Risk Management. A comparative study of regulations and practices in one conventional and one Islamic bank in Pakistan

Master's Thesis, 2018

62 Pages, Grade: B


Table of Contents

Chapter 1. Introduction
1.1 Background and Motivation
1.2 Problem Statement
1.3 Research Questions
1.4 Aims and Objectives of the Study
1.5 Research Outline

Chapter 2. Theoretical Framework
2.1 Institutional Theory
2.2 Stakeholder Theory
2.3 Agency Theory

Chapter 3. Conceptual Model

Chapter 4. Literature Review
4.1 Risk
4.2 Risk Management
4.3 Risk Management Process
4.4 Operational Risk Management
4.5 Effective Risk Management
4.6 Types of Risk
4.7 State Bank of Pakistan Guidelines
4.8 Basel III Guidelines
4.9 Existing Literature
4.10 Literature Gap

Chapter 5. Methodology
5.1 Data Collection
5.2 Transcription

Chapter 6. Findings
6.1 Interview 1(Islamic Bank)
6.1.1 Part I (Risk Management Practices)
6.1.2 Part II (Rules and Regulations)
6.1.3 Part III (Major Risks)
6.2 Interview 2 (Conventional Bank)
6.2.1 Part I (Risk Management Practices)
6.2.2 Part II (Rules and Regulations)
6.2.3 Part III (Major Risks)

Chapter 7. Analysis and Discussion
7.1 Risk Management Practices
7.1.1 Credit Risk Management
7.1.2 Liquidity Risk Management
7.1.3 Operational Risk Management
7.1.4 Market Risk Management
7.1.5 Risk Mitigation
7.2 Risk Management Rules and Regulations
7.3 Major Risks

Chapter 8. Conclusion

9. References

10. Appendix (Interview Guide)


“ First, we would like to thank and praise Almighty Allah for giving us the strength, power, vision and resolve with the help of which we were able to complete our work on time. We would like to thank our course teacher Anatoli Bourmistrov and our supervisor Konstantin Yurievich Timochenko for their continuous help and support. Further, we would also like to express our deepest gratitude to our family and friends who have been a continuous source of motivation for us throughout this whole process without them it would not be possible. And finally, special thanks to the managers of Meezan Bank and Askari Bank for giving their valuable time and information.”



The purpose of this research study is to figure out the differences in rules/regulations and practices regarding risk management in Islamic and conventional banks in Pakistan.


Keeping in view the research questions, the nature of this research is a qualitative case study. We have conducted our research in Pakistan by selecting one conventional and one Islamic bank. Our study is based on semi structured interviews considering the exploratory and descriptive style of our study. In this study, two types of data were used to collect the information, Primary and Secondary data. Primary data was collected in the form of one to one interviews conducted by the researcher whereas secondary data which is used are books, articles, and electronic sources. The interview guide is structured in accordance with descriptive styled questions to get our desired results with detailed explanation in the available time frame.


The findings of the study reveal that there exists a substantial difference between Islamic and conventional banks in risk management practices, risk identification, liquidity risk analysis and risk governance. Islamic bank is performing competently in liquidity risk analysis, whereas, conventional bank is competent in risk management practice, risk identification, and risk governance. The risk management, risk monitoring and reporting, and liquidity risk analysis are weak in Islamic banks. Whereas, risk analysis and assessment are weak in conventional banks. Due to lack of risk management trainings and limited knowledge of risk management practices, understanding of risk management practices is weak in Islamic bank. The study also reveals that in terms of rules and regulations, there is no proper institutionalization of Islamic institutions regarding risk management as compared to conventional banking where the risk management practices are institutionalized by Basel Committee on Banking Supervision.

“Risk Management: A comparative study of regulations and practices in one conventional and one Islamic bank in Pakistan”

Chapter 1. Introduction

1.1 Background and Motivation

Financial institutions have an imperious responsibility to perform in the economy by acting as intermediaries between the surplus and deficit units, making them mediators for efficient allocation of resources in the contemporary economy (Owais Shafique, 2013). The robustness of the financial institutions is of vital importance as experienced during the US financial crisis of 2008. The stability of the entire economy is affected by a crumple of the financial institutions, as a result risk management system is obligatory to keep the financial institutions secure (Owais Shafique, 2013). During the past couple of decades, substantial revolutions have taken place in the banking sector across the world. These transformations have distinctly affected the tasks of banking operations and competition environment in the banking industry. Several bank-specific, industry-specific, financial, and macroeconomic factors have meaningfully contributed to banking performance and structure (Abdul Rashid, 2016).

