Al Rajhi Bank

Basel II Pillar III Disclosure

Table 1: Scope of Application

This document is a Basel II Pillar III disclosure of Al Rajhi Banking and Investment Corporation, Saudi Arabia.

The financial results of all subsidiaries are fully consolidated in publishing the results of Al Rajhi Banking and Investment Corporation, Saudi Arabia (Al Rajhi Bank or the Bank). Brief descriptions of the subsidiary entities in the Group are as follows:

I. Al Rajhi Capital Company

The Company was incorporated in 2007 in KSA as a wholly owned subsidiary of Al Rajhi Bank. The subsidiary engages in Mutual Fund Management, Brokerage and Corporate Finance.

II. Al Rajhi Company for Development, Riyadh

The company was incorporated in 2000, for investment in Land, Building and Real Estate. It is 99% owned by Al Rajhi Bank.

III. Al Rajhi Banking and Investment Corporation BHD Malaysia

The company was incorporated in 2006 providing Islamic banking services in Malaysia and is 100% owned by Al Rajhi Bank.

There are no restrictions, or other major impediments, on the transfer of funds or regulatory capital within the Group. However, this is subject to the satisfaction of all internal and external approvals by relevant authorities.

Table 2: Capital Structure

Capital of Al Rajhi Bank consists of:

1,500,000,000 fully paid-up ordinary shares of SAR 10 each.

Table 3: Capital Adequacy

Capital adequacy indicates the ability of the Bank to meet any contingency without compromising the interest of its depositors and the provision of credit across business cycles. The main objective of the capital management is to improve financial position and strengthen balance sheet of the Bank to support the growth in business. The Bank aims to maximise shareholders' value through an optimal capital structure that protects the stakeholders' interests under extreme stress conditions, and provides sufficient capacity for growth whilst ensuring compliance with the regulatory requirements and meeting shareholders' expectations.

The objectives of capital management are threefold:

  1. Ensure stability of the Bank by holding adequate capital to cover unexpected losses.
  2. Promote the efficient use of capital by optimising risk adjusted return.
  3. Enable efficient and effective allocation of capital across the business through prudent decision-making and proactive risk management.

For the measurement of Regulatory Capital Al-Rajhi Bank is governed by the requirements stipulated by SAMA. These require each Bank or Banking group to:

  1. Hold the minimum level of the paid-up capital, and
  2. Maintain a ratio of total regulatory capital to the risk-weighted assets at or above the required minimum of 8%.

Accordingly, Al Rajhi is committed to implement the Basel II requirements and in this regard calculates capital adequacy ratio for credit risk (Standardized Approach), market risk (Standardized Approach) and operational risk (Standardized Approach) based upon guidelines issued by SAMA. This approach will be used until such time the Bank adopts the Internal Rating Based Approach (IRB), under Basel II.

General Qualitative Disclosure Requirements

Structure & Organisation of the Relevant Risk Management Function

Risk Management Framework

The risk management framework is integral to the operations and culture of Al Rajhi Bank. Our integrated risk management framework is aimed at setting the best course of action under uncertainty by identifying, measuring, prioritizing, monitoring and managing idiosyncratic and systemic risks. The Bank manages risk through a framework of sound risk principles which include an optimum organizational structure, well defined policies and procedures, risk review and monitoring process that are closely aligned with our long-term business strategy. The framework is comprehensive and has been communicated from the Board of Directors down to the individual business lines.

Risk management activities in the Bank broadly take place at different hierarchical levels. The Board of Directors provide overall risk management oversight while the Executive Management of the Bank actively ensures that the risks are adequately identified, measured and managed.

The Credit & Risk Group is mandated to implement the risk framework as a function independent of commercial lines of business, working under the guidance of Board and its sub committees (Executive and Audit Committees). For regular monitoring and managing different risks, the Board has also formulated specialized committees at the Management level. These include High Management Committee, Risk Management Committee, Asset Liability Management Committee (ALCO), Credit Committee, Remedial Committee and Compliance Committee. These committees are constituted with senior executive management who meet regularly to deliberate on the matters pertaining to risk exposures under their respective supervision.

