Risks are taken within the risk tolerance and after careful consideration if they can be borne, are offset by reasonable returns, and the ability to manage the risks has been confirmed.
Risks and principles
- Risks are taken within the risk tolerance and after careful consideration if they can be borne, are offset by reasonable returns, and the ability to manage the risks has been confirmed.
- Risks are managed systematically.
- Risks are effectively contained, controlled and independently managed at all levels.
- Loans are only extended to clients who meet minimum creditworthiness and solvency criteria.
- Concentration risks are adequately monitored and limited.
- The credit policy is prudent.
- The Raiffeisen banks normally take credit decisions within their own competence. Prior written consent must be sought from Raiffeisen Switzerland in defined exceptional cases.
- The focus of lending is on financing owner-occupied residential property.
- Corporate clients are evaluated based on the following aspects in addition to creditworthiness: regional ties, sufficient diversification, risk/return ratio and minimal exposure to high-risk industries.
- Risks in the trading and banking books are managed using clearly defined guidelines.
- Clear strategic lines are drawn using limits and proven tools.
- Raiffeisen Switzerland trains and advises the Raiffeisen banks regarding their market risk in the banking book.
- Foreign currency assets are generally refinanced in the same currency (matched book approach).
- Refinancing primarily takes place via stable customer deposits and is adequately diversified.
- Liquidity in the Raiffeisen Group is managed at operational/tactical and strategic levels.
- The Raiffeisen banks manage liquidity risks at their own discretion based on instructions provided by Raiffeisen Switzerland.
- Access to money and capital markets is provided centrally through Raiffeisen Switzerland.
- Risks are evaluated through regular top-down and bottom-up risk assessments.
- Risks are monitored using risk indicators and an early warning system.
- The suitability and effectiveness of the internal control system are reviewed regularly.
- Internal and external events are analysed on an ongoing basis; the findings from these analyses are implemented in the operational business processes.
Legal and compliance risk
- Internal policies and processes are promptly adapted to reflect changes in laws, regulations and professional rules and followed.
- Contracts are followed and enforced.
Overall responsibility for risk management and risk control at the Raiffeisen Group lies with the Raiffeisen Switzerland Board of Directors. They approve the framework for Group-wide risk management, set the risk policy and determine the risk tolerance of the Raiffeisen Group every year.
The Board of Directors of Raiffeisen Switzerland regularly examines the risks affecting the Raiffeisen Group. This is based on comprehensive reporting on credit, market and liquidity risks, operational risks, and legal and compliance risks. Reputational risks that can result from all risk categories are also taken into account.
Risk reporting is carried out by the Risk & Compliance department of Raiffeisen Switzerland. The focus is on the risk situation, capital adequacy, compliance with overall limits and any measures taken. Furthermore, the Risk & Compliance department uses an early warning system to identify potentially unfavourable developments at individual Raiffeisen banks and branches.
The risk report and any measures taken are discussed in detail at the meetings of the Executive Board and the Risk Committee of the Board of Directors.
Assessment of the risk exposure affecting the Raiffeisen Group is based on quantitative and qualitative factors. The key risks are thoroughly assessed, both on the basis of regulatory requirements and using economic models. Raiffeisen's risk models are based on conservative assumptions about distribution, confidence intervals, holding intervals and risk diversification.
Key elements of Group-wide risk control and management are the risk policy, the risk strategy, the identification process for new risks, forward-looking risk budgeting using stress scenarios to determine the Group-wide risk tolerance and its operationalisation through overall limits, and the risk monitoring of subsidiaries, participations and risk categories that are important to the Raiffeisen Group.
Risk planning and risk control are based on a standard method for risk identification, measurement, assessment, management and monitoring. Aggregated and consolidated risk reporting provides plan versus actual analyses and thus closes the feedback loop.
The Raiffeisen Group puts particular emphasis on supplementing its model-based assessments with forward-looking risk analyses and risk estimates. Scenario-based analyses backed by macroeconomically plausible scenarios, together with risk assessments drawing on specialist areas and front office units, therefore play an important role in overall risk comprehension.
Risk policy principles
The Raiffeisen Group takes a cautious and selective approach to risk within a framework of clearly defined guidelines. In doing so, it takes care to strike the correct balance between risk and return, actively controlling the risks it takes. It acts based on stable guidelines:
- Clear business and risk policies: Risk taking is directly linked to the core business in Switzerland.
- Effective risk limitation: The Raiffeisen Group's risk tolerance is clearly defined and enforced with a tried-and-tested limit system.
- Central monitoring: Raiffeisen Switzerland monitors its individual business units, subsidiaries and participations.
- Decentralised individual responsibility in line with clearly defined guidelines: The Raiffeisen banks are responsible for managing their risks themselves. Their risk management is based on guidelines relating to business activities, limits and processes. The central controlling units monitor compliance with the guidelines.
- Risk control based on transparency: Independent reports are regularly issued on the risk situation as well as on the risk profile of the individual Raiffeisen banks and the Raiffeisen Group.
- Independent risk monitoring and effective controls: Overall risk and limits are monitored independently of the risk-managing business units. Effective risk control ensures that the predefined processes and thresholds are adhered to.
- Comprehensive risk management process: The Raiffeisen Group's risk management is a uniform and binding process comprising identification, measurement, assessment, management, monitoring and reporting.
- Avoidance of risk concentration: The Raiffeisen Group has effective tools at its disposal for identifying unwanted risk concentration and taking proactive measures to avoid it.
- Protection of reputation: The Raiffeisen Group attaches great importance to protecting its reputation. It also seeks to comply with high ethical standards in all of its business activities.
Independent risk control
Risk management is organised based on the three-lines-of-defence model. Raiffeisen Switzerland maintains an independent risk control and compliance function for the Raiffeisen Group within its Risk & Compliance department (system responsibility). Operational responsibility for independent monitoring rests with the Raiffeisen banks and the organisational units of Raiffeisen Switzerland. The subsidiaries of Raiffeisen Switzerland generally operate as independent entities. Risk monitoring is risk-based. Individual units are assessed using formal, material and strategic criteria and allocated to a control level. Raiffeisen Switzerland monitors the risk situation of its subsidiaries and provides Raiffeisen Switzerland's executive bodies with appropriate consolidated risk reporting. Subsidiaries control risks based on guidelines and minimum requirements that are derived from the Group risk policy and implemented by the subsidiaries.
Risk profile control
The Raiffeisen Group only takes risks that relate to an approved business transaction and fall within its risk tolerance limits. The Board of Directors of Raiffeisen Switzerland approves the risk tolerance limits each year as part of the risk budgeting process. Compliance with risk tolerance is ensured with appropriate limits and requirements. Risks that are difficult to quantify are limited by qualitative stipulations.
Credit risk management at the Raiffeisen Group is geared specifically to Raiffeisen-specific client and business structures. The Raiffeisen banks' client knowledge and decentralised individual responsibility play a key role in lending decisions and credit management. This is also true in cases where loans require the approval of Raiffeisen Switzerland because of their size or complexity.
Credit risks are reviewed and assessed in nominal and risk-weighted terms. Management decisions are also based on statistical loss metrics (i.e. value-at-risk) and scenario analyses. In addition, risks are monitored using credit quality metrics (such as financial viability, loan-to-value ratios, ratings and rating changes), as well as portfolio characteristics (such as diversification across borrowers, industries and collateral types).
Credit risk is the most important risk category due to the Raiffeisen Group's strong position in lending. The Raiffeisen Group generates a large part of its income by taking on credit risks and managing them comprehensively and systematically.
Raiffeisen's main credit risks arise from transactions with collateralised loans to private individuals. Credit risks also result from lending to corporate clients and public-sector clients and from interbank business. Raiffeisen Switzerland monitors, controls and manages risk concentrations within the Raiffeisen Group, especially for groups of affiliated counterparties and for sectors.
Lending within the Raiffeisen Group is governed by a prudent credit policy and professional credit checking.
The risk tolerance in the corporate lending business is defined and implemented with corresponding limits for the entire Group. The Raiffeisen Group's priority is to place the expansion of its corporate client business on a solid foundation and in accordance with the dedicated corporate client strategy.
