Risk is at the heart of banking – and so is risk management. In a regulated bank, it is crucial to take a holistic view, including economic and normative perspectives. This material gives an overview of enterprise risk management in banks; specifics by risk type – credit risk, market risk, operational risk, liquidity risk, and other relevant risks – are not discussed here.
Risk management is a vital process for Islamic banks that consists of several interconnected phases. It includes establishing a risk management framework based on ISO 31000:2009, identifying risks through analysis of products and activities, measuring risks using a composite risk index, developing a risk matrix to plot risks by severity and impact, reviewing risks and monitoring actual risk levels. Effective risk management also requires infrastructure like documentation of policies, an organizational structure with risk management committees, use of information technology systems and databases, and selecting appropriate risk measurement models. The goal is to properly manage both generic financial risks and unique risks to Islamic banks like Sharia non-compliance, displaced commercial, and equity investment risks.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
The document discusses effectively managing risk for boards of trustees. It defines risk and explains why risk management is important. It outlines the risk management process, including identifying risks, assessing impact and probability, prioritizing risks, evaluating controls, and monitoring risks. The document provides examples of risk management practices and discusses the importance of having a clear risk management strategy and culture within an organization. It stresses that risk management should be simple and proportionate for charities.
With our experience and our experts, Chappuis Halder & Co would provide appropriate incentives at every level of your organization. It could help you at the time to manage “modern” risk alongside performance
Practical approach to Risk Based Internal AuditManoj Agarwal
The document provides an overview of risk based internal auditing. It discusses key concepts like the definition of risk, COSO ERM framework, three lines of defense model, definition of internal audit, and risk based internal audit approach. The approach involves identifying the audit universe and processes, risk identification and assessment, risk scoring and heat mapping, developing the risk based internal audit plan, and executing the plan. Various tools for risk based auditing like the audit tracker, audit report templates, and resources are also outlined.
Welcome to Bank Gaborone Limited. What makes us a particularly interesting company is not that we are owned by Capricorn Group but that we are the first green field operation in the history of the diversified Capricorn Group of companies.
Risk management is a vital process for Islamic banks that consists of several interconnected phases. It includes establishing a risk management framework based on ISO 31000:2009, identifying risks through analysis of products and activities, measuring risks using a composite risk index, developing a risk matrix to plot risks by severity and impact, reviewing risks and monitoring actual risk levels. Effective risk management also requires infrastructure like documentation of policies, an organizational structure with risk management committees, use of information technology systems and databases, and selecting appropriate risk measurement models. The goal is to properly manage both generic financial risks and unique risks to Islamic banks like Sharia non-compliance, displaced commercial, and equity investment risks.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
This document provides an overview of risk management concepts and frameworks. It defines key risk types such as credit risk, operational risk, market risk, and enterprise risk. It also discusses important risk management standards and regulations such as Basel II, Solvency II, Sarbanes-Oxley, and MIFID. Additionally, it outlines the risk management process and covers topics like risk assessment, analysis, handling, and important risk terms and approaches.
The document discusses effectively managing risk for boards of trustees. It defines risk and explains why risk management is important. It outlines the risk management process, including identifying risks, assessing impact and probability, prioritizing risks, evaluating controls, and monitoring risks. The document provides examples of risk management practices and discusses the importance of having a clear risk management strategy and culture within an organization. It stresses that risk management should be simple and proportionate for charities.
With our experience and our experts, Chappuis Halder & Co would provide appropriate incentives at every level of your organization. It could help you at the time to manage “modern” risk alongside performance
Practical approach to Risk Based Internal AuditManoj Agarwal
The document provides an overview of risk based internal auditing. It discusses key concepts like the definition of risk, COSO ERM framework, three lines of defense model, definition of internal audit, and risk based internal audit approach. The approach involves identifying the audit universe and processes, risk identification and assessment, risk scoring and heat mapping, developing the risk based internal audit plan, and executing the plan. Various tools for risk based auditing like the audit tracker, audit report templates, and resources are also outlined.
Welcome to Bank Gaborone Limited. What makes us a particularly interesting company is not that we are owned by Capricorn Group but that we are the first green field operation in the history of the diversified Capricorn Group of companies.
Risk management in banks is important as banks are exposed to various risks in the changing Indian economy. The key risks include credit risk, market risk, operational risk, and legal risk. Effective risk management involves identifying risks, measuring them quantitatively and qualitatively, monitoring exposures, and taking steps to mitigate risks. Banks must have robust policies, processes, and systems to properly identify, measure, control, and manage the various risks they face.
Risk management in banks is important as banks are exposed to various risks in the changing Indian economy. The key risks include credit risk, market risk, operational risk, liquidity risk, and interest rate risk. Effective risk management involves identifying, measuring, monitoring, and controlling risks. Banks must have robust policies, strategies, organizational structures, and systems in place to properly manage risks like establishing risk limits, risk grading, and risk mitigation techniques. Proper risk management is essential for the long-term success of banks.
Introduction to Risk Management and Sources of Risk.pptxmanjujayakumar2
This document provides an introduction to risk management. It defines risk as the deviation from expected outcomes that can negatively impact plans. Risk management is important for mitigating threats, conforming to standards, and enabling business growth. There is a relationship between risk and return, with higher risk investments typically offering higher returns. Tools like the efficient frontier and Capital Asset Pricing Model are used to assess risk-return tradeoffs of investments. The goals of risk management are to identify risks, measure them, monitor them, and control risks.
Five Lines of Assurance A New ERM and IA ParadigmTim Leech
The document discusses a new paradigm called "Five Lines of Assurance" for internal audit and enterprise risk management. It was created to help organizations meet escalating expectations from regulators, credit agencies, institutional investors, and others regarding risk oversight and governance. The Five Lines of Assurance model focuses on an "Objectives Register" that prioritizes key strategic objectives and potential risks. It aims to integrate risk management and assurance functions, engage boards and management, and provide optimized assurance on whether residual risks are within the organization's risk appetite. The model is presented as helping organizations demonstrate effective risk oversight, integrate risk with strategic planning, and meet emerging governance standards.
Five lines of assurance a new paradigm in internal audit & ermDr. Zar Rdj
• Boards are provided with a tangible vehicle to demonstrate they are actively overseeing the company’s “risk appetite framework” (“RAF”)
• The process is designed to fully integrate with strategic planning, new product/service initiatives, and M&A activities.
• The process provides a clear response to emerging expectations like the UK Governance Code, Canadian Securities Administrators, SEC, FSB, credit agencies, institutional investors and TSB.
• The main role of internal audit is to report on the effectiveness of the risk management processes and the consolidated report on residual risk status the board receives from the CEO or his/her designate and to help the company build and maintain robust risk management processes
• Boards are provided with a tangible vehicle to demonstrate they are actively overseeing the company’s “risk appetite framework” (“RAF”)
• The process is designed to fully integrate with strategic planning, new product/service initiatives, and M&A activities.
• The process provides a clear response to emerging expectations like the UK Governance Code, Canadian Securities Administrators, SEC, FSB, credit agencies, institutional investors and TSB.
• The main role of internal audit is to report on the effectiveness of the risk management processes and the consolidated report on residual risk status the board receives from the CEO or his/her designate and to help the company build and maintain robust risk management processes.
Basel II aims to establish a more risk-sensitive approach to capital adequacy by addressing three main areas or pillars: minimum capital requirements, supervisory review, and market discipline. It requires banks to hold capital reserves proportional to their credit, market, and operational risk. The framework allows two approaches for calculating credit risk - a standardized approach and internal ratings-based approaches. Pillar 2 covers supervisory review to ensure banks have adequate capital for all risks and encourage better risk management. Pillar 3 focuses on market discipline through public disclosures.
This document provides information about the Certified in Finance (CFR) certification program from the American Academy of Finance Management (AAFM). It includes the table of contents, descriptions of financial risk management functions and objectives, and the syllabus for the Finance Risk Management certification. The syllabus covers topics like interest rate risk, foreign exchange risk, liquidity risk, and risk measurement. It also provides background on AAFM, its board of standards, and international recognition.
How to Create a Risk Profile for Your Organization: 10 Essential StepsCase IQ
Understanding your organization’s risks is the first step in developing an effective anti-corruption compliance program. But for many businesses, identifying and understanding their risks is a complex process, involving research, analysis and cooperation from all levels of the organization. Since every company needs a robust compliance program, an effective risk analysis is crucial. The consequences of getting this step wrong can be astronomical.
Join anti-corruption experts Marc Tassé and Patrice Poitevin, as they outline the steps and tools necessary to create a risk profile for your organization.
The webinar will cover:
Tools to help determine areas of risk
Factors to evaluate
The importance of due diligence once risks are identified
Continuous evaluation of your compliance program
How to achieve accountability and transparency
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
This document discusses risk based internal auditing and sampling techniques. It begins with an agenda and definitions of risk, risk management, and the three lines of defense model. It then covers topics like risk identification, evaluation, scoring, developing a risk based internal audit plan, criteria for rating observations, and tools used for auditing. Sampling techniques discussed include random selection, systematic selection, monetary unit sampling, haphazard selection and block selection. Guidelines are provided for determining appropriate sample sizes based on the frequency of control activities.
This document discusses risk and risk management. It begins with an overview of risk categories and types of organizational risks. It then covers establishing the risk management process, which includes identifying risks, analyzing them, integrating risks, assessing and prioritizing risks, and treating risks. It emphasizes that risk management is an ongoing process that requires monitoring and review. It also discusses risk response options and implementing controls assurance through various lines of defense and independent assurance.
1) The document discusses enterprise risk management concepts and frameworks. It outlines key risks faced in healthcare such as regulatory risks, operational risks, and reputational risks.
2) An effective risk management program can help organizations avoid surprises, improve governance, and ensure objectives are met without disruptions. The document provides examples of risk organization structures and processes for identification, assessment, and response.
3) Moving forward, the organization will validate risk registers, identify top 15 risks for rigorous management, and review mitigation progress of these risks in monthly leadership meetings. A risk polarization survey will also be conducted regularly.
The document provides an overview of regulatory requirements and the Supervisory Review and Evaluation Process (SREP). It discusses key elements that supervisors will assess including business models, internal governance, risks to capital and liquidity, and institutions' Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP). The SREP involves scoring institutions on a scale of 1 to 4 based on these elements. ICAAP and ILAAP are important inputs to the assessment of risks to capital and liquidity. The document outlines expectations for ICAAP and ILAAP including governance, design, integration with business strategy, risks considered, and stress testing.
The document discusses risk management systems in banks. It outlines the various types of risks banks face, including credit, interest rate, foreign exchange, liquidity, equity price, commodity price, legal, regulatory, reputational, operational and more. It emphasizes the importance of identifying, measuring, monitoring and controlling risks. The document then describes key aspects of an effective risk management structure in banks such as organizational structure, risk measurement approaches, policies set by the board, risk limits, management information systems, risk reporting frameworks, and periodic review.
Building out a Robust and Efficient Risk Management - Alan CheungLászló Árvai
Credit Derivatives are off-balance sheet financial statements that permit one party to transfer the risk of a reference asset, which it typically owns, to another one party (the guarantor) without actually selling the assets.
