Risk Management Report

Message from the Head of Risk

While the COVID-19 pandemic started as a sanitary crisis, its repercussions have cascaded to the overall global economy, resulting in a multidimensional crisis. In order to avoid a systemic financial crisis, we have seen an unprecedented government intervention worldwide. As compared to the 2008 Financial Crisis, Governments have been using banks as a transmission mechanism to implement their support and relief measures.

RISK MANAGEMENT STRATEGY

Risk management is the process of identifying, evaluating and managing the impact of uncertain events, and monitoring the consequences at acceptable levels. The risk-management cycle is comprised of four phases:

establishing objectives by identifying the strategic goals and determining constraints;
analyzing the risks;
selecting controls and assessing the alternatives to address the risks;
implementing the alternatives and monitoring the progress and results.

The process organises information about the possibility of a spectrum of undesirable outcomes into an inclusive, orderly structure that helps decision makers to make informed choices about their organisation’s ability to reduce risks.

OUR RISK APPETITE FRAMEWORK

The Bank’s risk appetite is defined by a risk appetite framework set by the Board. It aids to emphasise its strong risk culture and helps define thresholds to manage aggregate risks through an acceptable scale.

In line with Bank of Mauritius Guidelines on credit and country risk management, the Board has established a set of policies and procedures in respect of cross-border activities, which clearly translate to the Bank’s strategic goals and risk parameters.

Stress-Testing

Stress-testing (“ST”) is an integral part of the Bank’s risk management process as it consists of both sensitivity analysis and scenario analysis.

Stress testing is a fundamental tool to

facilitate a view of the organisation’s forward risk profile as a result of portfolio effects and/or changes in economic conditions;
Identify potential vulnerability to unprecedented but plausible events; and
Determine appropriate management actions or contingency plans to limit the impact of such events on the entity;

Results of stress testing must impact decision making, including strategic business decisions via

Strategic planning and budgeting;
Internal Capital Adequacy Assessment Process (“ICAAP”), including capital planning and management, and the setting of capital buffers;
Informing the setting of risk appetite statements;
Liquidity planning and management; and
Identifying and proactively mitigating risks through actions such as reviewing and changing risk limits, limiting exposures and hedging;

The various type of scenario analysis performed at ABL are as follows:

Scenario analysis

Changing multiple risk inputs simultaneously with the source of the stress event being well defined;
Macroeconomic stress testing involves the creation of a severe but plausible macroeconomic scenario and assessing the impact of key macroeconomic risk drivers (e.g. GDP, interest rates, inflation) on key risk inputs (e.g. PD, LGD and EAD);
Other hypothetical or historical scenarios: “what-if”; and
Assessing the impact on statement of profit or loss and other comprehensive income, statements of financial position and capital ratios.

Sensitivity analysis

Tweaking of a risk parameter, or a small number of very closely related risk parameters to understand the impact on a risk position;
It is important to note that the event that gives rise to the movements in the parameters is hypothetical;

Reverse stress testing

Assessing scenarios and circumstances that would render its business model unviable, thus identifying potential business vulnerabilities
- Starts from the point of failure of the Bank’s business model and then working backwards to identify circumstances or scenarios under which this might occur; and
- Point of failure is considered as significant financial losses that impact the Bank’s capital or lack of liquidity to such an extent that the existing business model would no longer be viable or where material supervisory intervention would result.

Universal Perspective on Stress-Testing in COVID-19 context

Both the local and global economies have been severely impacted since the outbreak of the COVID-19 pandemic and this will impact capital adequacy and Stress test requirements of banks. In view of the unprecedented circumstances relating to the COVID-19 outbreak, the European Banking Authority (“EBA”) has decided to postpone the EU-wide stress test until 2021. This move was mirrored by the Bank of England, which announced the cancellation of stress testing requirements for eight major UK banks. The objective is to facilitate and incentivise the disbursement of credit to meet households and business requirements and still meet regulatory ratios.

In this current economic environment, similar to other banks, it was quite challenging for ABL to conduct stress-tests and estimate provisions under the IFRS 9 standard; as forward-looking judgement on possible losses from loans is very challenging and uncertain.

Notwithstanding the above challenges, the Bank has been guided by its Board in conducting a number of “Stress-Test Scenarios” or “What-If Scenarios” in order to assess potential balance sheet and profit or loss impact.

The mitigations are in line with the regulatory Internal Capital Adequacy Assessment Process (“ICAAP”) mitigation plan. ICAAP is an internal review requirement that evaluates capital adequacy, capital management and planning at banks with a specific focus on core risk factors.

RISK GOVERNANCE AND OVERSIGHT STRUCTURE

The independent status of the Risk Management function is supported by a governance structure that provides for escalation of risk issues to senior management, Board sub-committees and the Board of Directors, as appropriate.

The chart below illustrates the Board of Directors’ and key senior management-level committees in the Firm’s risk governance structure.

Risk Management Committee

Fixed Line
Direct reporting to the CEO/Committee

Dotted Line
Operationally reports to the Board Committee

Fixed Line
Direct reporting to the CEO/Committee

Dotted Line
Operationally reports to the Board Committee

Committees established by Management

Management Credit Committee ("MCC")

The MCC is the senior management credit decision-making committee with a defined delegated authority (up to MUR 50m) as determined by the Board of Directors through the Board Credit Committee and Board Risk Committee from time to time.
The purpose of the MCC is to
(i) to assist the Board to formulate, approve and implement Credit policies, guidelines and credit practices of the Bank.
(ii) to exercise responsibility for the independent assessment, approval, review and monitoring of all credit risk assets relationg to the Bank's business; and
(iii) to ensure that the origination and management of the assets in the portfolio is done in terms of the Bank's policy.

