other

Part two - The second section has been designed to obtain information regarding
various aspects of risk management practices.
 Kindly read the questions carefully and tick (√) the selected choice clearly.
 Please be honest in your responses as these are important and valuable for
the study.

4
 1: Strongly Disagree, 2: Disagree, 3: Neutral, 4: Agree, 5: Strongly Agree
1. Assessment of Credit Risk Management Practices

No Description 1 2 3 4 5
1 The Bank board of Director have adequate Knowledge on credit risk management
Area;

2 Before deciding to approve a loan, a bank assesses the borrower‟s financial

standing and credit worthiness as well as the value and legal security of its credit
protection.
3 Senior Management Ensure that there is a periodic independent internal or
external assessment of the bank‟s credit risk management functions;
4 The credit risk strategy Approved by the Board of Directors are effectively
transformed and communicated within the bank.
5 The bank has an effective risk management framework policies and
Procedures in place for managing credit risk.
6 The bank has well-structured a credit risk rating framework across all type of
credit activities;
7 The Bank has Effective internal control system to ensure the implementation of
policies, procedures and limits its credit function.
8 The Bank Management information system /MIS/ and analytical techniques to
Measure the credit Risk inherent in all on and off balance sheet Activities.
9 Management Information System /MIS/ Provide Quality & detail information
Timely.
10 The bank regularly prepares periodic report to the Board of Directors and senior
Managements about credit risk Exposure of the bank.
2. Assessment of Liquidity Risk Management Practices

No Description 1 2 3 4 5

1 The Bank board of Director have adequate Knowledge on

Liquidity risk management Area;
2 There is a proper set of rules and guidelines, for managing
liquidity risk, available in the bank

3 The liquidity risk strategy Approved by the Board of Directors are

effectively transformed and communicated within the bank.
4 The bank has sound risk management policies and Procedures

5
 in place for managing liquidity risk
5 The Bank have adequate Management information system/MIS/ for
measuring and monitoring the liquidity Risk.
6 The bank has contingency plans for handling unexpected liquidity
problem.
7 There is an effective controlling system to ensure the
implementation of policies, Procedures and limits.
8 The bank regularly prepares periodic report to the Board of
Directors and senior Managements about Liquidity risk Exposure
of the bank.
3. Assessment of Marketing Risk Management Practices

No Description 1 2 3 4 5

1 The board have adequate Knowledge on Marketing risk

management Area;

2 There is a proper set of rules and guidelines, for

managing Marketing risk, available in the bank

3 The market risk strategy approved by the Board of Directors

are effectively transformed and communicated within the
bank
4 The bank has an effective risk management policies and
Procedures in place for managing Market risk

5 The bank‟s overall market risk exposure is maintained at

prudent levels and consistent with the available capital.

6 The bank adopts multiple risk measurement

methodologies to capture market risk in various business
activities.

6
7 The bank regularly prepares periodic report to the Board of
Directors and senior Managements about market risk Exposure
of the bank.
4. Assessment of Operational Risk Management Practices

No Description 1 2 3 4 5
1 There is a proper set of rules and guidelines, for managing operational
risk, available in the bank.
2 Board and executive management of the bank recognizes, understands
and has defined all categories of operational risk applicable to their
institution.
3 Senior management of the bank translate the strategic direction given
by the board through operational risk management policy.

4 The bank has contingency and business continuity plans to ensure its
ability to operate as going concern and minimize losses in the event of
severe business disruption.
5 The Bank implemented effective ongoing monitoring system to detect
operational losses quickly.
6 There is an effective controlling system to ensure the implementation of
policies. Procedures and limits.
7 The bank regularly prepares periodic report to the Board of Directors
and senior Managements about operational risk Exposure of the bank.

5. Challenges in Risk management Process

I. Do you think Risk management by the bank is challenging issue

Yes No

If yes, what are the challenges the bank facing

………………………………………………………………………………………………………
……………………………………………………….

7
 Annex 2

QUESTIONNAIRE
ST.MARY’S UNIVERSITY
SCHOOL OF GRADUATE STUDIES
This questionnaire is designed to collect information about the risk management practice
in Commercial Bank of Ethiopia. The data or information collected in such a way shall be used
as primary data in my thesis, which I am conducting as a partial fulfillment for the requirement
of MBA in General Management. The researcher would like to thank you in advance for your
kind response in giving your precious time in filling the questionnaire.
No need to mention your name and the information provided is to be used only for this study and
any information given will be kept confidential.

