Risk management

 

OVERVIEW OF RISK MANAGEMENT SYSTEM

 

2016 was marked with many major economic and political events, both domestically and internationally, exerting observable effect on the global stock market in general and the Vietnam market in particular. Besides, a series of events related to notable listed companies, namely dishonesty in information disclosure to investors, unreasonable stock price hikes, followed by extended period of floor price dropping, loss of liquidity, has increased market risk as well as eroded investors' confidence. However, with sound and transparent development strategy and action plan, combined with a team of high-quality personnel, SSI has managed to steadily maintain the largest market share on both Stock Exchanges, and achieve continual strong growth in personnel, network, and clients, etc., while keeping risks at a minimal level, below the risk limit approved by the BOD.

 

SSI has completed the development of the Risk Management Systems (RM) as required by Circular No. 210/2012/TT-BTC, and guidance on setting up and operating RM system of securities companies in accordance with Decision No. 105/QD-UBCK dated February 26, 2013 of the SSC. The implementation of the RM system ensures conformity in both functions and personnel as required.

 

Realizing the potential risks facing the Company due to strong growth in the number of employees, branches and clients, and capital size, as well as getting prepared for the Company's growth in the coming years, the BOD has announced plans to improve the effectiveness of risk management activities through setting up a capacity building project for risk management capabilities in August of 2015. In 2016, the project was completed with a highly specialized risk management apparatus, carrying out risk management activities specific to each type of risks, and bringing on board additional high quality staff in knowledge and practical experiences.

Additionally, in 2016 the Company has conducted review, supplemented and updated RM policies and procedures to improve the efficiency of risk management supervision and risk warnings, as well as updates to keep up with actual operations. Such activities shall continue to be carried out in 2017. Moreover, in anticipation to the introduction of derivatives products, in 2016, the Company has fully prepared human resources as well as developed a system of policies and procedures for risk management of the products.

 

Risk management activities are carried out seamlessly from top to bottom, initiated by the BOD through the development of business strategy and risk tolerance limits for each type of risks and each specific Business Unit, as follows:

  • To develop and align a culture of risk management to every employee whereby each individual to engage and contribute to risk management activities;
  • To develop a strong and transparent corporate governance structure in order to determine accountability of each individual and department in the organizational structure;
  • To develop a mechanism of control and oversight to keep risk within the limits allowed;
  • To issue of documents under policy framework and methods to identify, measure, control and mitigate key risks.

 

The Company uses the three lines of defense model in risk management activities as follows:

 

 

 

The Risk Management is organized by types of risk in order to ensure a high level of specialization:

 

 

Risk management activities are conducted specifically according to the 5-step process as follows:

 

Risk identification

Risks are determined based on indicators or areas with exposure to potential risk in the Company's business operations. Input data to determine risks includes:

i. Database of risks occurred in business operations that have been identified, and have been reported and detected through Internal Control, Internal Audit, and Independent Audit activities. Based on this data, the Company can assess and predict the risks likely to occur in the future;

ii. Based on analysis of historical data on the risks occurred and the likelihood of future risks to identify areas with high risk exposure. This method contributes to improve risk management based on the inheritance of experiences and lessons from the past;

iii. Changes in business strategy, the operating procedures as well as the development of new products, new business activities or execution of business restructuring;

iv. Recommendations and feedbacks from Government Agencies, Independent Audit, Internal Audit, and Internal Control;

v. Changes in business environment, policies and laws.

 

Risk measurement and assessment

SSI uses qualitative and/or quantitative methods of assessment to appropriately measure each specific type of risk.

Quantitative models are prioritized to quantify risks. These models could calculate and estimate exposure values of market risk, settlement risk, operational risk, liquidity risk, as well as others. These risk exposure values are quantified to a specific figure or a specific percentage. A number of typical models used by SSI to measure risk include:

  • Standard models, as stipulated in Circular no. 226/2010/TT-BTC dated December 31, 2010 and Circular no. 165/2012/TT-BTC dated October 9, 2012 issued by the Ministry of Finance;
  • Quantitative models VaR (Value-at-Risk) used to calculate the maximum level of volatility for a stock, or index to be used in derivative transactions with a predefined confidence level and time period;
  • Stress testing model used to assess the maximum loss that may occur according to a predetermined scenario for the Company to take loss limiting measures when necessary;
  • Quantitative scoring model and quantitative stock model based on historical data of price and volume volatility;
  • Banks' appraisal and rating models.

