ALCO and Operational Risk Management at CITI Bank

Name

Student ID

Instructor

Date
 ALCO and Operational Risk Management at CITI Bank

Table of Contents
Part1............................................................................................................................................................3
Introduction.............................................................................................................................................3
ALCO at CITI Bank....................................................................................................................................3
Interest Rates Determination and ALCO at Citi Bank...............................................................................4
Instruments for Measuring Interest Rates Offered by CITI Bank.........................................................5
Liquidity Risk Management.....................................................................................................................7
Short-Term Liquidity Measurement....................................................................................................8
Part2............................................................................................................................................................9
Operational Risk Management of CITI Bank............................................................................................9
Fraud Risk Assessment..........................................................................................................................11
References.................................................................................................................................................14

Figure 1: Governing Structure of CITI Bank..................................................................................................5

Figure 2: Interest Income at CITI Bank (Source: CITI Bank, 2022)...................................................6
Figure 3: Estimated annualized impact to net interest income (Source: Citi Bank, 2022)..............7
Figure 4: High Quality Liquid Assets......................................................................................................9
Figure 5: LCR and HQLA of Citi Bank...................................................................................................9
Figure 6: Operational Risk Management Framework........................................................................10
Figure 7: Fraud Prevention Framework...............................................................................................14
 ALCO and Operational Risk Management at CITI Bank

Part1
Introduction
The Assets and Liabilities Committee, often referred to as ALCO, is the organization
inside a bank or other financial institution tasked with addressing problems related to asset and
liability management as well as risk management issues. ALCO performs the functions of a
decision-making body, a supervisory group, an assessment committee, and a risk management
committee for financial institutions such as banks and other credit institutions. An asset and
liability committee, often known as an ALCO, is a group accountable for the institution's financial
planning and risk management. ALCO is formed of senior executives or senior executives of the
financial institution. Another name for this committee is a surplus management committee. This
committee investigates banks' assets and liabilities to distinguish the inherent risks from the
prospective profits. The ALCO's job is to evaluate the potential threats to the institution's liquidity
or market position caused by the institution's many different activities ( Krishna & Student, 2022).
The ALCO is responsible for planning the bank's balance sheet, managing interest rate risks,
and determining an effective strategy for borrowing and lending. The primary purpose of ALCO
is to ensure that the financial institution maintains satisfactory levels of both profitability and
liquidity. By doing so, they affect the net income of the bank as well as share prices. An ALCO is
responsible for performing oversight tasks at the management level of the bank by developing a
Management Information System (MIS) to facilitate efficient risk management both on and off
the institution's balance sheet. An ALCO is responsible for controlling a bank's interest rate risk
and liquidity, ensuring that the financial institution has enough liquidity while also appropriately
managing its risks. The Asset and Liability Committee, also known as ALCO, often holds
quarterly meetings to establish suitable policies for the bank to manage risk and keep enough
liquidity (Mweu, 2022).

ALCO at CITI Bank

An asset and liability committee, often known as an ALCO, is an entity that may be
found inside a bank or another kind of financial institution that tackles problems pertaining to
asset and liability management as well as risk management. ALCO is responsible for performing
the tasks of a decision-making body, a supervisory group, an assessment committee, and a risk
management committee for various types of financial institutions, including banks and other
credit institutions. An asset and liability committee, often known as an ALCO, is a body that is
accountable for the financial planning and risk management of an organisation. In addition, the
activities not allocated to a particular business sector are included in the Corporate/another
category. This category also contains some loan portfolios located in North America and
internationally, businesses that have been terminated, and other historical assets ( Boonkob,
2021).

Figure 1: Governing Structure of CITI Bank

Interest Rates Determination and ALCO at Citi Bank

The possibility that fluctuations in market interest rates may hurt the soundness of a
bank's finances is referred to as interest rate risk. The following is a list of the immediate effects
that a change in the interest rate has on economic margin. The long-term repercussions of
fluctuations in interest rates impact the banks' equity because they affect the value of a bank's
assets, liabilities, and other factors that are not on its balance sheet. The Asset and Liability
Management Committee (ALCO) of the bank and the Risk Treasury of the bank are responsible
for the risk management linked with the volatility of interest rates (RT) (Li, 2019). Calculations to
evaluate the potential impact of changing interest rates on the bank's book of business are
carried out monthly. A mismatch between the values of assets and obligations sensitive to
fluctuations in interest rates creates this risk for the company. To keep track of the potential for
fluctuations in interest rates, the Bank put up a mechanism to monitor revaluation mismatches
between its interest-bearing assets and liabilities. When determining interest rate mismatches,
Citi follows the criteria that have been established. The Bank uses the maturity technique to
evaluate the potential exposure to interest rate fluctuations of the trading portfolio's securities.
The capital requirement for all market risk positions is calculated using the seniority technique
and the instructions provided by the Central Bank. By Citi's standards, ALCO is responsible for
bearing interest rate risk (Anzeer, 2015).
Instruments for Measuring Interest Rates Offered by CITI Bank

