Jump Main Menu. Go directly to the main content


Sección de idiomas


Fin de la sección de idiomas

You are in:

  1. Home
  2. Risk management

Report BFA - Bankia 2014 / Risk managementRisk management

  • Total exposure
    €199.12 M
  • Non-performing loans
    €-3.48 Bn in 2014
  • Mortgage modifications
  • Mortgage loan risk
  • NPL Ratio
  • Social rentals arranged
  • Business loan risk
  • Coverage ratio

Corporate governance in risk management

One of the main features of the European regulation enacting the capital accords known as BIS III is the introduction of corporate governance as a core element of risk management. Under this regulation, banks must have sound corporate governance procedures, including a clear organisational structure, effective risk identification, management, control and reporting procedures, suitable internal control mechanisms, and remuneration policies and practices that are compatible with appropriate and effective risk management.

In this respect, BFA-Bankia responds fully to the spirit of the new regulation, with its governing bodies assuming responsibility for the oversight and control of risk:

  • The Board of Directors is the highest governing body. It determines and approves the general internal control strategies and procedures, as well as the policies for assuming, managing, controlling and reducing the risks to which the group is exposed. It has several internal committees, attributed different risk control and monitoring responsibilities.
  • The Audit and Compliance Committee’s basic duties include verifying that the institution’s internal control model, internal audit and risk management systems are effective. In particular, it is responsible for regularly reviewing internal control and risk management systems to ensure the main risks are correctly identified, managed and declared.
  • The Risk Advisory Committee advises the Board of Director on the entity’s overall susceptibility to risk at present and in the future, and its risk strategy. Notwithstanding the foregoing, the Board of Directors retains overall responsibility for risk. The Risk Advisory Committee’s duties include the following:
    • Ensuring that the pricing policy for assets and liabilities offered to customers takes full account of the business model and risk strategy of the institution.
    • Determining, together with the Board of Directors, the nature, amount, format and frequency of reporting on risks that is to be received by the Risk Advisory Committee itself and the Board of Directors.
    • Providing assistance to establish rational remuneration policies and practices that consider risk, capital, liquidity and the probability of and opportunity for profits.
    • Presenting risk policies to the Board of Directors.
    • Undertaking periodic monitoring of the loan portfolio of the bank and the group, with the purpose of proposing to the Board of Directors controls to ensure risk assumed is in line with the established risk profile, with particular attention to the principal customers of the bank and the group and the distribution of risk by business sector, geographical area and type of risk.
    • Periodically verifying evaluation systems, processes and methodologies and criteria for approval of transactions.
    • Proposing to the Board of Directors the evaluation, monitoring and implementation of the instructions and recommendations of supervisory entities in the exercise of their authority and, if applicable, referring proposals of actions to be taken to the Board of Directors, without prejudice to following the instructions received. Verifying that the bank’s risk reporting processes are those appropriate for management of the risks assumed, and, if not, proposing such improvements as it deems to be necessary for correction thereof.
    • Evaluating whether the risk unit has the processes, technical resources and personnel necessary for proper performance of its duties in an independent manner, consistent with the bank’s risk profile.

The Board Risk Committee is the body responsible for approving risks within the scope of its powers, and guiding and administering powers conferred on lesser bodies, all of the foregoing without prejudice to the supervisory authority legally corresponding to the Audit and Compliance Committee. It has operational authority and, therefore, may adopt the corresponding decisions within the scope of authority delegated by the Board. Its main functions are as follows:

  • Adopting decisions regarding risks within its powers delegated by the Board of Directors.
  • Reporting to the Board of Directors on those risks that may affect solvency, profits, operations or the reputation of the bank.

Risk appetite and tolerance

Acting on the bank’s willingness to boost the importance of corporate governance in risk management and following the recommendations of leading international regulators, the Board of Directors approved a Risk Appetite Framework (RAF) for the BFA-Bankia Group in September 2014.

The RAF comprises a battery of tools enabling the governing bodies to set risk appetite and tolerance levels, and compare these with the institution’s actual risk profile at any given time. The BFA-Bankia Group’s RAF has three pillars:

  1. A risk appetite and tolerance statement, setting out the desired and maximum risk thresholds (appetite and tolerance). Such thresholds are set for global risks (profitability and solvency ratios), and for each material risk (credit, liquidity, market, interest-rate, operational and business).
  2. A monitoring and control mechanism, enabling the bank to ensure the risk profile does not exceed established thresholds.
  3. Roles and responsibilities, which specify the responsibilities of the various teams involved in the process.

