Treasury Assessment Criteria (Including Interest Rate Risk)

squircle icon

Select the section you’d like to navigate to.

Description of Centralized Activity

The treasury activity involves the following sub activities:

  • Cash Management;
  • Asset Liability Management (e.g., interest rate management);
  • Funds Transfer Pricing (e.g., deposit and loan pricing);
  • Hedging and Pledging (e.g., derivatives);
  • Portfolio Management (e.g., statutory liquidity assets, trading assets, real estate, etc.); and
  • Corporate Finance (e.g., secondary capital, subsidiaries, insurance, pension funds, etc.).

Definition of Net Risk

The credit union’s treasury net risk is determined by assessing the risks inherent in the activity and the effectiveness with which those risks are managed.

Market risk and operational risk are the primary inherent risks in this area. However, credit, compliance, and strategic risks also apply as secondary risks. These inherent risks are mitigated by operational management, oversight functions, senior management, and the board of directors. A credit union’s net risk for treasury operations is assessed as low, moderate, above average, or high.

Low Net RiskThe credit union has risk management that substantially mitigates risk inherent in its treasury operations down to levels that have lower than average probability of an adverse impact on the earnings, capital, and liquidity in the foreseeable future.
Moderate Net RiskThe credit union has risk management that sufficiently mitigates risks inherent in its treasury operations down to levels that collectively have an average probability of adverse impact on the earnings, capital, and liquidity in the foreseeable future.
Above Average Net RiskThe credit union has weaknesses in its quality of risk management that, although not serious enough to present an immediate threat to solvency, give rise to above average treasury operations net risk in several of its sub activities.
High Net RiskThe credit union has weaknesses in its risk management that may pose a serious threat in its financial viability or solvency and give rise to high net risk in several of the treasury operations. As a result, net risks in its collective sub activities have a high probability of material adverse impact on its earnings, capital, and liquidity in the foreseeable future.

Quality of Risk Management Criteria

The following statements describe the criteria for assessing a credit unions’ adequacy of treasury and deposit-taking risk management policies and practices. The application and weighting of the individual criteria will depend on the nature, scope, complexity, and risk profile of a credit union.

Essential ElementsCriteria
1. Operational Management

(First Line of Defence)
Organization and Structure

1.1 Appropriateness of the department (or business unit), organization, and structure given the nature and scope of the treasury activity.
1.2 Appropriateness of segregation of duties and operational management’s span of control.
1.3 Extent to which frontline risk decisions are independent from oversight functions and senior management.
1.4 Extent to which pension, investment, and legal advice is available to support securities instruments and agreements, pension plans, pledging and deposit terms, and conditions documents.
1.5 Adequacy of the risk culture in the department or business unit.

Resources, Staffing, and Training

1.6 Adequacy of the treasury resources, staffing, and training given the nature and scope of the treasury activity.
1.7 Extent to which staff understand treasury and keep current with developments in their area of responsibility, including associated risks, emerging issues, and new risk management techniques, as well as changes in the operating environment impacting the nature and level of risk.
1.8 Appropriateness of staffing for assigned responsibilities and decision-making authorities, both in terms of numbers, skill sets, and experience.
1.9 Extent to which new hires are experienced individuals, have strong analytical skills, knowledge, and expertise in the types of retail products and services offered, and are familiar with the target customer base and geographic market.
1.10 Extent to which operational management have sufficient knowledge and experience on purchase/sale terminology, appraisals, credit bureau issues, and employment matters, and are able to identify signs of poor credit quality and fraudulent activity.
1.11 Extent to which staff are knowledgeable, experienced, and skilled in managing troubled and non-performing loans and subsequent debt collections or foreclosures.
1.12 Appropriateness of the treasury staff turnover.
1.13 Adequacy of the staff training programs in support of treasury knowledge, experience, and skills.