Thank you for your Co-operation!!

Part one - Background Information

Instructions: Please use this √ mark for each question to indicate your response.
1. Gender: Female Male

2. Age: 20 – 25 Year 26 – 30 31-35 36 – 40 More than 41

3. Years of service (Experience): 1- 5 years 6-10 years above 10 years

4. Level of education: Diploma 1st Degree (BA, BSc)

Master‟s degree PhD

5. What is your current position in your organization?

Managerial Supervisory Professional Other

8
 Part two - The second section has been designed to obtain information regarding
various aspects of risk management practices.
 Kindly read the questions carefully and tick (√) the selected choice clearly.
 Please be honest in your responses as these are important and valuable for
the study.
1; Strongly Disagree 2: Disagree 3: Neutral 4: Agree 5: Strongly Agree
6. Reputational Risk Management Practice.

No Descriptions 1 2 3 4 5

1 The bank has frequent communication with customers and also

engages their own employees serve as a brand ambassador in the
community.
2 The bank talk about their values and provide declarations of
people that helped
3 The bank address customer problem on time.
4 The bank products and services are high in quality, value and meet
the customer expectations.
5 The bank is environmentally friendly, a supporter of good causes
and a positive contributor to the society.
6 The bank is innovate and adaptive.
7 The bank has strong overall financial performance and growth
prospects.
8 The Bank maintain good workplaces and ensure the employees
satisfaction
9 The bank participates on Goodwill building activities

10 The bank is flexible if the crises happen.

7. Challenges in Reputational Risk Management Process

II. Do you think Reputational Risk management by the bank is challenging issue?
Yes No
If yes, what are the challenges the bank facing
………………………………………………………………………………………………………
……………………………………………………….

9
 Annex 3
QUESTIONNAIRE
ST.MARY’S UNIVERSITY
SCHOOL OF GRADUATE STUDIES
This questionnaire is designed to collect information about the risk management practice
in Commercial Bank of Ethiopia. The data or information collected in such a way shall be used
as primary data in my thesis, which I am conducting as a partial fulfillment for the requirement
of MBA in General Management. The researcher would like to thank you in advance for your
kind response in giving your precious time in filling the questionnaire.
No need to mention your name and the information provided is to be used only for this study and
any information given will be kept confidential.

Thank you for your Co-operation!!

Part one - Background Information

Instructions: Please use this √ mark for each question to indicate your response.
1. Gender: Female Male

2. Age: 20 – 25 Year 26 – 30 31-35 36 – 40 More than 41

3. Years of service (Experience): 1- 5 years 6-10 years above 10 years

4. Level of education: Diploma 1st Degree (BA, BSc)

Master‟s degree PhD

5. What is your current position in your organization?

Managerial Supervisory Professional Other

10
 Part two - The second section has been designed to obtain information regarding
various aspects of risk management practices.

 Kindly read the questions carefully and tick (√) the selected choice clearly.
 Please be honest in your responses as these are important and valuable for
the study.

1: Strongly Disagree, 2: Disagree, 3: Neutral, 4: Agree, 5: Strongly Agree

8. Assessment of Strategic Risk management practices

No Description 1 2 3 4 5

1 The bank strategic objective is SMART (specific, measurable, achievable,

relevance, time bounded).
2 The bank has the right talent or capabilities to execute on its chosen strategy.
3 The bank environment scanning process (internal & external) is Exhaustive
when formulate its strategy.

4 The Bank properly defines its business strategy and objectives by analyzing
their strength, weakness, opportunities and treats.
5 The bank key performance indicators are easily quantifiable and efficient to
measure results.
6 The bank identify strategic risks that can drive variability in performance.
7 The bank establishes key risk indicators and tolerance levels for critical risks.

8 The board approves high level approach to strategic risk.

9 The chosen strategy creates unintended consequences or new risks for the
bank.
10 The bank strategic implementation process is successive.
11 The bank effectively controls the strategic management process.
12 The bank prepares integrated report on a continuous basis for the senior
managements.

9. Challenges in Strategic Risk Management Process

III. Do you think Strategic Risk management by the bank is challenging issue?
Yes No
If yes, what are the challenges the bank facing

11