Assets and Liabilities Committee ("ALCO")

This committee comprises of the Chief Executive Officer, Chief Financial Officer, Head of Risk, the General Manager, Senior Executive - Head Corporate Banking, Senior Executive- Head Global Business, Senior Executive - Treasury and Markets, Head of Treasury and the Head of Credit Risk who meet at least once a month.

ALCO's overall responsibility is to ensure that the Bank’s overall asset and liability structure including its liquidity, currency and interest rate risks are managed within the risk appetite set by the BRC.

Impairment Management Committee ("IMC")

The Bank's IMC consist of the Chief Executive Officer, the Chief Financial Officer and the Head of Risk and they meet at least once in a quarter or as and when required. The duties of the Committee are as follows:
-- Review updates on top non performing accounts .
-- Review and approve all files, which warrant new/additional specific provision.
-- Approve proposals for restructure of facilities and settlement of liabilities including one-time settlement.
-- Review new NPAs and new accounts downgraded to Watchlist.
-- Review and approve accounts showing Significant Increase in Credit Risk (S.I.C.R).
-- Take cognizance of recoveries and write backs.
-- Review and validate list of accounts proposed for write off.

Risk Management Committee ("RMC")

This committee includes the Chief Executive Officer, Chief Technology & Operating Officer, Chief Financial Officer, Head of Risk and Head of Compliance and Head of Group Legal as voting members meet at least quarterly or as required to discuss and oversee the overall risk management and internal controls of the Bank.

The key responsibilities of RMC are
(i) to implement, review and manage risks in line with the risk tolerance limit in the Risk Appetite Framework.
(ii) to review risk implications of new business, projects and products
(iii) to review high risk issues such as financial liquidity & capital risk
(iv) to ensure compliance with guidelines and mitigate regulatory/compliance/legal/AML risk
(v) to report to the board risk committee on the above.

MANAGEMENT OF KEY RISK AREAS

Risk can be defined as the uncertainty of an event to occur in the future. In the banking context, it is the exposure to the uncertainty of an outcome, where exposure could be defined as the position/stake banks take in the market. The main type of risks faced by the Bank are as follows:

Definitions of Risk types and Mitigating Actions

	Type of Risk	Description	Mitigating Actions
FINANCIAL RISK
	Credit Risk	It is the risk of loss arising out of the failure of obligors to meet their financial or contractual obligations when due. It is composed of obligor risk and concentration risk.	Policies & Procedures Regulatory Guidelines Control & Monitoring Key Resources with technical expertise
	Country Risk	Country risk, also referred to as cross-border country risk, is the uncertainty that obligors (including the relevant sovereign, and the group’s branches and subsidiaries in a country) will be able to fulfil obligations due to the group given political or economic conditions in the host country.	Regular Country Review Cap in terms of Country Risk Limit Quality Review by Board In line with Risk Appetite Framework
	Market Risk	Market risk is the risk of a change in the market value, actual or effective earnings, or future cash flows of a portfolio of financial instruments, including commodities, caused by adverse movements in market variables such as equity, bond and commodity prices, currency exchange and interest rates, credit spreads, recovery rates, correlations and implied volatilities in all of these variables.	Work around solution (manually) Market Risk Policy Process & level of acceptance Tolerance limit System Implementation
	Funding and liquidity Risk	Funding risk is the risk associated with the impact on a project's cash flow from higher funding costs or lack of availability of funds. Liquidity risk is defined as the risk that an entity, although solvent, cannot maintain or generate sufficient cash resources to meet its payment obligations in full as they fall due, or can only do so at materially disadvantageous terms.	Liquidity risk is managed in line with the Bank's internal liquidity risk management framework and the Bank of Mauritius (“BoM”) Guideline on Liquidity Risk Management. Daily reporting of liquidity metrics and monitoring of Liquidity Early Warning Indicators.
	Interest rate Risk	The risk arising from changes in interest rates or the prices of interest rate related securities and derivatives, impacting on the Bank’s earnings or economic value of equity.	Monitoring of interest rate risk exposure in line with the Bank's internally prescribed limits.
NON-FINANCIAL RISK
	OperationalRisk	Operational risk is the risk of loss suffered as a result of the inadequacy of, or failure in, internal processes, people and/or systems or from external events.	Documented policies, procedures and processes Implementation of systems and internal controls Training
	Compliance Risk	Compliance risk is the risk of legal or regulatory sanction, financial loss or damage to reputation that the group may suffer as a result of its failure to comply with laws, regulations and codes of conduct and standards of good practice applicable to its financial services activities.	Policies and Procedures- to ensure Bank is compliant to Regulatory Standards Internal Controls Trained and qualified staff Appropriate system/tools
	Information Risk	The risk of accidental or intentional unauthorized use, modification, disclosure or destruction of information resources, which would compromise the confidentiality, integrity or availability of information.	Documented policies, processes and procedures. Implementation of systems and internal controls Awareness Training and best practices.
	Cyber Risk	The Risk of failure, unauthorized or erroneous use of information systems resulting into financial loss, disruption or damage to the reputation of the bank.	Educating Employees and stakeholders on Information Security including Cyber Security measures. End point Security on Devices including Encryption and Anti-virus Protection Ensure efficient Patch Management on information systems Backup of Critical Data and Systems in line with Data Protection and Privacy Securing Bank’s IT Infrastructure including Firewall and Network security alignments Multifactor authentication on critical internal systems and extended to customer facing applications. Cyber Threat detection and online monitoring 24/7, 365/365 Ensure that the Cyber Security Response Plan is effective and kept up to date.
TRANSVERSAL RISK
	Business strategic risk	Business strategic risk is the risk of earnings variability, resulting in operating revenues not covering operating costs after excluding the effects of market risk, credit risk, structural interest rate risk and operational risk.	Documented policies, procedures and processes Implementation of systems and internal controls Training Ensuring that the Bank adheres to its Risk Appetite Ensuring that Business strategy is embedded in the Risk Appetite Framework
	Reputational risk	Reputational risk is the risk of potential or actual damage to the group’s image, which may impair the profitability, and/or sustainability of its business.	Effective communication, staff training, and HR practices Documented policies, procedures and processes Efficient complaints & feedback handling for continuous improvement of products/services Constant compliance checks and monitoring Information Security

CREDIT RISK

Credit risk arises from the possibility of financial losses stemming from the failure of clients or counterparties to meet their financial obligations to the Bank. Credit processes control the credit risk of individual and corporate clients. Other sources of credit risk arise from trading activities, including: debt securities, settlement balances with market counterparties, amongst others.

The credit risk management objective is to maintain a rigorous and effective integrated risk management framework to ensure that all controls are in line with risk processes based on international best practices.

Organisation and Structure

The Bank has structured the responsibilities of credit risk management so that decisions are taken as close as possible to the business, whilst ensuring that there is an adequate segregation of tasks. Credit policies and processes are in place to ensure the effective monitoring and managing of credit risk in compliance with the Bank of Mauritius guidelines and AfrAsia Bank’s risk appetite.

CONCENTRATION OF RISK

The key focus of the Bank’s credit risk management approach is to avoid any undue concentrations in its credit portfolio, whether in terms of counterparty, group, portfolio, and country. The Bank has always kept its large exposures within the regulatory limits. For instance, our concentration ratio of large exposures above 10% was 200.65% as at 30 June 2020, well within the regulatory limit as shown below:

Regulatory Credit Concentration Limit	As at 30 June 2020
Credit exposure to any single consumer shall not exceed 25% of the Bank’s Tier 1 Capital	Highest single customer: 16.28%
Credit exposure to any group of closely-related customers shall not exceed 40% of the Bank’s Tier 1 Capital	Highest Group of closely related customer: 28.11%
Aggregate large credit exposures to all customers and Banks of closely related customers above 10% of Bank’s Tier 1 Capital shall not exceed 800% of Bank’s Tier 1 Capital	200.65%

CREDIT RISK MITIGATION

As a fundamental credit principle, the Bank does not generally grant credit facilities solely on the basis of the collateral provided. All credit facilities are also based on the credit rating, source of repayment and debt-servicing ability of the borrower. Collaterals are taken when required by the bank to mitigate the credit risk. The collateral is monitored on a regular basis with the frequency of the valuation depending on the liquidity and volatility of the collateral value.

Enforcement legal certainty of enforceability and effectiveness is another technique used to enforce the risk mitigation. Where a claim on counterparty is secured against eligible collateral, the secured portion of the claim is weighted according to the risk weight of the collateral and the unsecured portion against the risk weight of the counterparty. To mitigate counterparty risk, the Bank also requires close out netting agreements. This enables the Bank to offset the positive and negative replacement values of contracts if the counterparty defaults. The Bank’s policy is to promote the use of closeout netting agreements and mutual collateral management agreements with an increasing number of products and counterparties in order to reduce counterparty risk.

As an indication, claims secured by cash and other charges represent 60% of the asset book, whilst unsecured portions account for 40% of total asset book. The value of collateral and other credit enhancements received on loans and advances as at 30 June 2020 is MUR 18.4bn (2019: MUR14.7bn and 2018: MUR18bn). All other financial assets are unsecured except for collateralised placements The main types of collateral obtained are as follows:

Collateral Details	Total	Total
	MUR’000	%
Cash Secured	1,119,385	4%
Fixed Charge	7,986,268	26%
Floating Charge	5,137,440	17%
Others	4,160,955	14%
Total	18,404,047	60%

The Group and the Bank also request for personal guarantees from promoters, directors, shareholders and also corporate and cross guarantees from parent and sister companies.

RELATED PARTY TRANSACTIONS, POLICIES AND PRACTICES

The Bank adheres to the Guideline on Related Party Transactions issued by the Bank of Mauritius (BOM) in December 2001 and which was last reviewed in June 2015. In line with this Guideline, the Board of Directors has set up a Conduct Review Committee (“CRC”) to review and approve related party transactions.

The Bank’s policy on related party transactions sets out the

rules governing the identification of related parties,
terms and conditions applicable to transactions entered into with them and
reporting procedures to the governance Committees.

All related party transactions are reviewed and approved at the level of the Conduct Review Committee, which ensures that market terms and conditions are on arm length basis.

During the normal course of business throughout the year, the Bank entered into a number of banking transactions with its related parties. These include placements or loans to/from Banks, deposits as well as other normal banking transactions. As at 30 June 2020, related party exposure was within regulatory guidelines at 19.50% (Cat 1 and Cat 2).

The Bank has complied with all requirements of the Bank of Mauritius Guideline on Related Party Transactions. Related party reporting to the Bank of Mauritius is made on a quarterly basis. Moreover, all related party transactions (including those transactions, which are exempted as per the Guideline on Related Party Transactions) are monitored and reported to CRC on a quarterly basis.

MARKET RISK

Also known as position or price risk, market risk is the risk of losses on-balance sheet and off-balance sheet positions arising from movement in market prices. The prices include Foreign exchange rates, interest rates, equity prices, commodity prices and include implied volatilities (for options). The key drivers of market risk that the Bank is exposed to is mainly associated with fluctuations in interest rates and foreign exchange rates.

Market risk, also known as “systematic risk”, typically affects the entirety of a market. As such, this risk cannot be fully eliminated through diversification but may be reduced using the various hedging products and techniques such as options and futures.

The Bank has in place a sound risk management framework to monitor and manage the market risks that the Bank is exposed to on a daily basis, a framework of limits and triggers as approved and regularly reviewed by ALCO and the BRC which is in line with the Bank’s risk appetite and complement the regulatory limits as established by the central bank.

The Market Risk unit, being responsible in identifying and monitoring the Bank’s exposure to market risks, works in partnership with business lines to efficiently define market risk policies and procedures. As part of the independent risk management structure, the Market Risk unit reports to the Bank’s Head of Risk. The objective of market risk management is to help identify, assess and control risk, facilitate risk-return decision-making, reduce volatility in operating performance and provide transparency into the Bank’s market risk profile to senior management, the Board of Directors and regulators.

Interest rate risk

Interest rate risk arises from the likelihood that movements in interest rates will affect future cash flows and the market value of financial instruments. The main approach adopted by the Bank to measure this risk is through a gap analysis and sensitivity analysis.

Foreign Exchange Risk

Foreign exchange or currency risk is the risk that exchange rate fluctuations may result in adverse changes in the value of current holdings and future cash flows that are denominated in currencies other than the base currency. This risk affects the Bank due to the multi-currency investing and lending activities.

For the financial year ended 30 June 2020, the Bank has maintained a daily net FX Open position against the Mauritian rupee that were well under the regulatory limit of 15% of Tier 1 capital as prescribed by the Bank of Mauritius.

Market Risk Monitoring and Controls

The Bank uses a variety of risk measures to estimate the size of potential losses for both moderate and more severe scenarios, under both short-term and long-term time horizons.

Not all activities necessarily to have the same limit structure, as a result, adequate market risk limits are established in accordance with the complexity of the activity and risks undertaken.

Market risk reports are regularly communicated to Senior Management, ALCO and the BRC highlighting all market risk matters and relevant issues are promptly escalated.

Value at Risk (“VaR”)

The Value at Risk is a statistical measure of risk that is used to quantify risks across products, per types of risks and aggregate risk on a portfolio basis, from individual trading desks up to the Bank level. VaR models provide an estimate of the potential future loss of a position over a specified horizon, given a required degree of confidence in the estimate.

The Bank has adopted a parametric approach (Variance-Covariance method) to compute the VaR at a 99 percent confidence level using a 10 days daily volatility change. The holding period used is one day due to the fluid composition of the portfolio so as to proactively manage the underlying risk on a day-to-day basis.

Sensitivity Limits

Sensitivity limits are used to monitor the risk incurred due to changes in several pricing parameters. These measurements include Portfolio Duration limits and PV01 limits.

The PV01 is a measure of sensitivity to a 1bp (basis point) change in interest rates. The outcomes may be positive or negative reflecting the percentage change in value for a 1bp or a 100bp (PV100) rise or fall in interest rates.

Gross Position Limits and Transaction Limits

Absolute gross position limits are set up to mitigate concentration risk, thus restricting the maximum exposure which the Bank can be exposed to vis-a-vis one particular market, sector, or instrument.

These limits are usually referred to as portfolio restrictions upon creation of the portfolio. Many trading portfolios have limits on the number of certain products that can be held in the portfolio and these are often due to liquidity issues (e.g. limits on the maximum $ amount or percentage of portfolio in corporate bonds, etc.).

Maturity Limits

The majority of fixed income products are contracts that expire at a certain date. In general, the marked-to-market valuations of these products are more difficult to obtain if the products have long-term maturity, low liquidity or low credit rating. Maturity limits are established for portfolios that trade those types of products.

ASSETS AND LIABILITIES MANAGEMENT (ALM)

Liquidity and funding risk are the risk that the Bank will be unable to meet its daily cash and financial obligations as they fall due or do so at materially significant costs. Liquidity risk arises from mismatched cash flows related to the Bank’s assets and liabilities as well as the characteristics of some products with ambiguous maturities.

The Bank’s primary objective as a financial institution is to manage liquidity such that it supports the Bank’s business strategy and allows it to honor its commitments when they come due, even under stress. This is done primarily by implementing a liquidity risk policy framework approved by the Board, which establishes a risk appetite, triggers, risk indicators, monitoring structures and escalation trees.

The Bank’s Assets and Liabilities Committee (“ALCO”) under guidance from the Board Risk Committee (“BRC”) is responsible for the assessment, monitoring and management of the Bank’s liquidity risk and strategy and ensuring compliance with both internal and regulatory limits.

As per the principles outlined in the Bank’s liquidity risk policy, the following approach is adopted to manage liquidity risk both under a business-as-usual and stressed scenario.