Policies, Procedures, and Limits

1.14 Extent to which policies, procedures, and limits are clearly defined, documented, and disseminated.
1.15 Extent to which policies are consistent with capital, liquidity, and strategic plans and business objectives.
1.16 Extent to which policies define classes of investments that the credit union is willing and not willing to enter into, are clearly defined.
1.17 Extent to which policies set criteria for investment mix, quality, and risk tolerance levels.
1.18 Extent to which the policies cover subsidiary investments and joint ventures.
1.19 Appropriateness of the investment procedures, risk evaluation methodologies and investment metrics, and the risk-making decision criteria.
1.20 Appropriateness of concentration limits on investments, and in aggregate, across investments (i.e., types, classes, sectors, specific counterparties, and geographic areas), and the whole investment portfolio.
1.21 Extent to which limits cover potential risks from changes in currency exchange rates.
1.22 Appropriateness of asset liability management procedures, risk evaluation methodologies, interest rate risk metrics, and the risk-making decision criteria.
1.23 Appropriateness of stress testing on changes in interest rates using various shifts in the yield curves.
1.24 Appropriateness of the stress testing on changes in depositors’ and borrowers’ behaviours on contractual options.
1.25 Appropriateness of circumstances in which derivatives may be used, and limits on the use of derivatives by type of instruments (e.g., swaps, options, futures) and by counterparty.
1.26 Extent to which the day-to-day controls are commensurate with the level of risk in each sub activity.
1.27 Appropriateness of exceptions to the investment policies and the criteria for granting them.
1.28 Appropriateness of the authority levels and any delegations of authority.
1.29 Appropriateness of the process for identifying investments with deteriorating quality (watchlist) and any provisioning requirements for troubled or permanently impaired assets.

Monitoring and Control

1.30 Extent to which adherence to policies, procedures, and limits is monitored and reported.
1.31 Appropriateness of how the nature, characteristics, and quality of investments and the asset-liabilities profile is monitored and reported.
1.32 Extent to which the reporting is sufficiently detailed, complete, and accurate.
1.33 Appropriateness of how closely the performance of the treasury operations is monitored and assessed against plan.
1.34 Extent to which issues are resolved.

Outsourcing

1.35 Extent to which treasury processes are outsourced to service providers.
1.36 Extent to which the due diligence procedures and practices are completed before entering the outsourcing arrangements.
1.37 Extent to which roles and responsibilities in policies, procedures, and outsourcing agreements are clearly defined, documented, and disseminated.
1.38 Adequacy of the outsourcing agreement, including performance measures, reporting requirements, resolution of differences, notifications, contingency planning, inspection rights, confidentiality and security, compensation, insurance, and regulatory requirements.
1.39 Adequacy of the contingency measures for ensuring the continuation of the outsourced activities in the event of problems that may affect the delivery of those services.
1.40 Extent to which the outsourcing arrangements are aligned with the treasury business plans and objectives, and risk parameters.
1.41 Adequacy of policies and practices in monitoring the performance of the outsourced activities.
1.42 Appropriateness of the reporting, meetings, and periodic reviews to ensure adherence to treasury practices and procedures.
2. Compliance Management

(Second Line of Defence)
2.1 Extent to which compliance management is independent of day-to-day management of risks.
2.2 Adequacy of compliance policies and practices to ensure that the treasury approach and practices are in line with credit union industry and regulatory requirements and are appropriate for executing its mandate.
2.3 Extent to which compliance policies and practices cover the following: new investments, investment characteristics, IT capability and systems security, outsourcing, ongoing staff training, and environmental, social and governance investing.
2.4 Extent to which compliance policies and practices keep abreast of new and changing securities requirements, market conditions, and changes in the credit union’s risk profile.
2.5 Extent to which compliance management promptly develops or amends the credit union’s compliance policies as legislation is introduced or amended, or as new or changing treasury activities impose different legislative requirements on the credit union.
2.6 Extent to which compliance management documents new or amended treasury compliance policies and communicates them across the treasury staff in a timely manner.
2.7 Extent to which compliance management monitors adherence to applicable laws, regulations, and guidelines by treasury staff.
2.8 Adequacy of the compliance reporting to senior management and the board, and the practices for resolving significant issues in a timely manner.
2.9 Extent to which treasury compliance practices are regularly reviewed for continued effectiveness.
3. Risk Management

