The mission of risk management in the Bank Millennium Group is to ensure that all types of risks are managed, monitored and controlled as required for the risk profile (risk appetite), nature and scale of the Group's operations. Risk management takes into account the need to obtain the assumed profitability and to maintain proper risk-capital relationship, in the context of having proper level of capital to cover the risk.
The goals of the risk management mission are achieved through implementation of the following actions:
- Development of risk management strategies, policy, processes and procedures defining the principles for acceptance of the allowable level of particular types of risk,
- Increasingly wider implementation of the IT tools for risks identification, control and measurement,
- Increasing awareness of employees as regards their responsibility for proper risk management at every level of the Group's organisational structure,
The risk management and control model at Group’s level is based on the following main principles:
- ensuring the full-scope quantification and parameterization of various types of risks in the perspective of optimizing balance sheet and off-balance sheet items to the assumed level of profitability of business activity. The main areas of analysis encompass credit risk, market risk, liquidity risk and operational risk;
- all types of risks are monitored and controlled in reference to the profitability of operations and the level of capital necessary to ensure the safety of operations from the point of view of capital adequacy. The results of risk measuring are regularly reported as part of the management information system;
- the segregation of duties between risk origination, risk management and risk control.
The Risk management process of the Group can be shown in the below diagram
In terms of internal organization, the Supervisory Board and Management Board of Bank Millennium are responsible at a strategic level for defining general risk policy, including approving of the risk management strategy and policy, as well as guaranteeing the necessary resources for their implementation.
At operational level, due to the complexity and diversification of the operations of the Group, the risk management function is supported by specialized committees with their competences specified by the Bank’s Management Board. This is reflected in the works of the Risk Committee and additionally five specialized risk committees, i.e.:
- Capital, Assets and Liabilities Committee (CALCO);
- Credit Committee;
- Validation Committee;
- Liabilities-at-Risk Committee;
- Processes and Operational Risk Committee.
Specialized Committees are chaired by Management Board members and incorporate responsibilities for the main areas related to origination, monitoring and management of the specific risks.
The Risk Committee has global responsibility for risk control at the Group. In order to assure such control the Risk Committee monitors the evolution of various types of risks in the Group’s operations and decides on the general risk policy accordingly to the goals defined on the Risk Strategy (approved by the Supervisory Board). All the Bank’s Management Board members are members of the Risk Committee.
The on-going risk management is centrally conducted by the Bank’s dedicated unit – Risk Department and its subunits - specialized in particular types of risk or process stages. The goal of the Risk Department is proposing and implementing policy regarding the management of credit, market, liquidity and operational risks and monitoring the Group exposures to those risks, including for the purpose of calculation of capital requirements.
The Management Board of the Bank attaches particular attention to continuous improvement of the risk management process. One effect of this is the measurable success which the Bank and the Group reached in 2014 considering the results of AQR and the stress tests as well as the received authorization to the further use of the IRB approach in the process of calculating capital requirements.
Asset Quality Review (AQR) and Stress Tests
In 2014 European Central Bank covered the largest banks in the Euro zone with the Asset Quality Review (AQR) and the Stress Tests (coordinated by the European Banking Authority). The Polish Financial Supervision Authority (UKNF) decided to join these exercises and selected 15 Banks in Poland, representing 72% of the assets of the banking sector, including as well Bank Millennium SA.
The specific objectives of the AQR were the assessment of adequacy of Bank’s assets classification and level of provisioning for credit exposures and determination of the appropriate valuation of collateral for those exposures.
The AQR methodology incorporated credit asset valuation principles and assumptions more conservative than the currently applicable rules of IFRS, including a stricter definition of non-performing exposures. The methodology also required to have an external valuation for each type of collateral.
The Stress Tests aimed to investigate the stability of the banking sector and the behaviour of financial institutions in the event of a significant economic slowdown, financial turmoil and an increase in financing costs. Banks were theoretically tested for resilience to a baseline scenario and an adverse scenario (assuming unlikely hypothetical and very negative economic and financial events). The Group conducted Stress Tests on the basis of macroeconomic assumptions provided by the Supervisor and uniform for all banks, as well as on the basis of EBA methodology.
Bank Millennium has scored those two exercises at a very good level. Asset Quality Review results and Stress Tests were aggregated and resulted in minor adjustments to the consolidated capital adequacy ratio CET1:
- In the scope of Asset Quality Review (AQR), the level of adjustments of consolidated solvency ratio CET1 was minor and the outcome indicator decreased only by 28 b.p from 13,36% to 13,08%.
- In Stress Tests, in the baseline scenario – the adjusted CET1 ratio increased with 74 b.p reaching the level of 13,82%, In adverse scenario the adjusted CET1 ratio reached 12,37%, remaining more than twice the minimum threshold set at 5,5% and was only about 99 b.p lower than the CET1 ratio as of 31.12.2013 before the adjustments.
The Asset Quality Review (AQR) result and the relatively small size of adjustments are a confirmation of the sound principles that the Bank has been applying in terms of recognition of impaired exposures, collateral valuation and level of provisions. Bank Millennium had the second lowest adjustment of AQR among Polish banks. On the other hand, the stress tests results confirm the resilience and high level of solvency of the Bank even under shock scenarios.
Further use of the IRB approach
On 19th of December 2014 the Bank received authorization by Banco de Portugal (BdP) and KNF to ease the previous imposed regulatory IRB floor from 80% to 70% and, the same time, it received further conditions to the portfolios under IRB and under rollout.
This recent authorization from regulators represents, therefore, in the Group’s view, an external acknowledgement of the significant and continuous achievements by the Group on risk management.
In fact, since 2010 the Group has been deeply involved in the process of having the authorization for the use of the IRB methods. The Group considered this project as crucial for two main reasons: first, it ensures that the Group will permanently have the best standards on credit risk management; and second, it is an effective way to optimize the capital management.
Following the IRB approach in a natural way enforces the application of highest standards in credit risk management and this in turn materially affects quality of the credit process, thus the level of credit risk itself.
As to assess credit risk of customers and transactions in fully concise manner, IRB method requires utilization of rating systems. Group’s rating systems (rating models) are matched to a portfolios/products risk characteristics and were tailored separately to private individuals (retail mortgage loans, cash loans, overdrafts), small business, SME and corporates.
Applied risk models enable proper and reliable risk measurement, by employing well developed statistically risk parameters, like:
- probability of default of a customer (PD),
- loss given default for a transaction (LGD) and
- exposure at default for a transactions (EaD)
In fact, for every customer applying for a loan, internal rating must be assigned (PD equivalent), what enforce automated assessment of customer default risk. Rating models are automated and fully supported by IT systems. Every risk model (including rating models) have to be regularly monitored and validated in terms of quality, what stems also from IRB rules.
Using uniformed risk parameters in the portfolio regular monitoring reinforces the credit risk management process and helps to take a more accurate decision regarding credit risk controls.