Risk Management Inner Page Slide

Risk Management Heading


Risk Management Information


The objective of the Risk Management Framework of the Bank is to minimize negative effects that risks can have on the earnings, capital, and liquidity of the Bank. The Bank has been managing risks through active Board and senior management oversight, risk governance structure, policies and procedures, appropriate management information system, comprehensive internal controls and limits, and stress testing. The Bank’s Risk Management Framework has following components:

Active Board and Senior Management Oversight

The Board of Directors (BOD) is ultimately responsible for management of Risk in the Bank. Risk Management Committee of the Board (RMCB), a board level sub-committee, is in place for overall risk management in the Bank. In addition to Board level committee, management level committees viz. Operational Risk Management Committee (ORMC), Credit Risk Management Committee (CRMC) and Market Risk Management Committee (MRMC) are also functioning for management of operational risk, credit risk and market risk, respectively. Accordingly, Asset Liability Management Committee (ALCO), ICAAP (Internal Capital Adequacy Assessment Process) Review Committee, IT Steering Committee, Information Security Committee, IT Strategy Committee, BC & OR Governance Committee and Good Governance Committee are in function for management of market risk (specifically interest and liquidity risk), capital assessment, IT related issues, development and implementation of Information Security, oversight on IT activities of the Bank, overseeing the various aspects of business continuity & operational resilience and monitoring the status of good governance in the Bank respectively.

The Chief Risk & Compliance Officer (CRCO) independently looks after overall risk and compliance of the Bank with solid line reporting to the Risk Management Committee of the Board. Under the Chief Risk and Compliance Officer, Integrated Risk Management Department, Compliance Department, Information Security Department and Treasury Mid-Office take their charges.

Risk Governance Structure

Risk Governance structure of the Bank refers to the structure, rules, processes, and mechanisms by which the decisions about risks are taken and implemented. The Bank has a separate and independent Risk Governance Structure as:


Policies and Procedures

The Bank has various policies and procedures set for managing various risks the Bank faces. All material risk policies and manuals are reviewed and approved by the Board of the Directors of the Bank annually to reflect changes in our business and regulations, law, corporate governance, and industry best practice. The adequacy and effectiveness of the policies are deliberated in the Board meeting. This helps us to ensure that we continue to meet our responsibilities to our customers, shareholders, and regulators. Policies of the Bank are reviewed by Integrated Risk Management Department, Legal Department, and Internal Audit Department for value addition/efficacy testing before putting up to management level and Board level committees.

Risk Management Procedure comprises steps for identification, assessment, monitoring/controlling, measurement, reporting and mitigation of various risks. The Bank has laid down various mechanisms like Credit Risk Assessment of credit exposures, Operational Risk Meeting at branches and province offices, Key Risk Indicators, Loss Data Report for carrying out the risk management process of the Bank.

Appropriate Management Information System

In view of the growing information requirements of the regulators, departments and operational units, MIS in the Bank are being constantly assessed, upgraded, and fine-tuned. All Branches of the Bank are networked on Core Banking Solution (CBS). The system regularly generates separate reports for Branches / Controllers to analyze various risks faced by the Operating Units.

Comprehensive Internal Controls and Limits

Board of Directors (BoD) of the Bank ensures proper internal control mechanism through organizational structure, line of authority, policies, procedures, risk appetite and delegation of official powers etc. The Central Management Committee (CENMAC) is in place in the Bank as an executive level apex body to take enterprise-level decisions. The Committee is primarily responsible for ensuring implementation of decisions, compliance with applicable statutes, regulations, internal policies & guidelines, and ethical standards at/by respective business units/groups. Similarly, ACB (Audit Committee of the Board) deliberates on the adequacy of internal control mechanism and instructs the management on remediation of short comings, if any. The Bank has adopted three lines of defence mechanism for better internal control:

First Line of Defence is the primary role of the Business Groups and Support Groups to identify, assess and manage the various risks pertaining to their business or area of operation. The model assumes that controls in this first line are granular and based on individual transactions as staff are involved in daily processes and familiar with the workflow and possible control weakness. Therefore, it is easier for them to implement controls that target more granular processes and detect weaknesses early on.

