2012-12-New Risk Management and Credit Management Directives.docTo view this press release as a Word file



Within the framework of the Banking Supervision Department's activities to strengthen the resilience of the banking system in Israel, the Supervisor of Banks—in consultation with the Advisory Committee on Banking Issues and with the authorization of the Governor—issued today several new Proper Conduct of Banking Business Directives, and revisions to several existing directives. The adoption of the directives will advance the robustness of the banking industry through improved risk management and corporate governance, so that they will be properly reflected in decision making processes and banking activities, including through appropriate adoption of lessons from the 2008–09 global crisis.
The main issues dealt with in the Proper Conduct of Banking Business Directives include a new directive on "Risk Management" which serves as a master directive for Firm-Wide Risk Management, and which delineates basic risk management principles. These principles refer to, among other things, corporate governance and the roles of the various risk management functions, the internal risk-control system that includes  three lines of defense, and risk management procedures (risk appetite, a risk management framework, and new products), methodologies for identification, measurement, and assessment of risks through the use of models and stress tests, and a monitoring and reporting system.
Within this framework, the directive sharpens the need to implement an appropriate risk culture, establishes that an appropriate risk management system begins with the Board of Directors, continuing to the CEO ,management and the various bank units, including control and compliance, support units as well as business units. It defines three lines of defense:
  1. Business line management—responsible for the identification and management of risks inherent in the products, activities, processes and systems for which they are accountable.
  2. Risk management function—a function which is independent of business lines; it serves as a second line of defense, and is responsible for planning, maintaining, and developing the risk management framework. One of the central roles of the function is to challenge the business line's risk management and examine its effectiveness and comprehensiveness.
  3. Internal audit—examines the suitability and efficiency of the processes conducted by the first two lines of defense, and uncovers the weaknesses in controls. It thus serves as a third line of defense.
An additional new directive deals with the issue of "Credit risk management", and details the unique demands regarding the management of this risk . Among other things, the directive details the Banking Supervision Department's expectations for a balanced decision-making structure by increased authority of risk management functions, clear division of authority between policy makers and those responsible for carrying out the policies, the existence of appropriate audit and reporting mechanisms.
Supervisor of Banks David Zaken said that implementation of the directives which were distributed today, and adherence to Basel III and other requirements, are additional steps to improving the management and conduct of the banking system in Israel, in a manner which will improve its ability to deal successfully with challenges it is expected to face, both from within Israel and from outside.