推进金融机构风险管理

1,AdvancingRiskManagementbyFinancialInstitutionsTheCaseofJapaneseBanks推进金融机构风险管理：日本银行业的经验,TsuyoshiOyamaBankofJapan日本银行,WorkshoponRiskManagementinBankingSector商业银行风险管理培训班Shanghai,December21,20052005年12月21日，上海,2,Agenda内容安排,BackgroundofBanksEffortstoEnhanceRiskManagementandtheBOJsInitiativestoEncourageTheseEfforts银行业推进风险管理及日本银行支持举措的背景TopicsfromtheSoundPracticesPapersandDiscussionsintheSeminars金融机构整合风险管理研讨会发布的相关报告“AdvancingCreditRiskManagementthroughInternalRatingSystems”以内部评级制度为基础强化信用风险管理“AdvancingOperationalRiskManagement”强化操作风险管理“AdvancingIntegratedRiskManagement”强化整合风险管理,3,BackgroundofBanksEfforts银行措施的背景,TheexperienceofovercomingNPLproblemssincethe1990s90年代以来，克服不良贷款问题的经验EnhancetheriskmanagementofJapanesefinancialinstitutionsparticularlyintheareaofcreditriskmanagement推进日本金融机构风险管理，特别强化信用风险管理Entailstabilityoffinancialsystem,whichledtotheliftingofblanketdepositinsuranceinApril,2005金融体系稳定性，这导致2005年4月存款保险的整体上调。Inthisnewenvironment,financialinstitutionsareexpectedtodevelopfurthercreativebusinessservicesthatmeettheneedsofcustomersthrough在新情况下，金融机构预计可通过提供下列创新服务来满足消费者需求：Assessingvariousrisksnotonlyinaconservativewaybutalsoinanaccurateway.稳健而准确地进行风险评估。Inotherwords,financialinstitutionsareexpectedtograspeffectivelythevariousrisksinherentintheirbusiness(e.g.economicvalueanditsvolatilityofalltheassetstheypossessandtransactionstheyengagein),andalsotoestablishaframeworkthatmanagestheserisksinanintegratedway.换句话说，金融机构预计能有效把握业务中存在的各种风险（例如，其拥有和参与交易的全部资产价值及波动)，并建立风险综合管理机制Inaddition,BaselIIimplementationsurelypressuresbankstointensifytheaboveefforts.此外，巴塞尔的出台迫使银行强化上述措施。,4,AdvancingRiskManagement-MeansWhat?强化风险管理意味着什么？,Ourunderstandingof“advancingriskmanagement”对“强化风险管理”的理解Enhancingthecommunicationtoolsamongstakeholders(seniormanagers,riskmanagers,shareholders,regulators,etc.)toreachaconsensusviewofriskprofileandamounts.促进利益各方（高级经理，风险管理经理，股东，监管者等）的交流,以就风险预测及总量达成一致意见。NotnecessarilyindicatingamoreuseofGreeklettersandmathformula无需多用希腊字母和数学公式Whatbanksneedismoreobjectiveandmorepersuasivetoolstoassessrisks银行业需要更客观、更有说服力的风险评估工具Objectiveandpersuasiveriskassessmentsleadtohighertransparencyofriskmanagementprocessandtherebyclarifytheresponsibilityassociatedwithrisktakingactivitieshelpensurethedirectiontowardimprovingriskmanagement.客观而有说服力的风险评估将增强风险管理过程透明性，进而明确风险活动各方的责任有助于确保改善风险管理Therearenobestpracticesofbanksriskmanagement,whichcoulddifferdependingontheirfacingenvironmentsneedtoestablishtheincentivemechanismtoensurethedirectiontowardimprovingriskmanagement.并不存在能随市场环境变化而变化的银行风险管理最佳方案需要建立激励机制，以确保改善风险管理,5,TheBankofJapanreleasedthefollowingthreepapersattheendofJuly,2005.日本银行于2001年7月公布以下三份报告AdvancingCreditRiskManagementthroughInternalRatingSystems以内部评级制度为基础强化信用风险管理AdvancingOperationalRiskManagement强化操作风险管理AdvancingIntegratedRiskManagement强化整合风险管理HP：http:/www.boj.or.jp/en/set/05/set_f.htmThesepapersdrawontheissuesandmeasures,onwhichtheBankofJapanintendstousetostartin-depthdiscussionsofriskmanagementwithfinancialinstitutionsatthetimeofouron-siteexaminationsandoff-sitemonitoring.