Counterparty credit risk management

Counterparty credit risk management

Where are the dangers and what short-term influence can Treasury have?

Ralph Schilling

Partner, Financial Services, Head of Finance and Treasury Management

KPMG AG Wirtschaftsprüfungsgesellschaft


Related content

Counterparty credit risk management

The true value of liquidity becomes particularly obvious in times of crisis. This has been the case in the past few weeks during which many companies were forced to reduce or even close down their business activities in view of the widespread shelter-at-home rules implemented to stop the rapid spread of the Sars-Cov-2 virus. A situation that combines shrinking revenue with overheads that remain constant can only be mastered with well-endowed liquidity reserves, unless the company makes use of governmental support and assistance. The main condition for such a bridging fund however is the stability and the reliability of the liquidity reserves that had been built up before. For seriously non-performing companies, the question of the stability of one’s liquidity reserves may seem like a luxury problem. However, for companies with significant cash that they have built up as a precaution, this may well be a serious cause for concern, because all of a sudden, their banks’ credit rating has become a decisive factor. For CFOs and treasurers, it is becoming more important than ever before that their financial business partners are not the proverbial black boxes as far as their financial reliability is concerned but that their credit rating is clearly identifiable and quantifiable, thus providing a good basis for decisions regarding the company’s business partner policy. These then are the core topics that keep the specialized finance function “counterparty credit risk management” up at night. 

The basic tenets of counterparty credit risk management (CRM)

Counterparty credit risk management can basically be broken down into four areas, as shown below:

  • Organization and employees
  • Policies, processes and documentation
  • Credit risk management methods
  • IT landscapes and reporting

Structure and organization in CRM

We should begin by understanding what position counterparty credit risk management has within the finance department and to establish an independent structure. In a first step, the organization should cultivate the relevant skills, the required expertise and provide the necessary time to define the first steps towards a long-term CRM, implement these in projects and allow them to flow into daily work. It is often a clear advantage to have a strong and centralized area of responsibility for the company-wide banking policy instead of a decentralized approach (taking into consideration the size of the company and the diversity of its global business strategy). A further organizational aspect of importance are the regular meetings where a committee made up of senior treasury staff can exchange ideas on policies, KPIs, changing market conditions and related topics, and then make relevant decisions.

Management’s due diligence and liability

Apart from the advantages for Treasury mentioned above, the CRM setup has a further long-term goal. It supports Management in complying with its duties in respect of due diligence and liability risks.

Entrepreneurial decisions taken by any person in a management position (whether these are made by the managing directors of a limited liability company or the senior management committee of a public company) always contain an element of risk. That is what business is all about. What is of interest in this respect is the legal distinction between the liability privilege (decision makers are exempted from certain types of liability) and the personal liability of the decision makers.

Entrepreneurial liability risks are addressed in the German Stock Corporation Act (§ 91 Organization. Accounting and §93 Duty in respect of due diligence and responsibilities held by Management) as well as in the Law pertaining to Companies with Limited Liability (§43 Liability held by the managing directors). There you will find a list of the basic duties of managers in respect to due diligence. 

If there is no evidence that a bad Management decision was taken due to a breach of the duty of due diligence, in general, Management is held harmless at a private level. In 2008, the German Federal Court (GFC) made the requirements of liability privilege accorded to a Manager more tangible in a judgment (conclusion dated 14 July 2007, Az: II ZR 202/07). According to this, Management is already exposing itself to significant liability risks when performing its professional judgment (Bonner Rechtsjournal). In its judgment, the GFC emphasized the significance of i) comprehensive review of the information necessary to make a decision and ii) the careful examination of decision criteria.

Applied to counterparty credit risk management, this could mean that Management could be held personally liable if the company suffers from credit defaults if there was a breach of the duty of due diligence when applying professional judgment. A couple of examples could be i) the non-adherence to internal approval requirements before making a decision (e.g. if there was a breach of limits), ii) a failure to implement a relevant internal control system, iii) a risk-monitoring function in the financial area that is inadequate because the risk manager does not accord sufficient time or lacks expertise or because the department is not equipped with proper technology, easily available in the market these days.