Short-term liquidity risk management	Structural (longer-term) liquidity risk management	Contingency Liquidity Risk Management
Managing intra-day liquidity positions	Identification of structural liquidity mismatches against tolerance limits and breaches are escalated to ALCO	Setting of appropriate early warning indicators
Monitoring daily and short-term cash flow requirements	Managing term lending capacity by considering behavioural profiling of ambiguous maturity assets and liabilities	Undertaking liquidity stress testing and scenario analysis
Setting up of interbank and repo lines	Monitoring depositor concentration against internal limits and holding sufficient marketable assets against the Bank’s deposit base.	Ensuring a contingency funding plan is in place with appropriate actions plans and escalation process.
Setting of deposit rates according to market conditions and ALCO approved targets.	Managing long-term cash flows

Regulatory Environment
The Bank works closely with the central bank to implement regulatory liquidity standards. The Bank adapts its processes and policies to reflect the Bank’s liquidity risk appetite towards these new requirements.

Liquidity Coverage Ratio (“LCR”)
The Bank of Mauritius, in line with Basel principles, issued Liquidity Coverage Ratio requirements for banks in November 2017, as part of the Guideline on Liquidity Risk Management.

The LCR was introduced primarily to ensure banks maintain an adequate stock of unencumbered high-quality liquid assets (“HQLA”), that consist of cash or assets convertible into cash at little or no loss of value in private markets, to meet liquidity needs for a 30-calendar day time period, under a severe liquidity stress scenario.

The Bank publishes the LCR on a quarterly basis and reports to the Bank of Mauritius on a fortnightly basis.

The Bank of Mauritius adopted the following phased in approach to the LCR requirement:

	As from 30 November 2017	As from 31 January 2018	As from 31 January 2019	As from 31 January 2020
LCR in Mauritian rupees	100%	100%	100%	100%
LCR in material foreign currencies	60%	70%	80%	100%
Consolidated LCR	60%	70%	80%	100%

The following table provides average LCR data, calculated using month end data for the quarter ended 30 June 2020. The bank’s average LCR was 349%, well above the 100% regulatory requirement, demonstrating a robust liquidity position.

LCR Disclosure Requirements

	(Consolidated in MUR’m)	TOTAL UNWEIGHTED VALUE (quarterly average of monthly observations)1	TOTAL WEIGHTED VALUE (quarterly average of monthly observations)1
HIGH-QUALITY LIQUID ASSETS
1	Total high-quality liquid assets (“HQLA”)	47,387	46,860
CASH OUTFLOWS
2	Retail deposits and deposits from small business customers, of which:	19,811	1,981
3	Stable deposits	-	-
4	Less stable deposits	19,811	1,981
5	Unsecured wholesale funding, of which:	-	-
6	Operational deposits (all counterparties)	-	-
7	Non-operational deposits (all counterparties)	101,396	50,011
8	Credit and liquidity facilities	1,105	90
9	Other contingent funding obligations	1,982	1,628
10	TOTAL CASH OUTFLOWS	124,294	53,709
CASH INFLOWS
11	Inflows from fully performing exposures	43,213	41,544
12	Other cash inflows	1,693	1,693
13	TOTAL CASH INFLOWS	44,906	43,237
			TOTAL ADJUSTED VALUE
14	TOTAL HQLA		46,860
15	TOTAL NET CASH OUTFLOWS		13,428
16	LIQUIDITY COVERAGE RATIO (%)		349%
17	QUARTERLY AVERAGE OF DAILY HQLA2		38,248

¹ The quarterly average of monthly observations is based on April to June 2020 month end figures.

² The quarterly average of daily HQLA is based on close of day figures over the 1st April 2020 to 30th June 2020 period.

Liquidity stress tests and Contingency Funding Plan

As part of its annual ICAAP process, the Bank applies a stress on its stock of liquid assets, based on stressed depositor outflow simulations. These scenarios factor in both bank specific and systemic risk.

In assessing the adequacy of its stock of liquid assets, the Bank applies a haircut on the market value of its liquid assets to reflect forced sale discounts.

In line with Bank of Mauritius requirements, the Bank maintains a comprehensive liquidity contingency funding plan with well-defined action plans and an approved escalation tree in the event of a liquidity crisis. Qualitative and quantitative liquidity early warning indicators are tracked and reported at ALCO on a monthly basis.

Liquidity Risk Appetite

The Bank monitors various liquidity risk limits and ratios against an internally approved risk appetite. The Bank’s liquidity risk appetite is based on the following principles:

ensuring the Bank has a sufficient amount of unencumbered liquid assets to cover its financial requirements, in both normal and stressed conditions;
ensuring the Bank keeps a liquidity buffer above the minimum regulatory requirements and
ensuring the Bank maintains diversified and stable sources of funding.

Liquid Assets

To protect depositors from unexpected crisis situations, the Bank holds a portfolio of unencumbered liquid assets that can be readily liquidated to meet financial obligations. The majority of unencumbered liquid assets are held in Mauritian Rupees or United States Dollars. Moreover, all assets that can be quickly monetized are considered liquid assets. The Bank’s liquidity reserves do not factor in the availability of the Bank of Mauritius’ overnight borrowing quota.

The table below provides a breakdown of the Bank’s eligible liquid and marketable instruments as defined by the Basel committee on banking supervision and the Banking Act 2004.