日本银行将就上述报告提出的问题和措施，在进行实地考查和非实地监管时，与各金融机构进行探讨。MainsubjectsofthethreepapersroughlycorrespondtotheissuesofimplementingIRB,AMAandPillarIIundertheBaselII上述三份报告的主题都与巴塞尔出台的IRB,AMAandPillarII的规定相关。,BOJsInitiative(1)-PublicationofSoundPracticesPapers日本银行的动作（1）-公布金融机构整合风险管理报告,6,TheBankofJapanestablishedtheCenterforAdvancedFinancialTechnologyinJuly,2005.日本银行于2001年7月设立高级金融技术中心。Onemajormissionofthisneworganizationistodevelopthethirdchannel,besideson-siteexaminationsandoff-sitemonitoring,tocommunicatewithbanksabouttheriskmanagementframeworkandmethods.这一新机构的主要任务之一是发展除实地考查和非实地监管之外的第三种渠道，以就风险管理体制和方式与各家银行进行沟通。Usingthethreesoundpracticepapersasthemainsubjects,theCenterhasalreadyhosted:以三份报告为主题，该中心已成功主办：2seminarsforthelargenumberoffinancialinstitutionsfocusingonoverallriskmanagementissuesthataredealtwithbythreepapers,and2期有众多金融机构参与的研讨会，全面讨论三份报告涉及的风险管理问题，以及12seminarsforregionalbanks(2030banksforeach)focusingontheissuesthataredealtwithbyonepaperforeachseminar.12期由区域银行参与的研讨会（每次2030家银行），每期就一份报告涉及的相关问题展开讨论。,BOJsInitiative(2)-HostingaSeriesofSeminarsforBanks日本银行的动作（2）-主办一系列银行业发展研讨会,7,BOJsOrganizationalChangesandSettinguptheCenterforAdvancedFinancialTechnology日本银行的机构调整和高级金融技术中心的设立,之前,7月18日之后,FinancialSystemsDept.金融体系部,PolicyPlanning政策制订,InternationalIssues国际事务,BankExaminationandSurveillanceDept.银行检查与监督部,PolicyImplementation政策执行,On-siteExamination实地考查,Off-siteMonitoring非实地监管,FinancialSystemsandBankExaminationDept.金融体系和银行管理部,CenterforAdvancedFinancialTechnology(NewlyEstablished)高级金融技术中心（新设立）,PlanningandImplementation制订和执行,InternationalIssues国际事务,On-siteExamination实地考查,Off-siteMonitoring非实地监管,8,AdvancingRiskManagement-ItsRelationwithBaselII强化风险管理与巴塞尔的关系,Theconceptof“advancingriskmanagement”isinlinewith“successfullyimplementingBaselII”“强化风险管理”与“成功实施巴塞尔”理念一致TheconceptofBaselIIthatstronglypushesbankstowardthedirectionofassessingrisks“moreprecisely”and“transparently”ina“self-disciplined”manneriscompletelysharedbyuswhenadvocatingfortheneedofadvancingriskmanagement.巴塞尔的理念是通过“自律”方式进一步增强风险评估的“准确”与“透明”，我们所提倡的强化风险管理与其一致。Ourstrategyistocapitalizeon,tothemaximum,theimplementationofBaselIIanditsaccompanyingmomentumofadvancingriskmanagementamongbanks.我们的战略是最大限度的利用巴塞尔及其附随文件中关于强化银行风险管理的规定。Thegreatestchallengeforusishowtoconvincebanksoftheneedandusefulnessofadvancingriskmanagement“bythemselves”in“aflexiblemanner”andtherebyavoidthecasewherebanksseekforanexcessivelydetailed“one-size-fits-all”typeguidance.我们面临的最大挑战是如何说服各银行“按自身情况自行采取灵活方式”强化风险管理的必要性和有效性，从而避免各银行寻求一套通用风险管理体系的情况。,9,“AdvancingCreditRiskManagementthroughInternalRatingSystems”以内部评级制度为基础强化信用风险管理,10,SPP-I:“AdvancingCreditRiskManagementthroughInternalRatingSystems”报告I：以内部评级制度为基础强化信用风险管理,Contents内容Architectureofinternalratingsystem内部评级制度体系Ratingprocessandratingmodels评级实施程序和评级模型Estimationofriskcomponents风险要素推算Usesofinternalratingsystems内部评级制度的灵活运用Validationofinternalratingsystems内部评级制度的验证Quantificationofcreditrisk信用风险的计量化Thepapertriestoshowourthinkingofsoundpractices,beingcomparedwithcurrentpracticesofmajorbanksandtherebyfacilitatesmallbankstoconsiderthemastherealworldcases.