
Risk Management
Our internal risk control system to ensure transparency.
Banca Generali internal control system is structured on three levels:
- first-level controls, aimed at ensuring that activities are conducted properly. Such controls are undertaken by production units or are included into procedures;
- risk management controls, aimed at identifying, measuring, controlling and managing all risks (credit, market, operating and strategic risks, etc.);
- compliance controls, aimed at preventing noncompliance with law in the rendering of services.
Within Banca Generali, such controls are entrusted to:
- the Compliance function entrusted with preventing the risk of noncompliance with applicable legislation, including the risk of money laundering and financing of terrorism;
- the Risk Management function, entrusted with the task of identifying, measuring, controlling and managing other risks (credit, market, operating and strategic risks, etc.);
- internal audits (or thirdlevel controls), entrusted to the Internal Audit function, which performs controls aimed at identifying anomalous performances and violations of procedures and regulations, as well as assessing the overall functioning of the entire internal audit and risk management system.
The above-mentioned activities are complemented by those of the 262 Oversight function, with reference to the administrative-accounting risk (Law No. 262/2005).
The main risks and uncertainties to which the Banking Group is exposed are:
- credit risk: it is the risk associated with the possibility that a counterparty may become insolvent, or the likelihood that a debtor may fail to fulfil its obligations or fulfil its obligations on a delayed basis with respect to predetermined due dates;
- counterparty risk: it is the risk associated with the possibility that a counterparty to a securities transaction may default before said transaction is settled. The counterparty risk is a sub-category of credit risk;
- operating risk: it is the risk of loss resulting from the inadequacy or failure of processes, human resources or internal systems, or from external events. This type of risk includes, inter alia, losses due to fraud, human error, interruptions of operation, unavailability of systems, breach of contract and natural disasters. The legal risk is included in the operating risk, whereas strategic and reputation risks are not included;
- market risk: it is the risk associated with the possibility to suffer losses due to variations in the value of a security or a portfolio of securities associated with unexpected variations in market conditions (share prices, interest rates, exchange rates, the prices of goods and the volatility of risk factors);
- interest rate risk to which the banking book is exposed: it is the risk of incurring losses due to potential fluctuations in interest rates. This risk is generated by the gaps between the maturities and time required to re-set the interest rate on the Group’s assets and liabilities. Where such gaps are present, fluctuations in interest rates result in variations of net profit, and therefore expected net profit, as well as variations in the market value of the assets and liabilities, and therefore of net equity;
- liquidity risk: it is manifested in the form of the breach of payment obligations, which may be caused by an inability to procure funding (funding liquidity risk) or the existence of limits on the divestment of assets (market liquidity risk). Liquidity risk also includes the risk of fulfilling payment obligations at above-market costs, incurring a high cost of funding, or incurring capital losses on the divestment of assets;
- concentration risk: it is the risk arising from exposures to counterparties, groups of related counterparties, and counterparties operating in the same business segment, engaging in the same activity, or based in the same geographical area;
- residual risk: it is the risk that the recognised credit risk mitigation techniques used prove less effective than foreseen;
- reputational risk: it is the current or prospective risk of a decrease in profits or capital arising from a negative perception of the corporate image by clients, counterparties, shareholders, investors or regulatory authorities;
- strategic risk: the actual or prospective risk of a decrease in profits or capital arising from changes in the operating context or poor company decisions, the inadequate implementation of decisions, or insufficient reaction to changes in the competitive scenario;
- compliance risk: it is the risk of incurring legal or administrative penalties, significant financial losses or damages to reputation due to breaches of compulsory provisions (of laws or regulations) or self-imposed rules (e.g., articles of association, codes of conduct, self-regulatory codes).
The Group has formally defined a policy for each of the above risks that lays down: the general principles, roles and responsibilities of the company bodies and functions involved in risk management; guidelines on risk management in accordance with its business model, risk appetite, internal control system, system of delegated powers established by the Board of Directors and instructions of supervisory authorities.
The integration of the ESG factors into the risk management system
Environmental, social and governance factors (e.g., climate change) may significantly impact the risk categories usually managed by financial institutions, such as credit, operating, market, liquidity and reputational risks.
The Bank is therefore integrating the evaluation of the ESG factors into its risk management framework and has launched several projects aimed at understanding the exposure of its business lines and operations to key sustainability risks.