The Bank adopts annual risk appetite statements for the Enterprise as well as for the individual business segments and business performance is periodically monitored thereagainst.

The following guiding principles apply to all Credit & Risk Management activities:

  1. Independence: A clear demarcation exists between Credit & Risk Management and the business divisions.
  2. Transparency: Credit & Risk Management structure, policies and procedures are transparent, and based on well-defined principles communicated across all levels.
  3. Approval Authority: Committee and individual approval authorities are delegated by the Board.
  4. Dual Signature: Risk taking commitments require the approval of at least two authorised individuals.
  5. Accountability: Risk and reward from a transaction are attributed to the same business unit and form an integral part of the business performance measurement.

The functional management of risk across the Bank is undertaken by the Credit & Risk Management Group headed by the Chief Risk Officer who reports to the CEO. The Credit & Risk Management Group comprises of Corporate Credit Management, Retail Credit Management, Enterprise Risk Management, Credit Review & Risk Strategy and Credit Administration Monitoring & Control.

The Credit & Risk Management Group activities include the following:

  • Development, communication, guidance and monitoring of adherence to comprehensive risk policies.
  • Recommendation of the Bank's risk appetite to the Board.
  • Evaluation and approval of risk limits/exposures within delegated authorities (or recommendation to higher approval authorities in case of large exposures), independent of the business.
  • Daily management of all other risk functions, including the control, monitoring and reporting of risk limits and exposures for internal control and regulatory compliance purposes.

1. Credit Risk

Credit Risk is the potential risk of loss of revenue and/or return of principal as a result of default or the inability of a borrower or counterparty to meet its contractual obligation.

The Bank implements a risk-based approval authority grid based on the customer's internal credit rating and quantum of facilities being proposed. This grid defines six levels of credit approval authorities. The ultimate authority to approve or decline credit proposals resides with the Board of Directors. The other five levels include Executive Committee and Credit Committees. Approval authority ensures that Credit decisions are commensurate with the Bank's risk appetite.

The Bank addresses Credit Risk, which is its most substantial component of risk, through the following process:

  1. Credit Processes: Approval, disbursements, administration, classification, recoveries, and write-offs are governed by the Bank's Credit Policy. This policy is reviewed by Credit & Risk Management group and approved by the Board.
  2. Lending Proposals: All credit proposals are independently reviewed by Credit & Risk Management group with authority to either approve within delegated limits, or recommend for approval to a higher approval authority.
  3. Corporate Lending Accounts: Reviewed at a minimum on an annual basis.

Concentration of exposures to counterparties, geographies and sectors are governed and monitored by guidelines and limits prescribed by the Credit Policy. Corporate borrowers are risk rated using an internal risk rating methodology to provide support for credit decisions. The Bank continually assesses and monitors credit exposures to ensure timely identification of potential problem credit.

2. Market & Liquidity Risk

Market risk is the risk of loss resulting from on and off-balance sheet positions as a result of adverse movements in market prices. The management of market risk is achieved by the identification, measurement, monitoring, control, and reporting of all activities that result from transactional exposures. Market risk in the Bank comprises of profit rate risk and foreign exchange risk.

  1. Profit Rate Risk is the potential impact on the Bank's Net Income Margin caused by the changes in market rates of return. The Bank manages its profit rate risk by matching repricing of assets and liabilities. It measures profit rate risk by evaluating the potential impact of a 200bps movement in market rates.
  2. Foreign Exchange Risk is the impact of adverse exchange rate movements on foreign currency exposures arising from customer transactions undertaken by the Bank. Foreign currency positions are marked-to-market on a daily basis, and are monitored against approved position limits. FX customer transactions are driven primarily by customer remittances and trade finance transactions. Total exposures are small relative to market volumes.

Al Rajhi manages its market risk through a system of well-defined policies and procedures under the supervision of the ALCO with the objective of limiting the potential adverse effect on the asset quality and profitability of the Bank.

Liquidity risk refers to the Bank's potential inability to pay its debts and obligations when due. This situation may arise because of failure to convert assets into cash, an inability to procure sufficient funds, or funds being raised at an exceptionally high cost that may adversely affect the Bank's income and capital position. Liquidity risk may result in the Bank's inability to unwind or offset underlying risk in its asset bases. This may force the Bank to sell its assets at a loss due to insufficient market liquidity.