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...Susan Young
The document discusses embedding an organization's Own Risk and Solvency Assessment (ORSA) and linking it to business strategy and risk appetite. It covers defining risk limits, articulating risk appetite statements, embedding risk appetite throughout the organization, and linking risk appetite to the ORSA process. The ORSA helps ensure risk appetite remains aligned with business plans and strategies and is a key component of an effective risk management system.
This document provides an overview of risk management concepts including enterprise risk management (ERM), own risk and solvency assessment (ORSA), economic capital modeling, continuity analysis, and the role of supervision. It discusses key aspects of ERM frameworks, governance structures, developing risk functions, risk policies, risk profiling processes, and qualitative and quantitative risk evaluation methods. It also outlines the purposes and processes of economic capital models, continuity analysis, and supervisory oversight. Soft skills training is also briefly mentioned.
The document provides an overview of risk management in the Indian banking sector. It discusses various types of risks banks face, including credit, market, liquidity, operational, and solvency risks. It describes the risk management process and approaches to capital allocation for operational risk under the Basel accords. The document aims to educate readers on identifying and mitigating risks to enhance efficiency and governance in Indian banks.
The document discusses the five phases of risk management process: establish context, identify risks, analyze risks, evaluate risks, and treat risks. It also discusses establishing the strategic, organizational, risk management, and project contexts. Key risk categories are described such as operational, schedule, budget, business, and technical environment risks. Risk assessment and handling strategies like retaining, abating, mitigating, transferring, and avoiding risks are also summarized. Types of changes and the ADKAR change management model are defined.
Finance is the procurement (to get, obtain) of funds and effective (properly planned) utilization of funds. It also deals with profits that adequately compensate for the cost and risks borne by the business
The document outlines Peter Moore's presentation on creating value through enterprise risk management. It discusses barriers to success like poor frameworks and engagement. It also covers risk management frameworks, focusing on simplicity and intuitiveness. Other sections explain risk appetite and tolerance, integrating risk management into business processes, and using key risk indicators to monitor risks. The goal is to establish a clear risk framework that creates value by better informing decision-making and resource allocation.
See on minu Patagoonia reisikirja terviktekst. Sama reisi slaidid leiab siit: https://www.slideshare.net/slideshow/patagoonia-avastamise-retk-veebruarismrtsis-2024/266955843
More Related Content
Similar to Risk Management in Banks - Overview (May 2024)
Risk management in banks is important as banks are exposed to various risks in the changing Indian economy. The key risks include credit risk, market risk, operational risk, and legal risk. Effective risk management involves identifying risks, measuring them quantitatively and qualitatively, monitoring exposures, and taking steps to mitigate risks. Banks must have robust policies, processes, and systems to properly identify, measure, control, and manage the various risks they face.
Risk management in banks is important as banks are exposed to various risks in the changing Indian economy. The key risks include credit risk, market risk, operational risk, liquidity risk, and interest rate risk. Effective risk management involves identifying, measuring, monitoring, and controlling risks. Banks must have robust policies, strategies, organizational structures, and systems in place to properly manage risks like establishing risk limits, risk grading, and risk mitigation techniques. Proper risk management is essential for the long-term success of banks.
Introduction to Risk Management and Sources of Risk.pptxmanjujayakumar2
This document provides an introduction to risk management. It defines risk as the deviation from expected outcomes that can negatively impact plans. Risk management is important for mitigating threats, conforming to standards, and enabling business growth. There is a relationship between risk and return, with higher risk investments typically offering higher returns. Tools like the efficient frontier and Capital Asset Pricing Model are used to assess risk-return tradeoffs of investments. The goals of risk management are to identify risks, measure them, monitor them, and control risks.
Five Lines of Assurance A New ERM and IA ParadigmTim Leech
The document discusses a new paradigm called "Five Lines of Assurance" for internal audit and enterprise risk management. It was created to help organizations meet escalating expectations from regulators, credit agencies, institutional investors, and others regarding risk oversight and governance. The Five Lines of Assurance model focuses on an "Objectives Register" that prioritizes key strategic objectives and potential risks. It aims to integrate risk management and assurance functions, engage boards and management, and provide optimized assurance on whether residual risks are within the organization's risk appetite. The model is presented as helping organizations demonstrate effective risk oversight, integrate risk with strategic planning, and meet emerging governance standards.
Five lines of assurance a new paradigm in internal audit & ermDr. Zar Rdj
• Boards are provided with a tangible vehicle to demonstrate they are actively overseeing the company’s “risk appetite framework” (“RAF”)
• The process is designed to fully integrate with strategic planning, new product/service initiatives, and M&A activities.
• The process provides a clear response to emerging expectations like the UK Governance Code, Canadian Securities Administrators, SEC, FSB, credit agencies, institutional investors and TSB.
• The main role of internal audit is to report on the effectiveness of the risk management processes and the consolidated report on residual risk status the board receives from the CEO or his/her designate and to help the company build and maintain robust risk management processes
• Boards are provided with a tangible vehicle to demonstrate they are actively overseeing the company’s “risk appetite framework” (“RAF”)
• The process is designed to fully integrate with strategic planning, new product/service initiatives, and M&A activities.
• The process provides a clear response to emerging expectations like the UK Governance Code, Canadian Securities Administrators, SEC, FSB, credit agencies, institutional investors and TSB.
• The main role of internal audit is to report on the effectiveness of the risk management processes and the consolidated report on residual risk status the board receives from the CEO or his/her designate and to help the company build and maintain robust risk management processes.
Basel II aims to establish a more risk-sensitive approach to capital adequacy by addressing three main areas or pillars: minimum capital requirements, supervisory review, and market discipline. It requires banks to hold capital reserves proportional to their credit, market, and operational risk. The framework allows two approaches for calculating credit risk - a standardized approach and internal ratings-based approaches. Pillar 2 covers supervisory review to ensure banks have adequate capital for all risks and encourage better risk management. Pillar 3 focuses on market discipline through public disclosures.
This document provides information about the Certified in Finance (CFR) certification program from the American Academy of Finance Management (AAFM). It includes the table of contents, descriptions of financial risk management functions and objectives, and the syllabus for the Finance Risk Management certification. The syllabus covers topics like interest rate risk, foreign exchange risk, liquidity risk, and risk measurement. It also provides background on AAFM, its board of standards, and international recognition.
How to Create a Risk Profile for Your Organization: 10 Essential StepsCase IQ
Understanding your organization’s risks is the first step in developing an effective anti-corruption compliance program. But for many businesses, identifying and understanding their risks is a complex process, involving research, analysis and cooperation from all levels of the organization. Since every company needs a robust compliance program, an effective risk analysis is crucial. The consequences of getting this step wrong can be astronomical.
Join anti-corruption experts Marc Tassé and Patrice Poitevin, as they outline the steps and tools necessary to create a risk profile for your organization.
The webinar will cover:
Tools to help determine areas of risk
Factors to evaluate
The importance of due diligence once risks are identified
Continuous evaluation of your compliance program
How to achieve accountability and transparency
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
This document discusses risk based internal auditing and sampling techniques. It begins with an agenda and definitions of risk, risk management, and the three lines of defense model. It then covers topics like risk identification, evaluation, scoring, developing a risk based internal audit plan, criteria for rating observations, and tools used for auditing. Sampling techniques discussed include random selection, systematic selection, monetary unit sampling, haphazard selection and block selection. Guidelines are provided for determining appropriate sample sizes based on the frequency of control activities.
This document discusses risk and risk management. It begins with an overview of risk categories and types of organizational risks. It then covers establishing the risk management process, which includes identifying risks, analyzing them, integrating risks, assessing and prioritizing risks, and treating risks. It emphasizes that risk management is an ongoing process that requires monitoring and review. It also discusses risk response options and implementing controls assurance through various lines of defense and independent assurance.
1) The document discusses enterprise risk management concepts and frameworks. It outlines key risks faced in healthcare such as regulatory risks, operational risks, and reputational risks.
2) An effective risk management program can help organizations avoid surprises, improve governance, and ensure objectives are met without disruptions. The document provides examples of risk organization structures and processes for identification, assessment, and response.
3) Moving forward, the organization will validate risk registers, identify top 15 risks for rigorous management, and review mitigation progress of these risks in monthly leadership meetings. A risk polarization survey will also be conducted regularly.
The document provides an overview of regulatory requirements and the Supervisory Review and Evaluation Process (SREP). It discusses key elements that supervisors will assess including business models, internal governance, risks to capital and liquidity, and institutions' Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP). The SREP involves scoring institutions on a scale of 1 to 4 based on these elements. ICAAP and ILAAP are important inputs to the assessment of risks to capital and liquidity. The document outlines expectations for ICAAP and ILAAP including governance, design, integration with business strategy, risks considered, and stress testing.
The document discusses risk management systems in banks. It outlines the various types of risks banks face, including credit, interest rate, foreign exchange, liquidity, equity price, commodity price, legal, regulatory, reputational, operational and more. It emphasizes the importance of identifying, measuring, monitoring and controlling risks. The document then describes key aspects of an effective risk management structure in banks such as organizational structure, risk measurement approaches, policies set by the board, risk limits, management information systems, risk reporting frameworks, and periodic review.
Building out a Robust and Efficient Risk Management - Alan CheungLászló Árvai
Credit Derivatives are off-balance sheet financial statements that permit one party to transfer the risk of a reference asset, which it typically owns, to another one party (the guarantor) without actually selling the assets.
The Role of Risk Appetite in embedding the ORSA and linking with Business Str...Susan Young
The document discusses embedding an organization's Own Risk and Solvency Assessment (ORSA) and linking it to business strategy and risk appetite. It covers defining risk limits, articulating risk appetite statements, embedding risk appetite throughout the organization, and linking risk appetite to the ORSA process. The ORSA helps ensure risk appetite remains aligned with business plans and strategies and is a key component of an effective risk management system.
This document provides an overview of risk management concepts including enterprise risk management (ERM), own risk and solvency assessment (ORSA), economic capital modeling, continuity analysis, and the role of supervision. It discusses key aspects of ERM frameworks, governance structures, developing risk functions, risk policies, risk profiling processes, and qualitative and quantitative risk evaluation methods. It also outlines the purposes and processes of economic capital models, continuity analysis, and supervisory oversight. Soft skills training is also briefly mentioned.
The document provides an overview of risk management in the Indian banking sector. It discusses various types of risks banks face, including credit, market, liquidity, operational, and solvency risks. It describes the risk management process and approaches to capital allocation for operational risk under the Basel accords. The document aims to educate readers on identifying and mitigating risks to enhance efficiency and governance in Indian banks.
The document discusses the five phases of risk management process: establish context, identify risks, analyze risks, evaluate risks, and treat risks. It also discusses establishing the strategic, organizational, risk management, and project contexts. Key risk categories are described such as operational, schedule, budget, business, and technical environment risks. Risk assessment and handling strategies like retaining, abating, mitigating, transferring, and avoiding risks are also summarized. Types of changes and the ADKAR change management model are defined.
Finance is the procurement (to get, obtain) of funds and effective (properly planned) utilization of funds. It also deals with profits that adequately compensate for the cost and risks borne by the business
The document outlines Peter Moore's presentation on creating value through enterprise risk management. It discusses barriers to success like poor frameworks and engagement. It also covers risk management frameworks, focusing on simplicity and intuitiveness. Other sections explain risk appetite and tolerance, integrating risk management into business processes, and using key risk indicators to monitor risks. The goal is to establish a clear risk framework that creates value by better informing decision-making and resource allocation.
Similar to Risk Management in Banks - Overview (May 2024) (20)
See on minu Patagoonia reisikirja terviktekst. Sama reisi slaidid leiab siit: https://www.slideshare.net/slideshow/patagoonia-avastamise-retk-veebruarismrtsis-2024/266955843
The AltFi Lending Summit 2023 focused on the following key themes:
- The macro-credit environment is resilient yet consumers and businesses face financial squeezes.
- Artificial intelligence, automation, and digitalization are being used to make better use of data for risk assessment, fraud detection, and client relationships.
- Profitability has become a priority for fintech companies in the current economic environment.
- Strategic partnerships and acquisitions are helping companies expand their capabilities.
- Regulation and rising interest rates present challenges that companies are working to address through technology and new business strategies.
This travel journal is about my 2023 summer trip to Georgia, the country at the intersection of Europe and Asia.
The one word I would use to describe Georgia is DIVERSE. I still wonder how much variety I did experience while visiting just this one country. It was familiar and unfamiliar. There were mountains and sea and almost desert-like areas. I could see sights from different eras and meet people with different attitudes. Of course, there were common denominators, too – like cows on the roads.
My approach was this: where I can reasonably walk, there I walk – and where I cannot, I use budget-friendly transportation.
Here are some memorable moments:
• Standing hand-in-hand with strangers in the strong current of the ice-cold river originating from the nearby glacier
• Breaking my record of meters climbed during one day
• Marshrutka adventures, including ‘party bus’ and ‘rally bus’
• Feeling like a competitive eater facing the next food challenge
• Getting through hostile bushes – I have never been this scratched before!
• Confronting ‘Georgian gorillas’ in the corridor
• Major water outage: kneeing to get some water from the half-empty fountain in the central square of Mtskheta
• All lights going off in Gori; sirens and people with lamps behind my hotel room’s window
• Bokneti rural experience, including a broken bathroom and getting to know someone who knew about the Estonian start-up community more than me on these days
• Climbing up to the walls of Ananuri Fortress
Yeah. Most memorable moments are often unplanned challenges.
Gruusia on väga mitmekesine maa. Siin on piltides minu 2023. aasta suvetripp sinna - midagi igast päevast.
Leia reisi videoblogi YouTube's siin: https://www.youtube.com/playlist?list=PLk3KJWs0RSoc5CorTcYp1VjR7s19v-wlC
Minu Bali Reisi Päevikud (Veebruar-Märts 2023)Kristi Rohtsalu
Reisipäevikutes oma esimeselt reisilt Jumalate Saareks ja Tuhande Templi Saareks nimetatud Balile jutustan ja illustreerin fotodega päev päeva kaupa, kuidas seda nö paradiisisaart otsast avastasin ja kogesin. Lõpuks teen väikese kokkuvõtte: algne ettekujutus ja tegelikkus. Mitte, et ma Baliga nüüd kuu aja jooksul päriselt tuttavaks sain – ikka esmamulje põhjal ning läbi inimese perspektiivi, kellele meeldib kõndida.
***
Hetki:
[…] Aga ei: turvavööde kinnitamist nõudvad tulukesed olid kustus. Küll aga jätkusid mulle seni tundmatud häiresignaalid ning lennuki laes istete kohal sähvisid kõrvuti punased ja rohelised valgused. […]
[…] Vasakut ja paremat kätt jäi nüüd paras väike džungel ning… umbes kümme meetrit minust eespool läks rahulikult üle tee ligi meetri pikkune ja korraliku käsivarre jämedune krokodilli-laadne elukas. […]
[…] Pandi maha, näidati, millisest uksest sisse minna… Ja sõidutamise eest mingit tasu ei küsitudki! Kui tänamiseks ümber pöörasis, oli mees rolleriga juba kadunud – oli lihtsalt mulle teene teinud. […]
[…] Tumepunastes religioossetes riietes meesterahvad istusid ’laval’ ja ’esinesid’. Vähemasti ma arvasin, et see oli lava ja et nad esinesid. Kuidas ma eksisin! […]
[…] Jällegi ‘kleepis’ ennast minu kõrvale üks suhteliselt tüütu rolleriga meeskodanik. Seletas, et tahab mind aidata: viib Sampalani ära. Vastasin, et Sampalani on jäänud alla viie kilomeetri ja ma TAHAN ise kõndida. […]
[…] Ronisin kusagile üles ja astusin lukustamata klaasuksest sisse. Tundus, nagu olnuksin sattunud mingi parajasti asustamata luksusliku ruumi või sviidi rõdule; pimedas ei saanud täpselt aru. Seal leidus võrkkiik, milles tükk aega varbaid sirutasin. Õhtu oli soe, ent mitte palav. Lihtsalt mõnus oli niimoodi olla ja mitte midagi teha. […]
[…] Olin selleks ajaks juba piisavalt palju turninud ja ekselnud; otsustasin, et nüüd küll on aeg ots ümber pöörata ning tuldud teed mööda tagasi minna. Nii lihtne see küll ei olnud! Need rajakesed ajasid kohutavalt segadusse. […]
[…] Meil vedas: nägime lausa kahte suurt kilpkonna päris lähedalt. Nägime kohe nii lähedalt, et kellelgi meie pundist õnnestus ühte neist kogemata riivata. […]
[…] „Mis siin toimub?“ imestasin hiljem õhtul kolmveerand kuue paiku oma villa lähedal asuvasse Kedungu Beach’i nimelisse randa jalutades.
Rannaeelne parkimisala oli tihedalt täis rollereid, inimesi, igasugu söögi- ja joogiputkasid… […]
[…] Turnisin väheke mööda templi serva ehitatud treppi ja… Uugh, seal sebis ringi korralik trobikond suuri musti skorpione! […]
Lenders find themselves in a challenging new post-pandemic economic environment, battling both rising rates and soaring inflation. While consumer lending faces headwinds, there is still growth and innovation. Keywords from the AltFi lending Summit 2022 were revenue-based lending, green finance and buy now pay later for business, but also new lending innovations.
Innovating through the slowdown. 3 November 2022, London – In-Person. These are my notes from the event.
Rännates Alpides ja vahemerelises Euroopas suvel 2022Kristi Rohtsalu
Auring Mont Blanc’ile (omal moel), suvised suusakuurortid peamiselt Prantsuse Alpides, pikad ja kuumad päevad teel rannaväravasse, vein ja viinamarjad vahemerelisel Lõuna-Prantsusmaal, Costa Brava, Barcelona ning puhkamine puhkusest Mallorca saarel... Sellesse umbes 1,500 kilomeetri pikkusse ning paarikümmet tuhandet tõusumeetrit sisaldavasse ligi kolme kuu pikkusse suvereisi mahtus üht-koma-teist.
Kummalised lauakombed ja mõistatuslik laud ühele; torm Alpides; üle aia ronimised ja keelumärkidest üleastumised; sekeldused Intermarché turvameestega; mustad pullid; rallivõistluse boksipeatusse eksimine; puslepildi vaated; Déjà vu; mind kangesti aidata soovinud prantsuse proua; Kõigi Kadunud Asjade Maale pagev hotelli uksekaart; kogemata minu kaamera ette jäänud UFO/UAP; pilliroopadrikust välja karanud aadamaülikonnas hipi; kohalikud ratturid peatamas mind alla hüppamise katsel (ja ei, ma ei kavatsenud sooritada enesetappu 😉); rõõm väikestest asjadest; mäed, higistamine, rannad...
Tegin ka jooksvat videoblogi: https://www.youtube.com/playlist?list=PLk3KJWs0RSoewLNoNM5SNRKHPd-wXXZz2
Notes from AltFi Festival of Finance 2022 in LondonKristi Rohtsalu
AltFi Festival of Finance 2022 was a two-day in-person extravaganza exploring innovation in fintech, banking, and lending in the UK and across Europe. About 60 speakers and 300 attendees were present at the prestigious Park Plaza London Riverbank. These are my notes and takeaways from the event.
Here are the keywords:
Trust, ESG,
Cost of living crisis, Post-COVID, Supporting Ukraine & Ukrainian refugees
30+ banking licenses issued in UK over the last few years, huge investment rounds in FinTech
Payments, BNLP & BNLP 2.0, Challenger Credit Cards, Embedded Finance
Open Banking , Open Finance
High Net Worth Neobanking
Crypto & Web3, Metaverse
FinTech advice to the incumbent banks
Hybrid working and remote working
HR, international talent and four-day workweek
On 11 February 2022 I packed my stuff, passed mandatory COVID procedures – COVID testing, electronic forms, Lufthansa document check – and checked in to my flight. Outside, the temperature was 1°C; it was wet and slippery. New COVID cases in Estonia were skyrocketing. I was heading to Gran Canaria, the place that I had picked for my next winter office.
[…]
After the sleepless night I spent most of the flying time sleeping. At my arrival to Estonia, the spring was just about to begin. It was March 20th. There sky was cloudless. I had never had such a clear view to my home country…
***
This is my diary about the life in between: Winter Office in Gran Canaria, February-March2022.
“I am always here to help you” host in La Aldea de San Nicolás…
Explosion of the egg…
Mystical disappearance of the motorcyclists near Andén Verde…
The story of broken lock in Maspalomas…
Touching Roque Nublo…
“Pilgrimage” to Teror…
“Can I ask you a personal question? Aren’t you afraid?”
The most beautiful sunset I have ever seen…
They got a wild ride. I found my adventures and restored my inner balance…
Tallataksoga Lõuna-Saksamaa, otsaga Austrias – reisipäevikuid suvest 2021 Kristi Rohtsalu
Mõned märksõnad minu suvistest rännakutest Lõuna-Saksamaal ning otsapidi Austrias:
Odenwald ja Schwarzwald e Must Mets; Konstanz’i järv e Bodensee; Baieri Alpid; Romantiline Tänav.
60+ päeva teel; 1,390 kilomeetrit astumist.
Maalilised varahommikud, kuldsed viljapõllud, mägised vaated ja panoraamid; katkematu lehmakellade kolin (või helin) ja sagedased kirikukellade löögid.
Krimpslikud ploomid, maisitõlvikud ja viinamarjad.
Matkarajad ja puhkeonnid; ’lebotoolid’ ja porimülkad.
Muinasjutumetsad ja -majad; keskaegsete kindluste varemed ja uhked lossid; tipud ja kuristikud.
Palavad päevad ja kuumalaine hoiatus; pidev vihm, üleujutuste ja maalihete hoiatus; äike, mis hoiab öö välgusähvatustest valgena.
Rõõmsad kokkusattumised. Sekeldused hotelliarvetega.
Teele asumised ja kohalejõudmised – ning aeg seal vahepeal.
Nüüd on see tehtud. Minu suvereis 2021 on tehtud. Oma reisipäevikus räägin kõigest põhjalikult, päev päeva kaupa.
The document summarizes key discussions and themes from The AltFi Festival of Finance 2020 virtual conference.
