The Board of Directors of Raiffeisen Switzerland assumes overall responsibility for risk management and risk control within the Raiffeisen Group. It approves the framework for Group-wide risk management, defines the risk policy and determines the risk tolerance of the Raiffeisen Group each year.
The Board of Directors of Raiffeisen Switzerland regularly examines the risks affecting the Raiffeisen Group. Its examination is based on comprehensive reporting on credit, market and liquidity risks, as well as operational risks, which include legal and compliance risks. It also takes into account reputational risks that can result from all risk categories. Reports are drawn up by Raiffeisen Switzerland's Risk & Compliance department. Reports focus on the risk situation, capital adequacy, compliance with overall limits and any measures taken. Furthermore, Risk & Compliance uses an early warning system to identify potentially unfavourable developments at individual Raiffeisen banks and branches.
The risk report and any measures are discussed in detail at the meetings of the Executive Board and in the Audit and Risk Committees of the Board of Directors
Assessment of the risks affecting the Raiffeisen Group is based on quantitative and qualitative factors. The key risks are thoroughly assessed, both on the basis of regulatory requirements and using economic models. Raiffeisen's risk models are based on conservative assumptions about distribution, confidence intervals, holding intervals and risk diversification. The budgeting of risk capital and liquidity is based on stress scenarios.
Key elements of Group-wide risk control and management are the risk policy, the risk strategy, the identification process for new risks, forward-looking risk budgeting and scenario planning (realistic, pessimistic and stress) to determine the Group-wide risk tolerance and its operationalisation through overall limits set by the Board of Directors, and risk monitoring of subsidiaries, participations and risk categories that are important to the Raiffeisen Group.
Risk planning and control are based on a standard method for risk identification, measurement, assessment, management and monitoring. Aggregated and consolidated risk reporting provides plan versus actual analyses and thus closes the feedback loop.
The Raiffeisen Group puts particular emphasis on supplementing its model-based assessments with forward-looking risk analyses and risk estimates. Scenario-based analyses backed by macroeconomically plausible scenarios, together with assessments drawing on specialist areas and front office units, therefore play an important role in overall risk comprehension. The results from these analyses appear as a commentary in the risk report and – in certain cases – are also presented as a special report.
Risk policy principles
The Raiffeisen Group takes a cautious and selective approach to risk within a framework of clearly defined guidelines. In so doing, it takes care to strike the correct balance between risk and return, actively controlling the risks it enters into. It acts based on stable guidelines:
- –Clear business and risk policies: Risk taking is directly linked to the core business in Switzerland.
- –Effective risk limitation: The Raiffeisen Group's risk tolerance is clearly defined and enforced with a tried-and-tested limit system.
- –Centralised control: Raiffeisen Switzerland monitors its individual business units, subsidiaries and participations.
- –Decentralised individual responsibility in line with clearly defined guidelines: The Raiffeisen banks are responsible for managing their risks themselves. Their risk management is based on guidelines relating to business activities, limits and processes. The central controlling units monitor compliance with the guidelines.
- –Risk control based on transparency: Independent reports are regularly issued on the risk situation as well as on the risk profile of the individual Raiffeisen banks and the Raiffeisen Group.
- –Independent risk monitoring and effective controls: Overall risk and limits are monitored independently of the risk-managing business units. Effective risk control ensures that the predefined processes and thresholds are adhered to.
- –Comprehensive risk management process: The Raiffeisen Group's risk management is a Group-wide, uniform and binding process comprising identification, measurement, evaluation, management, monitoring and reporting.
- –Avoidance of risk concentration: The Raiffeisen Group has effective tools at its disposal for identifying unwanted risk concentration and taking proactive measures to avoid it.
- –Protection of reputation: The Raiffeisen Group attaches great importance to protecting its reputation. It also seeks to comply with high ethical principles in all of its business activities.
Independent risk control and compliance function
Risk management is organised based on the three-lines-of-defence model. Raiffeisen Switzerland maintains an independent risk control function and an independent compliance function for the Raiffeisen Group at its Risk & Compliance department (system responsibility). Operational responsibility rests with the Raiffeisen banks and with all the organisational units of Raiffeisen Switzerland. Independent risk control and the independent compliance function are organised throughout the Group and possess effective tools for identifying and preventing unwanted risk. Business policy is geared to driving risk-conscious growth and active risk management based on Raiffeisen's risk culture. The subsidiaries of Raiffeisen Switzerland generally operate as independent entities. Risk monitoring is risk-based. The individual entities are assessed and assigned to a risk control level using formal, material and strategic criteria. Raiffeisen Switzerland monitors the risk control and risk situation of its subsidiaries and provides Raiffeisen Switzerland's executive bodies with appropriate consolidated risk reporting. Subsidiaries control risks based on guidelines and minimum requirements that are derived from the Group risk policy and implemented by the subsidiaries. These minimum requirements ensure the quality of local risk control and the Group's consolidated reporting.
Risk profile control
The Raiffeisen Group only enters into risks that relate to an approved business transaction and fall within its risk tolerance limits. The Board of Directors of Raiffeisen Switzerland sets the risk tolerance limits each year as part of the risk budgeting process. Risks are controlled using process requirements and overall limits. Risks that are difficult to quantify are limited by qualitative stipulations.