 

Risk limit identification

To ensure that risk is limited to the lowest level of tolerance, as well as to improve the effectiveness of risk oversight, the Company has established a set of risk indicators and limits for key risk exposure.

Risk limits are determined by both qualitative and quantitative methods. In particular, the latter has priority over the former.

Limits for each type of risk is determined based on:

  • Data and historical events related to the risks being monitored;
  • Risk appetite and targets of the BOD;
  • Actual operating activities of trading and related business divisions based on views of the divisions' heads.

The Risk Management Director proposes limits for each type of risk, with references to the characteristics of each business department for approval by the CEO.

The CEO proposes the total risk limit as well as specific risk limits for each business department for approval by the BOD. 

 

Risk monitoring

Risk monitoring activities are carried out on a daily basis, mainly through risk indicators and limits of the indicators. A number of risk parameters are set and limited automatically on the system, and others based on daily risk management reports in accordance with predetermined forms, or both.

Risk monitoring activities are carried out firstly by the business departments where the risk incurring transactions take place, followed by supervision of independent departments including Risk Management, Internal Control and ultimately Internal Audit.

When risk positions approaching warning levels, the Risk Management will issue a warning and request specific measures from the risk-generating business departments, and at the same time, coordinate with them to develop action plan to bring the risk positions back to safety threshold.

 

Risk handling

Risk handling activities are based upon review and assessment of factors such as the severity of the risk to be handled, the frequency of risk occurrences, costs of risk mitigation, risk characteristics, etc. The company implements a number of measures of basic risk handling as follows:

i. Risk tolerance: When the cost of risk handling is a significantly higher than that of the losses incurred due to risk exposure, no handling measure is necessary;

ii. Risk avoidance: Any activity that could lead to the risk exposure that the BOD has a zero or very low risk tolerance, or that exerts potentially serious impact on the image and activities of the Company shall not be carried out;

iii. Risk mitigation: Applying measures to mitigate potential impact on the Company or to minimize the probability of risk occurrences, or both;

iv. Risk sharing: Transferring all or part of the identified risks to another party, such as purchasing insurance (if comparable services are applicable) for operating activities;

v. Developing a monitoring and risk warning system for timely detection of potential risks and marginal risks for prompt risk handling.

 

General risk handling process:

i. Identifying causes of increased risk positions, and causes of risk generating events;

ii. Selecting and developing handling plan, including specifications of responsible units for implementation, implementation schedule, expected results, resource assessment and planning, and required procedures;

iii. Performing risk handling in accordance with selected plan;

iv. Reviewing and updating relevant policies and procedures to avoid similar incidents;

v. Adjusting relevant limits if necessary to align with reality.

 

 

MARKET RISK

 

SSI's core business activities exposed to market risks include investments in bonds, shares, deposits, margin lending, and derivative products which will be launched in 2017.

Revenues from these activities are affected by fluctuations in interest rates, stock prices, derivative indexes, possibly due to market conditions or changes in monetary policies or macro policies of the government of Vietnam or other countries concerned, possibly due to geopolitical turmoil such as unrest in the South China Sea, as well as other legal regulations. When interest rate and stock price fluctuations are unexpected, there exists the risk that revenue and profit of the Company would move in adverse direction.

To mitigate these risks, SSI ensures that risk management is carried out in a specialized manner and separated by risk types and that there is close coordination among related department with Risk Management from monitoring, assessment, market view and prediction, and investment strategy, to the limit system, risk diversification strategy, risk warning and handling process.

 

Investments in Deposits/ Bills/ Bonds/ Margin Lending

Over the past several years, the Treasury and Finance Trading Division has actively grown business operations, managing cash-in-hand in a large scale. Such activities in 2016 even exceeded previous years with owners' equity, reaching over VND 7,152 billion, total assets over VND 13,228 billion, average cash-in-hand of VND 5,000 billion, including over VND 1,200 billion from investors. In addition, investment activities in Government bonds also received special attention in 2016 with average portfolio value of VND 2000 billion. Cash flow movements were executed according to payment activities, clients' borrowings/repayments, and investment disbursements, occurring daily without a specified time frame. Such operations require SSI to balance short-term and long-term capital and corresponding interest rate across different maturities to optimize returns and realize predictions on interest rates. Even with modest interest rate fluctuations in 2016, SSI Treasury still managed to optimize interest rates trading, contributing a significant part to the Company’s revenue while ensuring the highest level of safety.