Benefits of drawing up
he risk appetite framework

Compliance with the requirements and recommendations of good governance in the risk function of most regulators, including the new single European regulator.

Improved perception of risk at all levels of the institution, thereby strengthening the corporate risk culture.

Transparency vis-à-vis external agents, shareholders, regulators, rating agencies, analysts and investors.

Consistency in budget preparation and planning processes with risk targets affecting capital, the balance sheet and the income statement.

Risk management

Risk management is a strategic pillar in the organisation. The primary objective of risk management is to safeguard the group’s financial stability and asset base, while creating value and developing the business in accordance with the risk appetite and tolerance levels set by the governing bodies. To this end, it provides tools for measuring, controlling and monitoring the requested and authorised levels of risk, managing non-performing loans and recovering outstanding receivables.

The process started in 2013 to bring the risk function into line with best practices was consolidated during 2014 by developing and completing major projects through which an enhanced risk function is being built. The transformation process had three main cornerstones:

  • General principles governing the risk function, including its global reach covering all definitions of material risk across the group, its independence, and the commitment of senior management, bringing conduct into line with the strictest of ethical standards and following regulations to the letter.
  • A new organisational model: The risk function is restructured in accordance with general premises, the most notable of which is a holistic view of the complete risk life cycle. Accordingly, credit risk management falls to the risk units, Wholesale Risks and Retail Risks, each of which brings together, within their particular jurisdictions, all the risk approval, risk monitoring and loan recovery functions. The structure was reinforced in 2014 with the creation of a Risk Process Industrialisation Department, the remit of which is to provide effective and systematic management.
  • A transformation plan: A raft of projects planned in 2013 were carried out in 2014, resulting in deliverables such as the Risk Appetite and Tolerance Framework.

Basic principles guiding risk management

  1. Independent risk function, which assures there is adequate information for decision-making at all levels
  2. Objectivity in decision-making, taking account of all relevant (quantitative and qualitative) risk factors
  3. Active management throughout the life of the risk, from preliminary analysis until the risk is extinguished
  4. Clear processes and procedures, reviewed regularly as needs arise, with clearly defined levels of responsibility
  5. Comprehensive management of all risks through identification, measurement and consistent management based on a common measure (economic capital)
  6. Individual treatment of risks, channels and procedures based on the specific characteristics of the risk
  7. Generation, implementation and promotion of advanced tools to support decision-making which, with efficient use of new technologies, aids risk management
  8. Decentralisation of decision-making based on the approaches and tools available
  9. Consideration of risk in business decisions at all levels: strategic, tactical and operational
  10. Alignment of overall and individual risk targets in the institution to maximise value creation

Organisation and functions of the risks department

A series of major changes were made over the last year to strengthen the process of transforming the risk function:

  • A new department was established, charged with industrialising risk processes. Firstly, this involves organising all risk management activities in clearly defined and documented processes. It is then necessary to industrialise all the processes requiring systematic roll-out, optimising the allocation of in-house and third-party resources to the various activities. As with all industrial processes, the various activities comprising them must be appropriately coordinated and scaled, and must also be efficient. It is therefore essential that managers are equipped with the most suitable tools for the job.
  • A department was also established specialised in managing the restructuring of major borrowers’ debt. This measure will enable proposals for new solutions to be put forward with regard to debt restructuring processes, controlling and monitoring the special transactions involved, and restructuring the debts of major customers and groups of borrowers, especially when a cross-cutting perspective (retail and wholesale) is required. In short, the objective is to maximise the amount of debt recovered in special cases which, given their complexity, importance or lack of past experience, require non-standardised measures with the borrowers and third parties involved.
  • Lastly, the Internal Control and Validation departments were merged under the Technical Secretariat of the Risks Department. This does not represent any change with regards to the importance given to these functions, which are developed as part of the Transformation Plan.

At year-end 2014, the Risks Department was structured as follows, subsequent to the aforesaid changes: