• General moves
• MCB Ltd
• Foreign banking entities
• Other entities

• General moves

  • In FY 2018/19, the entities of the Group upheld their healthy business development and preserved their financial soundness, while diversifying portfolios across segments and geographies. Against this backdrop and as a major achievement, Moody’s Investors Service has upgraded the credit rating of MCB Ltd in July last, with our long-term deposit rating improving from Baa3 to Baa2. This upgrade reflects improvements in MCB’s profitability and asset quality metrics as well as strong capital levels. The agency acknowledged its sound business model, alongside underscoring its disciplined expansion strategy, notably in Africa.
  
  
  • In support of the above, entities of the Group capitalised on their robust risk management and internal control frameworks, which enabled them to identify, monitor and mitigate risk exposures in a consistent manner. Alongside improving the efficiency of processes and upgrading information systems, we tapped into enhanced synergies amongst relevant functions and entities. As a major undertaking, Group entities moved forward to ensure their readiness for the timely implementation of IFRS 9, notably the adoption of ‘Expected Credit Loss’ (ECL) models to determine allowances for credit impairment.
  
  
  • Of key significance in view of its business development momentum and market diversification endeavours, MCB Group has invested in a digital platform to help further enhance its risk management framework, thus enabling the organisation to: (i) consolidate the Enterprise Risk Management methodology adopted across subsidiaries; (ii) formalise the documentation of the Group’s Risk Register comprising a description of each risk together with the measurement and recording of the inherent and residual risk exposures around key themes, namely Strategic, Financial, Operational and Compliance; and (iii) monitor the residual risk exposures and the mitigating controls in order to bring such exposures below tolerable levels.

• MCB Ltd

  • Mindful of the nature and materiality of risks to which it is being exposed, the Bank has pursued its growth endeavours in a healthy manner, alongside ensuring that strict adherence is fostered with updated and new regulatory stipulations. Towards meeting its objectives, MCB has, notably, strengthened its Permanent Control function to shore up its control mechanisms and assist business units in reinforcing their respective risk oversight. Key initiatives deployed include the following: (i) the Bank implemented a Permanent Control framework to ensure that critical controls are performed and are effective, thanks to a ‘Business Risk Correspondents’ level of control, with findings escalated to Management and Board; and (ii) a new approach for risk mapping has been launched for deployment across the Bank, with a view to identifying and assessing operational risks as well as ensuring that effective internal controls are implemented to address any major or critical issues identified. Worth noting also, the Bank further bolstered its Anti-Money Laundering/Fraud Prevention (AML/ FP) and Compliance functions to effectively manage related risks, with main measures as follows: (a) the Compliance function was reviewed, with the creation of five distinct clusters to ensure effective compliance coverage across business units/branches; (b) a gap assessment was conducted with a view to gearing up capabilities, notably in terms of relevant processes and systems, towards fostering the Bank’s compliance with the country’s Data Protection Act and advocated international standards, with a key case in point being the General Data Protection Regulation / Data Processing Agreement (GDPR/DPA); and (c) the efficiency of the customer onboarding process has been further improved. Furthermore, based on current state assessments, a list of gaps and compensating controls to be deployed across the Bank were identified to enhance its information security and increase resilience in case of cybersecurity breach. We reinforced our processes and frameworks to effectively mitigate cyber risks associated with the increased digitalisation of our operations.

• Foreign banking entities

  • Our foreign banking subsidiaries have further bolstered their ability to identify, mitigate and manage risks faced. As a key move, risk workshops and risk control self-assessments have been carried out by MCB Seychelles to identify business and operational risks classified under the following Basel themes: ‘Execution, Delivery and Process Management’, ‘Business Disruption and System Failures’, ‘Clients, Products and Business Practice’, ‘Employment Practices’ and ‘Workplace Safety, External and Internal Frauds’. Subsequently, MCB Seychelles developed an action plan to address deficiencies and bring down risk exposures to tolerable levels. Of note, MCB Maldives and MCB Madagascar are in the process of carrying out the same exercise during the current financial year. Moreover, our foreign banking entities have reinforced their system of Permanent Control and compliance certificates, with organisation structures, digital systems, procedures and dashboards designed to ensure that key controls are operating effectively and any exceptions are proactively approved, monitored and addressed. This initiative also involved refreshing all procedures and controls documentations across risk areas and assigning the ownership of key control environments to specific Managers and supervisors. Across entities, it can be noted that KYC remediation efforts have progressed satisfactorily, with a risk based approach being adopted to ensure that records of active customers are regularly updated. Concurrently, our automated risk-based due diligence platform, which is operational since August 2019, helped to consolidate further our AML risk monitoring framework. In addition, our cyber security environment was further strengthened during the period under review through the implementation of new infrastructure, tools and processes, complemented with comprehensive penetration and vulnerability testing carried out by external consultants. At the same time, our entities have pursued the testing of their business continuity management, disaster recovery and relocation processes, with a view to ensuring that our policies, procedures and processes are effective.
  