The role of banking sector remains vital in providing finance to both consumers and business firms despite being heavily criticized due to the recent financial crisis. A profitable and healthy banking sector can offer better protection against negative shocks, helps to strengthen, stabilize the financial system, and improves the probability of effective modernization (Abdul Rashid, 2016). In contrast, risky and unprofitable banking triggers financial instability and negatively affects the economic growth as well. So, a well-functioning banking sector is not only important for the process of enhancing economic interaction between diverse segments of the market but also to achieve both operational and allocational efficiency (Abdul Rashid, 2016).

Banks play an important role in the economic development of the country and if banking crises occur they increase the probability of financial crises as well. Because of the global financial crises of 2008/09, the banking sector was greatly affected as a handful of banks went bankrupt, some were forced into mergers, and others had to be bailed out by the government. Many investors lost part or all their investments in these banks. The spread of financial crises worldwide raised questions about the effectiveness of risk management practices used by banks and this risk management failure is considered as one of the main causes of the global financial crises (Hameeda Abu Hussain, 2012).

All of this has led to a growing awareness and demand for proper risk management techniques and structures within the banking sector. The focus of risk management lies primarily on management and measurement of specific risks including credit risk, liquidity risk, and market risk whereas issue lies in the integration of these risks. In addition, public policy makers around the world have started to question the role and profile of risk management in financial institutions (Vincent Aebi, 2011). So, of a lot of importance has been given to the implementation of systematic risk management in banks so that in future such huge scale of financial crises can be averted. Risk management is a continuous process that is dependent on the internal and external environment of banks. These environmental changes require continuous attention for identification of risk and risk control as not all banks use suitable risk management and measurement techniques effectively (Hameeda Abu Hussain, 2012).

A revised rulebook Basel III was developed to take certain actions to reinforce the resilience of the banking sector because of the 2007-2009 financial crises. This framework vastly emphasizes on credit risk, liquidity risk, and market risk under ordinary and stressed circumstances (Basel Committee on Banking Supervision BCBS, 2009). To sustain a minimum level of capital it has been made compulsory for banks to cover up losses and continue operating activities as a going concern because banks had to endure losses far beyond their minimum capital requirements throughout the financial crisis of 2008 (Basel Committee on Banking Supervision BCBS, 2009). In Pakistan two types of banking systems are operating in the banking sector. One is conventional banking system which is used all over the world. The other is Islamic banking which is a relatively new concept in banking industry and has gained popularity among the Islamic countries of the world as evident from its growth rate which is higher than conventional banking.

The recent financial crises have not only shed some reservations on the appropriate functioning of conventional banking but has also increased the attention on Islamic banking as some observers have about their better performance during the crises (Thorsten Beck, 2012). Islamic banking has established presence in pointed more than 60 countries in the world (Ghiath Shabsigh, 2017). The concept of Islamic banking revolves around Mudarba (profit and loss sharing) and Musharka (joint venture). Unlike conventional banks which operate on the concept of borrowing and lending with predefined interest rates, Islamic banks are funded by current accounts that do not have interest or by profit sharing investment accounts where account holder gets a return that is determined by the profitability of the banks. All the investments in Islamic banking are done in halal businesses (Ghiath Shabsigh, 2017).

State Bank of Pakistan SBP plays an important part in encouraging Islamic banking in Pakistan in line with Shariah and regulatory framework established by the State Bank. According to state bank, three types of Islamic banking institutions including full-fledged Islamic banks, Islamic bank subsidiaries of conventional banks, and standalone Islamic banking branches of conventional bank can offer Islamic banking services in Pakistan (Abdul Rashid, 2016). The SBP has allowed Islamic banks to operate in line with the conventional banks, with a principal objective to provide diversified banking opportunities to build a stable and sound financial system boosting the economic development prospects through Shariah compliant financial operations (Abdul Rashid, 2016).