该报告介绍整合风险管理的方法，并与各大银行目前做法比较，有助于指导小型银行实际操作,11,FrameworkofAdvancingCreditRiskManagement强化信用风险管理设想,(Majordiscussionpointsintheseminars)Definitionofdefault,consistenttreatmentofcounterpartyrisksofmarkettransactions,dataintegrityrequiredforestimatingriskcomponents,concentrationriskcontrolmeasuresusingULoutcome,etc.（研讨会的讨论要点）违约的定义，市场交易伙伴风险的协调处理，风险因素评估所需要的资料整合，利用UL成果集中风险管理措施。,MigrationmatrixProbabilityofdefault(PD),Internaluse,RiskComponents,Lossgivendefault(LGD),Exposureatdefault(EAD),Correlation,Calculationofcreditriskamount,Expectedloss(EL)Unexpectedloss(UL),Stresstesting,Portfoliomonitoring,Provisioning,Pricing,Profitmanagement,Capitalallocation,Quantificationofcreditrisk,ReportingtotheBoard,Internalrating,Quantitativeevaluation,Financialdata,Qualitativeevaluation,12,ProcessofinternalRatings,ModelestimatingPDsofobligors(LogitorProbitmodel）债务人PD推算模型Modelestimatingexternalratings外部评级推算模型3.Hybridmodelof1.and2.模型1、2的结合,Scorebasedonfinancialinformation,AssessingRatings,Quantitativeratingmodel,Borrowersfinancialdata,FinalRating,Ratingmitigationafter1year,PDperratinggrade,Initialevaluation(tentative),EstimationofPD,Needsattention,Bankrupt,default,Quantitativeevaluation,Qualitativeevaluation,Borrowersqualitativeinformation,Normal,PD,Scorebasedonfinancialinformation,13,QuantitativeandQualitativeInformationUsedforRatingAssignment评级需要的定量要素和定性要素,ExamplesofQuantitativeFactors定量要素事例,ExamplesofQualitativeFactors定性要素事例,ExamplesofFactorsDeterminingFacilityRatings项目评级的要素事例,14,WhatFactorsDeterminetheRatings?决定评级的因素,(Majordiscussionpointsintheseminars)Theneedandusefulnessoffacilityratinggiventhewidespreaduseofuniquepledgesysteminlending,i.e.“pooledcollateralsystem”whereeachcollateralisnotlinkedtoeachtransactionsbuttoeachborrower.（研讨会的讨论要点）：市场普遍使用独特贷款抵押制度，即抵押融资与债务人而非交易相关联的“集资抵押体系”下，进行能力评估的必要性和有效性。,Onedimensionalsystembasesfacilityratingsonborrowerratingsandmakesupwardordownwardadjustmentstothegradesasnecessarytoreflectthecharacteristicsoftheloantransactionconcerned.,Atwodimensionalsystemcombinesborrowerratingswithevaluationofthefeaturesofindividualloantransactionsindependentofborrowers(e.g.,ratingsbasedonLGD).,Borrowerratings(1to10),Facilityratings(AtoJ)(One-dimensionalsystem),Borrowerratings,Facilityratings(AtoJ)(Twodimensionalsystem)RatingsbasedonLGD,Borrowerratings,15,HowtoValidateRatingModel?评级模型的修正,Manybanksincludingmajoronesarestillseekingfortheappropriatevalidationmethodsofinternalratingsystemsandriskcomponents.包括主要银行在内的许多银行仍在寻求的内部评级制度和风险因素恰当的修正方法。