  
  • At a specific level, MCB Seychelles embarked on a process of scanning and electronic archiving of contracts and other documents from relevant business units. This initiative was undertaken with a view to enhancing the protection of critical information pertaining to the bank and its customers as well as better managing its exposure to information risk, in line with data protection laws and regulations. Mindful of the challenging operating environment, MCB Maldives has reviewed the operating model underpinning its risk management architecture to embed improved efficiency levels. A key move relates to the reinforcement of staff operating in the information technology field so as to pave the way for the in-depth upgrade of the current infrastructure, cater for the independence of the function and foster alignment with Group standards. In the wake of the challenging operating environment to which it is exposed, MCB Madagascar shored up its frameworks and capabilities across the credit risk management cycle,as reflected notably by a strengthening of relevant processes for the assessment and monitoring of files being handled.

• Other entities

  • MCB Capital Markets Ltd (MCBCM) implemented specific measures to further strengthen its risk management and compliance framework. One notable example is the complete revamp of its induction process to inculcate a strong compliance culture right from the outset when employees join the company. This is reinforced by refresher modules that all employees are requested to complete online by set deadlines. Risk management processes have also been strengthened by reducing the instances of human intervention in certain critical processes. Within MCB Investment Management, enhancements to the core IT system have been made to facilitate attribution analysis, which is a critical tool in financial risk management. MCBCM has further reinforced its anti-money laundering framework following the adoption of the Financial Intelligence and Anti Money Laundering Regulations (2018), which repealed and replaced the Financial Intelligence and Anti Money Laundering Regulations (2003). In addition, the complaints handling procedures were reviewed, following the creation of the country’s Office of the Ombudsperson for Financial Services.
  
  
  • While adopting judiciously-crafted enterprise risk management practices, MCB Consulting Services Ltd continued to capitalise on the diversification of its value proposition, with broad-based markets served across geographies, underpinned by the recruitment of staff with adequate and diverse skills sets. It anchored its growth strategy on well-structured foundations, including notably partnership agreements sealed with carefully-selected stakeholders. Worth noting also, the entity has set out to thoughtfully manage currency risks through the conduct of swap and forward transactions, while also tapping into its natural hedging strategy.
  
  
  • International Card Processing Services Ltd (ICPS) has continued to reinforce its risk management framework, under the guidance of its Audit and Risk Committee. Since the past two years, ICPS has adopted an Enterprise Risk Management approach. In light thereof, business risks workshop have been regularly carried out to enable the organisation to manage the potential impact of risks permeating across all processes, activities, stakeholders as well as products and services. Leveraging on the framework and the appropriate culture, Enterprise Risk Management is a critical component of the entity’s plan-based strategy that aims to identify, assess and prepare for any risk that may interfere with its business development goals and objectives, in line with the changing business environment.

• Framework
• Key underpinnings

• Framework

  • The Bank articulates and monitors its risk appetite on the back of its solid framework and processes. They provide an informed guidance for the management and monitoring of our risk profile in relation to the defined riskappetite, alongside promoting the sound execution of our growth agenda.
  • The purpose of setting risk appetite is not necessarily to limit risk-taking, but to align the Bank’s risk profile and strategic orientations. Its risk appetite is regularly updated to reflect stakeholder aspirations and the context.

• Key underpinnings

  • MCB inter alia defines its risk appetite for (i) credit risk in terms of allocation of range targets for domestic and international credit exposures, exposures by sectors as well as risk profiles and asset quality of portfolios; and (ii) market risk in terms of the splits between domestic and international markets, foreign currency and interest rate exposures, exposure allocation for position-taking and target splits in terms of exposure maturities.
  • For proper risk identification and quantification, the Bank caters for: (i) continuous monitoring of risk targets; (ii) quarterly risk reporting to RMC; (iii) preparation of risk reports for capital management; and (iv) the application of a stress-testing framework. The size of the internal risk limits is a function of regulatory requirements and the risk appetite set by the Bank, after making allowance for the relevant economic and market environments. In its day-to-day business, the Bank makes use of internally-generated and externally-sourced rating tools for the purpose of risk identification, quantification and monitoring.