1.2 Problem Statement

Keeping in view the above background and motivation for our study, our problem statement is:

“What are the differences in the regulations and practices of risk management in Islamic and conventional banks in Pakistan”

1.3 Research Questions

1. What are the rules/regulations regarding risk management in conventional and Islamic bank?
2. How are risk management practices being implemented in conventional and Islamic bank?
3. What problems does the bank faces while implementing risk management?
4. What are the types of risks to which banks are exposed?

1.4 Aims and Objectives of the Study

1. To know how risk management practices are being implemented in Islamic and conventional banks in Pakistan.
2. To know the specific rules and regulations regarding risk management practices of conventional and Islamic banks.
3. To know what kind of risks are associated with both banking systems.

1.5 Research Outline

The purpose of this study is to identify the differences in rules/regulations and practices regarding risk management in Islamic and conventional banks. The nature of this study would be qualitative in nature. We will conduct our research in Pakistan by selecting one conventional and one Islamic bank. This research would contribute to the field of risk management in the sense that we would integrate practical, empirical, and theoretical issues related to risk management. The study will contribute to cross fertilization of risk management in both banking systems. The study would attempt to highlight the main differences in implementing risk management between Islamic and conventional banks. The study would also attempt to provide the main differences and similarities in the rules and regulations regarding risk management in both banking systems.

Chapter 2. Theoretical Framework

The theoretical perspective of this research relates to the concept of risk management, institutional theory, stakeholder theory, and agency theory. The concepts of risk management include effective risk management and operational risk management. The main theory around upon which our study is based is the risk management theory. It includes the concepts of risk, types of risk, risk management process, key dimensions of risk, and effective risk management approach (Spikin, 2013). Also, one important aspect of risk management theory includes operational risk management (Girling, 2013). The research questions have been developed by keeping in view the conceptual framework of the above-mentioned theories.

2.1 Institutional Theory

Institutional theory is a theoretical framework for investigating organizational phenomena, which views the social world built around institutions including rules, structures, and practices that set conditions on action. Institutions are essential in explaining the social world as they are built into the social order, directing the flow of social life. Institutions are positioned within definite social conditions and context providing cognitive framework for social actors (Donsbach, 2008). Institutionalization states:

“the process through which components of formal structure become widely accepted, as both appropriate and necessary, and serve to legitimate organizations (Zucker, 1983) .”

So, institutional theory can be used because it focuses on rules and regulations imposed by the concerned authorities mainly the government, as in our study we will study the rules and regulations regarding risk management in Islamic and conventional banks. Several studies use the institutional theory in explaining the method of implementation of risk management. They suggest that institutionalization prevails when the risk management activities in institutions becomes highly homogeneous. This homogeneity can be attained through the forced isomorphic mechanism by which political, legitimacy, and regulatory pressures are imposed on firms in the forms of persuasion, direction, or invitation (Powell, 1983).

Institutions control economic activities by laying out the rules and regulations as the basis for production, distribution, and exchange. Therefore, it is crucial for companies to follow established regulations, norms, and belief systems to gain legitimacy and mobilize their social, economic, and political resources to adapt to the institutional environments for increased firm performance (Zhilin Yang, 2014). Through several mechanisms institutional environments can influence organizations decision making. This results in organization's strategic response designed at dealing with the institutional pressure which they might face in the business environment. Understanding institutional environments can guide firms when they compete in the market (Zhilin Yang, 2014). Institutional isomorphism is a procedure in which organizations try to surpass in their practice of social rules and ideals by aligning themselves with the environmental circumstances. These institutional pressures thrust organizations to adopt shared routines and notions (Azadeh Pishdad, 2012). So, the understanding of intention to adopt technology and the principal context of the organization is affected. Three isomorphic mechanisms which stimulate organizations in acquiring operational efficiency include coercive-constraining, normative-learning, and mimetic-cloning (Azadeh Pishdad, 2012). Three institutional views representing theses isomorphic pressures which are not mutually exclusive and might be interdependent include regulative, cultural-cognitive, and normative views (Azadeh Pishdad, 2012).