To anticipate the risk of stock price volatility that affects margin lending, the Company conducts assessment of macroeconomic conditions and geopolitical issues that may impact the overall market or a specific sector either periodically or unexpectedly upon occurrences of events for appropriate adjustments in margin lending activities.

 

Investment in Stocks

Stock investment portfolio is directly affected by internal factors of the economy as well as international evens; unanticipated changes of macro factors can cause stock prices to fall, creating adverse impact on the business results of securities companies. However, in 2016, SSI managed to capture market opportunities to divest and invest in companies in the basic and staples sectors of the economy that underwent little impact from market fluctuations while possessed potential for stable development. SSI remained consistent with long term investment strategy, avoiding risks arising from short term speculations, in which, the Company expanded support for our associated companies in maximum capital mobilization, establishing a solid financial foundation for manufacturing and business expansion, raising intrinsic value of their stocks and maintaining a positive momentum for their stock prices to grow.

 

Investments in Stock Derivatives

In preparation for the opening of the Stock Derivative Market, SSI has been actively involved in the process to complete the legal framework for the product with regulatory authorities. At the same time, SSI also set up a project team dedicated to derivative products to conduct product research and development of the company's trading and risk management systems.

SSI has implemented continuous internal training for employees. In addition, the Company also organized for staff to take classes held by the SSC on Derivative Securities so that the Staff can understand the products as well as related risks to provide the best advices to clients while minimizing risk exposure for both the clients and the Company.

The Risk Management has basically completed the development of risk management procedures for derivative products to actively identify, measure, assess, prevent and handle risks when the derivatives market is officially put into operation.

 

 

CREDIT RISK

 

The Company's credit risk arises mainly from margin lending activities, and investments in bank deposits and bonds. The risks arise when a partner fails to pay a part or all of its debt obligations to SSI when due.

Investments in deposits at commercial banks are considered to have the lowest level of credit risk; however, if occurring, such risk can cause great damages. Therefore, SSI always reviews careful before conducting transactions with Banks based on the Banks' credit rating, followed by periodic reassessment. Each commercial bank would be assigned a specific deposits limit depending on their specific credit rating, as well as certain terms and conditions, to ensure maximum capital preservation. At the same time, SSI established overdraft limit mechanism with multiple banks for simultaneous operation with bank deposits. This allows the Company to maintain liquidity capabilities while ensuring flexible capital uses and providing for credit risk, as bank deposits contracts always have provisions for flexible withdrawal of the overdraft facility. During our 17 years of operation, SSI has incurred no irrecoverable bank deposits. This is an achievement that testifies for our highly effective credit risk management activities.

 

Margin Lending

Margin lending refers to collateral lending activities, secured by clients' loan portfolios that have been approved by both SSI and SSC for margin lending. Credit risk arises when the Company is unable to recover sufficient debt upon disposal of all collateral assets of a client, or to process collateral assets due to loss of liquidity and deep depreciation, or cancellation of listing, while the client fails to provide additional collateral assets. In order to mitigate such credit risk, SSI employs a series of coordinated measures, as follows:

  • Establish a prudent collateral portfolio based on compliance with regulations by the State Securities Commission of Vietnam. At the same time, rate stocks in consideration of liquidity, price fluctuations and stock valuation based on the corresponding company's financial and operation analysis report. Based on stock rating, the Company will set lending rates and limits consistent with stock quality.
  • The portfolio of collateral assets is revalued monthly to mark to market fluctuation of the stocks. At the same time, individual cases are evaluated as soon as relevant negative news incurs.
  • Develop a cross-cut limit system to control concentration of outstanding lending balance as well as alert levels for timely recovery of debts:
    • Total volume limit for margin lending,
    • Maximum limit per client,
    • Maximum limit per stock,
    • Safety warning level,
    • Liquidation warning level, etc.
  • Monitor the outstanding balance, concentration of outstanding balance by client, stock and daily risk exposure to timely risk detection. For instance, outstanding balance with high concentration on a specific client or a specific stock, stocks with abnormal price volatility, stocks with unusual news, stocks with abnormal and suspicious transaction movements in trading session, etc.
  • Rate and appraise margin lending clients to ensure SSI’s criteria and regulations. Increase Broker’s client management responsibility with regards to warning communication and loan recovery, etc.
  • Refrain from competing for market share and outstanding lending balance through over-extending margin lending services

