Risks and principles
- Risks are only taken within risk tolerance limits following careful consideration.
- Risks are managed systematically.
- Risks are only taken if they can be borne, if they are offset by reasonable returns, and if the ability to manage the risks has been confirmed.
- Risks are effectively contained, controlled and independently managed at all levels.
- Loans are only extended to clients who meet minimum creditworthiness and solvency criteria.
- Concentration risks are adequately monitored and limited.
- The credit policy is prudent.
- Financing at Raiffeisen banks that meets defined criteria requires prior approval of Raiffeisen Switzerland.
- The focus is on financing owner-occupied residential property.
- Corporate clients are evaluated based on the following aspects in addition to creditworthiness: regional ties, sufficient diversification, risk/return ratio and minimal exposure to high-risk industries.
- Risks in the trading and banking books are managed using clearly defined guidelines.
- Clear strategic lines are drawn using limits and proven tools.
- Raiffeisen Switzerland trains and advises the Raiffeisen banks regarding their market risk in the banking book.
- Foreign currency assets are generally refinanced in the same currency (matched book approach).
- Refinancing primarily takes place via stable client deposits and is adequately diversified.
- Liquidity in the Raiffeisen Group is managed at operational/tactical and strategic levels.
- The Raiffeisen banks manage liquidity risks at their own discretion based on instructions provided by Raiffeisen Switzerland.
- Access to money and capital markets is provided centrally through Raiffeisen Switzerland.
- Risks are evaluated through regular top-down and bottom-up risk assessments.
- Risks are monitored using risk indicators and an early warning system.
- The appropriateness and effectiveness of key controls in all risk-related processes is periodically reviewed and confirmed.
- Internal and external events are analysed on an ongoing basis; the findings from these analyses are implemented in the operational business processes.
Legal and compliance risk
- Internal policies and processes are promptly adapted to reflect changes in laws, regulations and professional rules and then implemented.
- Contracts are followed and enforced.
The Board of Directors of Raiffeisen Switzerland assumes overall responsibility for risk management and risk control within the Raiffeisen Group. It approves the framework for Group-wide risk management, defines the risk policy and determines the risk tolerance of the Raiffeisen Group each year.
The Board of Directors of Raiffeisen Switzerland regularly examines the risks affecting the Raiffeisen Group. This is based on comprehensive reporting on credit, market and liquidity risks, operational risks, and legal and compliance risks. It also takes into account reputational risks that can result from all risk categories.
Raiffeisen Switzerland’s Risk & Compliance department draws up Risk reports. Reports focus on the risk situation, capital adequacy, compliance with overall limits and any measures taken. Furthermore, Risk & Compliance uses an early warning system to identify potentially unfavourable developments at individual Raiffeisen banks and branches.
The risk report and any measures are discussed in detail at the meetings of the Executive Board and the Risk Committee of the Board of Directors.
Assessment of the risk exposure affecting the Raiffeisen Group is based on quantitative and qualitative factors. The key risks are thoroughly assessed, both on the basis of regulatory requirements and using economic models. Raiffeisen’s risk models are based on conservative assumptions about distribution, confidence intervals, holding intervals and risk diversification. The budgeting of risk capital and liquidity is based on stress scenarios.
Key elements of Group-wide risk control and management are the risk policy, the risk strategy, the identification process for new risks, forward-looking risk budgeting and scenario planning (realistic, pessimistic and stress) to determine the Group-wide risk tolerance and its operationalisation through overall limits, and the risk monitoring of subsidiaries, participations and risk categories that are important to the Raiffeisen Group.
Risk planning and control are based on a standard method for risk identification, measurement, assessment, management and monitoring. Aggregated and consolidated risk reporting provides plan versus actual analyses and thus closes the feedback loop.
The Raiffeisen Group puts particular emphasis on supplementing its model-based assessments with forward- looking risk analyses and risk estimates. Scenario-based analyses backed by macroeconomically plausible scenarios, together with risk assessments drawing on specialist areas and front office units, therefore play an important role in overall risk comprehension.
Risk policy principles
The Raiffeisen Group takes a cautious and selective approach to risk within a framework of clearly defined guidelines. In so doing, it takes care to strike the correct balance between risk and return, actively controlling the risks it enters into. It acts based on stable guidelines:
- Clear business and risk policies:
Risk taking is directly linked to the core business in Switzerland.
- Effective risk limitation:
The Raiffeisen Group’s risk tolerance is clearly defined and enforced with a tried-and-tested limit system.
- Central monitoring:
Raiffeisen Switzerland monitors its individual business units, subsidiaries and participations.