The conference covered the impacts of COVID-19 on fintech and alternative finance sectors. Lending platforms discussed navigating an overwhelming number of applications while continuing or pausing lending. Open banking was a major topic as a solution for financial challenges. Leaders emphasized adapting to change, supporting economic recovery, and delivering better customer experiences. Future prospects focused on digital transformation accelerating due to COVID, open banking and APIs powering innovation, and financial inclusion gaining traction.
This document discusses consistent implementation of credit risk models for regulatory capital requirements (IRB models) and expected credit loss estimates (IFRS 9 models). While many banks derived IFRS 9 parameters from existing IRB models, this led to unnecessary complexity and inconsistencies. The document recommends developing both types of models together from scratch based on the same data and modeling approaches. This would result in more holistic, consistent, and efficient credit risk modeling where the models share a common basement but have different outputs tailored for regulatory capital versus impairment calculations.
Kristi spent two days exploring Oslo, Norway's capital city. On the first day, she went on a 20km walk, seeing sights like the Ekeberg Sculpture Park with its unusual sculptures. She enjoyed the views of Oslo from the harbor promenade. The next day, she visited the Vigeland Sculpture Park, known for its many nude human figures in various poses. She also went to the Viking Ship Museum to learn about Norway's Viking history. While in Oslo, she noticed fewer tourists than usual due to the COVID-19 pandemic.
Baltic coastal hiking 2020 from Tallinn to RigaKristi Rohtsalu
The summer came different this year (2020). I had to change my original travel plans, take a backpack and get going (walking) from the doorstep of my home, literally so... That's the story of my walk from the capital of Estonia to the capital of Latvia.
The document summarizes notes from the AltFi Berlin Summit 2019 exploring scaling up European fintech. Key discussions included how open banking can become an industry standard connecting customers to specialized products, the challenges of alternative lending in Germany including a slower regulatory environment and lack of data access compared to the UK, and insights from Klarna on being Europe's most valuable fintech with a $5.5 billion valuation through focusing on the customer experience. Regulators need to keep up with digital finance innovation was also discussed.
My notes from the event that discussed the trend of FinTechs moving into the public markets
The event page: https://www.altfi.com/events/altfi-fintech-investor-forum
Comparing Stability and Sustainability in Agile SystemsRob Healy
Copy of the presentation given at XP2024 based on a research paper.
In this paper we explain wat overwork is and the physical and mental health risks associated with it.
We then explore how overwork relates to system stability and inventory.
Finally there is a call to action for Team Leads / Scrum Masters / Managers to measure and monitor excess work for individual teams.
12 steps to transform your organization into the agile org you deservePierre E. NEIS
During an organizational transformation, the shift is from the previous state to an improved one. In the realm of agility, I emphasize the significance of identifying polarities. This approach helps establish a clear understanding of your objectives. I have outlined 12 incremental actions to delineate your organizational strategy.
A presentation on mastering key management concepts across projects, products, programs, and portfolios. Whether you're an aspiring manager or looking to enhance your skills, this session will provide you with the knowledge and tools to succeed in various management roles. Learn about the distinct lifecycles, methodologies, and essential skillsets needed to thrive in today's dynamic business environment.
Org Design is a core skill to be mastered by management for any successful org change.
Org Topologies™ in its essence is a two-dimensional space with 16 distinctive boxes - atomic organizational archetypes. That space helps you to plot your current operating model by positioning individuals, departments, and teams on the map. This will give a profound understanding of the performance of your value-creating organizational ecosystem.
Enriching engagement with ethical review processesstrikingabalance
New ethics review processes at the University of Bath. Presented at the 8th World Conference on Research Integrity by Filipa Vance, Head of Research Governance and Compliance at the University of Bath. June 2024, Athens
Impact of Effective Performance Appraisal Systems on Employee Motivation and ...Dr. Nazrul Islam
Healthy economic development requires properly managing the banking industry of any
country. Along with state-owned banks, private banks play a critical role in the country's economy.
Managers in all types of banks now confront the same challenge: how to get the utmost output from
their employees. Therefore, Performance appraisal appears to be inevitable since it set the
standard for comparing actual performance to established objectives and recommending practical
solutions that help the organization achieve sustainable growth. Therefore, the purpose of this
research is to determine the effect of performance appraisal on employee motivation and retention.
Originally presented at XP2024 Bolzano
While agile has entered the post-mainstream age, possibly losing its mojo along the way, the rise of remote working is dealing a more severe blow than its industrialization.
In this talk we'll have a look to the cumulative effect of the constraints of a remote working environment and of the common countermeasures.
Sethurathnam Ravi: A Legacy in Finance and LeadershipAnjana Josie
Sethurathnam Ravi, also known as S Ravi, is a distinguished Chartered Accountant and former Chairman of the Bombay Stock Exchange (BSE). As the Founder and Managing Partner of Ravi Rajan & Co. LLP, he has made significant contributions to the fields of finance, banking, and corporate governance. His extensive career includes directorships in over 45 major organizations, including LIC, BHEL, and ONGC. With a passion for financial consulting and social issues, S Ravi continues to influence the industry and inspire future leaders.
Ganpati Kumar Choudhary Indian Ethos PPT.pptx, The Dilemma of Green Energy Corporation
Green Energy Corporation, a leading renewable energy company, faces a dilemma: balancing profitability and sustainability. Pressure to scale rapidly has led to ethical concerns, as the company's commitment to sustainable practices is tested by the need to satisfy shareholders and maintain a competitive edge.
Designing and Sustaining Large-Scale Value-Centered Agile Ecosystems (powered...Alexey Krivitsky
Is Agile dead? It depends on what you mean by 'Agile'. If you mean that the organizations are not getting the promised benefits because they were focusing too much on the team-level agile "ways of working" instead of systemic global improvements -- then we are in agreement. It is a misunderstanding of Agility that led us down a dead-end. At Org Topologies, we see bright sparks -- the signs of the 'second wave of Agile' as we call it. The emphasis is shifting towards both in-team and inter-team collaboration. Away from false dichotomies. Both: team autonomy and shared broad product ownership are required to sustain true result-oriented organizational agility. Org Topologies is a package offering a visual language plus thinking tools required to communicate org development direction and can be used to help design and then sustain org change aiming at higher organizational archetypes.
A team is a group of individuals, all working together for a common purpose. This Ppt derives a detail information on team building process and ats type with effective example by Tuckmans Model. it also describes about team issues and effective team work. Unclear Roles and Responsibilities of teams as well as individuals.
Colby Hobson: Residential Construction Leader Building a Solid Reputation Thr...dsnow9802
Colby Hobson stands out as a dynamic leader in the residential construction industry. With a solid reputation built on his exceptional communication and presentation skills, Colby has proven himself to be an excellent team player, fostering a collaborative and efficient work environment.
2. Introductory remarks
Risk is at the heart of banking – and so is risk management. In a regulated bank, it is crucial to take a holistic view:
• From economic perspective, see risk as cost of doing business, and risk management as the way to control and (possibly) lower that cost.
• From normative perspective, meet the regulatory requirements to protect the banking license.
• See economic and normative perspective as complementary to each other.
This material gives an overview of the enterprise risk management in banks; specifics by risk type – credit risk, market risk, operational risk,
liquidity risk and other relevant risks – are not discussed here. Considerations only relevant to systemically important banks are not covered; the
focus is on smaller and less complex banks. Regulatory topics refer to the regulatory frameworks as applied in the European Union, including
but not limited to Capital Requirements Directive (CRD IV) and Capital Requirements Regulation (CRR), and Bank Recovery and Resolution
Directive (BRRD).
The term ‘bank’ also refers to the banking group. ‘Institution’ is a more general term which covers banks and other institutions for which CRD
IV, CRR and BRRD apply; therefore, the term is used in the regulatory documents, guidelines and technical standards.
‘Senior management’ refers to the management body in its management function. ‘Supervisory board’ or ‘Board’ refers to the management
body in its supervisory function. These terms should be interpreted in accordance with the applicable law and organization structure.
2
3. Contents
• Risks in banking
• Risk management process and risk culture
• Risk Appetite Framework (RAF)
• Principle of proportionality and risk-based approach to risk management
• Risk governance and -organization
• Basel III and reporting frameworks
• The three pillars of Basel III
• Regulatory capital and liquidity adequacy ratios
• COREP and FINREP
• Regulatory processes
• Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Assessment Process (ILAAP)
• Supervisory Review and Evaluation Process (SREP)
• Recovery planning
• Stress testing and stress testing programs
• Inserting risk management considerations into credit pricing
• Appendices
• Abbreviations
• Links and references
3
5. What is risk (in business and in banking)?
• In general terms, risk is cost of doing business.
• In financial terms, risk is the potential negative
impact to the value of business.
• For practical purposes, risk can also be defined as a
potential negative deviation from the expected
financial results. In that sense:
• Expected loss (EL) does not represent a risk,
because it is expected and therefore
provisioned.
• The risk lies in the unexpected loss (UL)
which is the negative deviation from the
expected loss.
• Risk is to be covered with adequate amounts of
capital and liquid assets such as cash.
• …And here we go again: cost of capital and
cost of liquidity factor in as costs of doing
business (besides other expenses).
5
Expected and Unexpected Loss in economic capital model
6. Risks in today’s banking (illustration)*
6
• Capital risk: Insufficient level or composition of capital to cover applicable capital requirements and support business activities under normal economic environments or stressed
conditions
• Credit risk: The risk that a counterparty fails to meet its obligations towards the bank and that the pledged collateral does not cover the claims
• Market risk, incl. interest rate risk in banking book (IRRBB): The risk to value, earnings, capital or exposure arising from movements of risk factors in financial markets
• Liquidity & funding risk: The risk of not being able to meet payment obligations and support business activities without incurring considerable additional costs for obtaining funds
or losses due to asset fire-sales
• Operational risk: The risk of losses, business process disruptions and negative reputational impact resulting from inadequate or failed internal processes, human errors and
systems, or from external events; sub-types of operational risk include (but are not limited to) the following:
• Process risk
• People risk aka personnel risk
• ICT & Information security risks
• AI risk & model risk
• Third-party / outsourcing risk
• Legal risk
• External fraud risk
• Regulatory compliance risk, incl. conduct risk and ML/TF risk: The risk of failure to fulfil and meet the external and internal regulations applicable to the licensed operations
• Strategic and business risk: Risk of losses, including in the form of foregone revenues or additional costs, due to failed business model, poor strategical planning and/or decisions,
or due to poor reputation not supporting strategic goals
• ESG risk: The risk of any current or prospective negative impact stemming from Environmental, Social or Governance (ESG) factors
• Reputation risk: Risk of losing reputation as a negative consequence resulting from the realization of one or several main risks
* This is an illustration only. Risk taxonomy may be different for different banks. One should also note interconnectedness of different risks as well as risk
concentrations.