How to implement the risk strategy in the CRM

Based on the strategy defined, the company should establish policies and processes for the counterparty risk management. A clear and comprehensive documentation is required in order for processes, activities or systems to retain a consistently high quality. When documenting, it is important to think of both document types, i.e. i) policies and ii) work instructions. Combining policies with working instructions eventually results in a target process that may be questioned, confirmed or critiqued during the target/actual process analysis. This is why the following three aspects are of such utmost importance: i) that process, task and system descriptions even exist, ii) that everyone involved has read and understood the documentation and iii) that there are regular reviews of the structures and workflows where these are scrutinized and reconfirmed. Ideally, this happens with the establishment of such control routines within an independent internal control system, which then oversees the previously defined credit risk management methods. For instance, a very basic aspect of a good banking policy is to avoid being too dependent on a single business partner. A well-thought out core bank strategy that has been equipped with a functioning system of limits can guarantee this. A prerequisite for this is a good grasp on the key performance indicators (KPIs) used to assess individual and portfolio risks. As already mentioned above, managing business partner risks always follows the same four-step risk cycle:

i) Risk identification
ii) Risk measurement
iii) Risk management
iv) Reporting

This four-step risk management cycle should be reflected in the overarching risk management model. The risk management model itself should be based on an active model life-cycle management and a process review cycle, thus guaranteeing the continuous significance and accuracy of the results of the model and the processes.

The procedures and processes depend heavily on the IT environment at hand. Most treasury departments do not have an unlimited IT budget in order to be able to live a “system follows process” approach. Instead, it is usually “process follows system”, where the system performance possibilities have to be taken into consideration when defining structures and workflows. Purely from a risk management approach, there are two IT and reporting criteria that are absolutely relevant; i) group-wide standardization of data management and ii) a reliable early warning system for credit ratings.

Protection of deposits and investor compensation

All of the measures mentioned above also intend to safeguard a company’s deposits. Especially in the current situation with a possible economic slump in the offing and a potential increase in company and bank defaults, the protection of deposits is becoming a more pressing topic to treasurers, which is why we would like to provide a brief overview.

Basically, all cash deposits of private clients, partnerships and large corporations are subject to the Deposit Guarantee Act. This applies to account balances, including fixed-term deposits and savings deposits, as well as customer receivables from securities transactions.

The Investor Compensation Act protects commitments arising from securities transactions of private investors and small businesses. A complete list of investors excluded from protection may be found in §3(2) of the Investor Compensation Act. Claims against the bank for the surrender of securities held in custody are also protected. 

In addition to the statutory security systems, there are also private compensation schemes, for example if the bank is part of the liability network of the Sparkassen-Finanzgruppe or the Federal Association of Volks- and Raiffeisenbanken. Treasury should be aware if their house bank belongs to any of these private compensation schemes and to what degree they are insured; furthermore, this should be centrally documented.

Embedding CRM in a holistic risk management

A well-organized counterparty credit risk management should make CFOs and treasurers sleep better at night. However, it should not be treated as a dissociated process in Treasury. The risk management cycle described above should be applied to the most important Treasury areas, such as FX management, financial management and liquidity planning. Ideally, all departments feed into a fully integrated treasury reporting thanks to a mature and goal-driven IT environment. 

Our Finance and Treasury Management team will gladly help you with any questions you may have concerning counterparty credit risk management for treasury departments. 

Source: KPMG Corporate Treasury News, Edition 101, May 2020

© 2021 KPMG AG Wirtschaftsprüfungsgesellschaft, eine Aktiengesellschaft nach deutschem Recht und ein Mitglied der globalen KPMG-Organisation unabhängiger Mitgliedsfirmen, die KPMG International Limited, einer Private English Company Limited by Guarantee, angeschlossen sind. Alle Rechte vorbehalten. Für weitere Einzelheiten über die Struktur der globalen Organisation von KPMG besuchen Sie bitte

Connect with us


Want to do business with KPMG?


loading image Request for proposal

Stay up to date with what matters to you

Gain access to personalized content based on your interests by signing up today

Sign up today