Active country risk management
Commitments abroad of Raiffeisen Switzerland are limited to a risk-weighted 5% of the consolidated balance sheet total. Raiffeisen banks may not provide any banking or financial services abroad. At Raiffeisen Switzerland, the Corporate Clients, Treasury & Markets department, including Raiffeisen Switzerland B.V. Amsterdam, can enter into commitments abroad. These commitments are limited in amount and monitored on an ongoing basis. The highest country limits are for countries with very good ratings.
Credit portfolio analysis and assessment
The Board of Directors of Raiffeisen Switzerland is periodically apprised of the assessment of the quality of the Raiffeisen Group's credit portfolio. Analyses focus on information about changes in the risk situation, structural and qualitative features of the credit portfolio, compliance with limits and specifications, and measures taken. Furthermore, the impacts of extreme macroeconomic changes on the credit portfolio are monitored.
Measuring credit risk
Credit risks are quantified using the following parameters:
- Probability of default
- Credit exposure at the time of default
- Value of the collateral
The core instrument for counterparty credit risk measurement is the rating system, which is maintained and monitored by Raiffeisen Switzerland's Risk & Compliance department. The Raiffeisen Group has implemented comprehensive rating system governance in connection with the internal rating system. Rating system governance aims to organise internal rating system processes and responsibilities within the Group in a way that will consistently ensure the quality and effectiveness of the rating models and their application. To avoid loopholes and conflicts of interest, tasks, powers and responsibilities were defined for stakeholders and key positions, and corresponding key controls were implemented.
Raiffeisen has employed the Foundation Internal Rating Based (F-IRB) model approach approved by FINMA since the fourth quarter of 2019. Raiffeisen uses a conservative value-at-risk method to measure credit portfolio risks for internal purposes.
Assessment of the risk situation with respect to credit risks
The current risk situation remains dominated by the Covid-19 pandemic and its consequences. The economic recovery is continuing, but losing momentum temporarily because the reduced availability of intermediate products due to supply bottlenecks in the global economy is causing problems for companies. The macroeconomic effects of the pandemic did not become apparent right away in Switzerland, but were delayed due to the government support package. Across the entire credit portfolio of the Raiffeisen Group, no major risks related to the pandemic materialised during the reporting period. Credit exposure regarding corporate clients in industries heavily affected by the pandemic is low relative to the overall corporate client portfolio. With this in mind, the Raiffeisen Group's credit portfolio is constantly monitored for quality.
Lending growth is in line with the strategy and matches the growth in the market. The credit portfolio is characterised by low risk intensity overall. Lending is conservative overall and normally collateralised. Top priority is given to ensuring the borrower's ability to keep up with payments.
Around 90% of the Raiffeisen Group's credit portfolio is covered by mortgages. Owner-occupied residential properties account for more than half of the credit portfolio. Around 30% of the credit portfolio is secured on properties used by third parties. Raiffeisen therefore follows the performance of the Swiss real estate market closely and monitors the portfolio extensively.
The individual client segments of the Raiffeisen Group's credit portfolio have been stable for years. Over 70% of the credit volume comes from the private client segment. In the corporate client business, Raiffeisen attaches importance to sufficient diversification and focuses on companies in sectors with long-term growth potential. Raiffeisen is reticent in lending to firms in high-risk industries. Credit exposure regarding industries heavily affected by Covid-19 is low.
Risk intensity is low overall due to the broad diversification of the credit portfolio and the long-term, conservative credit policy in terms of rating, valuation, loan-to-value ratios and financial viability.
Regular stress tests show that the Raiffeisen Group's credit portfolio is robust and well-diversified, even under sharply deteriorating conditions.
Risks in the banking book
The banking book is primarily exposed to interest rate risks and foreign currency risks. Risks associated with fluctuating interest rates arise due to the Raiffeisen Group's significant positioning in interest operations and represent a major risk category. They are actively managed and monitored within authorised risk limits.