As at 30 June 2020 (MUR'm)	Bank-owned liquid assets¹	Liquid assets received²	Total Liquid assets	Encumbered liquid assets³	Encumbered liquid assets³
Cash and deposits with financial institutions	56,565	-	56,565	-	56,565
Securities
Issued or guaranteed by US Treasury	22,228	-	22,228	-	22,228
Issued or guaranteed by local government/central bank	16,183	10,006	26,189	-	26,189
Other debt securities	1,101	-	1,101	-	1,101
Total	96,077	10,006	106,083	-	106,083

Funding Mix & depositor concentration ratio

The Bank maintains a good balance of its funding through appropriate diversification of its funding sources. The Bank also diversifies its funding by currency, geography and maturity. Management’s objective is to achieve an optimal balance between demand and term deposits in line with the Bank’s asset deployment strategy.

Funding and liquidity levels remained sound and robust throughout the year and the Bank does not foresee any event, commitment or demand that might have a significant impact on its funding and liquidity risk position.

As at 30 June 2020, the Bank’s depositor concentration ratios were as follows:

Depositor Concentration

MUR deposits
Single depositor	4.70%
Top 10 depositors	15.22%
FCY deposits
Single depositor	5.88%
Top 10 depositors	12.76%

ENTERPRISE RISK MANAGEMENT

The Top 10 Principal Risks of the Bank have been evaluated where all departments were requested to provide their assessment through a rating exercise with regards to their actual business activities. The snapshot below depicts the inherent risks of the Top 10 Principal Risks in terms of likelihood and impact.

The diagram below depicts the trends of the Top 10 Principal Risks between the FY 2017/2018, FY 2018/2019 and FY 2019/2020. Fight against Financial Crimes, Challenging Economic Environment and Regular Changes in regulatory guidelines which position themselves first, second and third among the heightened risks during this financial year. On the other side risk associated with Existing IT Platform and Cyber Security which were previously positioned first and second in previous year have moved to fifth and fourth position respectively. Talent Management which was placed third in the previous financial year has moved to the tenth place.

The Bank is taking appropriate actions to mitigate the inherent risk in these areas. No major movement observed for the other remaining risks identified and they are containable within the Bank’s risk profile.

OPERATIONAL RISK MANAGEMENT

AfrAsia always promotes a culture where operational risk is everyone’s responsibility. Operational risk (“OR”) is the risk of achieving our strategy or objectives as a result of inadequate or failed in internal processes, people, and systems or from external events which can lead to adverse customer impact, reputational damage, litigation or financial loss. Operational risk is inherent in the day to day operations, activities and products and services which the Bank offered.
The Bank has a well-defined structure for operational risk that complies with regulatory and best practice requirements and is aligned with the risk culture and the risk profile of its activities. This is supplemented through an operational risk charter and operational risk framework which include the three lines of defense (BUs, Control Units, and Internal/External Auditors) and involvement of senior management ensuring the coverage that all operational risks are efficiently managed across its activities.

The OR framework includes a risk control self-assessment (“RCSA”) process, risk impact likelihood matrix, key risk and control indicators, Early Warning Indicators (“EWIs”), a robust operational risk event management tool and escalation process, scenario analysis, audit recommendations, external information sources (external events or industry reports) and operational losses process.

AfrAsia continuously improve operational control procedures to keep pace with new regulation and best practice in the market through holistic follow up of risks and their mitigating controls.

The AfrAsia fosters awareness and knowledge of operational risks at all level of organizations through its risk pro-culture. During the financial year ended 30 June 2020, a number of different training sessions were conducted using the e-learning platform (“LMS”) and face to face sessions which addressed general knowledge of operational risk.

AfrAsia calculates its minimum (Pillar I) operational risk capital requirement using the Basic Indicator Approach (BIA) where the capital charge is 15% of average gross income over the last 3 years. AfrAsia has an Early Warning Indicators (“EWIs”) for Operational Risk Loss which is 0.1% to 1.0 % of gross income.

The Operational Risk Radar depicts the position of operational risk incidents with operational losses according to the Basel Event Classification under the four-quadrant people, process, system and external factors vis a vis the Early Warning Indicators (“EWIs”) set.

INFORMATION TECHNOLOGY

At AfrAsia, Information Technology is more geared towards enabling sophisticated product development, better market infrastructure, and helps the Bank reach geographically distant and diversified markets. The Bank leverage maximum effort on FinTech to keep pace in the digitalized market while keeping aligned to its IT Security policies.

Data and information

Data and information: Effective deployment of data and information assets is in the form of Management information system, business intelligence / analytics, decision support and forecasting. Data and information being among the most valuable assets of the organization, the information strategy of the Bank focuses not only on the above but also on data governance, to ensure integrity and consistency of data at every stage of the data lifecycle, maintaining adherence to the General Data Protection Regulation (“GDPR”) and the Mauritius Data Protection Act (“DPA”) 2017. AfrAsia is committed to ensure that privacy rights and entitlements are adequately protected in relation to the techniques used to capture, transmit, manipulate, record or store data relating to individuals.

Technology, Infrastructure and Security

Technology, Infrastructure and Security: With technology evolving faster than ever, the primary challenge for an enabling technology is to ensure that the Bank is adequately prepared and equipped to sustain the rigorous and continuous evolution of requirements for new technologies in the era of digital innovation and artificial intelligence, whilst managing the costs and the associated risks.

The Bank’s Information Technology (“IT”) and Information Security (“IS”) frameworks are built on global standards like ITIL, ISO 27001 etc. and the governance principles are modeled along the lines of COBIT, ISO/IEC 27014:2013. The practice of governance includes regular reviews with executive management and extends up to the Board with regular updates and feedback to and from the Board. Internal, external and regulatory audits play a crucial role in the governance cycle with intermittent checks on the policies and implementation of same.