In 2016, with the overall growth of the market, and the strategy of diversifying the portfolio of client margin lending, increasing the lending of leading and highly liquid stocks, The company's margin outstanding balance grew from an average of over VND 3,000 billion in 2015 to an average of more than VND 3,890 billion in 2016, with the highest balance reached over VND 4,351 billion. However, related risks remained within the limits approved by the BOD.

 

Investments in Bonds

Investment in bonds is exposed to the risk of bond issuers losing their liquidity at the bond’s maturity, or the risk of unexpected adversities leading to the bond losing its liquidity. In order to mitigate these risks, SSI has in place an assessment procedure to examine all details and aspects of a bond investment proposal, similar to a credit assessment prior to investment. However, as interest rates on Government bonds remained low and the FED's interest rate hikes in 2016, SSI mainly invested in government bonds and government guaranteed bonds. For corporate bonds, SSI assessed very carefully, and only invested in bonds issued by reputable businesses with sufficient collateral assets.

 

 

LIQUIDITY RISK

 

Liquidity risk occurs when SSI loses its ability to fulfill its obligations to pay part or all of the due debts, failing to meet the demand for payment of securities purchased by investors using margin lending, or experiencing delay or failure to meet the requirements of payment activities of investors on accounts maintained at SSI. With the number of clients growing over the years, mounting to over 100 thousand accounts in 2016 across SSI branches in different cities, receiving hundreds of payment requests per day, SSI must ensure the quickest, safest, and most cost effective way to conduct payment operations for investors. In order maintain flexibility in serving clients, SSI has connected with dozens of banks to manage an average investor deposit balance of over VND 1,200 billion in absolute safety.

In 2016, SSI's margin lending service continued to maintain steady growth, with year-end outstanding debt remained at over VND 3,600 billion, requiring high flexibility in balancing daily cash flow between timely cash disbursement (in margin lending) and efficient use of cash flow when investors repay margin loans. SSI also holds the largest securities investment portfolio in the market, thus the management of low liquidity investments also requires a sound balance of owners' equity, to be able to reinvest the capital to capture investment opportunities. In 2016, SSI continued to ensure absolute liquidity management, without the occurring of any risky incident. Net capital ratio remained high between 490% and 679%, well above the regulatory 180%.

 

 

This achievement was thanks to a strict cash flow management process, which was established based on the particular priority we give to liquidity risk management and the close collaboration we foster between SSI’s offices and departments. All business units have access to a regular and detailed reporting system for timely information update.

 

 

In 2016, in order to continue growing margin lending, SSI raised additional capital from bank loans and bond issuance, cash flow management to ensure efficiency and safety therefore became more complex. However, SSI always maintained a reasonable and balanced ratio of assets and liabilities, applying the fundamentals of liquidity risk management to invest in liquid assets.

 

 

SYSTEM RISK AND INFORMATION SECURITY

 

Matching to higher level of business automation triggered concerns on the 2 key areas, risks of system failure and security protection on systems as well as information. These 2 key areas are always SSI’s main focus on determining what to improve on business automation. For existing solutions, SSI continued its determination on how to further enforce the system stability and information security.

 

For security protection, the Company had the following:

  • Tier 1 facility to detect/prevent cyber-attack
  • Advance solution for anti-virus protection
  • 3 layers of firewall protection of our data network
  • Data-Lost-Protection (DLP) facility to prevent information leakage
  • Vulnerability scanning performed annually
  • In-premise vulnerability scanning facility for regular scanning and rectification
  • Proper policies and procedures ensuring the effectiveness of internal control on avoiding any internal fault.