Clear guidelines and limits apply to the management of interest rate risks within the Raiffeisen Group – both for the Group as a whole and for individual legal entities. Within these guidelines management is carried out autonomously by the individual legal entities, i.e. the Raiffeisen banks and Raiffeisen Switzerland. The managers responsible have a proven toolkit, including the ability to simulate interest rate changes and assess their impact. The Corporate Clients, Treasury & Markets department provides advice on asset and liability management within the Raiffeisen Group. None of the other Group companies assumes any material risks associated with fluctuating interest rates.
The Risk & Compliance department monitors compliance with interest rate risk limits and the overall development of interest rate risks. It focuses on monitoring the interest rate sensitivity of equity capital and running simulations to analyse the impact of changes in market interest rates on interest income. Interest-driven value-at-risk is also calculated in order to monitor the overall risk situation at various levels within the Group.
The disclosure of interest rate risks pursuant to FINMA Circular 2016/01 "Disclosure – banks" contains further details on interest rate risk management and interest rate risk exposure.
Raiffeisen Group: Interest rate risks in the bank book
|in CHF million||31.12.2020||31.12.2021|
|Sensitivity (+100bp shift)||-1,840||-1,860|
With respect to foreign currency risk, assets in a foreign currency are mostly refinanced in the same currency ("matched book" approach). This means foreign currency risk is largely avoided. The remaining foreign currency risk in the banking book is managed by the Corporate Clients, Treasury & Markets department within the limits that the Board of Directors has allocated.
Risks in the trading book
At the Raiffeisen Group, the Corporate Clients, Treasury & Markets department runs a trading book. In addition, the structured products business of Raiffeisen Switzerland B.V. Amsterdam is allocated to the trading book.
The trading risks of the Corporate Clients, Treasury & Markets department are strategically restricted using global limits. Risks are operationally limited by scenario and loss limits as well as by value-at-risk limits. Domiciled in the Netherlands, Raiffeisen Switzerland B.V. manages its interest rate risks with the help of a bond portfolio that replicates the interest rate risk profile of the issued structured products. Interest rate swaps are occasionally used for hedging. The bond portfolio, which consists entirely of investment-grade debt securities, entails credit spread risks. These are closely monitored and managed using limits.
All traded products are depicted and assessed as part of a risk management system. This enables trading book risks to be efficiently and effectively assessed, managed and controlled. The Risk & Compliance department monitors positions and market risks daily. The market data and risk parameters used for this are checked independently for accuracy. Before new products are rolled out, the Risk & Compliance department performs an independent evaluation of the risks.
Assessment of the risk situation with respect to market risks
Market risks mainly result from the risks associated with fluctuating interest rates in the banking book. Interest rate sensitivity in a +100 basis point interest rate shock scenario is CHF –1.86 billion, slightly above the previous year's level. The potential declines in value and losses of earnings are acceptable even in adverse scenarios involving interest rate shocks and stresses.
Market risks in the trading book are diversified across equities, bonds, interest rates, foreign currencies and precious metals. The expected potential for losses amid serious market turmoil is to be considered low relative to total income. Possible losses in such a scenario would be largely attributable to credit spread risks in the bonds asset class. Market risks in the banking book as measured by value-at-risk are almost unchanged year on year.
Central liquidity risk management
Raiffeisen Switzerland's Corporate Clients, Treasury & Markets department centrally manages liquidity risk for Raiffeisen Switzerland and the Raiffeisen Group based on regulatory requirements and internal targets.
The regulatory liquidity requirements apply on a consolidated basis at Raiffeisen Group level, and at an individual institution level to Raiffeisen Switzerland. The individual Raiffeisen banks are exempted from compliance with regulatory liquidity requirements but must still meet internal liquidity requirements.
The Corporate Clients, Treasury & Markets department manages transfers of liquidity within the Group and ensures that refinancing and liquidity costs are allocated to their originators. The individual banks are required to deposit their portion of the liquidity requirements with Raiffeisen Switzerland and to maintain an appropriate refinancing structure.