8. Risk management process
8
Identify
(‘gross
approach’)
Assess &
Measure
Manage &
Mitigate
Monitor
Report
• Business model analysis
• Evaluating specific products and services
• Evaluating internal processes and systems
• Evaluating external environment
• Stress testing to include forward-looking
perspective
Estimation of the likelihood and
potential impact:
• Qualitative analysis
• Quantitative assessment
Strategies to manage, mitigate
and/or eliminate risks, e.g.:
• Implementing control measures
• Improving processes
• Investing into technology
• Transferring risks through insurance
Monitor and review continually a)
inherent risks, and b) effectiveness
of risk mitigation strategies
Regular and ad hoc reporting (as
required) to management bodies
and other relevant stakeholders:
• Current risks
• Emerging risks
• Breaches of risk limits
• Effectiveness of risk management
framework • Risk taxonomy
• Definition of
‘material’ risk
• Risk inventory
9. Risk culture
• Risk culture is a term describing the
values, beliefs, knowledge, attitudes
and understanding about risk shared
by a group of people with a common
purpose.
• An effective risk culture is one that
enables and rewards individuals and
groups for taking the right risks in an
informed manner.
• In promoting a sound risk culture,
tone from the top plays a crucial role.
9
Risk culture
Organizational
culture
Behaviors
Personal
ethics
Personal
predisposition
to risk
Risk Culture Framework as designed by Institute of Risk Management
[WWW] https://www.theirm.org/what-we-say/thought-leadership/risk-culture/
10. Risk Appetite Framework (RAF)
10
Risk Appetite Framework is a strategic tool to reinforce strong risk culture, which in turn is critical for sound
risk management.
11. Key definitions of RAF
Risk appetite: The aggregate level and types of risk a financial institution is willing to assume within its risk capacity to achieve its strategic
objectives and business plan.
Risk Appetite
Framework
(RAF):
The overall approach, including policies, processes, controls, and systems through which risk appetite is established,
communicated, and monitored. It includes a risk appetite statement, risk limits, and an outline of the roles and responsibilities
of those overseeing the implementation and monitoring of the RAF.
Risk Appetite
Statement:
The articulation in written form of the aggregate level and types of risk that a financial institution is willing to accept, or to
avoid, in order to achieve its business objectives. It includes qualitative statements as well as quantitative measures expressed
relative to earnings, capital, risk measures, liquidity and other relevant measures as appropriate.
Risk capacity: The maximum level of risk a financial institution is able to assume given its capital base, its risk management and control
capabilities, and its regulatory constraints.
Risk limits: Quantitative measures based on forward looking assumptions that allocate the financial institution’s aggregate risk appetite
statement (e.g. measure of loss or negative events) to business lines, legal entities, specific risk categories, concentrations, and
as appropriate, other levels.
Risk profile: Point in time assessment of the financial institution’s gross and, as appropriate, net risk exposures (after taking into account
mitigants) aggregated within and across each relevant risk category based on forward looking assumptions.
Risk tolerance: The types of risks and levels of those risks that the financial institution does not intentionally expose itself to, but
accepts/tolerates.
11
12. Key definitions of RAF, illustration
12
Risk appetite
Risk tolerance
Risk capacity
Actual risk profile is
within risk appetite
Actual risk profile
exceeds risk appetite,
yet is acceptable (i.e.:
remains below risk
tolerance level)
Actual risk profile
exceeds risk
tolerance, yet is
tolerable (i.e.:
remains below risk
capacity level)
Actual risk profile
exceeds risk capacity:
recovery or the end of
story
13. Why do banks have to have a formalized Risk Appetite Framework?
“Children sometimes eat too much. Their eyes can be bigger than their stomachs. The result can be quite
unpleasant. For banks, it’s much the same. They sometimes take on more risk than they can stomach. The
results, however, can be worse than just a bellyache. Banks that take on too much risk can get into financial
trouble and fail, and, in some cases, they might even damage other banks and the economy.”
– Quote from speech by Danièle Nouy, Chair of the Supervisory Board of the ECB, International Conference on Banks’ Risk
Appetite Frameworks, Ljubljana, 10 April 2018
13
As compared to ‘normal’ private companies, banks are different: even banks in private ownership are kind of
quasi-private. This is because if a bank fails, this may easily become a problem in wider economy; fragility is
built into today’s financial system and requires careful balancing.
14. Designing RAF in five steps (one iteration*)
14
Step 1:
Identify all
material
risks.
Step 2: In the
Risk Appetite
Statement, spell
out how much
risk, and what
kind, you are
willing to take
on.
Step 3: Determine
risk capacity. How
much risk you can
actually stomach?
Step 4: Set risk
appetite limits by
business lines,
legal entity levels,
specific risk
categories, etc.
Step 5: Set up
policies,
processes,
controls and
systems for
implementation
and monitoring of
the RAF
Risk appetite may need
adjustment, given the
risk capacity.
* The development and establishment of an effective RAF is an iterative and evolutionary process that requires ongoing dialogue throughout the bank to attain
buy-in across the organization.
15. RAF – How to make it work?*
15
1. Effective governance and
tone from the top
- Establishment and
oversight by the Board
- Developed by the CRO, in
collaboration of the CEO,
CFO and relevant
stakeholders
- Board members and senior
management acting as role
models for the risk culture
3. Effective communication
- Risk Appetite Statement is
easy to communicate and
easy to understand
- Clear communication,
including communication of
roles and responsibilities of
all parties
5. Monitoring and
reporting
- The RAF should establish
the process for monitoring
and reporting, as well as
procedures for escalation
and cascading of limits.
- Tool: Risk Appetite
Dashboard
4. Alignment with
remuneration schemes
For example: if the
(intentional) action of an
employee leads to a breach
of risk limits, this might also
impact his or her
remuneration.
6. Stable over time, yet
agile and dynamic
The RAF should facilitate
timely management action
to respond to emerging risks
in the business and
externally.
2. Linkages to strategy and
structural processes, incl.
financial planning, capital
and liquidity planning,
contingency and business
continuity planning,
recovery planning, …
* Inspired by KPMG, “Insights: Leading practices for
Risk Appetite Frameworks” (October 2023)
17. Principle of proportionality
• Banking regulations and regulatory guidelines are meant to be applied in a manner that is appropriate, taking into
account bank’s size and internal organization and the nature, scope and complexity of its activities.
• In banking supervision, banks are categorized into four SREP categories:
17
“The principle of proportionality is the idea that an action should not be more severe than is necessary.”
– Collins Dictionary
Put simply, when applied to risk management, principle of proportionality means focusing on what is of high risk rather than low
risk.
Category Description
1 Large institutions pursuant to Article 4(1), point (146) of Regulation (EU) No 575/2013, and other systemically important institutions if decided so
by the supervisor
2 Large institutions that are not classified under category ‘1’
Medium institutions with sizable cross-border activities and/or several business lines
Institutions with significant market shares in their lines of business
3 Small to medium institutions other than those in categories ‘1’, ‘2’ and ‘4’
4 Small and non-complex institutions pursuant to Article 4(1), point (145) of Regulation (EU) No 575/2013, and other small non-complex institutions
with limited scope and non-significant market share
18. Risk-based approach to risk management
• For risk-based approach to risk
management, all business functions,
supporting processes and information
assts should be classified in terms of
criticality and importance.
18
* Note that in Bank Recovery and Resolution Directive (BRRD), the
definition of ‘critical function’ is different than the one given here for
bank risk management purposes.
…secure
financial
performance
… secure
continuity of
banking
activities
A function is
critical*
and/or
important if
it is to…
… protect
banking
license
20. Tone from the top
• Risk management is not ‘contained’ in the unit(s) responsible for risk management and internal controls; it is everyone’s
responsibility. Yet it does not work without the tone from the top. Management body, including the Board and senior
management, retains overall responsibility for risks.
• The Board ensures that the institution-wide risk management framework is established. It defines and communicates
overall risk strategy and risk appetite as well as provides the foundation of a strong and sound risk culture and risk
awareness throughout the organization. It also, on a continuous basis, reviews and evaluates the effectiveness of the first
and second lines of defense risk management functions and assesses whether there are sufficient resources allocated in
that area.
• Board committees, first of all Risk Committee and/or Audit Committee are there to support and advise the Board.
• Senior management implements the risk strategy and risk appetite through internal rules and risk limit framework that
consists of limits, escalation triggers and key risk indicators.
• The head of the risk management function (CRO) ensures that all material risk are identified, measured and properly
reported. It delivers a complete view of the whole range of risks faced by the institution. CRO is actively involved in
elaborating the risk strategy and all material risk management decisions.
• The CRO shall not be removed without prior approval of the Board. The CRO shall be able to have direct access to the
Board where necessary. (Article 76, point (5) of Directive 2013/36/EU)
20
21. Risk organization and the three lines of defense
21
Risks
Supervisory board
Senior management
1st of defense:
Risk takers
Operative controls: Every
business unit is responsible for
identifying and managing the
risks inherent in the products,
activities, processes and systems
for which it is accountable.
Risk Ownership
2nd line of defense:
Risk management & Compliance
Ownership of the risk
management framework and
management of compliance risks:
• Risk policies, standards and
guidelines
• Stress testing and regulatory
processes
• Risk reporting
• Independent view regarding the
effectiveness of 1st line of defense
Risk Control
3rd line of defense:
Internal audit
Independent assurance to the
Board, supervisory authorities
and other interested parties of
the appropriateness of the
institution’s risk management
Auditors
Risk Assurance
Enforcement:
ECB
and
NCAs
Internal control
functions
23. The three pillars of Basel III on capital and liquidity adequacy*
23
Basel III as imposed by CRD & CRR
Internal assessments on capital and
liquidity (ICAAP and ILAAP)
Supervisory Review and Evaluation
Process (SREP)
Pillar 2 requirements and guidance:
• Pillar 2 requirements on capital and/or
leverage (binding)
• Pillar 2 guidance on capital and/or
leverage (supervisory expectation)
• Pillar 2 liquidity requirements (e.g.:
buffer add-ons, cap on cash outflows,
supervisory minimum survival period)
Pillar 2:
Bank specific requirements
and guidance
Disclosure requirement (Pillar 3
report)
• Transparency for market
participants, concerning the banks
risk position (risk management,
detailed information on own
funds, etc.)
• Enhanced comparability among
banks
Pillar 3:
Market Discipline
Capital requirements:
• Base capital requirements: CET1,
Tier 1, Total Capital ratio
• Buffer requirements
• Base leverage ratio requirement
Liquidity requirements:
• Liquidity Coverage Ratio (LCR)
• Net Stable Funding Ratio (NSFR)
Pillar 1:
General minimum
requirements
* Requirements only applicable to systemically important banks are not included here.
24. Capital adequacy ratios
Total risk exposure amount (TREA) here refers to the risk-weighted exposure amount as defined in Article 92 of Regulation
(EU) No 575/2013. In other documents, TREA is also referred to as Risk-weighted Assets (RWA).