Analysis of interest rate differentials involves the revaluation of balance sheet items or
maturity schedules and the recognition of derivative hedges to identify disparities between
things that are due or revalued at certain time intervals. The "Interest Rate Risk" (sometimes
abbreviated as "IRR") metric calculates the possible effect on pre-tax profits incurred over
specific reporting periods as a result of a specified parallel shift in the yield curve ( Rathnayake et
al, 2022). A prospective metric comparable to the factor sensitivity of commercial portfolios, it
aims to predict future outcomes. The closure value is not the same as the liquidation value since
it assesses the "fair worth" of an accumulated portfolio at a particular moment in time. It should
be computed for all cash and business units where residual positions may be accurately
evaluated at market values. It should also be calculated for all business units.

Citi's interest rate risk throughout the organization is pooled and managed by the
company. Citi's client-facing activities produce interest rate-sensitive venues like loans and
deposits as part of its day-to-day operations. These venues are created in the ordinary course
of business. These exposures are gathered together by Citi Treasury, which then administers
them centralized. To attain the appropriate risk profile, Citi Treasury conducts its operations
within the parameters that have been defined, making positioning choices and using
instruments such as the Citi bond portfolio, corporate bonds, and interest rate derivatives
(Zubair, 2021). In Citi's interest rate risk position, incremental changes in all non-trading assets
and liabilities that have the potential to have major unfavorable consequences and positioning
decisions affecting Citi's treasury portfolio are included. These adjustments might have a big
impact. Citigroup uses additional measures, such as testing the impact of non-linear interest
rate movements on book value and analyzing the portfolio duration and volatility, particularly in
mortgages and mortgage-backed securities. These two tests are particularly important for
determining how non-linear interest rate movements will affect book value (Devesh, 2021).
 Figure 2: Interest Income at CITI Bank (Source: CITI Bank, 2022)

Changes in the makeup of Citi's balance sheet and the company's cash position are the
primary contributors to the rise in the expected effect on net interest income compared to the
previous year's results. The impact of Citi's Treasury derivative design and investment portfolio
may be seen most clearly in the year-to-year unpredictability of the expected impact on the
AOCI and CET1 ratio. Citi expects that the adverse effects on AOCI will be offset in equity if
there is a simultaneous rapid increase in interest rates by 100 basis points. This is because Citi
anticipates that the effects on AOCI will be reversed due to the accumulation of Citi's investment
portfolio throughout the period (Tasdemir, 2021). In such a scenario, Citi predicts that the
negative impact of $4.6 billion on AOCI would reverse in about 27 months from the fiscal year-
end in 2021. The following table displays the estimated effect on Citi's net interest income,
AOCI, and the Common Equity Tier 1 capital ratio, on a fully-applied basis, depending on which
of the five potential interest rate change scenarios is implemented. Which of the following is
relevant in this situation? A number of different interest rates for currencies, including the one
for the US dollar. One of these factors is the assumption that the market rate of interest, as well
as the interest rate paid to depositors and the interest rate charged to borrowers, would not go
below zero. This assumption is sometimes referred to as the "minimum assumption." This has
an impact on the hypotheses that forecast lower interest rates. This environment exists in
several countries where interest rates are already relatively low. The convexity linked with
mortgage products is another factor that might impact potential interest rate outcomes (Anari,
2022).
 Figure 3: Estimated annualized impact to net interest income (Source: Citi Bank, 2022)

Liquidity Risk Management

The danger that Citi cannot efficiently satisfy current and future predictions, as well as
projected cash flows and security needs, is known as liquidity risk. This risk may hurt Citi's day-
to-day operations and overall financial position. The company Citi relies on having excellent and
diversified financing sources to maintain its liquidity. Various factors cause risks associated with
funding and liquidity, most of which are wholly or primarily beyond Citi's control. Citi's funding
and liquidity management goals are centered on the company's efforts to finance its existing
asset base. Expansion of its core business; maintaining sufficient liquidity to enable Citi to thrive
in a variety of circumstances and adverse events, including liquidity and certain events of
varying duration and severity; and (iv) compliance with regulatory requirements, including, but
not limited to, resolution planning ("Resolution Plan" and "Total Loss Absorption") ( Olowosegun &
Moloi, 2021).