The Corporate Clients, Treasury & Markets department also manages Raiffeisen Switzerland's cash reserves, facilitates the Group's access to the money and capital markets, and ensures these refinancing sources are adequately diversified. It performs regular stress tests and assesses liquidity trends in the Raiffeisen Group on an ongoing basis, taking regulatory and economic requirements into consideration. The Risk & Compliance department independently monitors liquidity risk.
Further information on liquidity risk management and the liquidity positions can be found in the regulatory disclosure pursuant to FINMA Circular 2016/1 "Disclosure – banks".
Assessment of the risk situation with respect to liquidity risks
The Raiffeisen Group's liquidity situation is robust thanks to its focus on the domestic savings and mortgage business. Given the low dependency on major clients and broad diversification with private clients, there is little concentration of sources of funding. Loans to clients are funded largely by customer deposits and additionally by central mortgage institution loans and Raiffeisen bonds. The money market is used solely for tactical management of the liquidity buffer. This maximises the immunisation against risks on the money market.
The robust liquidity situation is supported by the strong growth in customer deposits, which were up by 5.9% or CHF 11.3 billion. The funding of loans from customer deposits is therefore at a new high of 97.8%. Liquid funds on hand were up sharply 56.2% or CHF 20.6 billion.
Operational or business risks arise in two ways: as a consequence of banking transactions carried out by the Raiffeisen Group and by virtue of its function as an employer and owner/occupier of real estate. Viability and cost/benefit analyses determine whether a business risk should be avoided, reduced, transferred or borne. These risks are assessed in terms of the expected probability of occurrence and the severity of their impacts. This includes not only the financial impacts, but also the reputational and compliance consequences. The analysis of the operational risks is supplemented by an assessment of the qualitative impact of a given risk event.
Every year, the Raiffeisen Group carries out extensive operational risk assessments. The information obtained is documented in a Group-wide risk register. This forms the basis for monitoring and managing the overall profile of operational risks.
Information security – a discipline focused on data confidentiality, integrity and availability – is becoming increasingly important. Cybercriminals pose the biggest threat in this regard. For this reason, information security risks must be comprehensively managed. A regular assessment of the threat situation constitutes the basis for this. Appropriate and effective measures for safeguarding information and infrastructure are in place for this purpose. Raiffeisen complies with recognised standards and established practices throughout this process. Considerable importance is attached to protecting financial privacy and personal data.
Internal control system
Raiffeisen's internal control system (ICS) comprises all the control structures and processes intended to ensure the proper conduct of operations, compliance with statutory, regulatory and internal provisions, and complete, reliable reporting.
The framework that underlies the Group ICS and ensures its functionality is defined at the control environment level. The elements of the control environment include internal regulations, independent supervisory bodies, organisational charts and job profiles.
Processes, risks and controls are closely interconnected at the process level. Operational risks are identified and assessed for each major process, and key controls defined accordingly. All key controls are documented and incorporated in the processes. There are many other risk reduction measures in addition to the key controls.
The Raiffeisen Group carries out an assessment of the ICS's appropriateness and effectiveness at least once a year. The implementation of improvements derived from the assessment is tracked and monitored.
ICS reporting is included in the standard risk report prepared for the Board of Directors of Raiffeisen Switzerland and the Raiffeisen banks.
Early warning system of the Raiffeisen banks
Raiffeisen Switzerland operates an early warning system designed to quickly identify adverse developments at Raiffeisen banks and branches, and avert potential damage. The early warning system comprises quantitative risk indicators for the individual Raiffeisen banks and branches as well as an ad-hoc reporting process for integrating qualitative information. Early warning events are analysed and, if necessary, resolved with the active involvement of Raiffeisen Switzerland. Early warning events are independently assessed and monitored by the Early Warning System Coordination Committee.
Business continuity management
Within the scope of business continuity management (BCM), Raiffeisen has adopted extensive measures to maintain operations even if critical resources become unavailable (staff, IT, buildings, suppliers). The specialist departments have various strategy options for keeping critical business processes functioning. Redundancy for all important IT components has been established and/or expanded at various sites.