24
𝐶𝑜𝑚𝑚𝑜𝑛 𝐸𝑞𝑢𝑖𝑡𝑦 𝑇𝑖𝑒𝑟 1 𝑟𝑎𝑡𝑖𝑜 =
𝐶𝑜𝑚𝑚𝑜𝑛 𝐸𝑞𝑢𝑖𝑡𝑦 𝑇𝑖𝑒𝑟 1 (𝐶𝐸𝑇1)
𝑇𝑜𝑡𝑎𝑙 𝑅𝑖𝑠𝑘 𝐸𝑥𝑝𝑜𝑠𝑢𝑟𝑒 𝐴𝑚𝑜𝑢𝑛𝑡 (𝑇𝑅𝐸𝐴)
𝑇𝑖𝑒𝑟 1 𝑟𝑎𝑡𝑖𝑜 =
𝐶𝑜𝑚𝑚𝑜𝑛 𝐸𝑞𝑢𝑖𝑡𝑦 𝑇𝑖𝑒𝑟 1 𝐶𝐸𝑇1 + 𝐴𝑑𝑑𝑖𝑡𝑖𝑜𝑛𝑎𝑙 𝑇𝑖𝑒𝑟 1 𝑐𝑎𝑝𝑖𝑡𝑎𝑙 (𝐴𝑇1)
𝑇𝑜𝑡𝑎𝑙 𝑅𝑖𝑠𝑘 𝐸𝑥𝑝𝑜𝑠𝑢𝑟𝑒 𝐴𝑚𝑜𝑢𝑛𝑡 (𝑇𝑅𝐸𝐴)
𝑇𝑜𝑡𝑎𝑙 𝑐𝑎𝑝𝑖𝑡𝑎𝑙 𝑟𝑎𝑡𝑖𝑜 =
𝐶𝑜𝑚𝑚𝑜𝑛 𝐸𝑞𝑢𝑖𝑡𝑦 𝑇𝑖𝑒𝑟 1 𝐶𝐸𝑇1 + 𝐴𝑑𝑑𝑖𝑡𝑖𝑜𝑛𝑎𝑙 𝑇𝑖𝑒𝑟 1 𝑐𝑎𝑝𝑖𝑡𝑎𝑙 𝐴𝑇1 + 𝑇𝑖𝑒𝑟 2 𝑐𝑎𝑝𝑖𝑡𝑎𝑙 (𝑇2)
𝑇𝑜𝑡𝑎𝑙 𝑅𝑖𝑠𝑘 𝐸𝑥𝑝𝑜𝑠𝑢𝑟𝑒 𝐴𝑚𝑜𝑢𝑛𝑡 (𝑇𝑅𝐸𝐴)
25. Banking ‘stuff’: Capital adequacy ratios (example)*
25
* Buffers and other requirements only applicable to systemically important banks are not included in this example. Specific numbers, except the base capital
requirement, are for illustration purposes only as they depend on specific circumstances.
CET 1 capital ratio Tier 1 capital ratio Total capital ratio
To be met at all
times
Base capital requirement 4.50% 6.00% 8.00%
Pillar 2 capital charge 3.60% 3.60% 4.60%
Total SREP capital requirement 8.10% 9.60% 12.60%
Combined buffer
requirement
Capital conservation buffer 2.50% 2.50% 2.50%
Systemic risk buffer 0.00% 0.00% 0.00%
Countercyclical buffer 1.50% 1.50% 1.50%
Overall capital requirement 12.10% 13.60% 16.60%
Pillar 2 guidance 1.50% 1.50% 1.50%
Total supervisory expectation 13.60% 15.10% 18.10%
Management buffer (if any) 0.40% 0.90% 0.90%
Internal capital target 14.00% 16.00% 19.00%
26. Leverage ratio
Leverage ratio Pillar 1 requirement (LR):
26
𝐿𝑒𝑣𝑒𝑟𝑎𝑔𝑒 𝑟𝑎𝑡𝑖𝑜 =
𝑇𝑖𝑒𝑟 1 𝑐𝑎𝑝𝑖𝑡𝑎𝑙
𝑇𝑜𝑡𝑎𝑙 𝑙𝑒𝑣𝑒𝑟𝑎𝑔𝑒 𝑟𝑎𝑡𝑖𝑜 𝑒𝑥𝑝𝑜𝑠𝑢𝑟𝑒
≥ 3%
Total leverage ratio exposure includes assets and off-balance sheet items, irrespective of how
risky they are. I.e.: leverage ratio is not risk-based but serves as a simple backstop to risk-
weighted capital requirements.
[For banks with an elevated risk of leverage] Leverage ratio Pillar 2 requirement (P2R-LR) on
top of the Pillar 1 requirement (legally binding, determined as part of SREP):
Intended to capture contingent leverage risk originating from a bank extensively using off-
balance-sheet items, derivatives etc. as well as engaging in regulatory arbitrage and providing
step-in support.
[Bank-specific recommendation] Leverage ratio Pillar 2 guidance (P2G-LR) on top of the Pillar
2 requirement (not legally binding but reflects supervisory expectations, determined as part of
SREP):
Set for some banks, considering the depletion of the leverage ratio in the stress test.
Leverage ratio Pillar 2
Guidance (P2G-LR)
Leverage ratio Pillar 2
Requirement (P2R-LR)
Leverage ratio Pillar 1
Requirement (LR)
27. Liquidity Coverage Ratio (LCR) base requirement
27
𝐿𝐶𝑅 =
𝑆𝑡𝑜𝑐𝑘 𝑜𝑓 𝐻𝑖𝑔ℎ 𝑞𝑢𝑎𝑙𝑖𝑡𝑦 𝑙𝑖𝑞𝑢𝑖𝑑 𝑎𝑠𝑠𝑒𝑡𝑠 (𝐻𝑄𝐿𝐴)
𝑇𝑜𝑡𝑎𝑙 𝑛𝑒𝑡 𝑐𝑎𝑠ℎ 𝑜𝑢𝑡𝑓𝑙𝑜𝑤𝑠 𝑜𝑣𝑒𝑟 𝑡ℎ𝑒 𝑛𝑒𝑥𝑡 30 𝑐𝑎𝑙𝑒𝑛𝑑𝑎𝑟𝑑 𝑑𝑎𝑦𝑠
=
=
𝑆𝑡𝑜𝑐𝑘 𝑜𝑓 𝐻𝑖𝑔ℎ 𝑞𝑢𝑎𝑙𝑖𝑡𝑦 𝑙𝑖𝑞𝑢𝑖𝑑 𝑎𝑠𝑠𝑒𝑡𝑠 (𝐻𝑄𝐿𝐴)
𝐶𝑎𝑠ℎ 𝑂𝑢𝑡𝑓𝑙𝑜𝑤𝑠 (30 𝑑𝑎𝑦𝑠) − 𝐶𝑎𝑠ℎ 𝐼𝑛𝑓𝑙𝑜𝑤𝑠(30 𝑑𝑎𝑦𝑠)
≥ 100%
High-quality liquid assets (HQLA) are
cash and assets that can be easily and
immediately converted into cash
without significantly affecting their
market value, e.g.:
• Cash and balances with central
banks
• Highly-rated government bonds
Cash – Outflows, example: Cash – Inflows, example:
Outflow Outflow rate
(weight)
Outflow – Stable deposits 5%
Outflow – Less stable deposits 10%
Undrawn credit facilities 5%
Other contractual cash outflows 100%
Inflow Inflow rate
(weight)
Inflows from fully performing
exposures
50%
Other contractual cash inflows Varying rates
LCR aims to ensure that banks survive a period of significant liquidity stress lasting 30 calendar days. The LCR is not designed to
cover all tail events involving deposit outflows, such as bank runs; instead, it should ensure that banks can withstand a certain
liquidity stress scenario.
28. Net Stable Funding Ratio (NSFR) base requirement
28
𝑁𝑆𝐹𝑅 =
𝐴𝑣𝑎𝑖𝑙𝑎𝑏𝑙𝑒 𝑎𝑚𝑜𝑢𝑛𝑡 𝑜𝑓 𝑠𝑡𝑎𝑏𝑙𝑒 𝑓𝑢𝑛𝑑𝑖𝑛𝑔 (𝐴𝑆𝐹)
𝑅𝑒𝑞𝑢𝑖𝑟𝑒𝑑 𝑎𝑚𝑜𝑢𝑛𝑡 𝑜𝑓 𝑠𝑡𝑎𝑏𝑙𝑒 𝑓𝑢𝑛𝑑𝑖𝑛𝑔 (𝑅𝑆𝐹)
≥ 100%
NSFR seeks to ensure that banks maintain stable funding structure. It is the ratio of the available amount of stable funding to
the required amount of stable funding over the time horizon of one year.
NSFR, illustration based on simplified balance sheet:
Assets
Cash and balances with central
bank
Performing exposures
Illiquid assets, incl. non-
performing exposures
Category
Highly
liquid
Fairly
liquid
Illiquid
RSF weight
0%
50-85%
100%
Short term borrowing
Liabilities and Equity
Retail deposits
Long term borrowing &
Own funds
Category
Less
stable
Non stable
Stable
ASF weight
90-95%
0-50%
100%
29. Reporting frameworks
The EBA has developed two reporting
frameworks being:
• COmmon REPorting Standards
(COREP) that specify the capital
and liquidity information required,
applies to all credit institutions and
investment firms operating in the
EEA.
• FINancial REPorting Standards
(FINREP) that specify the financial
information required and apply to
all credit institutions that
consolidate their financial reports
based on IFRS.
29
COREP FINREP
• Liquidity Adequacy:
LCR and NSFR
• Capital Adequacy:
credit risk, market risk,
operational risk
• Leverage
• …
• Primary statements:
balance sheet, income
statement, comprehensive
income, cash flows, equity
• Disclosures of financial
assets and liabilities, off
balance sheet activities, ..
• Forbearance and non-
performance
• …
31. Internal Capital Adequacy Assessment Process (ICAAP) & Internal
Liquidity Assessment Process (ILAAP)
Regulatory aim: Making banks more resilient and avoiding adverse situations by encouraging banks
to reflect on their capital and liquidity risks in a structured way.
ICAAP/ILAAP principles as set out by the ECB:
Principle 1 – The management body is responsible for the sound governance of ICAAP/ILAAP.
Principle 2 – The ICAAP/ILAAP is an integral part of the overall management framework.
Principle 3 – The ICAAP/ILAAP contributes fundamentally to the continuity of the institution by ensuring
capital/liquidity adequacy from different perspectives.
Principle 4 – All material risks are identified and taken into account in ICAAP/ILAAP.
Principle 5 – The internal capital / liquidity buffers are of high quality and clearly defined; the stable sources of
funding are clearly defined.
Principle 6 – ICAAP/ILAAP risk quantification methodologies are adequate, consistent and independently
validated.
Principle 7 – Regular stress testing is aimed at ensuring capital/liquidity adequacy in adverse circumstances.
31
32. Two complementary pillars of ICAAP & ILAAP: the economic and the
normative perspective
32
• The economic perspective covers the full universe of risks that may have material impact to
capital and liquidity position. The perspective is not based on regulatory provisions; instead, it is
based on the economic value considerations and economic capital. The bank should remain
economically viable and follow its strategy.
• The normative perspective is a multi-year assessment of the institution’s ability to fulfil all of its
liquidity-related and capital-related (quantitative) regulatory and supervisory requirements and
demands, and to cope with other external financial constraints, on an ongoing basis.
• Economic and normative perspective should mutually inform each other:
• Projections under economic perspective are expected to feed into the projections under normative perspective.
• Conversely, outcomes of the normative perspective ought to inform economic perspective risk quantifications and
adjust or complement the later.
33. ICAAP example: capital requirements under normative internal
perspective
33
• In baseline scenario, both Pillar 1 and Pillar 2 requirements and guidance shall be met over the planning period. In adverse
scenario, total SREP capital requirement shall be met at all times. (See the figures below.)