- Decentralised individual responsibility in line with clearly defined guidelines:
The Raiffeisen banks are responsible for managing their risks themselves. Their risk management is based on guidelines relating to business activities, limits and processes. The central controlling units monitor compliance with the guidelines.
- Risk control based on transparency:
Independent reports are regularly issued on the risk situation as well as on the risk profile of the individual Raiffeisen banks and the Raiffeisen Group.
- Independent risk monitoring and effective controls:
Overall risk and limits are monitored independently of the risk-managing business units. Effective risk control ensures that the predefined processes and thresholds are adhered to.
- Comprehensive risk management process:
The Raiffeisen Group’s risk management is a Group-wide, uniform and binding process comprising identification, measurement, evaluation, management, monitoring and reporting.
- Avoidance of risk concentration:
The Raiffeisen Group has effective tools at its disposal for identifying unwanted risk concentration and taking proactive measures to avoid it.
- Protection of reputation:
The Raiffeisen Group attaches great importance to protecting its reputation. It also seeks to comply with high ethical standards in all of its business activities.
Independent risk control and compliance function
Risk management is organised based on the three-lines-of-defence model. Raiffeisen Switzerland maintains an independent risk control function and an independent compliance function for the Raiffeisen Group within its Risk & Compliance department (system responsibility). Operational responsibility rests with the Raiffeisen banks and with all the organisational units of Raiffeisen Switzerland. Business policy is geared to driving risk-conscious growth and active risk management based on Raiffeisen’s risk culture. The subsidiaries of Raiffeisen Switzerland generally operate as independent entities. Risk monitoring is risk-based. The individual units are assessed and assigned to a control level using formal, material and strategic criteria. Raiffeisen Switzerland monitors the risk situation of its subsidiaries and provides Raiffeisen Switzerland’s executive bodies with appropriate consolidated risk reporting. Subsidiaries control risks based on guidelines and minimum requirements that are derived from the Group risk policy and implemented by the subsidiaries.
Risk profile control
The Raiffeisen Group only enters into risks that relate to an approved business transaction and fall within its risk tolerance limits. The Board of Directors of Raiffeisen Switzerland approves the risk tolerance limits each year as part of the risk budgeting process. Compliance with risk tolerance is ensured with appropriate limits and requirements. Risks that are difficult to quantify are limited by qualitative stipulations.
Credit risk management at the Raiffeisen Group is geared specifically to Raiffeisen-specific client and business structures. The Raiffeisen banks’ client knowledge and decentralised individual responsibility play a key role in lending decisions and credit management. This is also true in cases where loans require the approval of Raiffeisen Switzerland because of their size or complexity.
Credit risks are reviewed and assessed in nominal and risk-weighted terms. Management decisions are also based on statistical loss metrics (i.e. value-at-risk) and scenario analyses. Risks are also monitored using credit quality metrics (such as financial viability, loan-to-value ratios, ratings and rating changes), as well as portfolio characteristics (such as diversification across borrowers, industries and collateral types).
Credit risk is the most important risk category due to the Raiffeisen Group’s strong position in lending. The Raiffeisen Group generates a large part of its income by taking on credit risks in a controlled manner, and through the comprehensive and systematic management of these risks.
Raiffeisen’s main credit risks arise from transactions with collateralised loans to private individuals. Credit risks also result from lending activities to corporate clients and public-sector clients and from interbank business. Loan decisions are largely based on financial viability, loan-to-value ratios and the repayment schedule for the borrower’s obligations.
Lending within the Raiffeisen Group is governed by a prudent credit policy and professional credit checking.
The Group’s risk tolerance in the corporate lending business is clearly defined and implemented with corresponding limits for the entire Group. The Raiffeisen Group’s priority is to place the expansion of its corporate client business on a solid foundation within the framework of the dedicated corporate client strategy.
Active country risk management
Commitments abroad of Raiffeisen Switzerland are limited to a risk-weighted 5% of the consolidated balance sheet total. Raiffeisen banks may not provide any banking or financial services abroad. At Raiffeisen Switzerland, the Treasury & Markets department, including Raiffeisen Switzerland B.V. Amsterdam, and the Corporate Clients & Branches department can enter into commitments abroad. These commitments are limited and monitored on an ongoing basis. The highest country limits exist for countries with very good ratings.
Credit portfolio analysis and assessment
The Board of Directors of Raiffeisen Switzerland is periodically apprised of the assessment of the quality of the Raiffeisen Group’s credit portfolio. Analyses focus on information about changes in the risk situation, compliance with limits and specifications, measures taken, and the structural and qualitative features of the credit portfolio. Furthermore, the impacts of extreme macroeconomic changes on the credit portfolio are monitored.