For instance, organizational actors may interpret, negotiate, and socially construct the meaning of rules and regulations based on normative and cultural-cognitive considerations which are convenient in explaining the diffusion of technology innovation (Azadeh Pishdad, 2012). The coercive isomorphism transpires by organizational desire to follow rules, laws, and sanctions established by institutional actors. This similarity results in acquiring external validation and legitimacy that advances the organization's access to resources (Azadeh Pishdad, 2012). The normative mechanism generally concerns the pragmatic and moral aspect of legitimacy by evaluating whether the organization plays its role appropriately and in a required method. It can point to the positive pursuit of valued ends, as well as negative deviations from standards and goals (Azadeh Pishdad, 2012). The mimetic isomorphism is based on organizational inclination to remain neutral to its peers to get a constructive evaluation from the organizational environment. The consequences of this mechanism include reduced uncertainty, improved predictability, and benchmarking organizations which are performing at or near their optimum level (Azadeh Pishdad, 2012). The figure below reveals these three institutional isomorphic mechanisms and the concepts related to them respectively (Ahmad Raza Bilal, 2013).

Abbildung in dieser Leseprobe nicht enthalten

I nstitutional Isomorphism Mechanisms/ Pressures (Azadeh Pishdad, 2012).

Moreover, even if organization itself is an institution, it involves of a variety of sub institutions. The mutual interactions of these institutional pressures not only state technology implementation/ assimilation, but also have effect on institutionalization of technology through the process of institutional isomorphism (Azadeh Pishdad, 2012).

2.2 Stakeholder Theory

Stakeholder theory focuses on the symmetry of stakeholder’s interests as the principal determinant of the corporate policy (Freeman, 1984). In specific businesses, mainly services and high-tech industries, customer trust on firms is very vital to carry on offering their services in the future and can considerably contribute to firm’s value. Conversely, the value of such implied privileges is very sensitive to estimated costs of bankruptcy and financial distress (Klimczak, 2007).

So, the above mentioned discussion indicates that risk management can be observed in banking sector: to align the interests of managers with their shareholders interest, to lower the probability of financial distress, business failures or bankruptcy, to fulfil the regularity requirements, to reduce expected tax payments of the bank, , to help the banking business organization in developing financial plans and investment activities, to safeguard specific investments of the organization, and to maximize the shareholder’s wealth.

2.3 Agency Theory

Agency theory can be implemented in our study as banks act as agents and individuals as principles. The agency relationship can be defined as (Meckling, 1976):

“a contract under which one or more persons the principal engages another person the agent to perform some service on their behalf which involves delegating some decision-making authority to the agent (Meckling, 1976) .”

Agency theory is about separation of ownership and control. In corporate risk management, agency issues have been shown to influence managerial attitudes toward risk taking and hedging. There is also a probable mismatch of interest between shareholders, management and debt holders owing to asymmetries in earning distribution. This can result in the firm taking too much risk or not engaging in positive net value projects (Meckling, 1976).

Chapter 3. Conceptual Model

Our conceptual framework for this study mainly revolves around the institutional theory and our model is developed based on institutional theory and aspects of institutional isomorphism mechanism.

Environment (Risk Management) Norms (Rules and Regulations) Practices (Tools and Techniques)

“Conceptual model of our study inspired from institutional theory”

Based on this model we would first look at the rules and regulations of State bank of Pakistan, Basel accord regulation, international regulations, and institutional SOP’s regarding risk management in conventional and Islamic banks of Pakistan. Then we would look at the risk management practices including risk management process, risk management strategies, and tools/techniques used for managing risks.

Chapter 4. Literature Review

In this literature review, several concepts are discussed regarding risk, risk management, risk management process, operational risk management, enterprise risk management, and types of risk associated with banking sector. First, a definition of risk is given and the significance of managing risks is discussed. Then, two different approaches towards risk management are discussed including operational risk management and enterprise risk management. Additionally, a theoretical explanation is given about how enterprise risk management could enhance performance. Then prior research on the concerned topic has been discussed including the findings of different researchers related to risk management practices and regulations in Islamic and conventional banks.