The senior/long-term debt and short-term commercial paper ratings on Citi and its
substantial subsidiaries are based on various walkthroughs, including the stand-alone financial
health of Citi and its affiliates. This is because Citi does not have complete control over auditors.
Citi and several subsidiaries are continually evaluated by rating agencies such as Fitch,
Moody's, and S&P Global Ratings.

Long-term debt (mainly senior and subordinated debt) is provided primarily to Citigroup
Inc. by its majority shareholder and Citibank. The principal source of financing for Citi is
shareholders' equity. This may be accomplished via the use of short-term loans, the majority of
which will take the form of secured finance. By this policy, Citi's HQLAs are managed at the
corporate level, with a primary emphasis placed on managing assets and liabilities and
providing adequate liquidity. The Chief Risk Officer and Chief Financial Officer of Citi are
directors of the ALCO of Citi Group, including Citi's Treasurer and several other top executives
(Yesmine et al, 2023). ALCO is in charge of defining the liquidity strategy for the portfolio and
evaluating how well it is doing (for more information on ALCO, read the section under "Risk
Governance: Committees of the Board of Directors and Senior Management"). Any significant
modifications to the portfolio's asset allocation need prior permission from the ALCO. In
addition, other ALCOs have been established by Citi to provide proper monitoring of nations,
franchise operations, and regions at a variety of corporate levels. These ALCOs are vital
components of Citi's corporate governance and are essential in managing its balance sheet and
liquidity. In addition to the ALCO, Citi has a meeting called the Funding and Liquidity Risk
Committee (FLRC), which is mainly concerned with financing and liquidity risk concerns. The
FLRC is responsible for conducting evaluations and audits of Citigroup and Citibank's risk
management procedures and their liquidity and financing risk profiles (Yao et al, 2023). It then
provides each applicable ALCO with a summary of its findings and suggestions where
appropriate. Citigroup had $961 billion in liquidity to meet customer and business needs as of
the 31st of December, 2021. This amount considers HQLA assets at the end of the quarter,
surplus nonliable securities, including excess cash in banks that cannot be transferred to other
Citigroup entities, and monies that are presently retained to sustain the Fed's borrowing
capacity. Purchases available to make are not included in Citi's HQLA (Chen et al, 2022).

Figure 4: High Quality Liquid Assets

Short-Term Liquidity Measurement

Citi not only conducts internal 30-day liquidity stress tests across its key companies,
operational subsidiaries, and geographies, but it also checks its liquidity compared to the LCR.
To get the LCR, divide the HQLA by the projected net turnover and use a crisis duration of thirty
days as the assumption. The net turnover is calculated based on the normalized crisis turnover
and the entrance fees required by the LCR regulation. To a certain extent, outflows are
compensated for by contractual inflows of assets that mature in 30 days. Inflows, much like
outflows, are determined based on specific parameters specified for certain asset classes, such
as unsecured, personal, and wholesale secured loans at a wholesale level. The LCR criterion,
at a bare minimum, is 100% (Ye, 2022).
 Figure 5: LCR and HQLA of Citi Bank

Part2
Operational Risk Management of CITI Bank
The danger of a loss occurring due to insufficient or defective internal processes, people,
systems, or external events is meant to be understood by the term "operational risk," according
to Basel II (BCCB, 2006). Nonetheless, legal risk is included in this definition despite the
absence of strategic and reputational risks. Consider that operational risk is often primarily
concerned with losses, in contrast to market risk, which also considers potential gains (profit)
(Nelson, 2020).
 Figure 6: Operational Risk Management Framework

The danger of incurring a loss due to deficiencies or failures in people, processes, or

technology, as well as external events, is called operational risk. The Bank currently utilizes the
core metrics methodology to report capital needs for operational risks (BIA). A permanent
member of Citigroup's Board of Directors member, the Risk Management Committee oversees
the company's overall risk management. It is common practice to refer to the Committee as "the
Committee" ("Board"). The Committee's purpose is to assist the Board of Directors so that it
may fulfill its responsibility to oversee the risk management structure and culture of Citigroup
(Zharikova, 2019).

