HDFC Bank: Honey, I Shrunk the Chief Risk Officer

Source: "Madanlal Dahariya' Tweet

EXECUTIVE SUMMARY. Nearly a year after Axis Bank truncated the responsibilities of its Chief Risk Officer (CRO) by transferring corporate credit risk to the role of the newly created Chief Credit Officer (CCO) who reported only to the CEO, HDFC Bank has decided  to go a step further. It has transferred corporate and retail credit risk to a similarly newly created role of a CCO (no business targets), who will report only to the CEO, and transferred the earlier CRO to the CCO post. HDFC Bank also shifted individuals in the CRO handling credit risk to the CCO, and made the latter accountable for credit decisions.  The rationale provided by HDFC Bank is that in its future credit expansion it wants greater underwriting focus and accountability and therefore wants an experienced individual to accept responsibility for the CCO post who will report to the CEO.

In Indian banks credit risk is the major risk and in HDFC Bank credit risk assets constitute 83% of total risk weighted assets. In this organisational restructuring, the CRO will only be left with non-credit risk management and secondary credit risk-related functions like stress testing the credit portfolio, concentration risk and determining limits (such as sector, group, company, geography).  For some inexplicable reason, even the Chief Information Risk Officer  has been made to report to the CCO. Therefore the CRO’s role in HDFC Bank has been drastically downsized.

The new CRO at HDFC Bank maintains his prior designation of senior executive vice-president, while the earlier CRO had the designation of group head. This change has downgraded the position of the CRO within the senior management. As HDFC Bank’s own disclosures reveal, while the earlier CRO’s experience, age, and remuneration was similar to the others in the senior management, the new CRO is the junior-most in all these parameters.

For most practical purposes, the erstwhile CRO post has been re-named “CCO”, with one crucial difference: he does not report to the Board’s Risk Management Committee, but only to the CEO. It appears that creating the new designation, and maintaining a stripped-down CRO post as well, merely serves to confuse the public and distract from the nature of this disturbing change.

The Basel Committee and the Reserve Bank of India (RBI) have been trying to enhance the role of the CRO (here and here) and insulate the CRO from business and even pressure from the CEO, by making the post report to the risk management committee of the board with a dotted line reporting to the CEO. It is perplexing that, at the same time, two prominent private sector banks in India, with full support of their boards of directors, are undermining the foundations of the CRO by taking away (in Axis Bank only corporate credit risk) the core credit risk function. 


I, Hemindra Hazari, am a Securities and Exchange Board of India (SEBI) registered independent research analyst (Regd. No. INH000000594). I own HDFC Bank equity shares and have no exposure to Axis Bank securities. Views expressed in this Insight accurately reflect my personal opinion about the referenced securities and issuers and/or other subject matter as appropriate. This Insight does not contain and is not based on any non-public, material information. To the best of my knowledge, the views expressed in this Insight comply with Indian law as well as applicable law in the country from which it is posted. I have not been commissioned to write this Insight or hold any specific opinion on the securities referenced therein. This Insight is for informational purposes only and is not intended to provide financial, investment or other professional advice. It should not be construed as an offer to sell, a solicitation of an offer to buy, or a recommendation for any security.

Previous articleYes Man: The Untold Story of Rana Kapoor
Next articleCreeping Denationalisation of India’s Banking Sector