Information Risk

Information Risk: Information Risk aims to maintain the confidentiality, integrity and availability of information assets when being stored, processed and transmitted. Management focus is oriented to ensure that all measures converge towards adopting the best practices including governance through frameworks & standards, and establish efficiency and consistency of protections.

Cyber Risk

AfrAsia Bank Limited (ABL) is constantly improving information security to ensure that our systems are not compromised and the customers retain the confidence in our connectivity. ABL follows international cybersecurity frameworks as part of its cybersecurity activities.

Globally, all categories of cyber-attacks have witnessed an increase during the COVID-19 pandemic. Being aware of the risks and impact associated with cyber-attacks, ABL has had to reboot its cyber risk management and also to support remote working capabilities for its staff. Additional controls and guidance for staff working remotely include but are not limited to:

Training and education on remote working risk.
Full disk encryption on laptops.
Enforcing VPN use with two factor authentications.

Cyber Risk initiatives being an integral part of the overall information risk & security have been allocated more resources to ensure complete safety. Preventing cyber-attacks remains an integral part of risk management.

Therefore, ABL remains committed to ensure that continuous enhancement are made towards our cyber security system.

BUSINESS CONTINUITY MANAGEMENT

Business Continuity Management (“BCM”) Policy includes plans to mitigate operational risks, and as a commitment to continue business to our shareholders, customers and employees. Business Impact Analysis, Business Recovery Strategies and Emergency Response plans are defined and implemented to provide for a Disaster Recovery site with data being updated as per preset recovery time objectives. This minimizes operational, financial, legal, reputational and other material consequences arising from any disruption to the primary IT infrastructure.

The BCM policy reviewed in May 2019 is in line with the Business Continuity Institute Good Practice Guidelines 2018 (“BCI GPG 2018”), which is built on ISO requirements namely ISO 22301:2012 for business continuity management and ISO/TS 22317:2015 for Business Impact Analysis (BIA).

The management team of the Bank is committed to the following statement:

“We will take all necessary measures to ensure the continuity of business operations and to minimize recovery time in the case of disaster (natural or otherwise) or in the event of an emergency.”

The Bank has a BCM Steering Committee to review the processes after each testing exercise and to review the policy every year with a view to continuously improve resilience. The ultimate objective is to cater for any eventual disruption of operations to be restored within a minimum lapse of time such that the Bank resumes to normal operations within a reasonable time frame.

At least one BCM test is performed annually for all critical infrastructure involving all functions and user groups of the Bank to ensure the effectiveness of the processes and the readiness of the infrastructure and people. The Bank has adopted a cyclical approach residing on the four pillars: Readiness, Prevention, Response and Recovery /Resumption to continuously improve on the BCM and attain an efficient and acceptable level. Rigorous administration and maintenance, as well as any event experienced, will necessitate revisions and/or plan additions. The strategy adopted for an efficient BCM is to continuously test, train, evaluate and maintain the BCP.

The BCM policy is in place for moving towards a better resilient framework to protect the interest of all stakeholders of the Bank. During the COVID-19 lock down period, the Bank followed our BCM policy and Government of Mauritius and World Health Organization protocols. The Bank also adapted our customer services among others, to be more gear towards technology, while maintaining our controls to run the Bank’s operations. Furthermore, we applied strict sanitary measures and perpetuate our usual awareness campaign to keep our staffs informed about the evolving situation and kept employee welfare.

Bank’s operations. Furthermore, we applied strict sanitary measures and perpetuate our usual awareness campaign to keep our staffs informed about the evolving situation and kept employee welfare.

CUSTOMER RISK MANAGEMENT

Customer Risk is the risk associated to the Customer profile, product and services/transactions, channels, jurisdictions and segmentation among others. To better address and effectively manage KYC/AML Risk, the AML desk has been revamped and attached under the risk management arena.

The AML desk as a second line of defense ensures the implementation of effective AML framework with adequate processes and controls with a view rendering its products and services away from financial crimes and tracked down effectively and promptly suspicious transactions.

The Bank is continuously enhancing its processes on a risk-based approach to tackle customer due diligence requirements, apply best practices for customer onboarding, leverage on tools and techniques to efficiently monitor transactions and detect any anomalies.

To perform its daily activities effectively, the Bank depends on in house and external technology to ensure that customer risks are captured and mitigated accordingly.

