HOW TO DEVELOP RISK MANAGEMENT POLICY FOR SACCOS By Faustin K. Zihiga Chairperson Association of Microfinance Institution of Rwanda (AMIR). 2nd SACCO LEADERS’ FORUM- Kigali Rwanda 21-23/03/2011 Presentation Out line Overview introduction. What is Risk? What is risk management. Characteristics of SACCOs and the risk factor. Categories of Risks from a SACCO perspective. Risk management Policy. conclusion. Overview introduction Like food is a necessity to our body, Risk Management is the life and blood of any financial institution”. SACCOs are predominantly formed as a result of a need to mitigate life threatening risks by mainly the poor; however, they too (SACCOs) pause a big risk if not well managed through sound policies. The killer risk in our business, be it SACCO or any other entity providing financial services or intermediation, is the inability to know what our risks are or the extent to which these risks will affect our businesses/ SACCOs. SACCOs are prune to risk because like any other financial institution, they handle money and more than often; they handle many small cash transactions. Therefore Risk management policies are crucial to provide the essential guidelines to mitigate risks that come with the nature of business. Risk: Definition The dictionary definition of risk is :- “Possibility or chance of meeting danger, suffering loss, injury”¹ Risk is anything that will make your well intended actions to deviate and bring about unintended, in most cases, negative results and or loss. Because there is a risk of death people go to see a doctor, wear caskets, put on safety belts etc and in SACCOs because there is a risk of loss, closure or legal proceedings against people, sound risk management policies need to be in place ¹Longman learners dictionary What is Risk management: Risk management is a systematic approach /process of identifying, prioritizing risks and implementing strategies to mitigate the risks. It involves prevention of potential problems and the early detection of actual problems² Consequently a Risk Management policy is a framework established within the business entity through which the systemic approaches and processes of risk management are guided. ²Adopted from CGAP course materials. Characteristics of SACCOs and the Risk factor. Large number of small loans thus small number of many payments that are very difficult to track. Decentralized and dispersed operations over a wide disconnected geographic area Large numbers of less literate clientele that depend on the ingenuity of the managers of the SACCOs – Managers with a social science rather than a business background. Limited use of integrated management information systems. There is often great pressure to cut costs in most cases at the expense of adequate supervisional and control mechanisms. Reluctance to write off bad loans especially those given to influential members in the SACCOs or for fear of a bad image. Categories of risks. Risks can be categorized into 4 to 6 major categories namely:- Operational risks Institutional risks Financial management risks external risks. IT risk (very prevalent today). Governance risk (hidden risk) Categories of risks – Operational Risk. Operational risks are risks likely to occur while executing our day today business; examples include, fraud, theft, cash loss, security, Inefficiencies, redundancies, funds concentration etc The risk management policy will be designed depending on the risk area of the business or a combination of more than one policy if the risk areas are highly related. E.g an operational policy and procedure manual could address the above risk depending on the size of the business and the of variety of products. Categories of risks – Institutional Risk. Institutional risks are those that threaten the institutional identity in terms of its Mission – sometimes termed Mission drift. Such risks may occur due to a change in the client target group, dependency on a single source of financing or donor dependency etc Policy may determine how much share capital each member should contribute and what this would translate into in terms of the decision powers to be exercise. What donations and under what conditions will they be accepted and financially accounted for. Categories of risks – Financial Management Risk. Financial management risks would include those related to treasury and liquidity management, Asset liability risks etc Financial and Treasury management manuals as well as asset liability policies will provide clear guidelines Categories of risks – External Risks. External risks, these are risks that may impact the SACCO from without. Microeconomic challenges, competition, politics, regulatory environment, social unrest etc Policies to mitigate such risks will vary from environment to environment while others will dependent entirely on the prevailing conditions at the time. Categories of risks - IT Risk. IT risk (very prevalent today) Heavy dependence or non dependence. Dependency - unauthorized access, Data inaccuracies, environmental disasters, inappropriate use, limited software providers’ support. Non dependent – Manual systems data tracking inaccuracies, time management and compliancy, adoptability to systems etc Policies - Disaster recovery program, Business continuity programs, appropriate technology policies etc Categories of risks - Governance Risk. Governance risk (hidden risk) Poor governance in SACCOs, Training, proper and distinguished roles of the organ with clear sanctions for those that do not respect procedures Risk management mechanisms : Risk management policies and procedures will clearly state how particular risks will be :- - Deterred before they can be committed - Prevented when there is likelihood to occur - Detected in the system - Mitigated when they occur Effective risk management policies will have:- Clearly stated missions vision, objective and values to provide overall direction to all employee and stakeholders. Provide for a sound and safe conducive environment Motivated and confident people who have ownership Clear and easy to understand processes and procedures Accountable and transparent process Performance monitoring systems that can help measure progress/ achievement. Reliable management information systems be it manual or electronic with documented workflows. conclusion Risk management is something that each SACCO will always live with. It is a work in progress moving target function because business conditions change over time It will always require the conscious effort of management to continually monitor and alert the institution about possible risks, the implication and the mitigation process to be engaged. Policies and procedures are good but they have one major flaw, “they are easily, forgotten, skipped, neglected or overridden. It is people and their commitment that are critical in the success or failure of any procedures, policies and or processes. Thank You !!! MURAKOZE !!!
Pages to are hidden for
"Risk Management Dictionary - PDF"Please download to view full document