4.1 Risk

The word ‘risk’ has become a common phenomenon in all areas of life such as personal situations including health, insurance, pensions, investments, etc., social aspects including economic performance, terrorism, food safety, etc. and business aspects including business strategies, corporate governance, business continuity, etc. (Spikin, 2013). Many of the institutions that humanity has built could be viewed to address risk. Therefore, it seems that the human wisdom has can identify patterns for uncertainty and develop certain method/processes to comfort it. So, not only is risk everywhere, but so is risk management. Just as the existence of risk is recognized and acknowledged as unavoidable and inevitable in every field of human endeavor, there is a corresponding drive to address risk as much as possible (Spikin, 2013).

Risk has been defined in many ways. The literal meaning of risk is the chance of injury, damage, or loss. We can simply define risk as the effect of uncertainty on objectives (Airmic, Alarm, IRM, 2010). Risk can also be defined as the inconsistency of returns associated with a asset (Owais Shafique, 2013). Organizations need to establish proper definitions for the different levels of consequences and likelihood associated with different risks. Risk can be ranked quantitatively, semi-quantitatively or qualitatively in terms of the possible consequences or impact and the likelihood of occurrence (Airmic, Alarm, IRM, 2010).

A significant part of analyzing a risk includes the determination of the nature, source, or type of impact of the risk. Evaluation of risks can be improved by implementing risk classification system. Risk classification systems enable an organization to identify similar risks. A risk classification system enables organization to classify which strategies, operations, and tactics are most exposed to risk. Risk classification systems are generally based on the division of risks into financial control, reputational exposure, operational efficiency, and commercial activities. But, there is no risk classification system that is universally applicable to all sorts of organizations (Airmic, Alarm, IRM, 2010).

4.2 Risk Management

Risk management is a dominant part of the strategic management of any organization. It is the process in which organizations methodically address the risks attached to their respective activities. An effective risk management initiative should be equivalent to the level of risk in the organization, aligned with corporate activities, embedded into routine activities, and dynamic to changing circumstances (Airmic, Alarm, IRM, 2010). The emphasis of risk management is towards the assessment of substantial risks and the implementation of appropriate risk responses. Furthermore, risk management boosts the understanding of the probable upside and downside of the factors that can affect an organization. It also increases the likelihood of success and reduces both the probability of failure including the level of uncertainty linked with achieving the goals and objectives of the organisation (Airmic, Alarm, IRM, 2010).

4.3 Risk Management Process

The risk management process is composed of at least of five stages which include determining the objectives, identifying the risks, evaluating the risks, considering alternative, selecting the risk treatment devices, and the implementing and reviewing stage (Spikin, 2013). Objectives can vary depending upon the type of the organization. It could be maintaining organizations position or survival in a specific sector. The identification stage is usually performed by using several instruments such us internal records of the organization, analysis of financial statements, risk analysis questionnaires, insurance policy checklist, flow process charts, and inspection of the firm’s operations among other things (Spikin, 2013). The evaluation step includes measuring the potential size of the loss and the probability that certain events would occur. This classifies the risks in a certain order of priorities which provides a certain ranking. The basic strategies which most companies adopt regarding risk management are risk avoidance, risk reduction, risk retention, and risk transfer. In the implementing stage, decisions that were made in the prior phase must be implemented. The final stage of the process of risk management is about evaluating and reviewing the risk management program. It also includes establishing check and balance procedures to make sure that the goals and objectives of the risk management are accomplished (Spikin, 2013).

4.4 Operational Risk Management

Operational risks thrive in every sector of the economy. Operational risks are found in the health sector, transportation sector, energy sector, banking sector, education sector, etc. Some sectors, because of heightened sensitivity to risks or government regulations, have implemented advanced processes for identifying the risks specific to their activities (Raanan, 2010). According to Basel Committee Operational risk can be defined as:

the risk of registering losses or of not making the estimated profits, which is determined by the internal factors including inadequate development of internal activities, inadequate staff, or systems etc. Or the external factors including economic conditions, changes in the banking environment, technological progress etc. (Timeea Maria Dumescu, 2012) ”