• Projections of the future capital position under the normative perspective should be informed by the economic perspective
assessments: to which extent the risks identified and quantified under the economic perspective may impact own funds and
exposure amounts in future?
• The impact of upcoming changes in legal, regulatory and accounting frameworks is expected to be considered as well.
34. ICAAP example: Management considerations under economic
perspective
• Under the economic perspective, economic risks and losses affect internal capital immediately and to their full extent. (Think, for example:
interest rate changes affecting the net value of bank’s cash flows immediately.) Hence, the economic perspective gives a very
comprehensive view of risks.
• When a significant downward trend is identified in the economic capital position, actions to reverse the trend, and review strategy and risk
appetite are ought to be taken. When the bank falls below the internal capital adequacy threshold, it should take necessary measures to
restore and ensure capital adequacy over medium term (3 years).
34
* The graph should not be understood as a projection of point-in-time economic situation. It depicts the deterioration of economic capital levels that may occur over time
beyond normal business cycle developments.
35. ICAAP example: Quantification of internal capital requirement
35
t=0
Capital
ratio
Internal target
ICAAP minimum
Economic minimum
Internal
point-in-
time
economic
capital
requirement
Combined
buffer
requirem
ent
P2G
Pillar
1
requirement
P2R
t=1
t=0 t=2 t=3 t=4 t=5
Internal
minimum
required
capital
ratio
incl.
scenario
buffer
Manage
ment
buffer
SREP
add-on
Time
Projected actual capital
ratio, base scenario
Projected actual capital
ratio, adverse scenario
Goal-seek capital ratio
based on adverse scenario,
normative perspective
Goal-seek capital ratio
based on adverse scenario,
economic perspective
Goal-seek: At the lowest point of the adverse scenario,
projected capital ratio ‘touches’ certain threshold (internal
point-in-time requirement for the economic perspective, or
the SREP capital requirement for the normative perspective).
SREP add-on (the difference between the SREP capital
requirement and the internal point-in-time estimate) ought to
be minimized; this through improving risk management,
transparency and communication with the supervisors
36. Approval of ICAAP & ILAAP,
and updated liquidity &
funding and capital plans
ICAAP & ILAAP: Illustrative process timeline
36
• Led by Finance
• Led by Risk Management
• Approval needed from Risk Committee (Management Body)
Key modelling assumptions
(business volumes etc.) and
calculation inputs in Risk
Committee
• Revision of risk inventory
• Scenario development (base and
adverse)
• High level / top-down analysis
Time
Oct-31 Nov-30 Dec-31 Jan-31 Feb-28 Mar-31
• Gathering inputs from risk takers
• Defining modelling assumptions
• Updating ICAAP & ILAAP
methodologies
• Gathering 31.12 start
data
• Performing stress test
analyses
• Point-in-time economic capital
calculations & analyses
• Updating Risk Appetite
Framework (RAF)
• ICAAP & ILAAP
documentation
• Financial plan
(base scenario)
• Reviewing/Updating
capital, and liquidity &
funding plans based on
ICAAP & ILAAP outcomes
ICAAP & ILAAP
scenarios in Risk
Committee
ICAAP & ILAAP results in
Risk Committee
ICAAP & ILAAP
submission to the
supervisory authority
37. Supervisory Review and Evaluation Process – SREP
• SREP is the core element of the FSA
regularly assessing and measuring
risks for each bank.
• Thereby, FSA assesses the bank’s
business model, strategy, internal
governance and controls, risks to
capital and liquidity, and capital and
liquidity adequacy. This is done in
dialogue with the bank.
• SREP outcome: SREP score on scale 1-
4 (and F, if failing or likely to fail)
• In the SREP decision, FSA sets capital
and liquidity targets, and sets key
objectives and deadlines to address
the identified issues (if any).
37
1 2 3 4 F
Overall SREP Score
Business
model
analysis
score
Internal
governance
and controls
score
Capital
adequacy
score
Liquidity
adequacy
score
Scores for
material
risks to
capital
Scores for
liquidity and
funding risks
Viability
score
Risk
score
39. Recovery planning in the context of Bank Recovery and Resolution Directive (BRRD)
• Recovery plans are intended to ensure that banks are prepared to restore their viability in a timely manner
even in periods of severe financial stress.
• The bank (banking group) shall be able to demonstrate to the satisfaction of the competent authority that
the Recovery Plan is reasonably likely to be implemented without causing any adverse effect on the financial
system.
• Recovery planning is designed to be an ongoing process that does not end once the bank’s management
body has approved the plan.
• A bank (banking group) may apply for preparation of recovery plan in simplified form:
1) a reduction in the contents of the Recovery Plan
2) a reduction in the frequency for updating the Recovery Plan
39
40. Recovery planning: Recovery Plan
• Structure & key elements:
1. Summary of the key elements of the Recovery Plan and of overall recovery capacity (ORC), and material changes since the
most recently filed Recovery Plan
2. Governance, incl.:
a. Recovery Plan development, and policies and procedures governing approval of Recovery Plan
b. The Plan’s consistency with the general management and risk management
c. The conditions and procedures to ensure timely implementation of recovery options
d. Recovery Plan indicators on capital, liquidity, profitability and asset quality, and (as applicable) market-based and macroeconomic indicators
3. Strategic analysis, incl.:
a. The description of the entity or entities covered by the Recovery Plan, incl. business and risk strategy, critical functions and core business lines
b. Recovery options, incl. options to restore capital and liquidity, and measures to reduce risk and leverage
c. Actions, arrangements and measures under recovery options; impact & feasibility assessment of the recovery options; continuity of operations
when recovery options are implemented; scenario analysis to test the effectiveness of recovery options and the adequacy of the Recovery Plan
indicators
d. Assessment to the overall recovery capacity
4. Communication and disclosure plan, incl.:
a. Internal communication
b. External communication
c. Effective proposals for managing any potential negative market reactions
a. Preparatory measures to facilitate the implementation of the Recovery Plan or to improve its effectiveness
40
41. Recovery planning: Recovery indicators (example for a small and non-
complex bank)*
41
Category Indicator name Early warning threshold
(Corresponds to ‘risk tolerance’
level from RAF)
Threshold to trigger recovery
actions (Corresponds to ‘risk
capacity’ level from RAF)
Near-default threshold
(Corresponds to regulatory
requirement, if applicable)
1. Capital indicators CET1 ratio [To be calibrated] [To be calibrated] [To be calibrated]
Total Capital ratio [To be calibrated] [To be calibrated] [To be calibrated]
Leverage ratio [To be calibrated] [To be calibrated] [To be calibrated]
2. Liquidity indicators Liquidity position [To be calibrated] [To be calibrated] n/a
LSR [To be calibrated] [To be calibrated] [To be calibrated]
NSFR [To be calibrated] [To be calibrated] [To be calibrated]
3. Profitability
indicators
Return on equity [To be calibrated] N/A N/A
Significant operational loss [To be calibrated] N/A N/A
4. Asset quality
indicators
Default rate [To be calibrated] N/A N/A
Coverage ratio [provisions / total
non-performing loans]
[To be calibrated] N/A N/A
(Gross non-performing loans) /
total loans
[To be calibrated] N/A N/A
* Adjusted from the lists in Annex II of the EBA/GL/2021/11.
42. Recovery planning: Recovery options and ORC range (illustration)
42
Identification of credible and feasible
recovery options
• Capital raising
• Restructuring of liabilities
• Cost reductions
• Sale of assets / loan portfolios
• Liquidity improvement
recovery options (e.g.: use of
central bank facilities)
• Disposal recovery options
(e.g.: sale of business lines,
sale of subsidiaries)
• Various management actions
(e.g.: reduce lending, margin
increases, increasing fee
income)
Testing recovery options in a range
of scenarios of severe
macroeconomic and financial stress
Define scenarios:
1. Systemic scenario(s)
2. Idiosyncratic scenario(s)
3. Combined scenario(s)
Choose and adjust recovery
options for constraining factors
related to the simultaneous or
sequential implementation of
recovery options
Calculate ‘scenario-specific
recovery capacities’ expressed
in ‘relevant RP indicators’:
• CET1 (18 months)
• Total capital ratio (18 months)
• Leverage ratio (18 months)
• LCR (timeframe: 6 months)
• NSFR (timeframe: 6 months)
Determination of the Overall Recovery Capacity (ORC) range
Difference between the highest and lowest ‘scenario-specific recovery
capacity’ of relevant scenarios, this in terms of:
a) Capital including leverage (capital ORC), and
b) Liquidity (liquidity ORC)
Capital ORC determination, example
Liquidity ORC determination, example
Relevant scenario CET1 ratio TC ratio LR
Scenario 1 - Systemic +4.50% +5.00% +2.50%
Scenario 3 - Combined +3.60% +4.00% +1.80%
Capital OCR 360-450 bps 400-500 bps 180-250 bps
Relevant scenario LCR NSFR
Scenario 2 – Idiosyncratic +70% +6.00%
Scenario 3 – Combined +40% +3.50%
Liquidity OCR 40%-70% 3.50%-6.00%
43. Competent Authorities’ Assessment of Recovery Plan and the ORC score
43
Assessment of the
‘scenario-specific
recovery capacity’
• Are scenarios severe enough?
• Are the selected recovery options credible and feasible, including the
timeframe, the impacts and any constraining factors?
Assessment of the
ORC – ‘adjusted ORC’
• Is the ORC calculated by the bank as the range between the lowest and the
highest ‘scenario-specific recovery capacity’ both in terms of capital (including
leverage) and liquidity ‘relevant RP indicators’?
• Overall quantitative and qualitative assessment of the ORC & determining the
‘adjusted ORC’ both in terms of capital and liquidity
• ‘Adjusted ORC’ <= ORC determined by the institution
Assigning ORC score
• Indicative ORC score, given the ‘adjusted ORC’ & considering the ‘relevant RP
indicators’: ‘satisfactory’, ‘adequate with potential room for improvement’ or
‘weak’
• Plus qualitative considerations, not already reflected in the ‘adjusted ORC’
(e.g.: difference between the institution’s ORC and the ‘adjusted ORC’)
• Lead to final ORC score: ‘satisfactory’, ‘adequate with potential room for
improvement’ or ‘weak’
Assessment criteria:
• Completeness of the Plan
• Quality of the Plan
• Level of integration and consistency of the Plan
with the general corporate governance,
internal processes and risk management
framework
• Sufficient number of plausible and viable
recovery options
• Overall Recovery Capacity (ORC) of the
institution ↓ →
ORC
score
Satisfactory
Adequate
Weak
44. Connecting BAU mode, continuity plans, ICAAP & ILAAP, and RP
• Business continuity plans, ICAAP & ILAAP, capital and liquidity contingency plans,
and Recovery Plan are parts of the same risk management continuum:
• Business continuity plans, ICAAP & ILAAP, and capital and liquidity contingency
plans are aimed at maintaining continuity of the bank.
• Recovery plans set out measures (incl. extraordinary measures) to restore its
financial position following a significant deterioration.