This responsibility encompasses credit management, markets (both tradable and non-
tradable), and the management of liquidity. Other dangers are associated with capital
management and assessing the effectiveness of Global's credit, capital, and collateral review
("GRR") function. Reports to the Board of Directors about Citigroup's risk profile and
management's compliance with the risk management framework are the responsibility of the
Committee. These studies include issues such as the most critical policies and procedures that
Citigroup has in place for risk management and the general appropriateness of the risk
management function. Since the Committee oversees, management is held accountable for
successfully implementing Citigroup's risk and treasury management policies. The Committee
acknowledges this responsibility (Hussaini et al, 2019). Although the Committee is charged with
carrying out the obligations and exercising the authority outlined in this bylaw, management is
ultimately accountable for developing, putting into action, and keeping an efficient risk
management program in place. The Main Risk Official ("CRO") of Citigroup is responsible for
the organization's autonomous risk management division. This capability is answerable for
laying out hazard and control principles for the primary line of safeguard and for proactively
checking risks all through the association, including worldwide credit chances, market issues
(exchanging and non-exchanging), liquidity chances, vital administration chances, consistence
chances, and reputational gambles. It very well might be isolated into many gatherings. The
CRO reports the danger of concentration directly to the Chief Executive Officer of Citigroup.
Under the Enterprise Risk Management Framework, independent risk management functions
are broken down into their respective tasks and responsibilities ("ERMF") (Nelson, 2020).

The bank's operational risk management strategy aims to strike a balance between the
prevention of financial and reputational losses and overall profitability, as well as to steer clear
of control processes that put a damper on initiative and innovation. The senior management of
each business unit has the significant duty of conceiving up and implementing controls to
mitigate operational risk. This obligation is supported by the establishment of common banking
standards for the implementation of active risk management. Compliance with banking
requirements is supported by an ongoing program of periodic assessments performed by
Internal Audit. The outcomes of the internal audit reviews are presented to the management of
the business unit to which they pertain for discussion, and summaries of these discussions are
sent to the bank's top leadership (Ye, 2022).

Fraud Risk Assessment

The scope of online criminal activity is mind-boggling. Losses on a global scale topped
one trillion dollars in 2020, representing a 50 percent rise from 2018. Between March 2020 and
May 2021, the FBI received one million cybercrime complaints, the most significant number
recorded in the preceding three years. Approximately three-quarters of firms were victims of
payment fraud attacks during this same period. Comparing 2020 and 2021, the frequency of
"zero days," known as previously unknown hazards, almost quadrupled in the latter year. 56%
of respondents said they are apprehensive about cybercrime (Alazzabi et al, 2023).

In comparison, 40% are very concerned about it, according to a recent poll of roughly
200 Citi Commercial Bank customers during a webinar. This indicates that cybercrime is a
serious issue for companies. PwC's Global Research into Global Economic Crime and Fraud
found that 47% of organizations worldwide (and 56% of organizations in the United States) have
experienced some form of cybercrime in the past two years. This is even though the threat
landscape is constantly shifting, and the number of organizations that are the targets of
cybercriminals is growing. It is heartening to know their significance in business awareness and
cybersecurity (Hussein et al, 2022).

One of Citi's highest responsibilities is the upkeep of our base to safeguard our network
and our consumers. Putting limitations on using USB drives, limiting administrator credentials,
implementing multi-factor authentication (MFA), installing content control solutions, segmenting
the network, and monitoring for online threats in all company-established areas are some of the
measures that may be taken. The exchange of information receives a lot of focus and attention.
In addition, Citi collaborates with other financial institutions and the broader ecosystem to
exchange information. Because cybercrime occurs globally, Citi has a round-the-clock team of
investigators in North America who work to coordinate other groups in other parts of the globe to
discover and eliminate any cyber risks to banks and their customers (Hussaini et al, 2019). At
the same time, an essential component of the duty of the team is to educate customers about
various criminal strategies," Via its worldwide innovation laboratories and investments in
startups through Citi Ventures, Citi invests substantially in a wide variety of new technologies
and creates many cybersecurity solutions that employ artificial intelligence, machine learning,
and quantum computing. More recent developments include data loss prevention systems and
Endpoint Detection and Response, software that monitors real-time data, automatically
analyzes it, and then reacts to anomalies. In recent years, another area of emphasis has been
placed on behavioral biometrics software, which not only improves the level of security but also
has the potential to enhance the overall user experience. Citi has developed and deployed
technologies over several years to verify that users are logging in with the same devices they
typically use and to learn their IP addresses (Alazzabi, 2023).