To minimise potential losses and enable management to respond in an effective, coordinated fashion, Raiffeisen has put together crisis response teams and developed emergency plans in all important company units. It performs regular tests and drills to ensure the plans and organisational structures work properly and do not need to be updated. The crisis management team and organisation are regularly trained and tested using various scenarios to maintain BCM capabilities. This process proved its worth in managing the coronavirus pandemic and validates the robustness of BCM.
Assessment of the risk situation with respect to operational risks
Overall, the operational risks are well within the risk budget defined by the Board of Directors. The comprehensive ICS keeps losses attributable to operational errors low.
The threat situation is becoming more severe due to the rising number and sophistication of cyber attacks. The increasing importance of data and digital business models is reflected in the ongoing strengthening of the Cyber Security & Defence Centre to ensure effective cybersecurity.
Legal and compliance risk
The Risk & Compliance department reports to the Executive Board and the Risk Committee of the Board of Directors of Raiffeisen Switzerland on major compliance risks quarterly and on legal risks semi-annually. The risk-oriented activity plan is submitted after the first half of the year.
These risks, together with an updated compliance risk profile and the plan of action on risk derived from it in accordance with FINMA Circular 2017/1 "Corporate governance – banks", are submitted to the Board of Directors once a year.
Raiffeisen Switzerland's Risk & Compliance department supports all of the Raiffeisen Group's units in legal matters, ensures adequate regulatory competence at all levels, and actively manages legal risks. The department coordinates interactions with external lawyers where necessary.
Compliance is understood to mean adherence to all applicable statutory, regulatory and professional provisions and internal requirements with a view to identifying risks at an early stage, preventing such risks and ensuring that business is conducted properly. Raiffeisen takes a comprehensive approach to compliance.
As a domestic retail bank, Raiffeisen predominantly operates in Switzerland, but apart from the provisions of the Swiss legislation it must also comply with relevant international provisions (such as cross-border and international tax provisions) when providing payment and securities services, among other activities. It specifically focuses on the following activities and issues:
- Raiffeisen monitors and analyses all relevant legal developments (regulatory monitoring).
- Raiffeisen attaches great importance to combating money laundering and terrorism financing.
- Developments in the cross-border business are constantly monitored and analysed. In this respect, Raiffeisen systematically pursues a passive service provision approach.
- Raiffeisen pursues a rigorous tax compliance strategy.
- Market conduct rules are adhered to, as are the resulting monitoring and investigation requirements.
- Data are protected and bank-client confidentiality is ensured.
- Raiffeisen is committed to fair competition and adheres to the provisions of good corporate governance, and its actions are guided by strong ethical principles.
The Raiffeisen Group primarily reduces compliance risk by actively monitoring legal developments and promptly implementing the findings in internal regulations, processes and systems. The year under review predominantly saw the implementation of legal provisions related to Covid-19 loans, the continued development of the automatic exchange of information (AEOI), data protection, the replacement of CHF-Libor by Saron (Swiss Average Rate Overnight), and the optimisation of the cross-border set-up, investment compliance, market conduct rules and anti-money laundering measures. In addition, Raiffeisen's governance structures and requirements were refined.
Raiffeisen also plays a role in the legal development of important bank-specific topics (such as the partial revision of the Banking Act and the associated ordinance) through statements and participation in consultation processes in order to clarify its own stance.
The Raiffeisen Group endeavours to avoid compliance risks by actively monitoring legal requirements and promptly adapting internal policies and processes to new requirements. Where necessary, modern electronic tools are used in support of the measures. In addition, following a blended learning approach, the various compliance teams invest substantially in training and raising the awareness of staff and management at all levels.
Assessment of the risk situation with respect to legal and compliance risks
Regulatory pressure remains high, so the risk situation is unchanged for Raiffeisen. Within Raiffeisen, there are clearly defined principles concerning the organisation, competence and responsibility of the control functions. The second line of defence (independent risk control) is continuously being refined to keep up with developments. The changing legal and regulatory developments are analysed on an ongoing basis, with suitable allowance made for them in the development of the business model. The compliance processes are constantly being adjusted and digitalised to enable Raiffeisen to exercise appropriate control, monitoring and management in line with its risk appetite. Raiffeisen is facing new sustainability requirements and actively managing the associated risks.