Second line of Defence comprises independent risk management and compliance functions such as Compliance Department, Integrated Risk Management Department, Information Security Department and Treasury Mid-Office, whose key duties are to monitor and report risk-related practices and information, and to oversee all types of compliance issues. The second line of defence defines preventive and detective control requirements and ensures that such requirements are embedded in the policies and procedures of the first line.

Third Line of Defence is the Internal Audit Department that would ascertain the effectiveness of the Bank’s risk management processes, measurement systems and to verify and ensure the compliance with the Basel/NRB/RBI Guidelines. The third line of defence performs independent periodic review of the first two lines of defence, provides assurance and informs the first two lines of strengths and potential weaknesses. It also carries out diverse types of audits covering different facets of the Bank’s activities.

The Second and the Third line of defence are independent from business budget, and report directly to the Board/Board level committees.

Product Development and Vetting Committee (PDVC) assesses the risk in new products/services prior to the launch of such products/services and mitigation measures are adopted accordingly.

Stress Testing Practices

Stress testing is considered as a key and integral component of risk management by the Bank. The stress testing is performed to assess the impact of severe economic downturn on financial position & capital. It covers the assessment of material risk (i.e., Credit Risk, Market Risk, Operational Risks, Interest Rate Risk in Banking Book, and Liquidity Risks) as realized by the senior management and the Bank’s Board as well as guided by the regulatory requirement of Nepal Rastra Bank.

The most significant risks which could impact the delivery of our long-term strategic objectives and our response are detailed below:

Principle Risks Key Mitigating Actions
Credit Risk
The risk that customers and/or other counterparties whom we have either lent money to or entered into a financial contract with, fail to meet their financial obligations, resulting in loss to the Bank. Adverse changes in the economic and market environment we operate in or the credit quality and/or behavior of our customers and counterparties could reduce the value of our assets and potentially increase our write downs and allowances for impairment losses, adversely impacting profitability.
  • Robust risk assessment and credit sanctioning to ensure we lend appropriately and responsibly.
  • Extensive and thorough credit processes and controls to ensure effective risk identification, management, and oversight.
  • Monitoring of quality of credit portfolio on a periodical basis, identifying problems and correcting deficiencies.
  • Risk rating of borrower through Credit Risk Assessment scoring model/Retail Scoring Model
  • Delegation of financial power for sanctioning of loans and arrangement for submission of control report to higher level authority at regular interval.
  • Monitoring of sector-wise credit concentration.
  • CRMC and RMCB oversee the level of risk and provide guidance whenever required.
Operational Risk
Operational risk is the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events. We face significant operational risks which may result in financial loss, disruption of services to customers, and damage to our reputation. These include the availability, resilience and security of our core IT systems and the potential for failings in our customer processes.
  • ORMC at branches, province and central level are in place to oversee the operational risk.
  • Implementation of Business Continuity Plan (BCP) to ensure the Bank’s continued operability in the face of any emergency, disaster, crisis.
  • Continual review of our IT environment to ensure that systems and processes can effectively support customers’ requirements.
  • Enhancing the resilience of systems that support critical business processes with independent verification of progress annually.
  • Each desktop is implemented with Active Directory System (ADS) for end user management of computers
  • Implementation of Loss Data Management Policy to record the loss.
  • Improving early warning information through implementation of Key Risk Indicators (KRIs).
Market Risk
Market risk the risk that our capital or earnings profile is affected by adverse market rates, in particular, changes in interest rates, foreign exchange rate, equity and commodity prices.
  • Equity and interest spread risks are closely monitored and, where appropriate, asset liability matching is undertaken to mitigate risk.
  • Stress testing of risk exposures.
  • Ensure that there is clear accountability, responsibility and adherence to the regulatory guidelines including best practices for management and mitigation of market risk.
  • Monitoring of mark-to-market positions of trading book, Net Open Position, counterparty exposure limits, breaches, if any, by Treasury Mid Office and reporting to the Chief Risk & Compliance Officer.
  • RMCB, ALCO and MRMC oversee the level of risk and provide guidance whenever required.


Nepal Services Remittances

Remittance from India



Education Loan
Education Loan
NSBL Recurring Deposit
Recurring Deposit
NSBL Corporate Salary Package
Salary Package
Vishwa Yatra Card
Vishwa Yatra Card
SME Loan
SME Loans
Housing Loan
Housing Loan