 

For disaster recovery protection, SSI achieved the following:

  • Proper assessment of Disaster Recovery Plan (DCP) quarterly
  • Additional 10% protection of 48 disaster protected scenarios achieved 90% automated coverage. The remaining 10% has been planted into two new core trading solutions for both cash and derivative markets targeted to roll-out on the first half of 2017
  • Performed the rehearsal of disaster recovery protection on November 2016

 

For system stability protection and improvement, SSI had the following:

  • All services are running on seamlessly redundancy environment with proper protection on any single point of failure
  • Hardware facilities have proper extra but not over capacity to prevent any unexpected business loading
  • All connections are protected by redundancy path and diversified on different location
  • SSI data center achieved tier 3 industrial standard with redundant Uninterrupted Power Suppliers (UPS), dual data network connections, dual power generators, dual data center grade air-conditioners
  • SSI backup/restoration procedure and facilities ensures the recovery of systems within the Service Level Agreement (SLA) and without any data lost.

 

 

COMPLIANCE RISK

 

Compliance risk refers to the risk that the Company must face in the event that the Company or its employee violates or does not comply with the provisions of the law, the provisions of the Company's charter, internal and professional procedures, regulations, including professional code of ethics.

Preventing and limiting compliance risks are considered an important task of the Company. A number of measures implemented by the Company to prevent compliance risks include:

 

  1. Process and operational design with cross-checking among individuals and divisions. At the Company, operational procedures and operational apparatus are designed for mutual cross-check to enhance internal inspection and supervision, limiting power abusing and allowing early detection of violations;
  2. Improving employees’ compliance awareness. Training and advocacy of compliance are attended to. Newly recruited employees are trained in common procedures, regulations and special regulations related to their areas of work. During the time at SSI, employees are trained periodically to have strong grab on work process and raise awareness of compliance;
  3. Establishing an internal inspection and supervision system;
  4. Applying stringent discipline to violations of the Company's regulations.

 

In 2016, the Company's Internal Control conducted 40 inspections across various divisions for compliance checking of internal procedures and regulations and relevant laws. Control results are reported to the CEO, Managing Directors and Head of Legal & Internal Control for timely handling of violations, updating and correcting operational procedures to mitigate risks and increase work performance.

Adherence to corporate accounting system and compliance with tax law is also a focus of the Company. The Company conducted 33 audits in 2016 related to accounting entries, financial reporting and tax auditing. Internal audit activities promptly detected errors and proposed compliance measures to the CEO. Internal audit activities have increased the effectiveness of compliance risk management in the Company. Published financial statements, tax reports and net capital reports of the Company were ensured honesty and objectiveness, in accordance with accounting standards and regulations.

The Company maintained annual training for the entire staff on professional ethics, internal control, and money laundering prevention and control. The Finance and Accounting Department was also trained to update legal knowledge on accounting and tax law, and participated in training courses organized by administrative agencies.

The company has developed and issued regulations to support staff to improve their professional knowledge. This regulation has encouraged many employees to actively participate in courses to update specialized knowledge or long-term courses to improve their professional knowledge. Job positions requiring personnel with practicing licenses were fully met.

By improving the awareness of compliance, increasing the frequency of control and timely updating and finalizing of process, in 2016, the number of violations and errors was strictly controlled and there were no significant errors.

A number of compliance risks that the Company has identified and developed control measures for 2017

 

 

REPUTATIONAL RISK

 

Branding in the finance – securities sector, in our perspective, has extended beyond being a symbol for clients to identify and position our business products and services; it has become a valuable intangible asset. Reputation risk refers to the loss or damage of value those results from changing Clients’ perception of the Company, creating major impacts on their demands for the Company’s products and services, as well as all general business activities.

Based on our insightful awareness of the potential reputation risks, SSI has established and implemented an effective brand development and management strategy. Our branding is represented, firstly, by the images and information that are communicated through both public and internal media channels. Yet, more importantly, it is also showcased through our products and services, as well as any experience and interaction, no matter how small, between our clients and our representatives. As such the concept “brand ambassador” has taken a higher level of meaning, empowering each and every individual at SSI with the capability to convey important messages about the SSI brand to both our clients and the public. We always strive for consistency and strategic alignment in these messages. Our vision is “The Business of Success” and our mission is to establish SSI as a transparent financial institution.

Maneuvering through today’s information highway, SSI has chosen transparency to be our guiding communication principle to minimize reputation risk. Transparency is key to building trust of our Shareholders and Investors: Information, whether negative or positive, is processed in a consistent manner to provide them with a genuine perspective. When inaccurate information about SSI is published, we apply the same principle of transparency in handling: always willing to initiate direct dialogue with the public, providing factual and credible information to work towards a resolution Respecting the investment value from our shareholders, SSI is fully aware of our responsibility to provide our shareholders and investors with transparent, complete, accurate and timely information. 