The Bank considers the following three main liquidity risk types:

  1. Term Liquidity and Call Risk arises when there is a mismatch between incoming and outgoing cash flows. There may be unexpected delays in repayments to the Bank
    (term liquidity risk) or unexpectedly high payment outflows (call risk).
  2. Structural Liquidity Risk refers to the cost of liquidity for the purpose of closing liquidity gaps if refinancing becomes more expensive due to a decline in the Bank's creditworthiness.
  3. Market Liquidity Risk arises when a position cannot be sold within a desired time period or only at a discount. This is especially the case with securities in illiquid markets.

ALCO is responsible for reviewing and recommending liquidity risk policies and ensuring that sound risk measurement systems are established in compliance with internal and regulatory requirements.

3. Operational Risk

Operational Risk is the risk of loss resulting from inadequate or failed internal processes, human error, systems, and/or external events. The Operational Risk Management Unit (ORMU) within the Credit & Risk Management Group facilitates the management of operational risk in the Bank.

ORMU facilitates the management of operational risk by setting policies, developing systems, tools and methodologies, overseeing their implementation and use within the business units and providing ongoing monitoring and guidance across the Bank. The Group Operational Risk Committee reports to the Risk Management Committee.

Table 4: Credit Risk:
General Disclosures for all Banks

The followings are disclosures relating to credit risk management process in the Bank:

1. Definitions of Past Due and Impaired

  1. For accounting purposes: A financed asset is considered past due where a repayment is overdue for 90 days or less. If the repayment is overdue for more than 90 days the financed asset is considered as impaired.
  2. For Basel II purposes financing assets are considered impaired when:
    1. The Bank considers that the obligor is unlikely to pay its credit obligations in full, without recourse by the Bank to actions such as realising collateral (if held); or
    2. The obligor is past due more than 90 days on any material credit obligation to the Bank.

2. Description of Approaches Followed for Specific and General Allowances and Statistical Methods

  1. Positions in portfolios that are individually significant, i.e. corporate bank assets, are reviewed individually for impairment and any asset with specific impairment is provisioned, taking into account the potential future recoveries net of collateral.
  2. Unimpaired individually significant assets are grouped together and a provision reserved, based on study undertaken on the historical performance of the portfolio.
  3. Portfolios that are not considered individually significant, i.e. retail bank assets, are provisioned based on a behavioural analysis of the underlying portfolio.

3. Discussion of the Bank's Credit Risk Management Policy

Credit risk is considered to be the most significant and pervasive risk for the Bank. The Bank takes on exposure to credit risk, which is the risk that the counterparty to a financial transaction will fail to discharge an obligation when due causing the Bank to incur a financial loss, or adversely impacting the timing of its cash flow. Credit risk arises principally from financing (credit facilities provided to customers) and investments. In addition, there is credit risk in certain off-balance sheet financial instruments, including guarantees, letters of credit, acceptances and commitments to extend credit. Credit risk monitoring and control is performed by the Credit & Risk Management Group which sets parameters and establishes thresholds around the Bank's financing activities.

The Bank's credit risk management process includes:

1. Credit Risk Measurement

The Bank structures financial products in accordance with Shariah law. These products are classified as either financing assets or investments in the Bank 's consolidated balance sheet. In measuring credit risk of financed assets at a counterparty level, the Bank considers the overall credit worthiness of the customer based on a proprietary risk rating methodology. For corporate customers the risk rating methodology utilizes a 10-point scale based on quantitative and qualitative factors with seven performing categories (rated 1 to 7) and three non-performing categories (rated 8 to 10). The outcome of the risk rating process is intended to reflect counterparty credit quality and assist in determining suitable pricing commensurate with the associated risk .

The risk rating process assists the Bank to identify any weakness in the portfolio quality and make appropriate provisions in cases where credit quality has deteriorated and where losses are likely to arise. The Bank evaluates corporate obligors that are past due, to make appropriate allowances against impaired assets. For the remaining corporate loan portfolio, the Bank applies a loss rate to determine an appropriate allowance. The loss rate is determined based on historical experience of credit losses.