Basel II framework for operational risk management states that a bank should develop a framework for managing operational risk and evaluate the suitability of capital. This framework should cover the bank’s tolerance for operational risk, as specified by the policies for handling this risk. It also includes the way and extent through which operational risk is transferred outside the bank. The policies outlining the bank’s approach to identifying, monitoring, assessing, and controlling the risk (Girling, 2013). The following types of events lie at the basis of operational risk specific to banking activities: Internal fraud like theft, dishonest reporting of positions, closures of transactions for private use made by the employees; External fraud like robbery, falsification; Conditions required for hiring staff and job safety like staff’s compensatory requests, promotion of some discriminating practices, non-observance of work safety standards; Deficient practices related to customers, products and activities like inadequate use of confidential information about customers, sale of unauthorized products, money laundering, deficient use by customers of products and services of electronic banking; Jeopardizing of tangible assets like acts of terrorism or vandalism, earthquakes, fires; Activity interruption and deficient work of systems like flaws of hardware and software components, deficient planning, problems related to telecommunications, maintenance and implementation of the electronic banking system; Execution, delivery and management of process-treatment applied to customers and commercial counterparties, as well as deficient processing of data related to them like wrong registration of input data, incomplete legal documentation, deficient management of real warranties, unauthorized access to clients’ accounts; The security of the electronic banking system like engagements of the credit institution coming out in false pretenses by fabricating the electronic money or getting extra losses or engagements by the customers in case of a defective access in the system (Timeea Maria Dumescu, 2012).

4.5 Effective Risk Management

Enterprise risk management suggests a solution to the complications to which traditional risk management is exposed by focusing on operational and strategic risks. This approach handles risks in a synchronized way where the residual risk is hedged by putting together risks in a portfolio (Geessink, 2012). This portfolio approach will decrease risk, when the contemporary portfolio theory is applied. The theory assumes that a portfolio with different assets can absorb extreme directions (Geessink, 2012). This means that when one asset moves in a negative direction, this will be absorbed by an asset which moves in a positive direction which in turn decreases the risk of a portfolio. It also increases efficiency by hedging the real risk (Geessink, 2012). ERM has become an important requirement for the sustenance of financial stability of both national and international banking institutions. The present ERM concept includes the approach where all the risks are evaluated and managed holistically in line with the objectives of the bank (Okehi, 2014). Effective risk management ERM is about establishing control, discipline, and oversight to drive continuous improvement of an organizations risk management competences in a dynamic operating environment. It helps in advancing the maturity of organizations abilities around managing its risks priority (Protiviti Independent Risk Consulting, 2006). COSO defines ERM as: “a process, effected by an entity’s board of directors, management, and other personnel, applied in strategy-setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives (Protiviti Independent Risk Consulting, 2006).”

ERM is a management process that requires a firm’s management to identify and evaluate the collective risks that affect value of the firm and apply an enterprise-wide strategy to manage those risks to establish an effective risk management strategy (Okehi, 2014).

To provide companies a guideline in how to implement enterprise risk management ERM, COSO developed a framework in 2004 called the Enterprise Risk Management Integrated Framework. This framework was an extension of the initial framework introduced by COSO in the year 1994 and is shown in figure below (Geessink, 2012).

Abbildung in dieser Leseprobe nicht enthalten

COSO ERM - Integrated Framework (COSO, 2004)

The goal of ERM is to help to achieve an organization’s objectives. These objectives include strategic, operations, reporting and compliance. The strategic objectives should help the company to achieve its mission. These objectives should be achieved using resources effectively and efficiently, to enhance the company’s value (Geessink, 2012). To prove its value to the stakeholders every company should have reliable reporting and comply with relevant laws and regulations. These four objectives are overlapping, which shows the integrated approach of risks by this framework (Geessink, 2012). The four levels on the right side of the cube demonstrate the levels in which ERM should be present. The eight ERM components listed at the front of the cube, display what is needed to achieve these objectives. This framework offers prospects for companies to answer to their risks in alignment with their corporate strategy (Geessink, 2012). Even though banks face mainly financial risks, it could help them by integrating all these risks into one portfolio, instead of circumventing each different class. This can help to solve probable inefficiencies in risk management implementation (Geessink, 2012).

