Sustainability Risk ManagementSustainability Risk Management
VTB Group risks, including those related to sustainable development, are managed on the basis of unified standards developed and adopted by the Bank. These standards regulate procedures for identifying, assessing and monitoring risks, controlling their volume, structure and concentration, developing effective measures to optimise and mitigate risks and preparing regular risk reports.
The VTB Group defines sustainability risks as:
- ESG risks;
- Strategic risk;
- Information security risks.
As part of our commitment to sustainable development and consideration of complex risk relationships, the Bank focuses on ESG risks associated with such factors as environmental, social and governance aspects. They also affect the value of the company, are taken into account in responsible investment and are implemented within the scope of the risks identified in the Bank.
ESG risks are managed comprehensively in terms of the following types of risks: credit, reputational, operational and concentration risks.
Physical risk is determined by the Bank mainly as part of operational risk analysis. Additionally, scenario-based analysis may also be performed, including assessment of the consequences of potential unfavourable conditions, and self-assessment of actually incurred loss due to operational risk, including in connection with emergency situations. In addition, risks associated with the occurrence of emergency situations are analysed when assessing the pledged property.
The transitional risk is assessed by the Bank within the scope of credit risk when considering the possibility of issuing a loan and assigning a credit rating to a borrower. In the industry analysis, the Bank considers political, legal and technological changes in the industry, and therefore provides additional assessment of the transitional risk.
In assessing the credit risk premium, consideration is given to the borrower's credit rating, which in turn includes an assessment of the likelihood of losses from investment risks of transitional risk, as well as physical risk.
As part of the ESG risk management approach, the Bank checks the customer's compliance with legal requirements, as well as analyses the environmental impact of subjects to mortgage in terms of real estate and property complexes.
Strategic risk is the risk of an unfavorable change in the results of the Bank's activities due to erroneous decisions made in the course of the Bank's management, including the design, approval and implementation of the Bank's development strategy, improper execution of decisions made, as well as the Bank's inability to take into account changes in external factors.
The Bank considers changes in socio-economic and demographic processes, segmentation of the banking services market and supply and demand trends, the Bank's competitive position in selected market segments, as well as the influence of third parties to be external factors conditioning the strategic risk.
The applied methods of strategic risk management in the Bank are strategic and business planning, monitoring over the fulfillment of the approved plans, as well as analysis of changes in the market environment.
In order to maintain strategic risk at an acceptable level, the Bank provides for:
- monitoring and controlling the achievement of the Bank's goals and targets;
- monitoring of external environment conditions (including macroeconomics, changes in customer segments, market demand for banking products, competitive environment) and the Bank's internal environment;
- monitoring the overall level of strategic risk on the basis of the developed evaluation methodology.
Information security risk
Information security risk is a type of operational risk. It represents the risk of the implementation of information security threats, which are caused by deficiencies in information security processes, including technological and other measures, application software deficiencies in automated systems and applications, as well as the non-compliance of these processes with the Bank's activities.
The operational risk management system of VTB Bank is aimed at minimising the cases of information security risk, including reducing the probability of violations of business processes, personnel errors, deliberate actions of personnel or third parties against the Bank and its customers, system and equipment failures, violation of rights of customers and counterparties, as well as limiting the amount of losses from its realisation.