Measuring credit risk
Credit risks are quantified using the following parameters:
- Probability of default
- Credit exposure at the time of default
- Value of the collateral
The core instrument for counterparty credit risk measurement is the rating system, which is developed and monitored by Raiffeisen Switzerland’s Risk & Compliance department. The Raiffeisen Group has implemented comprehensive rating system governance in connection with the internal rating system. Rating system governance aims to organise internal rating system processes and responsibilities within the Group in a way that will consistently ensure the quality and effectiveness of the rating models and their application. To avoid loopholes and conflicts of interest, tasks, powers and responsibilities were defined for stakeholders and key positions, and corresponding key controls were implemented.
Raiffeisen has employed the Foundation Internal Rating Based (F-IRB) model approach approved by FINMA since the fourth quarter of 2019. Raiffeisen uses a conservative value-at-risk method and a portfolio model based on this method in order to measure credit portfolio risks for internal purposes.
Assessment of the risk situation with respect to credit risks
The current risk situation is dominated by the Covid-19 pandemic and its consequences. The macroeconomic effects of the pandemic have not become apparent right away but have been delayed due to the government support. This is the backdrop against which the Raiffeisen Group’s credit portfolio and its quality are analysed on an ongoing basis. Credit exposure to corporate clients in heavily affected industries is low relative to the overall corporate client portfolio.
Credit growth is consistent with the strategy and driven to a significant extent by Covid-19 lending to corporate clients. The credit portfolio is characterised by low risk intensity overall. Lending is conservative overall and normally collateralised. Top priority is given to ensuring the borrower’s ability to keep up with payments.
Around 90% of the Raiffeisen Group’s credit portfolio is covered by mortgages. Owneroccupied residential properties account for more than half of the credit portfolio. They are mostly single-family homes and flats owned and occupied by private clients. Investment properties make up about one-third of the credit portfolio. Raiffeisen closely watches the development of its sphere, and in particular market developments with respect to owner-occupied residential properties and investment properties, and monitors its portfolio extensively.
The individual client segments of the Raiffeisen Group’s credit portfolio have been stable for years. Private clients represent over 70% of the volume. In the corporate client business, Raiffeisen remains sufficiently diversified and focuses on sectors with long-term growth potential. It exercises great caution when cultivating clients in high-risk industries.
Risk intensity remains low overall due to the broad diversification of the credit portfolio and the long-term, conservative credit policy in terms of rating, valuation, loan-to-value ratios and affordability.
Regular stress tests show that the Raiffeisen Group’s credit portfolio is robust and well-diversified, even under sharply deteriorating conditions.
Risks in the banking book
The banking book is primarily exposed to interest rate risks and foreign currency risks. Risks associated with fluctuating interest rates arise due to the Raiffeisen Group’s significant positioning in interest operations and represent a major risk category. They are actively managed and monitored within authorised risk limits.
The disclosure of interest rate risks pursuant to FINMA Circular 2016/01 “Disclosure – banks” contains further details on interest rate risk management and interest rate risk exposure.
Raiffeisen Group: Interest rate risks in the bank book
|in CHF million||31.12.2019||31.12.2020|
With respect to foreign currency risk, assets in a foreign currency are in principle refinanced in the same currency (“matched book” approach). This means foreign currency risk is largely avoided. The remaining foreign currency risk in the banking book is managed by Raiffeisen Switzerland’s Treasury & Markets department within the limits that the Board of Directors has allocated.
Risks in the trading book
Of the entities within the Raiffeisen Group, the department Treasury & Markets of Raiffeisen Switzerland runs a trading book. In addition, the structured products business of Raiffeisen Switzerland B.V. Amsterdam are being allocated to the trading book.
The Treasury & Markets department’s trading risks are strategically limited using global limits. Risks are operationally limited by scenario and loss limits as well as by value-at-risk limits. Domiciled in the Netherlands, Raiffeisen Switzerland B.V. manages its interest rate risks with the help of a bond portfolio that replicates the interest rate risk profile of the issued structured products. Interest rate swaps are occasionally used for hedging. The bond portfolio, which consists entirely of investment-grade debt securities, entails credit spread risks. These are closely monitored and managed using limits.
All traded products are depicted and assessed as part of a risk management system. This enables trading book risks to be efficiently and effectively assessed, managed and controlled. The Risk & Compliance department monitors positions and market risks on a daily basis using market data and risk parameters that are independently checked for accuracy. Before new products are rolled out, the Risk & Compliance department performs an independent evaluation of the risks.