4.6 Types of Risk

Credit and liquidity risks are considered the prime reason for bank failures in commercial banks (Owais Shafique, 2013). The five main types of risk inherent in banks include (Okehi, 2014):

1. Credit Risk: Credit risk is the risk of loss resulting from an entity’s inability to meet its obligation. It may arise from either an inability or an unwillingness to perform in the pre- committed contracted manner. The core activity in a bank involves the acceptance of deposit and providing credits which exposes them to credit risk. Credit risk is the major risk faced by banks and the effective management of this risk helps in improving the performance of banks (Okehi, 2014).
2. Liquidity Risk: Liquidity is the ability of a bank to meet its short-term obligations as they become due, without incurring unacceptable losses. The issue with banking operations is that they convert short-term deposits into long term loans which makes them inherently vulnerable to liquidity risk. So, there is always a possibility that over a certain period, the bank would not be able to settle its obligations in short-term (Okehi, 2014).
3. Market Risk: Market risk is the risk arising from fluctuations of financial assets prices.
Market risk is defined as the risk of losses in on and off-balance sheet positions emerging from movements in market prices. The importance of market risk has been recognized in the new Capital Accord pronounced by the Basel Committee in 1999 recognizing any market related factor that affects the portfolio or value of instruments (Okehi, 2014).
4. Operational Risk: Operational risk is the risk of monetary losses resulting from inadequate or failed internal processes, systems, human error, and external events. This risk mainly encompasses of human error in banking operation, system failures, financial fraud and damage to physical assets from natural disasters that could cause losses to banks and probably lead to their failure (Okehi, 2014).
5. Solvency Risk: Solvency risk is related to the long-term survival of the bank. To absorb future losses when they occur banks should maintain sufficient reserves and provisions through efficient operations. Where these reserves and provisions fail, equity capital stands in to protect the Bank from bankruptcy. This risk mainly arises because of inefficient management and inherent risks (Okehi, 2014).

4.7 State Bank of Pakistan Guidelines

The State Bank of Pakistan has outlined a risk management framework which must be followed by all the operating banks in Pakistan. This framework encompasses the scope of risks to be managed, the process and procedures to manage risk, and the roles and responsibilities of individuals involved in risk management. An effective risk management framework includes (State Bank of Pakistan, 2009):

1. Clearly defined risk management policies and procedures covering risk identification, measurement, acceptance, reporting, monitoring, and control (State Bank of Pakistan, 2009).
2. A well constituted organizational structure defining clearly roles and responsibilities of individuals involved in risk taking as well as managing it. Banks, in addition to risk management functions for various risk categories may institute a setup that supervises overall risk management at the bank. Such a setup could be in the form of a separate department or bank’s Risk Management Committee RMC could perform such function. The structure should be such that ensures effective monitoring and control over risks being taken. The individuals responsible for review function including risk review, internal audit, compliance etc. should be independent from risk taking units and report directly to board or senior management who are also not involved in risk taking (State Bank of Pakistan, 2009).
3. There should be an effective management information system that warrants flow of information from operational level to top management and a system to address any exceptions observed (State Bank of Pakistan, 2009).
4. The framework should have a mechanism to ensure an ongoing review of systems, policies and procedures for risk management and procedure to adopt changes (State Bank of Pakistan, 2009).


Excerpt out of 62 pages


Risk Management. A comparative study of regulations and practices in one conventional and one Islamic bank in Pakistan
Catalog Number
ISBN (eBook)
ISBN (Book)
risk, management, islamic, pakistan
Quote paper
Muhammad Asadullah Bilal (Author), 2018, Risk Management. A comparative study of regulations and practices in one conventional and one Islamic bank in Pakistan, Munich, GRIN Verlag, https://www.grin.com/document/513488


  • No comments yet.
Read the ebook
Title: Risk Management. A comparative study of regulations and practices in one conventional and one Islamic bank in Pakistan

Upload papers

Your term paper / thesis:

- Publication as eBook and book
- High royalties for the sales
- Completely free - with ISBN
- It only takes five minutes
- Every paper finds readers

Publish now - it's free