,0,100,CAPcurveofaperfectmodel,CAPcurveofrandommodel(nodiscriminatorypower),CAPcurveofamodelbeingevaluated,(%),A,B,Amodelhasmoreaccuracyasthecurvemovestotheupperleft,Ratioofcumulativenumberofdefaultedfirms,100,(%),Score,Non-defaultedfirms,Defaultedfirms,Numberoffirms,Ratingattheendoftheyear,Ratingatthebeginningoftheyear,Checktheorderofmigrationratefromrating1tootherratings,Checktheorderofdefaultrates,Checktheorderofmigrationratetorating7fromotherratings,Default,(Example2),16,UseofInternalRatingSystems内部评级制度的灵活运用,UseofInternalratingsystems内部评级制度的灵活运用(LoanOrigination)（授信执行阶段）Settinguppercreditlimitsbasedonratinggrades设定各个评级的授信限额。Settingauthorityranksforloanapprovalbyratinggrade设定各个评级的授信决定权限。Simplifyingtheloanreviewprocessforhighergradedborrowers简化优良评级企业的审查程序。(Monitoring)（中间管理）Monitoringindividualborrowersbasedonratinggrades针对不同的评级对授信企业的管理Monitoringtheoverallloanportfolio把握授信资产组合整体的信用状况。UsesofPDforeachratinggrade各个评级PD的运用Quantificationofcreditriskandallocationofcapital信用风险的计量和资本配置Pricingofloanratesreflectingcreditrisk考虑信用风险定价（设定贷款基准利率）Evaluatingtheeconomicvalueofloans把握贷款的经济价值,Manybankshavealreadyusedtheinternalratingsystemsasindicatedintheabovewithsomeexceptionssuchasfacilityrating.许多家银行已经建立了除设备评估外的上述内部评级制度。,17,II.AdvancingOperationalRisk强化操作风险管理,18,SPP-II:“AdvancingOperationalRiskManagement”报告2：强化操作风险管理,Contents内容Characteristicsofopriskandtheneedtoadvanceopriskmanagement操作风险特征和强化操作风险管理的必要性Overviewofeffortstoadvanceopriskmanagementandtheestablishmentofanopriskmanagementsection强化操作风险管理机制的概要和操作风险总括部门设置Quantifyingoprisk操作风险的计量Approachestoidentifyingandassessingopriskotherthanquantification计量以外的操作风险的把握、评估手法Thepapertriestostriketherightbalancebetweentheimportanceofadvancingopriskmanagementusinge.g.riskquantificationmethodsandtheneedtomaintaintheconventionalopriskmanagementbyemphasizingtheircomplementarycharacteristics.该报告试图探索新旧两种操作风险管理的合理安排，既突出运用风险计量方法等手段强化管理的重要性，又考虑到维持传统操作风险管理，发挥其补充作用的必要性。,19,AdvancingOp.Risk-WhyNow？目前强化操作风险管理的原因何在？,ChangesintheenvironmentsurroundingFIsoperations围绕FIsoperations的外部环境变化Businessdiversification,moresophisticatedfinancialtechnologies,widelyusedITandoutsourcing.业务多元化、金融技术高端化，业务处理的IT化、外包规模的扩大等局面TheintroductionofBaselII（allocationofcapitalforop.risk)引入巴塞尔（操作风险也必须计提自有资本）Majordisastersuchasearthquakes,terroristattacksanduncoveringofseriouscorporatescandals(societyisincreasinglyawareoftheneedforthefirmsmanagementofop.risk).最近发生的地震、恐怖事件等大规模灾害，以及国内外企业重大违规事件的攀升（社会整体对操作风险的关心程度越来越高）,Newchallenges面临的新挑战Needtomanageop.riskmoreefficientlybyidentifyingop.riskprofileinafirm-widemannerandtherebyputtingsomepriorityontheirmanagement.金融机构继续增强内在的综合把握、评估操作风险的基础上，进一步执行有张有弛的风险管理Needtoestablishstructuresthatcanquicklydetectheightenedriskandrespondappropriatelybeforetheriskmaterializes.提高操作风险增大的预期能力，完善在操作风险发生前采取稳妥措施的体制Needtocreatemechanismsforautonomousriskmanagementinallsectionsoftheiroperations.各个现场建立能够自律应对操作风险管理的机制,20,CharacteristicofOp.Risk操作风险特征,Formsofriskmaterialization风险显现形态Directloss,indirectlossorimpactincurredtothirdparties直接损失、间接损失以及对第三方带来的损失Highfrequencyandlowseverityorlowfrequencyandhighseverity“发生频率高，损失规模小”或“发生频率低但损失规模大”,Causesofriskmaterialization风险发生的主要原因Itisnormallydifficulttonarrowdownthefactorscausingsuchrisktomaterialize,andquiteoften,itonlyemergeswhenseveralfactorscomeintoplaysimultaneously.