Assessment of the risk situation with respect to market risks
Market risks mainly result from the risks associated with fluctuating interest rates in the banking book. The potential declines in value and loss of earnings are acceptable even in adverse scenarios involving interest rate shocks and stresses.
Market risks in the trading book are diversified across equities, bonds, interest rates, foreign currencies and precious metals. The expected potential for losses amid serious market turmoil is considered low relative to total income. Possible losses in such a scenario would be largely attributable to credit spread risks in the bonds asset class.
Central liquidity risk management
Raiffeisen Switzerland’s Treasury & Markets department centrally manages liquidity risk for Raiffeisen Switzerland and the Raiffeisen Group based on regulatory requirements and internal targets.
The regulatory liquidity requirements apply on a consolidated basis at Raiffeisen Group level, and at an individual institution level to Raiffeisen Switzerland. The individual Raiffeisen banks are exempted from compliance with regulatory liquidity requirements but must still meet internal liquidity requirements.
Raiffeisen Switzerland’s Treasury & Markets department manages transfers of liquidity within the Group and ensures that refinancing and liquidity costs are allocated to their originators. The individual banks are required to deposit their portion of the liquidity requirements with Raiffeisen Switzerland and to maintain an appropriate refinancing structure.
The Treasury & Markets department manages Raiffeisen Switzerland’s cash reserves, facilitates the Group’s access to money and capital markets, and ensures these refinancing sources are adequately diversified. It performs regular stress tests and assesses liquidity trends in the Raiffeisen Group on an ongoing basis, taking regulatory and economic requirements into consideration. The Risk & Compliance department independently monitors liquidity risk.
Assessment of the risk situation with respect to liquidity risks
The Raiffeisen Group’s liquidity situation is sound thanks to its focus on the domestic savings and mortgage business. Due to its low degree of dependence on major clients and broad diversification across private clients, its funding sources are minimally concentrated. Loans to clients are funded largely by customer deposits and additionally by central mortgage institution loans and Raiffeisen bonds. The money market is used solely for tactical management of the liquidity buffer. This maximises the immunisation against risks on the money market.
Operational and business risks arise in two ways: as a consequence of the banking transactions carried out by the Raiffeisen Group and by virtue of its function as an employer and owner/occupier of real estate. Viability and cost-benefit analyses determine whether a business risk should be avoided, reduced, transferred or borne. These risks are assessed in terms of the expected probability of occurrence and the severity of their impacts. This includes not only the financial impacts, but also the reputational and compliance consequences. The analysis of the operational risks is supplemented by an assessment of the qualitative impact of a given risk event.
Every year, the Raiffeisen Group carries out extensive operational risk assessments. The information gleaned from these assessments is documented in a Group-wide risk register that forms the basis for monitoring and controlling for the overall operational risk profile.
Information security – a discipline focused on data confidentiality, integrity and availability is becoming increasingly important. Cybercriminals pose the biggest threat in this regard. For this reason, information security risks must be comprehensively managed. A regular assessment of the threat situation constitutes the basis for this. Appropriate and effective measures for safeguarding information and infrastructure are in place for this purpose. Raiffeisen complies with recognised standards and established practices throughout this process. Considerable importance is attached to protecting financial privacy and personal data.
Internal control system (ICS)
Raiffeisen’s ICS comprises all the control structures and processes intended to ensure the proper conduct of operations, compliance with statutory, regulatory and internal provisions, and complete, reliable reporting.
The framework that underlies the Group ICS and ensures its functionality is defined at the control environment level. The elements of the control environment include internal regulations, independent supervisory bodies, organisational charts and job profiles.
Processes, risks and controls are closely interconnected at the process level. Operational risks are identified and assessed for each major process, and key controls defined from there. All key controls are documented and incorporated in the processes. There are many other risk reduction measures in addition to the key controls.
The Raiffeisen Group carries out an assessment of the ICS’s appropriateness and effectiveness at least once a year. The implementation of improvements derived from the assessment is tracked and monitored.
Consolidated ICS reporting is included in the standard risk report prepared for the Executive Board and the Board of Directors of Raiffeisen Switzerland and the Raiffeisen banks.
Early warning system of the Raiffeisen banks
Raiffeisen Switzerland operates an early warning system designed to quickly identify adverse developments at Raiffeisen banks and branches, and avert potential damage. The early warning system comprises quantitative risk indicators for the individual Raiffeisen banks and branches as well as an ad-hoc reporting process for integrating qualitative information. Early warning events are analysed and, if the situation requires it, resolved with the active involvement of Raiffeisen Switzerland. Early warning events are independently assessed and monitored by the Early Warning System Coordination Committee.
