Since our inception, our rating model and scorecard landscape have evolved significantly. We have invested considerable effort in analysing historical data to identify patterns and trends that can inform our business decisions. As a result, we have developed application scorecards and behavioural models that aid in decision-making and the calculation of default probabilities. The priority given to deploying these scorecards and models is based on the relative vintage and materiality of the credit segment.
Currently, we are enhancing the existing regression-based scorecard for our Group Loan portfolio to incorporate post-COVID-19 pandemic behaviour. While our ultimate goal is to replace the existing Business Rule Engine (BRE) with score-based decision-making, we plan to conduct a parallel run and undertake the transition only after multiple rounds of out-of-sample validation. Once validated, these scorecards will be integrated into our Loan Origination System for usage.
Similarly, we have designed a rating model for our Individual Loans portfolio using internal data that encompasses attributes such as demographic information, repayment trends, and bureau-related variables. The variables were selected based on Weight of Evidence and Variance Inflation Factor analysis. The Risk team has independently validated this scorecard and found it satisfactory. It is now embedded in our Loan Origination System (LOS) platform and is used in credit decision-making. Risk-based pricing is also implemented based on the output of the scorecard.
Given that the MSME and Housing loan variants are relatively new in our Bank and have limited data points for statistical modelling, we have deployed credit rating scorecards at the product level for MSME Loans and at the customer segment level for Housing Loans. These scorecards were deployed to build data based on critical parameters that can be used for statistical modelling. The selection of parameters in demographics, such as personal information, income, repayment track record, and collateral, was based on expert judgment. Weights are assigned to each parameter, and based on the total score, customers are categorised on a rating scale in increasing order of risk. Due to the impact of the COVID-19 pandemic, the existing data is expected to reflect higher default rates compared to a normal period. However, our Risk team has performed a qualitative validation, and based on the outputs, the credit rating results are now linked to decision-making and pricing.

We have implemented a comprehensive framework for calculating Expected Credit Loss (ECL) in accordance with the Ind-AS requirements and for internal reporting purposes. Our framework includes models to compute key risk factors such as forward-looking Probability of Default (PD) Estimates, Loss Given Default (LGD), and Exposure at Default (EAD). While we are currently not mandated by the Regulator to adopt ECL-based provisioning, we are prepared to transition into the new regime as and when it is made mandatory by the Regulator.
We significantly changed the PD pooling logics in our Retail Loans during the year and introduced work-out LGDs for the MSME and Housing segments. Additionally, the RBI issued a Discussion Paper on the transition to the ECL based Approach, and we have ensured that our existing models comply with the minimum requirements set by the Regulator

The COVID-19 pandemic had intensified default risk, particularly in our unsecured book. To mitigate this impact, we scaled up our collection infrastructure and increased personnel by onboarding off-roll employees. As an ongoing monitoring mechanism, we have now introduced productivity trackers at the officer level, aligned with predefined benchmarks. These trackers are vital for tracking low performance across different levels, including officer, district, state, and loan quantum. In the coming year, we plan to leverage our internal capabilities to automate exception reporting for real-time tracking.

Our risk team has established an independent Credit Risk Monitoring Unit (CRMU) to enhance risk oversight and identify any lapses in credit appraisal standards. This sub-unit analyses Quick Mortality cases in-depth and identifies their root causes. The CRMU collaborates with the Health Council (HC) to implement corrective actions and make recommendations for initiating Staff Accountability as needed.

We continuously analyse all loan portfolios to identify potential areas of stress based on factors such as geography, ticket size, branches and clusters, among others. This analysis enables us to implement mitigating measures, such as setting limits and caps on exposure. Additionally, we have subscribed to various industry dashboards to benchmark our portfolio performance against industry standards

We thoroughly test all loan portfolios using sensitivity and scenario analysis. This allows us to assess the impact of adverse events on parameters such as PAR%, NPA%, provisions, and capital adequacy. We regularly evaluate these impacts to ensure effective risk management.
In line with growing concerns over climate change, we have also started incorporating assessments of climate-induced physical risks into our stress testing framework. These assessments are benchmarked against scenarios provided by the Network for Greening the Financial System (NGFS). Initially, the focus is on short-term horizon assessments. As climate risk is still evolving, we are committed to ongoing incremental enhancements to our framework based on emerging best practices.

We compute our Risk-Weighted Assets in accordance with the guidelines provided by the Reserve Bank of India (RBI). We assess the impact on the Capital to Risk Assets Ratio (CRAR) and provide forward guidance on capital adequacy through our Internal Capital Adequacy and Assessment Process (ICAAP).

We conduct User Acceptance Testing (UAT) to identify any gaps between the actual deliverable and the proposed specifications outlined in the Business Requirement Document (BRD). These gaps are addressed and resolved during the Functional Specification Documentation (FSD) stage before the system moves into production.

We have implemented Risk and Control Self-Assessment (RCSA) across all our business processes to identify both inherent and residual risks. These tools also assist in evaluating the design and effectiveness of the controls that have been implemented. In the past year, we successfully transitioned ownership of RCSA to the First Line of Defence (FLOD) in five departments

During the year under review, we made significant improvements to our Key Risk Indicators (KRIs) reporting standards. We have now internally defined and regularly monitor 40 KRIs at an organisational level as part of our Operational Risk Management Framework. Additionally, we have established functional KRIs specifically for the Branch Banking vertical. Furthermore, customised KRI dashboards have been implemented in the Housing, MicroBanking, and Digital Banking verticals. These KRIs are analysed monthly, and a comprehensive report is submitted to the management and board every quarter. The report includes an action plan for addressing any open issues identified.

We have implemented a Loss Data Management system to effectively capture and learn from material incidents, errors, and strengthen existing controls. Incidents are categorised as operational losses or near-miss events, and a Root Cause Analysis (RCA) is conducted for critical incidents. These instances are recorded in line with the operational risk events defined by the RBI, and process enhancements are proposed and discussed at various committees for further action. As part of our efforts to improve this process, we have engaged a vendor to implement a system that will facilitate the capture, reporting, and analysis of incidents and associated losses.

We conducted regular risk assessments of our key outsourced vendors throughout the year to verify their compliance with the minimum requirements set by the RBI and to assess their adherence to our internal business continuity norms. Any identified gaps were thoroughly analysed as part of the Risk Assessment (RA) process, and detailed notes on each vendor were documented through site visits. These findings were presented at various forums and committees to determine appropriate actions.

The team and stakeholders prepare and enhance Risk and Control Matrices (RCMs). The design, implementation, and operating effectiveness of all controls mentioned in the RCMs, including financial and operational controls, are annually tested by the Operational Risk Team. They select samples based on risk categories, covering different regions and the review period. Any critical gaps identified during testing are discussed with the relevant functions to upgrade controls, potentially through automation.

We updated our behavioural analysis of maturity and pre-maturity trends in Retail and Bulk deposits. Based on the outcome, tolerance levels were revised for pre-maturity rates. Breaches in thresholds are analysed for corrective measures.

During the year, we conducted a comprehensive stress test on our cash flow statements, considering various stress scenarios. The results of this analysis were evaluated to assess the adequacy of liquidity buffers within our Bank and they were suitably incorporated into our Contingency Funding Plan.

We calculate and monitor important ratios, including the Liquidity Coverage Ratio, Net Stable Funding Ratio, Structural Liquidity Statement, and cash/funding gap analysis. We regularly review these ratios against established thresholds, either daily or fortnightly as appropriate. In the event of any breaches, we follow our internal policy norms to escalate the issue and take the necessary corrective actions.