• Calibration of the indicators for continuity/contingency plans and the Recovery Plan
should be consistent with each other, and with the overall Risk Appetite Framework:
• Recovery Plan indicators present a subset of all indicators in Risk Appetite
Framework
• Recovery Plan capital/liquidity indicators should be integrated into the
ICAAP/ILAAP
• In Business as Usual (BAU) mode, Overall Recovery Capacity (ORC) is generally
expected to be improved over time.
44
Business As Usual Some stress
High stress / Business
continuity situation
Focus of continuity plans
and ICAAP & ILAAP
Emergency / Financial
Recovery situation
Focus of Recovery Plan
Recovery Plan
indicators
Risk indicators in Risk
Appetite Framework
Risk indicators to
trigger business
continuity, and capital
and liquidity
contingency plans
45. Recovery planning: Further thoughts
• Recovery planning can be an interesting and beneficial thought experiment, especially for more complex
institutions. It basically means breaking the monolith into pieces (entities, business lines etc.), identifying
critical functions and core business lines, and then putting the pieces back together while leaving only what
is important.
• Recovery planning has implications to the organization set-up. A resilient set-up ought to be such that in
the financial recovery situation, disposal of less significant business lines and subsidiaries can be considered
as a feasible recovery option.
• List of recovery options is like a menu to choose from when things get tough.
45
47. Stress testing
• Stress testing is a central risk
management tool to take forward-
looking view in risk management,
strategy planning, capital planning
and liquidity planning.
• Stress testing program includes:
• Sensitivity analyses
• Scenario analyses
• Reverse stress testing
• Stress testing may be performed
top-down and bottom-up.
47
Stress
testing
Data infra-
structure
Risk
appetite
Strategic
planning &
budgeting
Capital
planning &
ICAAP
Liquidity
planning &
ILAAP
Recovery
planning
48. Stress testing program: Minimum set (example for a small and non-
complex bank)
48
Analysis type Description Why? Coverage Frequency (unless higher frequency is
requested by the management body
and/or there are significant new
developments)
Sensitivity
analyses
Sensitivities to various risk factors To identify material risks As appropriate As needed
Sensitivities of ECLs and IFRS9
impairment provisions to various inputs
IFRS9 disclosures Credit risk in the banking book Once a year
Sensitivities to various interest rate
scenarios
Risk reporting and risk
management disclosures
Interest rate risk in the banking book Quarterly
Scenario analyses Base scenario, upside scenario and
downside scenario for credit losses
IFRS9 expected credit loss
modelling
Credit risk in the banking book Scenario development: once a year
ECL calculations: once a month
Solvency stress test based on unlikely
but possible adverse economic scenario
covering at least 3 years
ICAAP All material risks to capital;
banking group and connected
entities
Full process: once a year; quarterly
updates to the management body
Liquidity stress test based on unlikely but
possible liquidity risk scenario that
includes market-wide and idiosyncratic
schock(s)
ILAAP All material risks to liquidity and
funding;
banking group and connected
entities
Full process: once a year; quarterly
updates to the management body
Reverse stress
testing
Identification of ‘near-default’ / close to
failure scenario(s); stress testing based
on the identified scenario(s)
Recovery planning;
Assessing the severity of the
ICAAP and ILAAP scenarios
All material risks;
banking group and connected
entities
Once a year (unless a lower frequency is
agreed with the FSA)
49. Stress testing program: Elements
• Types of stress testing and their main objectives and applications
• The frequency of the different stress testing exercises
• The internal governance arrangements: lines of responsibility and procedures
• Coverage: entities, risk types and portfolios included
• Relevant data infrastructure
• Methodology and models
• Assumptions, incl. business and managerial
49
51. Guidelines from European Banking Authority (Chapter 6 of
EBA/GL/2020/06)
• Pricing frameworks should reflect credit risk appetite and business strategy, including profitability and risk perspective.
Loan pricing should also be linked to the characteristics of the loan product and consider competition and prevailing
market conditions. Institutions should also define their approach to pricing by borrower type and credit quality, and
riskiness of the borrower. […]
• According to the guidelines, costs to be reflected in loan pricing should include the following:
• The cost of capital (both regulatory and economic capital)
• The cost of funding which should match the key features of the loan, e.g. the expected duration of the loan
• Operating and administrative costs resulting from cost allocation
• Credit risk cost
• Any other real costs associated with the loan in question
• Competition and prevailing market conditions, in particular lending segments and for particular loan products
• For the purposes of pricing and measuring of profitability, risk-adjusted profitability measures such as economic value
added (EVA), return on risk-adjusted capital (RORAC) and risk-adjusted, return on capital (RAROC), return on risk-weighted
assets (RORWA) and other relevant measures should be considered.
• There should be ex ante transaction tools as well as tools for regular ex post monitoring in place.
51
52. Components of effective interest rate* in risk-based loan offer
generation (example)
52
Derived based on the projected
loan cash flows, given borrower-
and transaction specific credit risk
parameters as inputs
Cost of own funds
Cost of deposits and
other liabilities
Allocated operating and
administrative costs, and
other real costs
Expected credit losses
Economic profit margin
Targeted internal rate of
return in the calculation of
cost-based credit price
Ceiling to the cost of credit for
the borrower (as applicable,
given e.g. the responsible
lending considerations)
Space for pricing
optimization, given prevailing
market conditions
Offered credit price
(effective interest rate)
Cost-based credit price
(incl. opportunity cost
reflected in the
shareholders’ expected
returns)
* The term ‘effective interest rate’ is used to reflect different pricing structures, i.e.: different possible splits between the loan interest rate, loan contract fee and
other fees charged in connection with the loan.
Links between credit pricing, and ICAAP, ILAAP
and SREP:
• Cost of own funds depends on the
amount/proportion of capital that is required
to cover for the risks to capital, as estimated
in the course of ICAAP and SREP.
• Weighted average cost of capital (WACC),
incl. cost of own funds, cost of deposits and
cost of other liabilities, should reflect cash
drag, i.e.: the proportion of funds that cannot
be lent out but has the be kept in high-quality
liquid assets (HQLA) with (normally) very low
or non-existent returns. Required proportion
of HQLA is an output of the ILAAP and SREP.
Further, the required composition of liabilities
and thus, the cost of liabilities, also depend
on the outcomes of ILAAP and SREP.
54. Abbreviations
AI – Artificial Intelligence
AML/CFT – Anti-money Laundering and Counter-
terrorism Financing
ASF – Available Stable Funding
AT1 – Additional Tier 1 capital
BAU – Business as Usual
BRRD – Bank Recovery and Resolution Directive
(Directive 2014/59/EU)
bps – basis points
CAS – Capital Adequacy Statement
CEO – Chief Executive Officer
CET1 – Common Equity Tier 1 capital
CFO – Chief Financial Officer
COREP – COmmon REPorting Standard
CRD – Capital Requirements Directive (Directive
2013/36/EU)
CRR – Capital Requirements Regulation
(Regulation (EU) No 575/2013)
CRO – Chief Risk Officer
EBA – European Banking Authority
ECB – European Central Bank
ECL – Expected Credit Loss (under IFRS9
framework)
EEA – European Economic Area
EL – Expected Loss
ESG – Environmental, Social and Governance
EVA – Economic Value Added
FINREAP – FINancial REPorting Standards
FSA – Financial Supervisory Authority
HQLA – High Quality Liquid Assets
ICAAP – Internal Capital Adequacy Process
ICT – Information and communication
technology
IFRS – International Financial Reporting Standard
ILAAP – Internal Liquidity Assessment Process
IRRBB – Interest Rate Risk in the Banking Book
LAS – Liquidity Adequacy Statement
LCR – Liquidity Coverage Ratio
LR – Leverage Ratio
MDA – Maximum Distributable Amount
ML/TF – Money Laundering / Terrorism Financing
N/A – Not Applicable
NCA – National Competent Authority
NPAP – New Product Approval Policy and Process
NSFR – Net Stable Funding Ratio
ORC – Overall Recovery Capacity
P2G – Pillar 2 guidance
P2R – Pillar 2 requirement
P2G-LR – Pillar 2 leverage ratio guidance
P2R-LR – Pillar 2 leverage ratio requirement
RMF – Risk Management Function
RAF – Risk Appetite Framework
RAROC – Risk-adjusted Return on Capital
RORAC – Return on Risk-adjusted Capital
RORWA – Return on Risk-weighted Assets
RP – Recovery Plan
RSF – Required Stable Funding
RTS – Regulatory Technical Standards
RWA – Risk-weighted Assets
SREP – Supervisory Review and Evaluation Process
T2 – Tier 2 capital
TC – Total Capital
TREA – Total Risk Exposure Amount
TSLRR – Total SREP Leverage Ratio Requirement
UL – Unexpected Loss
WACC – Weighted Average Cost of Capital
54
55. Links and references
• EBA Interactive Single Rulebook (BRRD, CRD, CRR, …): https://www.eba.europa.eu/regulation-and-policy/single-rulebook/interactive-single-rulebook
• EBA Guidelines on internal governance under CRD: https://www.eba.europa.eu/activities/single-rulebook/regulatory-activities/internal-governance/guidelines-
internal-governance
• Risk Appetite Framework:
• Principles for An Effective Risk Appetite Framework by Financial Stability Board: https://www.fsb.org/wp-content/uploads/r_131118.pdf
• Speech by Danièle Nouy, Chair of the Supervisory Board of the ECB, International Conference on Banks’ Risk Appetite Frameworks, Ljubljana, 10 April 2018:
https://www.bankingsupervision.europa.eu/press/speeches/date/2018/html/ssm.sp180410.en.html
• Resources on ICAAP, ILAAP and SREP:
• ECB guidelines to ICAAP and ILAAP: https://www.bankingsupervision.europa.eu/press/publications/newsletter/2019/html/ssm.nl190213_3.en.html
• Guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP) and supervisory stress testing under
Directive 2013/36/EU (EBA/GL/2022/03): https://www.eba.europa.eu/activities/single-rulebook/regulatory-activities/supervisory-review-and-evaluation-
process-srep-4
• Resources for recovery planning (in addition to BRRD):
• EBA Guidelines on the overall recovery capacity in recovery planning: https://www.eba.europa.eu/activities/single-rulebook/regulatory-activities/recovery-
resolution-and-dgs/guidelines-overall?version=2023#activity-versions
• Regulatory Technical Standards on the content of recovery plans: https://eur-lex.europa.eu/legal-
content/EN/TXT/?qid=1468424758476&uri=CELEX%3A32016R1075
• EBA Guidelines on recovery plans indicators (EBA/GL/2021/11): https://www.eba.europa.eu/activities/single-rulebook/regulatory-activities/recovery-
resolution-and-dgs/guidelines-recovery
• EBA/GL/2014/06 on the range of scenarios to be used in recovery plans: https://www.eba.europa.eu/documents/10180/760136/05cc62a3-661c-4eee-
ad07-d051f3eeda07/EBA-GL-2014-06%20Guidelines%20on%20Recovery%20Plan%20Scenarios.pdf
• ECB webpage on recovery plans: https://www.bankingsupervision.europa.eu/banking/tasks/recoveryplans/html/index.en.html
• EBA Guidelines on loan origination and monitoring (EBA/GL/2020/06): https://www.eba.europa.eu/legacy/regulation-and-policy/regulatory-activities/credit-
risk/guidelines-loan-origination-and
55