操作风险通常很难找出特定的风险显现的原因，而且多个原因共同作用风险才体现出来的情况也不在少数。,Smallscaleproblemsoccurringatrelativelyhighfrequency,Problemsthatdonotoccuroftenbuthavesevereconsequenceswhentheydooccur,DistributionofLossesArisingfromtheMaterializationofOp.Risk,Frequency,Amountoflossoflosses,Frequency,21,ConventionalOperationalRiskManagementMethods以前我国金融机构的操作风险管理手法,22,ConsiderationsofOp.RiskManagement操作风险管理时考虑的因素,Theneedtocoverawiderangeofeventsandactivities需要管理各种各样的事情Itisdifficulttobreakdownriskintothecategoriesofexposureandriskfactors.对于操作风险，抽选出与风险暴露及风险要素相当的项目是非常困难的Theneedforriskcontrolinallsectionswithintheinstitution管理组织内所有部门的必要性Op.riskexistsinallsectionsthroughouttheinstitution.操作风险存在于组织内任何一个部门Theimportanceofriskmanagementbasedonqualitativeinformation定性手法的重要性Itisnotalwayseasytomanagetheminaquantitativemanner.采用定量手法进行风险管理并不容易Reputationalandsystemicrisk声望风险、系统风险Itisnecessarytotakeintoconsiderationoftheindirectlossandtheeffectonfinancialsystem.必须考虑非直接因素造成的损失及其对金融系统的影响。,(Majordiscussionpointsintheseminars)Theneedandmeritsofadvancingop.riskmanagementwithriskquantificationforregionalbanks,degreeofindependenceofopriskcontrolfunction,howtoquantifyopriskwhenfacinglackofinternaldataandnoexternaldata,levelofgranularityofoperationalprocessestobeexaminedbyCSA.（研讨会的讨论要点）：通过对区域银行风险计量加强操作风险管理的必要性和价值，操作风险控制功能的独立性，缺乏充足内部和外部数据时如何计量操作风险，CSA评估计量单位的确定。,23,EstablishmentofanOperationalManagementSection操作风险总括部门设置,FunctionsofOperationalManagementSection操作风险总括部门的作用Plantheop.riskmanagementframeworkfortheentireinstitution.制定组织整体的操作风险管理框架。Collectandanalyzeinformationonaccidentsandotherproblems,computersystemmalfunctions,andclericalerrorsarisingineachsection,thenreporttothemanagement.收集并分析各个部门发生的事件、事故，电脑系统故障、事务操作失误等资料，向经营者进行报告。Examinetheadequacyandconsistencyofprocessesandprocedures(P&P).审查业务规程和手续的合理性、连续性。Evaluateandguidetheoperationalriskmanagementsituation.评估并指导各个部门的操作风险管理状况StructureofOperationalManagementSection部门结构,IntegratedRiskManagementSection,（systemrisk）,ITSystemPlanningSectionSystemRiskManagementSection,OperationalManagementSection,ComplianceManagementSection,（operational）,（compliance）,ComputerCenter,HeadOffice,BranchOffice,number:functionweakrelationship,OperationsPlanningSection,24,QuantificationofOp.Risk操作风险的计量,Considerations考虑因素Appropriatecollection,classificationandupdateoflossdata.合理进行数据搜集、分类和遗失数据的更新Selectionofmodelwhichisabletoidentifycasesoflosseswithlowfrequencybuthighseverity.选择能捕捉“发生频率低但是损失规模大”事件的计量模型Settinggroupunitsforquantification.为量化分析设立单位组Introducinghypotheticaldatabasedonexternaldataorscenarioanalysesintoquantitativemodels.将据外部信息和想象分析得到的假定数据引入计量模型Usingqualitativedatatorevisethequantificationresults.