LogoRegulatory Alerts
2021-01-01

Decision on Minimum Standards for Risk Management in Financial Services Providers

The Council of the Central Bank of Montenegro issued this decision to establish mandatory minimum risk management standards for licensed financial services providers, including leasing, factoring, micro-lending, and credit-guarantee entities. The regulation requires institutions to implement comprehensive risk management systems that identify, measure, monitor, and control credit, liquidity, market, operational, and concentration risks through defined strategies, policies, and internal procedures. It further mandates strict operational controls such as monthly asset classification, adequate capital-to-borrowed funds ratios, liquidity maturity matching, foreign exchange position limits, operational loss reporting within eight days, and secure data backups, with full compliance required within six months of implementation.

Central Bank of Montenegro logo

Montenegro

Central Bank of Montenegro

Click to view thumbnail

1 Pursuant to Article 44 paragraph 2 item 3 of the Central Bank of Montenegro Law (OGM 40/10, 06/13, 7/17) and in conjunction with Article 110 paragraph 2 of the Law on Financial Leasing, Factoring, Purchase of Receivables, Micro-Lending and Credit-Guarantee Operations (OGM 73/17), the Council of the Central Bank of Montenegro, at its meeting held on 13 April 2018, passed the following DECISION on Minimum Standards for Risk Management in Financial Services Providers I. BASIC PROVISION Subject Matter Article 1 This Decision regulates in more detail the minimum standards for managing risks to which the companies engaged in financial leasing, factoring, purchase of receivables, micro-lending and credit and guarantee operations (hereinafter: the financial services providers) are exposed to in their operations. This decision shall be applied to the following financial services providers: leasing companies, factoring companies, companies for purchase of receivables, micro-credit financial institutions and credit-guarantee funds, whereas risk management for other financial services providers shall be regulated in accordance with separate laws. II. RISK MANAGEMENT 2.1. General Provisions Types of Risk Article 2 A financial services provider shall properly and in accordance with the type, volume and complexity of its operations, identify, measure, monitor and control all risks it is exposed to in its operations, and particularly:

  1. Credit risk;
  2. Liquidity risk;
  3. Market risks;
  4. Operational risk, and
  5. Concentration risk.

2 Risk Management System

Article 3 A financial services provider shall establish a system for managing of all risks to which it is exposed in its operations. Risk management system under paragraph 1 above shall comprise:

  1. risks management strategy;
  2. risk management policy;
  3. risk management procedures;
  4. Defined powers and responsibilities in the process of risk taking and risk management; and
  5. Risk management reporting and information system. Risk management strategy, as a part of general strategy for the activities of financial services providers, shall define, as a minimum, objectives and core principles of risk management and risk taking and risk appetite of financial services providers. Risk management policy shall consist of one or several documents governing, as a minimum, the following:
  6. The manner of organising risk management;
  7. The manner of assessing risk profile of financial services provider and the methodology for identifying and measurement, and/or assessment of risk to which the financial services provider is or might be exposed to in its operations;
  8. The manner of monitoring and controlling individual risks, including establishment of adequate limits;
  9. Actions and measures in case of deviation from the implementation of adopted strategies, policies and procedures, as well as in cases of contingent and crisis situations. Risk management procedures should enable timely and comprehensive identification of risk, analysis of causes leading to risk occurrence, measurement and/or risk assessment, including quantitative and qualitative methods based on which change of risk profile of financial services provider is identified, description of monitoring actions, control of risk by maintaining it at the level that is acceptable to the risk profile of the financial service provider or its decline and/or elimination, and the like. The financial services provider shall review and, if needed, update risk management strategy and policy periodically, and at least once a year.

3 Powers and Responsibilities Article 4 A financial services provider shall clearly define in its internal acts powers and responsibilities for risk management for all levels of the working and decision-making processes and periodically deliver reports on risk management activities to the board of directors. Reporting System Article 5 A financial services provider shall establish and maintain reporting system that enables timely, accurate and detail information needed for passing business decisions, as well as for:

  1. measurement and monitoring of risk exposures;
  2. monitoring if the established limits for risk management are met; 2.2. Credit Risk Credit Risk Article 6 Credit risk, within the meaning herein, shall be the risk of incurring losses in the financial services provider due to the debtor's failure to meet its obligations. Procedures for Credit Risk Management Article 7 The procedures for credit risk management shall, as a minimum, cover the following:
  3. Detailed procedures for granting loans or providing other financial services resulting in the exposure of financial services provider to credit risk, which shall, as a minimum, define the obligation of financial services providers to obtain prior to making decisions, information on:  the financial condition of the debtor,  the purpose of the funds to be granted,  sources of funds for debt repayment,  value and legal validity of collateral;
  4. Procedures for monitoring the structure and quality of portfolio managed by the financial services provider;
  5. Procedures for timely taking of activities aimed at improving portfolio position, especially of non-performing assets (asset items classified into the category C1 or lower), including the procedures for debt restructuring or taking other measures aimed at reducing the financial services provider losses to a minimum;
  6. Procedures for the collection of principal, interests and fees on receivables, which ensure timely collection under contractual terms and conditions, and which in case of

4 default, provide fast examination of reasons for default, monitoring of default status and real valuation of the financial services provider’s exposure to credit risk against non￾performing debtors. Determining Debtor's Financial Capacity Article 8 A financial services provider shall, before contracting transactions resulting in credit risk, assess, as a minimum, the financial capacity of a person to which receivable occurs, the quality of collateral and the impact of other factors relevant for measuring exposure to credit risk. Receivables File Article 9 A financial services provider shall ensure that every receivable is properly and correctly documented and that regular and complete file is created and kept for each receivable, providing chronological evidence of the approval and the quality of the receivable granted, until its final repayment or settlement of debt in some other manner. The file under paragraph 1 above shall contain, as a minimum, documents, data and information to provide the evidence of:

  1. identity of debtor and its guarantors/warrants or providers of other collateral;
  2. for legal persons and entrepreneurs - legal capacity of these persons to be participants in business (evidence on registration into the court of other corresponding registry);
  3. financial situation of debtor and its ability to meet the contractual obligations;
  4. type and quality of collateral;
  5. purpose of funds and their earmarked use (if applicable);
  6. proposed debt restructuring (request submitted by the debtor, analysis of justifiability of debt restructuring and reasons for accepting/denying debt restructuring). Asset Classification Article 10 A financial services provider shall, at least once in a month, classify balance sheet asset items according to which it is exposed to the credit risk into the corresponding classification category and/or sub-category as follows:
  7. category “A”, if the debtor is performing or it is past due under that asset item up to 30 days;
  8. sub-category “B1“, if the debtor is past due under that asset item from 31 to 60 days;
  9. sub-category “B2“, if the debtor is past due under that asset item from 61 to 90 days;
  10. sub-category “C1“, if the debtor is past due under that asset item from 91 to 150 days;
  11. sub-category “C2“, if the debtor is past due under that asset item from 151 to 270 days;
  12. category “D“, if the debtor is past due under that asset item from 271 to 365 days;
  13. category “E”, if the debtor is past due under that asset item over 365 days.

5 Balance sheet asset items based on which the financial services provider is exposed to credit risk, within the meaning of paragraph 1 herein, shall be the following balance sheet asset items:

  1. loans under micro-lending operations;
  2. receivables under financial leasing;
  3. receivables under factoring activities;
  4. receivables under purchase of receivables;
  5. receivables established upon the repayment of obligations based on guarantees issued by the credit-guarantee funds, or
  6. receivables under other contingent liabilities taken over by the financial services provider. Capital to Borrowed Funds Ratio Article 11 A financial services provider shall maintain capital to borrowed funds ratio that is adequate to the risk profile of such a financial services provider. The Central Bank of Montenegro (hereinafter: the Central Bank) may, in case when it determines that the financial services provider does not adequately manage credit risk, order the financial services provider to establish in due time and maintain stricter capital to borrowed funds ratio than the current one. 2.3. Liquidity Risk Liquidity Risk Article 12 Liquidity risk shall be the risk arising from the existing or expected inability of the financial services provider to meet its cash obligations as they become due. Liquidity Risk Management System Article 13 A financial services provider shall establish a system for liquidity risk management, which provides:
  7. Identification of the existing sources of liquidity risk and the liquidity risk which may arise from new business products and activities;
  8. monitoring of maturity structure of placement and sources of funds;
  9. monitoring of contingent liabilities recorded off-balance;
  10. the projection of cash inflows and outflows;
  11. the use of financial instruments for establishing adequate structure of funds and sources of funds;
  12. creation of liquidity indicators and their use in the process of monitoring of liquidity;
  13. Adequate treatment in case of temporary and long-term liquidity distortions

6 Maturity Match of Receivables and Liabilities Article 14 A financial services provider shall maintain adequate maturity match of receivables and liabilities, including contingent off-balance sheet liabilities and establish limits that provide adequate maturity match of receivables and liabilities. Informing the Central Bank Article 15 A financial services provider shall, in case of illiquidity, immediately inform the Central Bank on the amount of lacking liquid funds, reasons for illiquidity and planned activities to overcome illiquidity. 2.4. Market Risks Market Risk Article 16 Market risk, within the meaning herein, shall be the risk of incurring adverse effects on the financial result and capital of a financial services provider arising from the changes in values of positions from the balance and off-balance sheet of the financial services provider resulting from the market prices movements. Types of Risk Article 17 A financial services provider shall manage market risks to which it is exposed in its operations, including:

  1. Risk of loss arising from the change in pricing of financial instrument (hereinafter: position risk), and
  2. Risk of loss arising from the change in foreign exchange rate of a currency (hereinafter: foreign exchange risk). Financial instrument under paragraph 1 item 1) above shall be a financial instrument specified by the law governing the capital market. Limiting Exposures to Position Risk Article 18 A financial services provider, which is exposed to position risk shall determine limits for total investments in financial instruments.

7 Foreign Exchange Risk Article 19 In the process of management of foreign exchange risk, a financial services provider, which is exposed to such risk, shall:

  1. Measure foreign exchange risk for all items from which that risk arises;
  2. Measure foreign exchange risk at the aggregate level and individually by currencies;
  3. Measure the risk on the basis of assumptions on normally expected and large changes in foreign exchange rates, for the purpose of assessing their impact on income and capital of the financial services provider. The financial services provider under paragraph 1 above shall establish limits for net open FX position, individually by currencies and aggregately for all currencies. Net open FX position under paragraph 2 above shall be the difference between long and short position in the currency other than euro, whereas:
  4. Long FX position shall be a receivable of the financial services provider in that currency;
  5. Short FX position shall be a liability of the financial services provider in that currency. 2.5. Operational Risk Operational Risk Article 20 Operational risk is the risk of incurring losses in the operations of the financial services provider arising from inadequate or failed internal processes and systems, errors (deliberate or negligent) in the performance of employees or external events, including also legal risk. Operational Risk Identification Article 21 In the process of identification of operational risk sources, a financial services provider shall identify all sources of operational risk, bearing in mind, in particular, risks arising from: inadequate information and other systems, disruptions in operations and failure of information and other systems, actions which may cause court and other disputes against financial services providers, external illegal actions and natural and other events that may not be predicted.

8 Operational Risk Measurement and Control Article 22 After the identification of the specific source of operational risk, a financial services provider shall assess the level of that risk by applying the adequate measurement approaches. Depending on the nature and level of the specific operational risk, the financial services provider shall apply corresponding approaches for its reduction and/or elimination, or for its monitoring and control. Data Protection Article 23 A financial services provider shall ensure electronic backups of information and significant data. The financial services provider shall establish the process of management of data backup, which includes the process of creation, storage and testing of data backup and restoration of data from data backup, in order to provide availability of data if needed and enable recovery and/or reestablishment of vital business processes within the time required. Data backup shall be updated and stored in an adequate manner, at one or more backup locations, of which at least one must be in accordance with the risk assessment, sufficiently distant from the location where the original data are kept. Informing the Central Bank Article 24 A financial services provider shall create database on all losses arising from the operational risk and determine the methodology for the internal recording of such losses, by categories determined according to the sources of losses. The financial services provider shall inform the Central Bank on all losses arising from the operational risk, as well as on the amount and reasons of the loss occurrence, within eight days following that of the loss occurrence. 2.6. Concentration Risk Concentration Risk

Article 25 Concentration risk is a risk arising, directly or indirectly, from exposures of a financial services provider to the same or similar source of loss occurrence, and/or same or similar type of risk.

9 Concentration risk shall refer to the following:

  1. Exposures to a single or a group of connected persons;
  2. Group of exposure having same or similar risk factors, such as certain economic sectors, geographical areas, types of products, etc.;
  3. Type and providers of collateral. A financial services provider shall comply with the prescribed limits when controlling concentration risk, as well as establishing other exposure limits enabling adequate portfolio diversification. The financial services provider shall mitigate concentration risk by active management of portfolio and adjusting established limits to the risk level. III. TRANSITIONAL AND CLOSING PROVISION Article 26 Micro-credit financial institutions, which as of the day of the application of this decision, are licensed by the Central Bank of Montenegro, shall comply their internal acts and operations with the provisions herein within six months following that of the beginning of implementation of the decision. Article 27 This decision shall enter into force on the eighth day following that of its publication in the Official Gazette of Montenegro and it shall apply from 11 May 2018. THE COUNCIL OF THE CENTRAL BANK OF MONTENEGRO CHAIRMAN

Decision number: 0101-3393-8/2018 G O V E R N O R, Podgorica, 13 April 2018. Radoje Žugić, m.p.

Share