we use VaR as the limit, which will be reflected in trading limits such as maximum open position for each dealer,
maximum loss limits and counter-party limits.
In order to comply with risk-based minimum capital requirements, we have begun calculating capital reserves
to cover the interest rate risk on the trading book Tier 1 and banking book Tier 2.
Foreign Exchange Risk Management Foreign exchange transaction activities are centralized and
managed on a daily basis by the fund management unit. The market risk management unit monitors foreign exchange
risk and uses an integrated system of front office fund management unit, back office operational management
unit, and middle office market risk management unit.
Bank Indonesia sets the daily net reserves at a maximum of 20 of total capital. The Bank, however, prudently sets a
lower internal limit of 5 of total capital.
E. Liquidity Risk
Liquidity risks that the Bank may face arise primarily from third party funding positions, asset liquidity, and liabilities
to counter-parties. Meanwhile, the most significant off-balance sheet component of the Bank’s liquidity and
funding is credit commitments to the Bank’s customers. The liquidity level of the Bank is measured through primary
reserve and secondary reserve levels, among other liquidity ratios. The Bank maintains primary reserves in terms of
the Minimum Reserve Requirement at Bank Indonesia, and cash in various branches.
The Bank’s liquidity risk is measured by the liquidity gap, which is derived from projected needs or liquidity
surpluses according to asset and liability maturity period as well as the future business strategy. Based on the Bank’s
2005 plan, liquidity is projected to be in a surplus position for the next 12 months.
In general, the market and liquidity risk profile throughout 2004 was within the established limits.
F. Operational Risk Operational Risk Management Tools
Bank Mandiri has instituted a systematic and measured operational risk management program including the
development of risk governance, Operational Risk Management Policy, risk management information
systems and Operational Risk Management ORM tools.
Our calculation methodology for operational risk capital charges is based on the Basic Indicator approach, which
will be continuously enhanced to higher levels, i.e. the Advanced Measurement Approach AMA.
Bank Mandiri also seeks to build a risk culture, focusing on the implementation of integrated operational risk
management in line with the development of operational risk management procedures by adopting the following
principals:
1. To establish a conducive operational risk management environment and an efficient and effective risk
management platform; 2. Every group unit has the responsibility to understand
and implement operational risk management processes in a measured, proactive yet efficient
manner; 3. Management of the bank is conducted in a transparent
manner and should demonstrate the Bank’s ability to implement sound operational risk management to all
stakeholders.
The implementation of operational risk management will improve Bank Mandiri’s operations, while reinforcing
the accountability for operational risk management. Every group head will be equipped with operational risk
management tools to identify, appraise, monitor and mitigate their respective risks effectively.
In 2004, Bank Mandiri began to develop a Pro-active Risk Management mechanism, which enabled identification of
the operational risks faced by each unit independently, using the Risk Self Assessment RSA. This bottom-
up process involves the staff directly responsible for
63
the transactions, to ensure the primacy and relevance of the identified risks. The Bank has also developed
a risk assessment and identification process for new products and services prior to their launch, in order to
enhance its control function. The control function on risk identification finding must be based on minimum control
standards required by each group within the Bank and will subsequently become the Key Operational Risk Controls
KORC.
Risk management for the additional four classes of risk - legal, reputation, strategic and compliance – is
coordinated by the Risk Management Task Force through the implementation of rules, regulations and control
systems, whereas operational management remains the responsibility of the business and task units in charge of
legal, reputation, strategy and compliance functions.
G. The Road Ahead