The Bank employs retail credit scoring models using an application or behavioural score within a detailed credit programme with well-defined parameters. The Bank relies on product-level quantitative and qualitative guidelines to monitor credit risk in its retail portfolio.

2. Risk Limit Control and Mitigation Policies

The responsibility for Credit & Risk Management is enterprise-wide in scope. Strong risk management is integrated into daily processes, decision-making and strategy setting, thereby making the understanding and management of credit risk the responsibility of every business segment.

In order to ensure objectivity and accountability, and to reinforce ownership, the following units within the Bank assist in the credit control process:

  • Corporate Credit Unit (Credit Evaluation and Assessment)
  • Credit Administration Monitoring and Control Unit
  • Retail Credit Unit (Credit Evaluation and Assessment)
  • Enterprise Risk Management Unit
  • Operational Risk Unit

The monitoring and management of credit risk associated with financing or investments are enforced by setting approved credit limits. The Bank manages limits and controls concentrations of credit risk to countries, industries and to individual customer or company groups.

Concentrations of credit risk arises when a number of customers are engaged in similar business activities, activities in the same geographic region, or have similar economic features that would cause their ability to meet contractual obligations to be similarly affected by changes in economic, political or other conditions. Concentration of credit risk indicates the relative sensitivity of the Bank's performance to developments affecting a particular industry or geographical location.

The Bank seeks to manage its credit risk exposure through diversification of its portfolio to ensure there is no undue concentration of risk with individuals or groups of customers in specific geographical locations or economic sectors.

The Bank manages credit risk by placing limits on the level of risk acceptable in relation to individual customer, company groups, geographic and economic segments. Such risks are monitored on a regular basis and are subject to an annual or more frequent review when considered necessary.

Exposure to credit risk is also managed through regular analysis of the ability of customers and potential customers to meet financial and contractual repayment obligations and by revising credit limits where appropriate.

3. Credit Default/Counterparty Risk

The Bank quantifies its credit default risk as part of Pillar I using the standardised approach. In this method, risk weights are defined for certain types of credit exposures primarily on the basis of external rating provided by rating agencies for obligors with no internal rating. The default risk is then quantified into the resulting capital requirement. Any additional capital required under Pillar II is calculated using proprietary developed internal models.

In calculating capital requirements, credit risk mitigation techniques are used to control credit risk. These include, but not limited to, financial collateral such as cash, cash equivalents and financial guarantees.

Under the guidelines of SAMA for the standardized approach, the Bank categorizes exposure for capital treatment as follows:

  1. Sovereigns: SAMA requires that banks operating in Saudi Arabia with exposures to other sovereigns (meeting the guidance criteria prescribed by Basel II) use the preferential risk weight assigned to the sovereign by the relevant national supervisory authority.
  2. Claims on banks and securities firms use the preferential risk weighting prescribed under the Basel II guidelines.
  3. Claims on Multilateral Development Banks, claims on corporate entities, claims included in the regulatory non-mortgage retail portfolios, claims secured by residential mortgages, claims secured by commercial real estate, past due loans, and off-balance sheet items are treated as per SAMA guidelines on Basel II.

Table 5: Standardized Approach and Supervisory Risk Weights in the IRB Approaches

The Bank uses External Credit Assessment Institutions (ECAIs) ratings to supplement its own internal credit ratings. It maps the ECAIs ratings to the standardized risk weights for corporate entities, banks, Public Sector Entities (PSEs) and sovereign as per Basel II guidelines.

In computing capital requirements, certain types of facility exposures are assessed primarily on the basis of external rating provided by rating agencies.

The following ECAIs ratings are used by the Bank:

  • S&P
  • Moody's
  • Fitch

Table 6: Credit Risk: Disclosures for Portfolios Subject to IRB Approaches

Not Applicable.