Business continuity management
Within the scope of business continuity management (BCM), Raiffeisen has adopted extensive measures to maintain operations even if critical resources become unavailable (staff, IT, buildings, suppliers). The specialist departments have various strategy options for keeping critical business processes functioning. Redundancy for all important IT components has been established and/or expanded at various sites.
To minimise potential losses and enable management to respond in an effective, coordinated fashion, Raiffeisen has put together crisis response teams and developed emergency plans in all important company units. It performs regular tests and drills to ensure the plans and organisational structures work properly and do not need to be updated. The crisis management team and organisation are regularly trained and tested using various scenarios to maintain BCM capabilities. This process proved its worth in managing the coronavirus pandemic and validates the robustness of the BCM.
Assessment of the risk situation with respect to operational risks
The operational risks are well within the risk budget defined by the Board of Directors overall. The comprehensive ICS keeps losses attributable to operational errors low.
The threat of cybercrime has generally increased. The increasing importance of data and digital business models is reflected in the ongoing strengthening of the Cyber Security & Defence Centre to ensure effective cybersecurity.
Legal and compliance risk
The Risk & Compliance department reports to the Executive Board and the Risk Committee of the Board of Directors of Raiffeisen Switzerland on major compliance risks quarterly and on legal risks semi-annually.
These risks, together with an updated compliance risk profile and the plan of action on risk derived from it in accordance with FINMA Circular 2017/1 “Corporate governance – banks”, are submitted to the Board of Directors once a year.
Raiffeisen Switzerland’s Legal & Compliance department supports all of Raiffeisen Group’s units in legal matters, ensures adequate regulatory competence at all levels, and actively manages legal risks. The department coordinates interactions with external lawyers where necessary.
Compliance is understood to mean adherence to all applicable statutory, regulatory and professional provisions and internal requirements with a view to identifying risks at an early stage, preventing such risks and ensuring that business is conducted properly. Raiffeisen takes a comprehensive approach to compliance.
As a domestic retail bank, Raiffeisen predominantly operates in Switzerland, but apart from the provisions
of the Swiss legislation it must also comply with relevant international provisions (such as cross-border and
international tax provisions) when providing payment and securities services, among other activities. It
specifically focuses on the following activities and issues:
- Raiffeisen monitors and analyses all relevant legal developments (regulatory monitoring).
- Raiffeisen ascribes great importance to combating money laundering and terrorism financing.
- Developments in the cross-border business are constantly monitored and analysed. In this respect, Raiffeisen systematically pursues a passive service provision approach.
- Raiffeisen pursues a rigorous tax compliance strategy.
- Market conduct rules are adhered to, as are the resulting monitoring and investigation requirements.
- Data is protected and bank-client confidentiality ensured.
- Raiffeisen is committed to fair competition, adheres to the provisions of good corporate governance and its actions are guided by strong ethical principles.
The Raiffeisen Group primarily reduces compliance risk by actively monitoring legal developments as well as the timely implementation of the same in internal regulations, processes and systems. The current year predominantly saw the implementation of legal provisions related to the topics of COVID-19 loans, the continued development of the automatic exchange of information (AEOI), data protection, EU regulations (Mortgage Credit Directive and the Shareholder Rights Directive) as well as certain unilateral regulations of nation states and legal monitoring of the initiated replacement of the CHF LIBOR with SARON (Swiss Average Rate Overnight). In addition, the governance structures and Raiffeisen’s requirements were refined.
Raiffeisen also plays a role in the legal development of important bank-specific topics (such as the partial revision of the Banking Act) through statements and consultation processes in order to clarify its own stance in addition to the position of the Swiss Bankers Association or other industry associations.
The Raiffeisen Group endeavours to avoid compliance risks by actively monitoring legal requirements and adapting internal policies and processes to new requirements as promptly as possible. Where necessary, modern electronic tools are used in support of the measures. In addition, the various compliance teams – via a “blended learning” approach – invest substantially in training and raising the awareness of staff and management at all levels.
Assessment of the risk situation with respect to legal and compliance risks
The regulatory pressure is constantly increasing, which is also accentuating the risk situation for Raiffeisen. Added to this is the ever-present demand for simpler processes with a positive client experience that still meet the compliance requirements. A great deal of effort and commitment are necessary to respond to these new requirements as well as to successfully master the resulting balancing act. Raiffeisen tackles the constantly changing framework conditions with a range of specific measures (including digitalisation efforts in the compliance processes, enhanced training of employees, expansion of existing control and monitoring measures).