CAPITAL STRUCTURE AND ADEQUACY

AFRASIABANK LIMITED		2020	2019	2018
		MUR’000	MUR’000	MUR’000
Common Equity Tier 1 capital: instruments and reserves
Share Capital		3,641,049	3,641,049	3,641,049
Statutory reserve		920,631	692,398	454,679
Retained earnings		2,297,788	1,836,242	1,277,521
Accumulated other comprehensive income and other disclosed reserves		198,526	108,365	88,728
Common Equity Tier 1 capital before regulatory adjustments		7,057,994	6,278,054	5,461,977
Common Equity Tier 1 capital: regulatory adjustments
Other intangible assets		(269,914)	(243,398)	(249,585)
Deferred Tax		(124,388)	(100,953)	(141,462)
Signiﬁcant investments in the capital of banking, ﬁnancial and insurance entities that are outside the scope of regulatory consolidation, net of eligible short positions (amount above 10% threshold)		-	-	(151,650)
Total regulatory adjustments to Common Equity Tier 1 capital		(394,302)	(344,351)	(542,697)
Common Equity Tier 1 capital (CET1)		6,663,692	5,933,703	4,919,280
Additional Tier 1 capital: instruments
Instruments issued by the Bank that meet the criteria for inclusion in Additional Tier 1 capital (not included in CET1)		1,323,265	1,323,552	1,360,715
Tier 1 capital (AT1)		1,323,265	1,323,552	1,360,715
Tier 1 capital (T1 = CET1 + AT1)		7,986,957	7,257,255	6,279,995
Tier 2 capital: instruments and provisions
Instruments issued by the Bank that meet the criteria for inclusion in Tier 2 capital (and are not included in Tier 1 capital)		-	-	11,380
Provisions or loan-loss reserves (subject to a maximum of 1.25 percentage points ofb credit risk-weighted risk assets calculated under the standardised approach)		399,896	463,159	415,825
Tier 2 capital before regulatory adjustments		399,896	463,159	427,205
Tier 2 capital: regulatory adjustments
Signiﬁcant investments in the capital of banking, ﬁnancial and insurance entities thatare outside the scope of regulatory consolidation (net of eligible short positions)		-	-	(37,913)
Total regulatory adjustments to Tier 2 capital		-	-	(37,913)
Tier 2 capital (T2)		399,896	463,159	389,292
Total Capital (capital base) (TC = T1 + T2)		8,386,853	7,720,414	6,669,287
Risk weighted assets
Credit Risk		49,912,135	43,810,049	41,591,459
Market Risk		245,359	499,978	332,436
Operational Risk		5,205,652	4,404,267	3,421,490
Total risk weighted assets		55,363,146	48,714,294	45,345,385
Capital ratios (as a percentage of risk weighted assets)	Regulatory Limits
CET1 capital ratio	9.38%	12.04%	12.18%	10.85%
Tier 1 capital ratio	10.88%	14.43%	14.90%	13.85%
Total capital ratio	12.88%	15.15%	15.85%	14.71%

RECONCILIATION WITH AFRASIA BANK’S AUDITED FINANCIAL STATEMENTS

	30 June 2020
	Statement of Financial Position as in published financial statements	Statement of Financial Position as per Basel III
ASSETS	MUR’000	MUR’000
Cash and cash equivalents	69,032,249	71,208,501
Due from banks	11,132,738	11,137,615
Derivative ﬁnancial instruments	321,961	321,961
Loans and advances to banks	5,245,927	5,257,597
Loans and advances to customers	23,043,922	23,211,433
Investment securities	48,664,900	48,672,693
Debt instruments at fair value through proﬁt or loss	2,042,480	2,042,480
Debt instruments at amortised cost	46,612,747	46,620,540
Equity Investment at fair value through other comprehensive income	9,673	9,673
Investment in Subsidiary	-	-
of which: Signiﬁcant capital investments in ﬁnancial sector entities exceeding 10% threshold	-	-
Asset held for distribution	38,277	38,277
Property and equipment	170,977	170,977
Intangible assets	269,914	269,914
Right of use assets	80,017	80,017
Deferred tax assets	124,388	124,388
Other assets	2,347,559	174,633
TOTAL ASSETS	160,472,829	160,668,006

LIABILITIES AND EQUITY
Due to banks	13,252	13,252
Deposits from banks	96,365	96,365
Deposits from customers	150,850,619	150,850,619
Derivative ﬁnancial instruments	107,168	107,168
Debts issued	-	-
Financial liabilities measured at fair value through proﬁt or loss	-	-
Retirement beneﬁts obligation	99,851	99,851
Current tax liabilities	13,618	13,618
Lease liabilities	82,571	82,571
Provisions	-	202,334
of which: Provision reﬂected in regulatory capital	-	202,334
Other liabilities	568,061	560,904
TOTAL LIABILITIES	151,831,505	152,026,682

EQUITY ATTRIBUTABLE TO EQUITY HOLDERS OF THE PARENT
Ordinary Shares	3,641,049	3,641,049
of which amount eligible for CET1	-	3,641,049
Class A shares	1,385,768	1,385,768
of which amount eligible for AT1	-	1,323,265
Retained earnings	2,297,788	2,297,788
Other reserves	1,316,719	1,316,719
of which: Provision reﬂected in regulatory capital	-	197,562
TOTAL EQUITY	8,641,324	8,641,324
TOTAL LIABILITIES AND EQUITY	160,472,829	160,668,006

RISK WEIGHTED ASSETS

The total asset book witnessed a growth of MUR 20.6bn for the year ended June 2020 versus the same period in 2019. The total risk weighted assets as at end of the current financial year stood at MUR 55.4bn, demonstrating an increase of 14% in comparison to MUR 48.7bn as at end of June 2019. Despite the recognition of a net profit after tax of MUR 1.5bn in retained earnings, the capital adequacy ratio fell from 15.85% to 15.15% as at end of June 2020 on the back of an increase in risk weighted assets of MUR 6.7bn. The capital adequacy ratio was well above the regulatory limit of 12.88 % for the year 2020. The regulatory limits include a capital surcharge of 1.00% in 2020, given that the Bank is classified as a Domestic Systemically Important Bank.

Analysis by risk type:

Credit Risk: MUR 49.9bn
Market Risk: MUR 0.3bn
Operational Risk: MUR 5.2bn

Annual Report 2020

Home

INTERIM CHAIRPERSON’S REVIEW

CHIEF EXECUTIVE OFFICER’S MESSAGE

CORPORATE GOVERNANCE REPORT

MANAGEMENT DISCUSSION AND ANALYSIS

RISK MANAGEMENT REPORT

FINANCIAL STATEMENTS

SUSTAINABILITY