Table 7: Credit Risk Mitigation: Disclosures for Standardized and IRB Approaches

Risk management and mitigation of credit risk is core to the way the Bank operates, and the way it does business. Listed below are key ways the Bank manages and mitigates credit risk:

  1. Limit setting: The Bank sets limits in its Credit Policy to protect its capital. These include controlling credit facilities granted to companies based on their capital and reserves, business model, cashflow and industry. The maximum exposure limit for individual obligor is capped at a given percentage of the Bank's economic capital and the rating of the obligor. The policy includes additional limits on tenure and sector concentration.
  2. Tangible collateral and guarantees: Collateral requirements are determined by loan product based on acceptable collaterals such as cash, shares, real estate, other pledges, and third party guarantees. There are guidelines for collateral valuation and instances where the Bank seeks additional collateral.
  3. Credit Approval Authorities: Individual and committee approval limits are defined based on obligor risk rating and size of exposure.
  4. Credit Evaluation Process: A clear credit evaluation process is in place to ensure that a consistent and robust method is followed.
  5. Measuring the quality of credit: Various models for both retail and corporate portfolio
    have been developed for determining obligor risk rating. The models were developed using Al Rajhi Bank specific quantitative and qualitative factors to ascertain a risk rating.
  6. Legal Documentation: Appropriate legal documentation is duly executed to ensure that the Bank has recourse to protect itself in case of default. There are different variations of such legal documents depending on the product, facility type and credit quality of the customer.

Table 8: General Disclosure for Exposure Related to Counterparty Credit Risk

Not Applicable.

Table 9: Securitization: Disclosure for Standardized and IRB Approaches

Not Applicable.

Table 10: Market Risk: Disclosure for Banks using the Standardized Approaches

The Bank is exposed to market risks, the risk that the fair value of future cash flows of a financial instrument will fluctuate due to changes in market prices. Market risk arises on profit rate based products, foreign currency, mutual funds and commodities. All are exposed to general and specific market movements and changes in the level of volatility of market rates or prices. The Bank uses the standardized model to compute the capital requirement for market risk. Market risk components applicable to Al Rajhi Bank are profit rate risk, foreign exchange risk, equity risk and commodity risk.

1. Foreign Currency Risk

The Bank is exposed to the effects of fluctuations in foreign currency exchange rates on its foreign currency positions that result from operations. The Board sets limits on the level of exposure by currency and at aggregate level, which are measured and monitored daily.
A substantial portion of the net foreign currency exposure to the Bank is in United States Dollars (USD), where the Saudi Riyal is pegged to the USD. The other currency exposures are not considered material and as a result the Bank is not exposed to major foreign currency risks.

2. Profit Rate Risk

Please see Table 14 for a detail explanation of profit rate risk.

3. Equity/Asset Price Risk:

Please see Table 13 for a detail explanation of equity/asset price risk.

4. Commodity Risk

Commodity risk refers to the risk of loss arising from adverse movements in commodity prices. The commodity portfolio is revalued on a regular basis to capture the changes in market value due to changing economic conditions.

As an Islamic bank, the Bank buys and sells commodities to facilitate customer transactions to ensure compliance with Sharia Board Rulings. The Bank does not conduct proprietary trading in commodities for its own profit. The Bank's exposure to commodity price volatility is usually intraday and limited to a short time period. This risk is not considered material for the Bank.

Table 11: Market Risk: Disclosures for Banks using the Internal Models Approach (IMA) for Trading Portfolios

Not Applicable.

Table 12: Operational Risk

Operational Risk Overview

Al Rajhi Bank has adopted the standardized approach for calculating capital adequacy covering operational risk and defines operational risk as the risk of loss resulting from inadequate or failed internal processes, human error systems and from external events. This definition includes legal risk, but excludes strategic and reputational risk.

Sources of Risk:

Operational risk for the Bank arises from various areas including:

  1. Internal fraud: An act intended to defraud, misappropriate property or circumvent regulations, the law or company policy, excluding diversity/discrimination events, which involves at least one internal party.
  2. External fraud: An act intended to defraud, misappropriate property or circumvent the law by a third party.
  3. Employment practices and workplace safety: An act inconsistent with employment, health & safety standards and agreements (e.g. payment of personal injury claims, or from diversity/discrimination events)
  4. Clients, products, and business practices: A failure to meet a professional obligation to specific clients (including fiduciary and suitability requirements) either unintentionally or through negligence, or from the nature or design of a product.
  5. Damage to physical assets: The loss or damage to physical assets from a natural disaster or other events.
  6. Business disruption and system failures: Loss due to disruption of business or system failures.
  7. Execution, delivery, and process management: Failed transaction processing or process management from relationships with trade counterparties and vendors.