(Second Line of Defence)
3.1 Extent to which risk management is independent of day-to-day management of treasury risks.
3.2 Adequacy of processes to regularly review and update risk management policies, processes, and limits to account for changes in the treasury environment and the risk tolerance of the credit union.
3.3 Appropriateness of risk management policies, practices, and limits of the treasury function, considering the credit union’s investments, balance sheet structure, and related risks.
3.4 Appropriateness of the prudential exposures and concentration limits for each sub activity and in aggregate, across the whole treasury activity.
3.5 Appropriateness of the risk culture across the treasury department (or business unit).
3.6 Extent to which risk management policies and practices for treasury are coordinated with the strategic, capital, and liquidity management policies and practices.
3.7 Extent to which risk management policies, practices, and limits for treasury are documented, communicated, and integrated with the credit union’s day-to-day operations.
3.8 Adequacy of policies and practices to monitor treasury positions against approved limits and for timely follow up on material variances.
3.9 Adequacy of policies and practices to monitor treasury trends and identify emerging risks, and to respond effectively to unexpected significant events.
3.10 Adequacy of policies and practices to model and measure the credit union’s treasury risks, including stress testing.
3.11 Adequacy of the risk management reporting to senior management and the board, and the practices for resolving significant issues in a timely manner.
3.12 Extent to which risk management policies and practices are regularly reviewed for continued effectiveness.
4. Internal Audit

(Third Line of Defence)
4.1 Extent to which internal audit staff understand treasury and keep current with developments in internal audit practices.
4.2 Extent to which internal audit’s management is experienced in treasury, and reviews and oversees the treasury internal audit work.
4.3 Adequacy of the internal audit program to verify that treasury policies and procedures have been implemented effectively across all activities.
4.4 Appropriateness of the scope and frequency of the audit program based on level of treasury risk exposures.
4.5 Extent to which findings identified and reported in the audit process have been addressed by senior management in a timely and effective manner.
4.6 Extent to which high risk issues are raised to the attention of the board with timely follow up.
5. Senior Management and Board Oversight

(Corporate Governance)
Senior Management

5.1 Extent to which the board has delegated to the CEO responsibility for developing and implementing treasury policies and practices (e.g., investment policies, interest rate risk policies, etc.).
5.2 Adequacy of policies and practices delegating responsibilities for developing treasury policies and practices from the CEO to other senior managers.
5.3 Appropriateness of the treasury mandates for senior management positions and the extent to which there are clearly defined lines of authority, responsibility, and accountability. Extent to which these mandates are communicated across the credit union.
5.4 Extent to which senior management committees are used to oversee the treasury activities.
5.5 Appropriateness of senior management’s treasury qualifications, knowledge, skills, and experience.
5.6 Extent to which senior management has a good understanding of the nature, level, and trend of the key risks in the treasury activities (by investment class, subsidiaries, joint ventures, and balance sheet structure), its key controls, and how risk relates to allocated capital levels.
5.7 Extent to which senior management has a good understanding of the interest rate risk management hedging approach and operations, and extent to which they approve all material aspects of the practices and processes.
5.8 Adequacy of the treasury reporting to the board and the practices for resolving significant issues in a timely manner.
5.9 Extent to which compensation programs promote prudent risk-taking in the treasury activity and are aligned with long-term strategic objectives.
5.10 Adequacy of policies and practices for significant treasury outsourcing arrangements and the extent to which senior management ensures the outsourcing is aligned with the credit union’s treasury strategy and risk management policies.
5.11 Extent to which reporting that senior management receives is sufficient to fulfill its responsibilities.
5.12 Extent to which senior management has demonstrated effectiveness, in carrying out its duties and managing the treasury activities.

Board of Directors

5.13 Extent to which the board understands, reviews, and approves the treasury aspects of investment, interest rate risk, and deposit-taking policies; ensures these policies are responsive to changes in the operating environment; and supports the credit union’ risk appetite.
5.14 Appropriateness of the board’s knowledge and experience in the treasury activity, including the composition of the investment and lending and/or risk committee.
5.15 Extent to which the board understands, reviews, and approves treasury objectives, strategies, and plans.
5.16 Adequacy of the board’s treasury reports, including relevant metrics, measures and benchmarks, and that they are provided with timely, clear, accurate, and complete information.
5.17 Extent to which the board understands treasury market risk and the controls to manage this risk, as well as other significant risks arising from asset liability management.
5.18 Extent to which the board keeps up to date regarding interest rate environments, investment market trends, emerging risks, and new investment or asset and liability management practices.
5.19 Adequacy of the board’s practices to establish and monitor senior management involved in treasury, including performance, hiring, and fixed and variable compensation.
5.20 Extent to which the board acts independently and has demonstrated effectiveness in carrying out its direction and oversight of the treasury activities.