用定性资料修订定量分析得到的结果,Lossamountperlossevent,Numberoflosseventsoccurringperyear,Frequency,Frequencydistributionoflossevents(peryear)-e.g.Poissondistribution,Op.riskamount(99.0%VaR),Op.riskamount(99.9%VaR),Annualcumulativelossamount,Cumulativelossamountdistributionforoneyear,Frequency,Frequency,Distributionoflossamountperlossevent-e.g.lognormaldistribution,25,ControlofSelf-AssessmentsandKeyRiskIndicators风险管理自我评估和重要风险管理指标,ControlofSelf-Assessments风险管理自我评估Individualsectionsorbusinesslineswithinafinancialinstitutionevaluateinherentriskandinternalcontrolconditionsontheirown金融机构内的各个部门或者是业务团队自行评估内在风险和内部管理机制Resultsarecoordinatedandsharedwithintheentireorganization结果由组织整体进行归纳总结,Selectingmultipleindicatorsthatcontributetoearlydetectionofheightenedrisk选定能够及早预期操作风险增大的多个指标Monitoringoftheirmovements,andreactingpreemptivelyasnecessary跟踪考察其变化情况，根据需要尽早制定修正措施的机制Exampleofindicator重要风险管理指标的例子Operations：Businessvolumes,customerswaitingtime,numberofclericalerrors,numberofcomplaintsreceived,etc.事务层面：事务量、柜台等待的时间、事务失误次数、投诉受理次数Computersystems：Numberofmalfunctions,numberofstepsindevelopingprograms,utilizationratioofsystemdevicessuchasCPUs,storages,networktraffics,etc.电脑系统层面：故障次数、程序开发等级、CPU及磁盘等的资源剩余程度（比率）,KeyRiskIndicators重要风险管理指标,26,III.AdvancingIntegratedRiskManagement强化整合风险管理,27,SPP-III:“AdvancingIntegratedRiskManagement”报告3：强化整合风险管理,Contents内容Overviewofintegratedriskmanagementatfinancialinstitutions我国金融机构整合风险管理概要Integratedriskmanagementforuse:Issuestobeaddressedwithhighpriority整合风险管理当前的课题Otherissuestobediscussedforfurtherenhancingtheeffectivenessofintegratedriskmanagement强化整合风险管理的论点Useofintegratedriskmanagementincorporatemanagement整合风险管理在经营当中的运用SomerisksareveryimportantforJapanesebankstoaddress,butthemethodsforidentifyingthemhavenotyetbeenestablished,andthustheyaremanageddifferentlyfromonebankstoanother.Thepaperemphasizestheimportanceofincorporatingtheserisksintobanksintegratedriskmanagementframeworkaswellasothertraditionallywellidentifiedrisks.某些风险急需日本各银行应对，但还未建立有效识别的方法，因此各家银行对其处理方式各异。本报告强调将这些风险与其他已识别的风险一起引入银行的整合风险管理框架中。SomegoodexamplesoftheuniqueriskstoJapanesebanksareriskassociatedwithpreferredstock,riskassociatedwithdeferredtaxassetsandriskassociatedwithloanstoborrowerswithstrongrelationship.日本银行业面临的特殊风险包括：优先股引起的风险、延税资产引起的风险、由与银行关系密切的债务人引起的风险。,28,FrameworkofIntegratedRiskManagement整合风险管理框架,RiskisquantifiedusingthestatisticalmethodbasedonthepastdatasuchasVaR.风险的计量多采用关注资产价值变动的ValueatRisk（VaR）手法。Allocatinghypotheticalcapitalforinternalcontrolpurposestoeachsectionwithinthescopeoftotalcapital.Eachsectionthenmanagestherisksothatitdoesnotexceedtheallocatedcapital.在总资本量内，将内部风险控制预期资本额摊入各部门。各部门在摊入风险资本限额内进行管理。Theprofitabilityofeachsectionisassessedintermsofreturnagainstrisk.信用风险扣除后利润当作各部门业绩的评估指标。,-,-,Riskcapital,Quantifiedrisk,Allocationofriskcapital,Riskcapitalcommensuratewithcreditrisk,Regulatorycapital,Creditrisk,Marketrisk,Op.risk,Profitsmadebydepartmenteachsection,Securingadequatecapitalrelativetorisk,Assessingprofitabilityofeachdepartmentsectionintermsofreturnagainstrisk,Risktakingwithinthescopeofriskcapital,Riskcapitalcommensuratewithop.risk,Riskcapitalcommensuratewithmarketrisk,29,OrganizationalFrameworks组织体制,Riskmanagementsectionandtreasurysectionha