The Board of Directors of Raiffeisen Switzerland assumes overall responsibility for risk management and risk control within the Raiffeisen Group. It approves the framework for Group-wide risk management, defines the risk policy and determines the risk tolerance of the Raiffeisen Group each year.
The Board of Directors of Raiffeisen Switzerland regularly examines the risks affecting the Raiffeisen Group. Its examination is based on comprehensive reporting on credit, market and liquidity risks, as well as operational risks, which include legal and compliance risks. It also takes into account reputational risks that can result from all risk categories. The risk reports are prepared by Group Risk Controlling and by Raiffeisen Switzerland's Legal & Compliance department as independent entities. Reports focus on the risk situation, capital adequacy, compliance with overall limits and any measures taken. Furthermore, Group Risk Controlling uses an early warning system to identify unfavourable developments at individual Raiffeisen banks and branches.
The risk report and any measures are discussed in detail at the meetings of the Extended Executive Board and the Board of Directors' Audit and Risk Committee.
Assessment of the risks affecting the Raiffeisen Group is based on quantitative and qualitative factors. The key risks are thoroughly assessed, both on the basis of regulatory requirements and using economic models. Raiffeisen's risk models are based on prudent assumptions about distribution, confidence intervals, holding intervals and risk diversification. The budgeting of risk capital and liquidity is based on stress scenarios.
Key elements of Group-wide risk control and management are the risk policy, the risk strategy, the identification process for new risks, forward-looking risk budgeting and scenario planning to determine the Group-wide risk tolerance and its operationalisation through overall limits set by the Board of Directors, and risk monitoring of subsidiaries, participations and risk categories that are important to the Raiffeisen Group.
Risk planning and control are based on a standard method for risk identification, measurement, assessment, management and monitoring. Aggregated and consolidated risk reporting provides plan versus actual analyses and thus closes the feedback loop.
The Raiffeisen Group puts particular emphasis on supplementing its model-based assessments with forward-looking practical analyses and estimates. Scenario-based analyses backed by macroeconomically plausible scenarios together with assessments drawing on specialist areas and front-office units therefore play an important role in overall risk comprehension. The results from these analyses appear as a commentary in the risk report and are – in certain cases – also presented as a special report.
Risk policy principles
The Raiffeisen Group takes a cautious and selective approach to risk within a framework of clearly defined guidelines. In so doing, it takes care to strike the correct balance between risk and return, actively controlling the risks it enters into. It acts based on several solid principles:
- –Clear business and risk policies: Risk taking and risk management are directly linked to the core business in Switzerland.
- –Effective risk limitation: The Raiffeisen Group's risk tolerance is clearly defined and effectively enforced with a tried-and-tested limit system.
- –Decentralised individual responsibility in line with clearly defined guidelines: Raiffeisen banks, Notenstein La Roche Private Bank Ltd, ARIZON Sourcing Ltd, Investnet Holding AG and line units of Raiffeisen Switzerland are responsible for managing risk. Their risk management is based on guidelines relating to business activities, limits and processes. The central controlling units monitor compliance with the guidelines.
- –Risk control based on transparency: Independent reports on the risk situation as well as the risk profile of the individual Raiffeisen banks and the Raiffeisen Group are regularly issued.
- –Independent risk monitoring and effective controls: Overall risk and limits are monitored independently by the risk-managing units. Effective risk control ensures that the predefined processes and thresholds are adhered to.
- –Comprehensive risk management process: The Raiffeisen Group's risk management is a Group-wide, uniform and binding process comprising identification, measurement, evaluation, management, limitation, monitoring and reporting.
- –Avoidance of risk concentration: The Raiffeisen Group has effective tools at its disposal for identifying risk concentration and taking proactive measures to avoid it.
- –Protection of reputation: The Raiffeisen Group attaches great importance to protecting its reputation. It also seeks to comply with high ethical principles in all its business activities.
Independent risk control
Risk management is organised based on the three-lines-of-defence model. Independent risk and compliance control is organised throughout the Group and relies on effective tools for identifying and preventing unwanted risk. The Raiffeisen Group has achieved continuous growth and executed its diversification strategy without excessive increases in risk thanks to its clearly focused business policy, steady and cautious risk culture as well as active and targeted management. The subsidiaries of Raiffeisen Switzerland generally operate as independent entities. Risk monitoring is risk-based. The individual entities are assessed and assigned to a risk control level using formal, material and strategic criteria. Raiffeisen Switzerland monitors the risk control and risk situation of the subsidiaries from a Group viewpoint and provides Raiffeisen Switzerland's executive bodies with appropriate consolidated risk reporting. Subsidiaries control risks based on guidelines and minimum requirements that are derived from the Group risk policy and implemented by the subsidiaries. These minimum requirements ensure the quality of local risk control and the Group's consolidated reporting.
Risk profile control
Raiffeisen only enters into risks that relate to an approved business transaction and fall within its risk tolerance limits. The Board of Directors sets the risk tolerance limits as part of the risk budgeting process. Risks are controlled using process requirements and overall limits. The process requirements for taking and managing risks are monitored in line with requirements. Risks that are difficult to quantify are limited by qualitative stipulations.