As the impact of social networking on branding becomes more powerful, instead of being passively responding to the flow of information, SSI has worked with leading consulting firms to be able to listen to the most detailed discussion of investors, clients, not only on the SSI brand, but also on the stock market. This information helps SSI both take initiative in responding to misleading information, and access a valuable source of information to observe market orientation, so that SSI can continue to pioneer on the path toward market transparency.

In order to mitigate reputation risk, SSI has been working to establish a systematic and professional communication process and plan. Our communication plan is clearly defined every year so that essential information can be related in a timely and complete manner. All materials, messages and announcements from SSI go through a strict internal review process to ensure precision and consistency. To date we have issued and implemented various regulations and rules for information reporting and publishing, with particular provisions for conducting interview with public media, as well as sharing information and producing written materials on SSI’s business activities. Most notably, SSI has in place a clear procedure for correcting false information on public media, asking all of our staff to be responsible for alerting the company about the existence of false information. We also prepared a full guideline for crisis management, emphasizing a willingness to collaborate, share and communicate with the media and the public.

 

 

HUMAN RESOURCE MANAGEMENT RISK

 

Positive changes in macro factors of the economy in general and in the stock market in particular have presented the SSI human resource division with new challenges and opportunities. Understanding that human resource is our most valuable asset – the defining factor in making SSI the difference on the market – we expended focus and effort in developing policies and activities for structured and comprehensive human resource management

 

In 2016, the stock market continued to show huge demand for manpower as companies operated and expanded. When there was insufficient supply, securities companies were forced to recruit talents from competitors in the same sector. As tension between those who need to attract talents and those who want to retain talents builds, it is understandable that salary competition, employee turnover and job switching ratio all increased.

 

Faced with challenges in human resource management (HRM) to sustain and develop the staff, risk management activities in this area were also carried out with significant attention. Not only limiting to strict recruitment screening, expanding of recruiting channels, enhancement of staff training, critical performance evaluation and benefit policy development ensure mitigation of manpower shrinkage and losses; SSI also focuses on listing potential risks may be encountered in HRM activities to determine risk assessment and scenario-specific handling.

 

 

In conjunction with employee selection and recruitment, we consider employee training to be a key element in safeguarding and raising human resource quality, as well as an important source of employees’ inspiration and motivation. Training programs are designed for specific types of audience, helping to increase work effectiveness, reduce business risk and improve organizational solidarity. As we anticipate changes to the legal framework for human resource and an increasingly challenging market, more than ever, the SSI team needs to strive for a new level of performance and growth and provide our clients with more competitive values.

Benefits policy and performance measurement program always serve as a parallel duo to ensure employee satisfaction, internal fairness and market competitiveness, creating a professional work environment for staff development.

Optimize operating costs but still warrant the pace of HR development in both quality and quantity to adapt to market requirements; attracting and retaining talents, especially high-level personnel is always a challenge for the HRM activities. SSI gives priority to the systematic and procedural management of our organization, ensuring strict compliance, sustainable development and sufficient provisional staffing throughout, so to mitigate risks from fluctuations in our human resource. For human resources management activities, the accuracy and security of information are always considered a major concern. Periodic reports show trends in the Company’s personnel are conducted through an information management system to help the Leaders better manage and predict staffing situation, as well as develop training schemes, recruitment, and policies consistent with actual situations. With the support of technology systems, personnel activities have also been able to mitigate risks and improve operational efficiency.

Besides, SSI continues to maintain internal communication channels to share vision, strategy and strengthen corporate culture to foster the Company’s spirit. This sharing also acts as a motivating factor, provides information and avoids unnecessary tension. It also serves as an assurance measure for seamless information and ensures that every employee understands individual as well as common objectives to continue making their best contribution to the development of the Company. With the high level of sharing and transparency within the organization, operation will be more smoothly, reducing negative impacts on human resources.

With new challenges and opportunities, human resource management activities at SSI have received valuable attention and support from the Management Board for the development of a human force high in quality and rich in SSI's culture. SSI will continue to be a “cradle for talent development.” Here, we fuel ambitions and are willing to provide opportunities for employees’ experiment and development. Through our management system and cross-checking processes, we can boldly facilitate experimenting and trying for staffs while ensuring mitigation of potential risks.