Avoiding risk and ensuring that cyber insurance will be paid out in the event of a
successful attack are made more accessible when firms have enough controls and resources to
deal with each of the many cyber dangers they face. Since people are a company's first line of
defense, it is essential for them to get education and training on risk and how to react to it. Also,
organizations are responsible for cultivating a culture in which workers know they will be
supported if they bring up an issue. If there is a problem, businesses need to be aware of who
to communicate with internally and outside and what information to pass along to those
individuals. After an attack, companies shouldn't make any critical choices. Investing money is
unavoidably necessary for many aspects of developing a solid cybersecurity strategy, including
preparation, planning, controls, and training. On the other hand, a ransomware assault may
completely ruin a company's finances owing to the commercial losses and reputational dangers
it poses. Prevention is always preferable to treatment in the long term (Hussien et al, 2022).

Figure 7: Fraud Prevention Framework

References
Alazzabi, W. Y. E., Mustafa, H., & Karage, A. I. (2023). Risk management, top

management support, internal audit activities and fraud mitigation. Journal of

Financial Crime, 30(2), 569-582.

Anari, L. K. (2022). Effect of Corporate Governance Attributes on Financial Performance

of Tier-two Commercial Banks in Kenya (Doctoral dissertation, University of

Nairobi).

Anzeer, M. (2015). Risk management practice in the City Bank Limited.

Boonkob, P. (2021). How Financial Engineering, Corporate Governance, and Human

Capital Management Help Firms to Survive During the Financial Crisis? A Case

Study of CitiBank, NA Thailand. วารสาร สังคมศาสตร์ บูร ณา การ มหาวิ ทยาลัย มหิ ดล, 8(1-2), 45-

58.

Chen, S. H., & Hsu, F. J. (2022). National governance differences and foreign bank

performance in Asian countries: The role of bank competition. Computational

Economics, 59(4), 1283-1333.

Devesh, K. (2021). Community Lending in the US: A Comparative Analysis of Citibank

and Wells Fargo Community Lending Practices. Available at SSRN 3927292.

Hussaini, U., Bakar, A. A., & Yusuf, M. B. O. (2019). The effect of fraud risk

management, risk culture and performance of banking sector: A conceptual

framework. International Journal of Multidisciplinary Research and

Development, 6(1), 71-80.
Hussein, W. N., & Hilal, A. M. (2021). The Impact of Senior Management on Internal

Audit Activities and its Reflection in Mitigating Financial Fraud–Field Study.(8).

Krishna, M. M. G., & Student, P. B. (2022). ASSET LIABILITY MANAGEMENT: A CASE

OF TOP 7 PUBLIC SECTOR BANKS IN INDIA.

Li, Q. (2019). The impact of liquidity risk of commercial banks on systematic risk of

banking industry: study of 16 listed commercial banks. Modern Economy, 10(3),

645-665.

Mweu, L. K. (2022). Effect of Asset Liability Management Strategies on the Financial

Performance of Commercial Banks in Kenya (Doctoral dissertation, University of

Nairobi).

Nelson, S. C. (2020). Banks beyond borders: internationalization, financialization, and

the behavior of foreign-owned banks during the Global Financial Crisis. Theory

and society, 49, 307-333.

Olowosegun, O., & Moloi, T. (2021). Corporate governance disclosures in the annual

reports of Nigerian banks. Acta Commercii-Independent Research Journal in the

Management Sciences, 21(1), 857.

Rathnayake, D. N., Bai, Y., Louembé, P. A., & Qi, L. (2022). Interest Rate Liberalization

and Commercial Bank Performance: New Evidence From Chinese A-Share

Banks. SAGE Open, 12(2), 21582440221096648.

Taşdemir, S. T. (2010). Foreign bank participation in emerging markets: lessons from

Citibank case in Turkey (Master's thesis, Middle East Technical University).

Yao, F., Qin, Z., & Wang, X. (2023). The influence of bank governance structure on

green credit. Plos one, 18(3), e0281115.

Ye, W. (2022, December). Research on the Impact of Government Financial

Deregulation on Banking M&A. In 2022 International Conference on Economics,

Smart Finance and Contemporary Trade (ESFCT 2022) (pp. 920-928). Atlantis

Press.

Yesmine, T., Hossain, M. E., Khan, M. A., Mitra, S., Saha, S. M., & Amin, M. R. (2023).

Benchmarking the banking sector of Bangladesh: a comprehensive analysis of

performance and efficiency. Asian Journal of Economics and Banking, 7(1), 121-

145.

Zharikova, E. (2019). Post-crisis reforms to the UK regulation of the corporate

governance of banking institutions: an analysis of changes to the UK risk

governance framework (Doctoral dissertation, University of Manchester).

Zubair, F. (2021). Credit risk management practices in Citibank, NA.