RegTech: Banking risk appetite: what are we talking about?

 

Banking risk appetite

The concept of banking risk appetite is necessarily encountered in financial circles, right up to the highest level of the organisation that defines the bank’s overall strategy. We offer you the answers to some classic questions about this concept, which requires formalisation and is subject to regulatory clarification.

What does risk appetite mean?

This concept corresponds to the level of risk that a bank is willing to take, depending on its strategic objectives. You may also come across the definition of risk appetite given by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). In its approach, COSO adds that it is the type and level of risk accepted by an organisation, while creating value.

What is the difference between risk tolerance and risk appetite?

It all depends on how you look at it. In Switzerland, financial regulations use the term risk tolerance to translate the notion of risk appetite. However, this is not the definition used worldwide.
Internationally, the concept of risk tolerance is used to assess the level of risk, or risk appetite. In a way, a banking institution :

  •  defines its strategic objectives ;
  • sets its risk appetite ;
  • chooses indicators or KPIs to measure its risk appetite.

What is the risk appetite document for a bank?

This key document describes the types and levels of risk that the financial organisation is willing to take with regard to its strategic and operational objectives. The resulting report sets out the types of threat to the organisation. It lists the responses envisaged to bring each risk under control.
This report is approved at least once a year by the bank’s Board of Directors. It is also updated during the year, in the event of changes, adjustments or the exceeding of certain limits.

In a way, this risk appetite statement is :

  • a statement of authorised activities in line with the bank’s strategy ;
  • a solution for diagnosing or identifying its risk exposure ;
  • an action plan detailing the measures taken to counter them ;
  • a definition of indicators to assess the risks (risk resistance or tolerance).
    We have devoted a blog post to the introduction of risk appetite reporting in Swiss banks.

What do Swiss regulations say about banking risk tolerance?

The following regulatory sources set the framework for risk appetite:

  • the Banking Ordinance (BO) in Article 12 ;
  • FINMA Circular 17/1 Corporate Governance – Banks.

In addition, these texts detail the obligations regarding the definition of appetite for specific risks :

  • the Liquidity Ordinance (Oliq) ;
  • FINMA Circular 15/2 Liquidity Risks – Banks ;
  • FINMA Circular 23/1 Operational risks and resilience – banks.

For more details of these regulatory texts dealing with risk tolerance in Switzerland, see the above-mentioned article. You can also use our RegTech solution to access the full text of the regulations.

Operational risk: example of a regulatory requirement

As specified in FINMA Circular 23/1, operational risks and their management form part of a bank’s overall risk management. The circular also gives a non-exhaustive list of the different categories of operational risk. The exact exposure depends on each bank’s activities. However, in all cases, the risks listed in the FINMA circular must be actively managed.

Marginal number 23 specifies that ‘the Board of Directors shall approve the risk tolerance for operational risks at least once a year on the basis of the risk policy and considering the institution’s strategic and financial objectives.

Operational risk is often subject to qualitative limits. This is the case, for example, with a measure of residual risk for a specific risk. On the other hand, balance sheet risks, such as market risk, are better suited to quantitative limits.

Example of liquidity risk appetite and stress scenario

The LCR (Liquidity Coverage Ratio) is one of the key regulatory ratios in Switzerland. It is used to measure a banking institution’s ability to retain sufficient liquidity to meet payments, even in the event of a crisis.

A risk appetite generally includes a limit for the LCR ratio, which is, by definition, more conservative than the regulatory minimum. Each bank, depending on its risk appetite and the volatility of its liquidity, defines a greater or lesser margin of safety in relation to the 100% threshold.

Bank risk appetite: an example of a crisis scenario

Another classic way of approaching risk appetite in terms of the LCR is to define :

  • a stress test scenario ;
  • and a minimum LCR threshold to be respected after application of the stress test.

This approach, which complements an LCR limit, makes it possible to manage finer, more specific risks. Examples of stress scenarios include :

  • a significant loss in value of part of the bank’s assets ;
  • a rapid departure of a certain type of customer.

In all cases, the ordinance on liquidity provides for an annual stress test exercise of greater or lesser importance depending on the category of bank.

👉To discover other definitions around RegTech, we suggest you return to our glossary table of contents.

👉If you’d like to find out more about easyReg, take a look at our RegTech solution.