News & Commentary

10:14 AM
Chuck Nwokocha, Sageworks
Chuck Nwokocha, Sageworks
Commentary
50%
50%

How To Improve Credit Risk Modeling For Better Credit Quality

Banks have to evolve their credit risk modeling, and including cash flow in their credit risk analysis for commercial loans is one place to start.

As an institution’s portfolio grows, it can be easy to get away from the basics. Effective risk identification starts with the evaluation of individual credits through solid credit risk modeling.

This doesn’t necessarily require the licensing of oftentimes expensive, statistically-driven models and databases, which could be overkill or ill-suited for institutions that don’t have the volume of data to support a model.

Rather, credit risk modeling describes the analytical due diligence a bank performs to assess risk of borrowers. And since this risk is dynamic, the model must examine the ability of a potential borrower to repay the loan as well as non-financial considerations such as character, management ability, environmental conditions and factors.

Some financial institutions evaluate entire loan relationships, others prefer to rate each facility, and still others rate both relationships and facilities. Whichever approach the financial institution chooses, the following considerations are necessary for developing the credit risk model:

Credit Risk

Credit risk factors could vary slightly, institution to institution, depending on the portfolio size, concentration, borrower composition, loan types, location, etc. As such, each of the following should influence the credit risk model.

- Determining risk factors.

- Understanding credit quality (risk grading/risk rating).

- Likelihood that a business/borrower/relationship may default on its financial obligations.

- Accommodating different types of loans as well as industries (different industries require different capital structures).

Annual Reviews

Credit risk doesn’t end with the loan decision at origination; rather, risk profiles of borrowers can change throughout the year and the relationship. To identify risk within the portfolio, credit risk models should include an annual review of loans.

- Set a minimum review period that allows continual and regular monitoring and reassessing of risk.

- The reviews will lead to early identification of deteriorating conditions.

Trend Analysis

Companies rarely remain in a static condition. However, far too often, the decision to grant a loan relies on cash flow analysis only, which examines a company at a point or period in time. It does not include a trend analysis, showing whether the company’s performance is improving, stable or declining. Although extremely important, cash flow cannot be the only determinant in credit quality.

Even the definition of cash flow can be elusive and can carry many definitions. Cash flow is generally used to describe cash generated between two periods. Sometimes it refers to cash leftover after operations (i.e. profit). Credit analysis is much too complex to rely on just a single indicator, hence the suggested use of related factors. At a given point in time, the business may have positive cash flow. The grey dashed line represents a cutoff debt service coverage ratio (DSCR) of 1.25. A loan decision based only on the DSCR threshold of 1.25 would be unwise in the case of the deteriorating business. Instead, an analysis should use trend data to determine if the business is growing or deteriorating.

A more comprehensive risk analysis based on the 5 Cs of Credit would include this type of longitudinal analysis and capture risk from externalities. For example, it would have been unwise to make a loan to a real estate company at the height of the real estate crisis in 2008. A look at the Conditions would have indicated that the market environment and the state of the economy were in bad shape.

Another element to consider is industry comparisons. Performance ratios are more meaningful when viewed in context of the borrower’s industry.

Chuck Nwokocha is a senior risk management consultant at Sageworks, where he advises financial institutions on risk and portfolio management.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
10/31/2013 | 1:51:55 PM
re: How To Improve Credit Risk Modeling For Better Credit Quality
There are many types of data that companies are using to determine credit worthiness. It's well documented that insurers can use credit reports to determine the likelihood that a driver will get into an accident (a person with bad credit is more likely to get into accidents, or violate traffic laws). I'm sure banks can use other types of data to determine if someone is a good risk.
Byurcan
50%
50%
Byurcan,
User Rank: Author
10/30/2013 | 11:54:28 AM
re: How To Improve Credit Risk Modeling For Better Credit Quality
Insurance companies can also use third-party data to root out fraud, correct?
ali15871
50%
50%
ali15871,
User Rank: Apprentice
10/30/2013 | 3:49:30 AM
re: How To Improve Credit Risk Modeling For Better Credit Quality
It also includes the what kind of information required for analysis and source of information to evaluate the credit worthiness of borrower.
Nathan Golia
50%
50%
Nathan Golia,
User Rank: Author
10/25/2013 | 7:57:24 PM
re: How To Improve Credit Risk Modeling For Better Credit Quality
Insurance companies are big on new third-party data sources because of their ability to make the transaction process quicker at the time of policy issuance G things like prescription history, for example. I don't feel like banks have had the same issue with the user experience at the time of customer acquisition, but there are definitely options out there that could make it even sleeker and perhaps even be more predictive of the potential risk.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
10/23/2013 | 10:05:53 AM
re: How To Improve Credit Risk Modeling For Better Credit Quality
I think that banks are considering a number of non-traditional data sources to help determine credit, such as social data. However, i'm not sure how widespread it is and how much of that type of data has really made it into day-to-day analysis, or is still in the pilot phase.
Nathan Golia
50%
50%
Nathan Golia,
User Rank: Author
10/22/2013 | 8:24:50 PM
re: How To Improve Credit Risk Modeling For Better Credit Quality
What about the potential for different data sources than the traditional ones in determining creditworthiness? Certainly there must be some options.
Greg MacSweeney
50%
50%
Greg MacSweeney,
User Rank: Author
10/21/2013 | 10:31:06 AM
re: How To Improve Credit Risk Modeling For Better Credit Quality
The "annual reviews" and "trend analysis" seem to be the parts of a credit analysis process that are most lacking. There is a massive focus on credit worthiness at the beginning of the relationship, but I'm not sure how much ongoing analysis happens after a year or two. Granted, banks did a large sweeping review of existing mortgages 2-3 years after the credit crisis, but I doubt they have gone back again to do the same analysis. Am i wrong?
Byurcan
50%
50%
Byurcan,
User Rank: Author
10/18/2013 | 6:13:15 PM
re: How To Improve Credit Risk Modeling For Better Credit Quality
Good credit risk modeling is especially important in the current regulatory environment, and the importance of Know Your Customer initiatives.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Janice, I think I've got a message from the code father!
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.