• The respective Boards exercise their responsibilities in respect of risk management through (i) the oversight of the risk governance process, including setting risk appetite in line with Group-level orientations; (ii) regular and comprehensive assessment of risks; (iii) the maintenance of sufficient capital adequacy levels in alignment with the Group’s framework, the internally-set risk appetite and regulatory requirements; and (iv) clear delegation of authority to relevant committees and management.
• Risk management matters are reported to the Board of each foreign entity through their respective committees, namely the Audit Committee and the Risk Monitoring Committee, while major issues identified are also escalated to the corresponding Board committees of MCB Group
  Ltd. The management teams of the entities are responsible for conducting business within the strategic framework and risk appetite set by their Board, while monitoring risk portfolios through dedicated committees.

Key responsibilities

With regard to the determination and review of impairment and provisioning levels, the banking entities undertake their respective exercises on a regular basis, while being subject to appropriate oversight. The entities adhere to relevant regulatory stipulations, alongside aligning themselves to advocated standards. At the level of MCB Ltd, the exercise is undertaken on a quarterly basis and involves the collaboration of several stakeholders. After being reviewed and agreed upon by the RMC as well as validated by the Board, the figures are submitted to the Bank of Mauritius (BoM). The BoM Guideline on Credit Impairment Measurement and Income Recognition aims at aligning regulatory prudential rules as regard asset classification and provisioning requirements with international accounting norms (i.e. IFRS 9). The aim is to ensure that financial institutions have adequate processes for determining allowance for credit losses in a timely manner and the carrying amounts of credit portfolio recoverable values. While ensuring adherence to prudential norms which define credit as impaired if it is past due for more than 90 days, the Bank also assesses facilities granted to clients as being impaired on case-by-case basis above a certain materiality threshold. Furthermore, loans are written off by the Bank when the prospect of recovery is poor and the loss can be reasonably determined, with MCB complying with the BoM guideline for the write-off of non-performing assets.

• In July 2014, the International Accounting Standards Board (IASB) issued the ‘International Financial Reporting Standards 9, Financial Instruments’ (hereinafter referred to as IFRS 9), in order to replace the ‘IAS 39, Financial Instruments – Recognition and Measurement’. The new standard became effective for the year beginning on or after 1 January 2018.
• In 2017, to facilitate the implementation of the new standard, MCB set up an executive Steering Committee to oversee the adoption of IFRS 9 and the application of related requirements within the accounting and risk management functions of the Bank. A Technical Review Committee – comprising independent experts from the Bank’s external auditors, project sponsors and an appointed accounting firm – was set up to ensure full compliance with applicable requirements. Progress was monitored at various levels and regular reporting was undertaken to the Risk Monitoring Committee (RMC) and the Board, with the Bank of Mauritius being also apprised of ongoing developments. Once the project was completed, the Bank set up a dedicated Credit Modelling BU, operating under the aegis of the Chief Risk Officer – in order to develop, maintain and validate models for credit application, Basel Capital Accord reporting and IFRS 9 modelling purposes.

• IFRS 9 replaces the incurred loss model (whereby losses were recognised when a default event occurred) with an Expected Credit Loss (ECL) Model. This implies that provisions are calculated upon recognition of financial assets, based on the potential losses expected on the latter. Of note, the standard also requires off-balance sheet items be taken into account in determining ECLs.
• In measuring ECL, three main parameters are considered and estimated, namely: (i) Probability of Default (PD), which represents the likelihood of a default event occurring; (ii) Loss Given Default (LGD), which denotes the estimated losses in the event that a default event occurs; and (iii) Exposure at Default (EAD), which reflects the exposure at risk at a point of default. In addition, IFRS 9 requires that allowance be made of forward-looking information in the calculation of ECL, taking into consideration past, actual and future insights on customer behaviours and macroeconomic indicators.
• IFRS 9 introduces a three-stage approach to the impairment calculation of financial assets. To determine the staging status of the asset, IFRS 9 requires an assessment of whether or not there has been a significant increase in credit risk since initial recognition. This dictates the basis on which its ECL is calculated, as illustrated below.