 

LEGAL RISK

 

Legal risk exposed to the Company in the course of legal compliance due to regulatory changes, failure to comply with regulations or in the arising of disputes and litigations, etc., from stakeholders during the process of the Company's daily operation. The BOD attaches great importance to this issue, and therefore does not tolerate any risks due to deliberate violations of legal regulations.

2017 is anticipated to undergo many significant changes in legal framework for businesses in general and for the stock market in particular, including the adoption of the 2015 Civil Code, the amendment of the Securities Law, the amendment of regulations on management of public companies and operation of securities companies, etc., new trading products such as derivative securities, secured warranties, etc.

In order to limit the risks arising from changes in laws or regulations, SSI organizes the Legal Department with licensed lawyers as well as uses external professional legal consultancy services in case of need. The Legal Department and external consultancy are responsible for updating newly issued legal documents to the BOD, the BOM and relevant Departments; studying the impact of to be issued draft legal documents on the Company's activities for proper preparation. In addition, the Division is also in charge of providing inputs to draft legal documents that are closely related to the Company's activities, participating in seminars, coordinating with peers and members of professional associations to comment on law making process, summarizing problems arising from the application of current regulations to report to competent state agencies and propose feasible solutions.

The Company's internal procedures and regulations must be reviewed by the Legal Department as well as regularly examined and revised for suitable amendments and adjustments to changing laws.

Most members of the BOD, BOS and managers of the Company have participated in corporate governance training courses for public companies.

Compliance is a criterion in the professional code of ethics of the Company that the entire BOD and employees have committed to.

 

ENVIRONMENTAL RISK

 

The Company provides services in the financial sector, without material use of natural resources, therefore environmental risk exposure is negligible.

 

 

2017 ACTION PLAN

 

As part of the plan to improve the Company's risk management capability, 2016 was a milestone year with the completion of the risk management system, growth of human resource, and initial update of framework policies and procedures. The main objective of 2017 is to improve the system of policies, procedures, monitoring, and early warning specifically to each type of risk, along with the implementation of new policies and procedures.

With strong growth in personnel force as well as branch network and clients, the Company has to face increasing operational risks. Therefore, 2017 to focus on improving the effectiveness of risk management with the implementation of risk management training for all employees to enhance risk management culture, for each employee is to serve as a risk management agent. At the same time, the Risk Management Department will coordinate with business units to develop a risk category, risk prevention and mitigation measures for each department and continuous action plans for each division as well as for the whole Company.

In addition, the adequate management of credit risks, liquidity risks and market risks will continue to be carried out daily as well as be improved for higher effectiveness of risk management activities for their directly connection to the Company's core businesses. In 2017, as derivatives to start trading, the completion of risk management for the products will also be a focus.

 

Challenges in the implementation of risk management activities

In order to achieve sufficient risk management, it is necessary to be accurate and effective in identifying, measuring, monitoring, warning and handling risks, along with awareness building at all levels from management to employees on the importance of risk management and each member's initiative to engage in risk management activities of SSI.

Because risk management is a new field in Vietnam as well as a growing field in the world, there remain issues with inconsistent and changing definitions, limited risk measurement models, and inadequate awareness on the importance of risk management activities across majority of the work force. Therefore, risk management activities to encounter the following difficulties:

  • Measuring risks using the quantitative method requires the use of historical data. However, at present, the data source is either very limited or unavailable, making the use of quantitative risk measurement to be challenging, inaccurate or unfeasible. In addition, quantitative risk measurement models themselves have limitations and vary in approaches. For instance: The Value at Risk (VaR) method can help to measure maximum loss at a specific level of confidence over a period of time. However, when a risk is outside of the confidence level, the maximum loss cannot be defined and often is very large. In addition, VaR also has a variety of measurement methods depending on specific conditions, requiring users to have experience for appropriate measurement application.
  • Due to limited awareness on the importance of risk management, the effectiveness of staff contribution to risk management process remains below expectation and risk management activities are mainly carried out by the Risk Management Division and part of the business divisions that directly generate risks.
  • Current software systems supporting risk measurement require very high investment costs that only large banks or financial corporations in the world can reach the scale to attain meaningful cost effective use. As a result, certain semi-manual calculations remain in use.