The Banca IFIS Group has been rapidly developing its risk management methods too.
The Risk Control Function is part of the Parent Company’s Risk Management Office, directly reporting to the Chief Executive Officer. The Chief Risk Officer has direct access to the Board of Directors and the Board of Statutory Auditors, and he or she communicates with them with no restrictions or intermediation. The Risk Management Office is separate from the Internal Audit, Compliance and Anti-Money Laundering Departments from an organisational standpoint. Moreover, it is not involved in risk assumption processes.
The Risk Management Office is responsible for developing and putting in place an effective risk management process and diffusing it throughout the Group. Hence, it manages the risk management system of both the bank and the group, defining appropriate methods for measuring the complexity of current and potential future risks. This Office guarantees constant control over the Group’s and each single unit’s overall exposure to credit, financial, operational and other applicable risks, in line with internal and Supervisory regulations.
The Chief Risk Officer is responsible for developing and putting in place an effective risk management process by laying down risk management policies that include defining and quantifying risk appetite, as well as the risk policies and limits, both at individual unit and at Group level. The Parent Company’s Risk Management Office performs its role for Banca IFIS and, within the scope of its management and coordination activities, covers all Group companies.
With reference to the organizational structure of the Parent company’s Risk Management Office, the office has expanded over the last few years and has seen completion of the organizational structure in terms of governance and risk management. In 2017, in addition to the specialized organisational units already managing the credit, financial, operational and reputational risks, two new staff-level organizational units answering to the Chief Risk Officer were set up:
- The Risk Governance Unit – with the aim of supporting the C.R.O. in decision-making processes and guaranteeing a global view of the various risks and their mutual interaction for the purpose of implementing corporate risk governance policies;
- The Validation Unit – with the aim of both validating the measurement systems developed and used by the Bank and companies of the Group, and verifying that they are used correctly in company processes.
2017 was characterized by intense activity for the Risk Management Office, in terms of both ordinary operations – aimed at ensuring implementation of standard control activities – and extraordinary operations linked to specific projects, such as changing of the provider for the company’s core banking and integration of processes for corporate banking and leasing business.
With reference to credit and concentration risks, the Risk Management Office focuses on monitoring the various loan portfolios through specific reporting and the use of specific ‘early warning’ indicators. The implementation and development of risk models for the correct assessment of the credit risk and management of the risk of non-recovery continues.
As for the operational and reputational risks, the Risk Management Office is constantly committed to promoting a culture based on proactive operational risk management, therefore encouraging increased awareness of the related Loss Data Collection process. Specifically, the Group’s governance is structured to actively involve all the Group’s organisational units, also through training activities. IT risks are also periodically assessed, through a proprietary method that is defined jointly with the other relevant corporate offices. .
For financial risks already covered by one of the bank’s supervisory policies, changes have been introduced in order to make the risk management system even more solid. Furthermore, in line with entry into force of the Basel 3 indicators, the management calculation of the two liquidity ratios, LCR and NSFR, was implemented.
2018 will see the Risk Management Office very busy with the activities stated, amongst which: the (re) development of counterparty rating models at group level, the implementation of provisioning metrics in accordance with accounting standard IFRS9, and further strengthening of those systems designed to support group asset liability management.
Information for the public regarding Pillar III is available in this section.