1 Information in this section has been audited

• In determining whether there has been significant increase in credit risk or credit deterioration, an entity considers reasonable and supportable information that is relevant and available without undue cost or effort. At MCB, quantitative and qualitative information are taken into account, based on the Bank’s historical customer experience and credit risk assessment. A financial asset is credit impaired and is in Stage 3 when (i) contractual payments or accounts in excess are past due by more than 90 days; and/or (ii) other quantitative and qualitative factors indicate that the obligor is unlikely to honour its credit obligations.
• MCB segmented its financial assets into nine portfolios for ECL calculation, which are described as follows: (i) Retail: housing loans, other secured loans, unsecured and revolving facilities, SMEs; and (ii) Wholesale: corporate, financial institution, sovereign, project finance, and Energy & Commodities.
  Retail: PD, LGD and EAD parameters are calculated on a portfolio-based approach, i.e. facilities having homogeneous characteristicss are assumed to have similar risk behaviors and can reasonably be assigned same parameter values.
  Wholesale: MCB uses a combination of internal models and external benchmarking for the calculation of PDs, LGDs and EADs. Internal historical default rates and losses have been used to calibrate PDs and LGDs respectively. For portfolios where MCB has historically experienced low or no default, external benchmarking has been used for calibrating corresponding ECL parameters. Of note, PDs leverage ratings model for all wholesale portfolios, which is mapped to an Internal Master Rating Scale. As for EAD calculation, either amortisation schedules or historical data and regulatory credit conversion factors have been used as EAD ratios. 

As regard the foreign exposures of MCB Ltd, the latter adopts a well-calibrated framework and related policies and processes to effectively manage its country risk. In fact, in the wake of continuous headway made in expanding its footprint in the region, the Bank ensures that its activities are undertaken in a disciplined and balanced way. As a key priority, the Bank applies a robust risk management approach to assess country risk, deploy its activities and monitor exposures across markets

• Introduced as a key standard under Basel III, the objective of the LCR is to promote the short-term liquidity resilience of a bank by ensuring the latter maintains an adequate stock of unencumbered High Quality Liquid Assets (HQLA) to meet its short-term liquidity requirements under a crisis scenario. The Bank of Mauritius Guideline on Liquidity Risk Management is closely aligned to Basel norms. It defines the LCR as the ratio of the stock of HQLA to the total net cash outflows over the next 30 calendar days. The transitional arrangements set out by the Central Bank for the evolution of stipulated ratios are described in the following table.


• As at 30 June 2019, the Bank comfortably overshot stipulated LCR requirements. It reported a consolidated LCR of 400%, which is equivalent to a surplus of around Rs 80 billion over stressed total net cash outflows. At a more granular level, we exceeded the mandatory LCR limits relating to rupee and significant foreign currencies. It can be noted that HQLA eligible for the purpose of calculating the LCR under the BoM guideline consist of cash or assets that can be converted into cash at little or no loss of value in private markets. On this note, it can be observed that MCB has, during the last financial year, maintained suitable levels of unrestricted balances with the Bank of Mauritius as well as investments in Central Banks and sovereign securities.

• Under Basel III, the NSFR aims to promote the resilience of a bank over a longer time horizon by requiring the latter to fund its activities with sufficiently stable sources of funding in such a way as to mitigate any future funding stress. The NSFR effectively recognises a bank’s maturity transformation role in the credit creation and resource allocation process. It seeks to limit its overreliance on short-term wholesale funding or the running of large funding gaps to sustain rapid balance sheet growth.


• Though not yet a regulatory standard in Mauritius, MCB regularly monitors its performance in terms of NSFR, which requires an amount of available stable funding to be maintained in relation to required stable funding. As at 30 June 2019, MCB Ltd reported an NSFR of 123%, which exceeds the minimum level recommended by Basel III, itself set to at least 100% on an ongoing basis.

• The compliance frameworks of our banking entities have been reinforced through the adoption of continuous permanent control mechanisms. Our overseas banking entities are assisted by the Compliance BU of MCB Ltd via the following forms:

• The aim of internal audit at the Group level is to assess the policies, methods and procedures in place at the organisation in order to cater for their adequate application. Independent assurance is provided on the quality and effectiveness of internal control, governance and risk management systems and processes, thus helping to protect the organisation and its reputation.

• The established framework of the internal audit activity is risk-based. As a key thrust, the banking entities of the Group aim to gather the necessary audit and risk insights in order to support their strategic orientations.

During FY 2018/19, the banking entities have maintained their respective capital adequacy ratios comfortably above the applicable regulatory requirements. The capital adequacy ratio of the banking cluster – as measured at the level of MCB Investment Holding Ltd on a consolidated basis – increased by around 50 basis points to reach 16.1% as at June 2019. The capital base was primarily made up of core capital, with the Tier1 ratio standing at 15.1% as at June 2019, up from 14.7% a year earlier. The following illustrations depict the capital adequacy ratios posted by the banking cluster and shed light on the distribution of risk-weighted assets by entity.