The Bank uses the standardized approach to calculate the minimum regulatory capital for operational risk.

Table 13: Equities: Disclosures for Banking Book Positions

Al Rajhi Bank has adopted the standardized approach for calculating capital adequacy for its equity position.

The Bank has equity exposure in the form of mutual funds and limited direct share investments. The mutual funds exposures arise when the Bank issues new seeded funds that are administered by asset managers in Al Rajhi Capital. While the Bank markets these funds to customers, it holds the seed capital on its books. These equities are considered long-term investments and Sharia compliant. The Bank is exposed to volatility in the price of the mutual funds it has on its books.

The direct share investments are held for an unspecified period of time. They may be sold in response to liquidity needs, or significant changes to equity prices. The Bank does not actively trade these investments.

The Bank's investments in mutual funds and direct shares are regularly marked-to-market and are not material.

Table 14: Profit Rate Risk in the Banking Book

Profit rate risk predominately resides in the Bank's assets rather than its liabilities. This is due to the nature of the Bank's balance sheet structure.

  1. Liabilities: The majority of the Bank's customer deposits are in non-profit bearing current accounts. Changes to profit rates have no bearing on these accounts. The Bank, however,
    has a small number of corporate deposits and retail term deposits that are rate sensitive.
  2. Assets: The Bank charges different profit rates according to the maturity of loans and risk characteristics of the customer segment being financed. Profit rates applied to customer financing are based on market rates. There are different profit rates and repricing terms for the Bank's assets. Since the market rate (e.g. SAIBOR for SAR, LIBOR for USD) is used as a benchmark for the profit rate, a drop in profit rate can result in reduction in future earnings.

The following describes each sub-type of profit rate risk:

  1. Re-pricing risk: This arises from maturity mismatch between the assets portfolio and the liabilities that fund them. The risk is that the Bank may experience reduction in future earnings when profit rates decrease. This is due to the composition of the book which is made up of mostly non-profit bearing current account liabilities and fixed rate assets. In other words, the Bank is an asset-sensitive bank that benefits from a rise in rates and is disadvantaged by a fall in rates because the amount of repricing assets is larger than the re-pricing liabilities. This is the key type of profit rate risk that impacts Al Rajhi Bank.
  2. Yield curve risk: Yield curve risk occurs in cases where there are non-parallel shifts in the yield curve between the short, medium and the long ends of the term structure resulting in a steepening, flattening or inverse yield curve. This risk primarily impacts the revaluation of assets such as fixed income securities. The Bank's exposure to this risk is not material.
  3. Basis risk: Basis risk is related to the imperfect correlation between different yield curves on which a bank prices its assets and liabilities. This risk is not material because the Bank's assets and liabilities are primarily dependent on SAIBOR rates.
  4. Optionality Risk: Optionality risk arises when a customer of an institution has the right but not the obligation to influence the timing and magnitude of the cashflows of an asset, liability or off-balance-sheet instrument. This risk is limited in the Bank since most liabilities are non-profit bearing current accounts and not impacted by fluctuations of profit rates. In addition, assets have contractually fixed maturity. In cases of early repayment, the contracts often require payment of owed profits for the full tenure of the loan.

Measurement Approach:

The Bank uses the Earnings-at-Risk (EaR) approach to measure the overall sensitivity to profit rate risk. The EaR perspective considers how changes in profit rate will affect a bank's reported earnings. This methodology focuses on the risk to earnings in the near term, typically the next 1 year. Fluctuations in profit rates generally have the greatest impact on reported earnings through changes in a bank's net financing income (that is, financing income less income paid on time investments and murabaha financing expense). It assesses the effect of 200bps parallel drop in market rates on expected run-off rate of assets at different tenors to determine possible decline in earnings.