Skip to main content [Access key S]

Directors' report

Business review - Risk management and control

Introduction

Risk is inherent in the Group's business and activities. Our ability to identify, assess, monitor and manage each type of risk to which the Group is exposed is an important factor in our financial stability, performance, reputation and future success. The principal risks which we face are credit risk, financial risk (including market and liquidity risk) and operational risk. Our approach to risk management is built on formal governance processes and relies on individual responsibility and collective oversight, informed by comprehensive reporting.

The following sections describe our approach to risk management. The first section covers the Group's risk governance structure. The second section explains the way in which we identify and categorise the risks we face and manage objectives and policies for each.

Other factors could also affect the Group's results, including economic factors. Therefore, the risks described below should not be considered to represent all of the potential risks and uncertainties which could impact the Group.

Risk governance

The responsibility for the overall framework of risk governance and management lies with the Board of Directors. The Board is responsible for determining risk strategy, setting the Group's risk appetite and ensuring that risk is monitored and controlled effectively. It is also responsible for establishing a clearly defined risk management structure with distinct roles and responsibilities. Within that structure, line managers are responsible for the identification, measurement and management of the risks within their areas of responsibility.

In particular, the Residential Lending Credit Risk function, which reports into the Managing Director, Products and Marketing, acts as the credit risk control unit with responsibility for the Group's residential lending credit risk and rating system. Independent challenge and validation is provided by the Group Risk function. The Treasury Finance teams, which report into the Group Finance Director, are responsible for identification, measurement and monitoring of wholesale credit risk, market risk and liquidity risk. Independent monitoring of the risk management framework is provided by risk management specialists based in the Risk, Audit and Compliance functions.

In addition to individual responsibilities for risk management, there is a structure of committees that, under authority delegated by the Board, have formal responsibility for defined aspects of risk management.

The roles and responsibilities of the risk management committees are set out in the following paragraphs. The relationship between these committees and the risk management functions are shown in the diagram below.


risk management functions diagram


Audit Committee

The Audit Committee is a non-executive committee that supports the Board in carrying out its responsibilities for financial reporting, including accounting policies, internal control and risk assessment. The Audit Committee monitors the ongoing process of the identification, evaluation and management of all significant risks throughout the Group.

Executive Committee ('EXCO')

EXCO is responsible for the executive management of the Group including risk and the application of the Group's risk policies through various committees and through their ex-officio responsibilities. EXCO consists of the Executive Board Directors and the HR Director.

Group Risk Committee ('GRC')

GRC is an executive risk governance committee which supports EXCO in ensuring that the Group's overall risk management framework is effective and that key risks are managed cost effectively and to an acceptable level.

Asset & Liability Management Committee ('ALCO')

ALCO is an executive committee which monitors and manages the structure of the Group balance sheet and agrees strategy and policy adjustment. In addition, ALCO manages the Group's net interest income within the sensitivity limits established by the Board.

Credit Risk Committee ('CRC')

CRC supports EXCO and GRC by advising on the Group's credit risk framework and reviewing, monitoring and recommending on all credit matters relating to credit exposures and credit risk management strategies.

Balance Sheet Management Committee ('BSMC')

The role of BSMC is to oversee Treasury and balance sheet management matters in advance of any recommendation to the Board. This includes:

  • consideration and approval of secured and securitised funding transactions and the establishment or renewal of Medium Term Funding Programmes in line with Treasury Policy statements;
  • balance sheet issues such as the review of capital management and balance sheet strategies;
  • raising of capital and dividend policy; and
  • monitoring the effect of these and other initiatives on the Group's credit rating.

Group risk

The Group Risk function comprises Operational Risk and Financial Risk and its role is to:

  • develop a Group strategy, policy and framework for risk management, aligned with business requirements;
  • provide support to the Group in the implementation of the framework;
  • bring together analyses of risk concentrations and sensitivities across the Group;
  • act as a point of reference for risk and control matters, providing advice to management, sharing best practice and carrying out special reviews as directed by GRC and ALCO; and
  • provide independent assessment of, and challenge to the business areas' risk management and profiles to ensure that they are maintained in a robust manner.

Compliance

The role of Compliance is to:

  • provide a focal point to co-ordinate communications and consultations with regulatory authorities;
  • achieve high standards of compliance advice and risk-based compliance, according to agreed plans and standards;
  • provide an effective compliance advisory and consultative service to the Group;
  • carry out reviews of relevant business units, employing quantified risk-based monitoring techniques to assess performance against the relevant rules, guidance, codes of conduct and the Group's internal policies and procedures;
  • provide timely and objective reports of findings, agreeing appropriate corrective actions and monitoring implementation;
  • oversee the compliance performance of the Group, keeping line management, GRC, the Audit Committee and the Board informed of the state of compliance, measured against objective and published performance standards and indicators, drawing attention to areas of under-performance and improving or worsening trends and provide rapid alert to particular risks or failings; and
  • scalate any unremedied compliance failings through line management and if necessary prompt effective enforcement measures.

Internal Audit

We have contracted Ernst & Young to provide internal audit services. However, the management of the Internal Audit function remains firmly with Bradford & Bingley. The role of Internal Audit is to provide independent and objective assurance that the process for identifying, evaluating and managing significant risks faced by the Group is appropriate and effectively applied.

The specific role of Internal Audit is to:

  • produce a formal, annual opinion on the adequacy and effectiveness of the control processes to the Audit Committee for submission to the Board. This opinion is based on agreed materiality thresholds, supporting Turnbull requirements;
  • report on a quarterly basis to the Board, through the Audit Committee, on the operation of the control processes and management's progress in addressing identified issues;
  • report the results of individual audits in the period to the Audit Committee;
  • report issues emerging from, and findings of, each audit to relevant management, obtaining their commitment to undertake appropriate remedial action; and
  • continually review the effectiveness of the Group's risk profile, placing appropriate reliance on the risk management process to optimise audit work.
Annual Report & Accounts 2007
Annual Report
2007

Download
PDF (832 KB)