Our approach to risk management
CFS operates in regulated markets and is subject to significant government regulation.
The Bank, CIS and CISGIL Boards are responsible for approving entity strategy, their principal markets and the level of acceptable risks articulated through their respective statements of risk appetite.
The Boards are also responsible for overall corporate governance which includes ensuring that there are adequate systems of risk management and that the level of capital held in each entity is consistent with the risk profile of the respective business.
Board Committees and Senior Management Committees oversee and challenge the risk management process, identifying the key risks facing each business and assessing the effectiveness of planned management actions.
1. Market risk
Market risk is managed separately in respect of CIS, CISGIL and Bank entities.
CIS and CISGIL market risk arises from the mis-matching of assets and liabilities.
CIS with-profits policyholders have an expectation that a proportion of their savings will be invested in equities and property to maximise returns and provide some protection of their savings against future inflation. However, with-profits policies have traditionally also included a minimum guaranteed benefit to provide a minimum return to the policyholder, which requires investment in a substantial proportion of fixed-interest securities. These conflicting investment objectives inevitably lead to a degree of mis-matching of assets and liabilities, and, as a result, market risk is a major potential risk to the solvency of the Long Term Business Fund.
There is no longer any equity exposure in the CISGIL fund, and this has reduced the extent of market risk faced by the General Insurance business. However, there remains the risk that interest rates increase unexpectedly with an adverse impact on the market value of assets available to meet General Insurance liabilities.
Bank market risk arises from the effect of changes in market prices of financial instruments, on income derived from the structure of the balance sheet, execution of customer and inter-bank business and proprietary trading. The majority of the risk arises from changes in interest rates as the Bank does not trade in equities nor commodities and has limited foreign currency activities.
2. Credit risk
Credit risk arises from exposure to the risk of loss if a counterparty fails to perform its financial obligations to CFS.
For CIS and CISGIL, this includes issuers of corporate bonds, counterparties to financial transactions and reinsurers.
For the Bank, this could arise out of exposure to individuals, corporates, financial institutions and sovereigns. Reasons for Bank counterparty default include general economic or sector specific downturns and structural changes such as increased personal indebtedness.
3. Insurance & business risk
Insurance risk refers to fluctuations in the timing, frequency and severity of insured events relative to the expectations of the firm at the time of underwriting.
The principal risk that CIS and CISGIL face under its insurance contracts is that the actual claims and benefit payments exceed the carrying amount of the insurance liabilities.
In CIS, a significant potential risk is of increases in the cost of annuities in payment, the guaranteed benefits under deferred annuity contracts and Guaranteed Annuity Options (GAOs) costs on personal pensions arising from further improvements to pensioner longevity above those assumed in provisioning.
In CIS there is a persistency risk, where more policies than expected reach their investment guarantee dates resulting in an increase in the expected costs of guarantees. In particular, there is a risk that more personal pension policyholders reach their normal retirement date which is the date on which GAOs become available. There is also the risk that profits from non-profit business fail to materialise as a result of more policies lapsing than expected.
Expense risk also exists in CIS. Although most of the long-term business expenses can be charged directly to policyholders, there is a financial effect from higher expense charges to asset shares leading to a reduction in asset shares and so an increase in the cost of providing guaranteed benefits. In addition, for products written on fixed terms or on a fixed charge basis, such as non-profit business and stakeholder pensions, higher expenses will result in reduced profitability.
In CISGIL, insurance risk is made up of risks that arise in respect of claims that have already occurred and for which reserves are already held (reserving risk) and of claims that are yet to occur (underwriting risk).
The key insurance risks to CISGIL are the risk that there is a natural catastrophe which is above the limit of the reinsurance programme on the property account, and the risk that motor bodily injury claims are worse than expected.
Business Risk arises from changes to the Bank business, specifically the risk of not being able to carry out the Bank’s business plan and desired strategy, including the ability to provide suitable products and services to customers. In a narrow sense business risk is the risk that the Bank suffers losses because income falls or is volatile relative to the fixed cost base. However, in a broader sense it is the Bank’s exposure to a wide range of macro-economic, geo-political, industry, regulatory and other external risks.
4. Pension scheme risk
The Co-operative Group merged its three Pension Schemes during 2006 and created a single defined benefit Scheme based on career average earnings. A full valuation of the merged scheme took place in April 2007. As at 12th January 2008 the Group PACE scheme had a surplus of £438m (2006: £295m) on an IAS 19 basis.
The Group has considered the risks within the Pension Scheme and has addressed a number of these during the year. Amongst other things the proportion of return seeking assets have been reduced, revised life expectancy assumptions have been used and the contribution rate set to take account of these changes. The Group continues to review these risks using an asset and liability modelling approach and sets budgets relating to each risk to ensure that they remain manageable in the context of the financial strength of the Group.
5. Operational risk and business continuity
Operational Risk is defined within CFS as the risk of loss resulting from inadequate or failed internal processes, people and systems, or external events. This encompasses the effectiveness of risk management techniques and controls to minimise these losses.
Examples of such include internal and external fraud, loss of key personnel, system capacity issues or program failure, process failures affecting payment settlement and external events over which CFS has limited controls such as terrorist attack, floods and contagious disease.
Operational risks are identified, managed and mitigated through ongoing risk management practices including risk assessments; formal internal control procedures; training; segregation of duties; delegated authorities; and contingency planning. Operational Risks are formally reviewed on a regular basis. Significant Operational Risks are regularly reported to Executive Directors, the Operational Risk Committee, and the Risk Management Committee (a formal Board subcommittee). These meet regularly to monitor the suitability of the risk management framework and management of significant risks within CFS.
Business Continuity is managed from within the Operational Risk team and sets out to take appropriate steps to minimise the risk of disruption in the event of a sudden, unplanned occurrence that could seriously disrupt customer service, harm employees, business operations and/or reputation.
CFS also has a corporate insurance programme to transfer specific risks to insurers as part of its risk management approach.
6. Change management risk
Projects and programmes involve change to processes, systems and people within defined costs and timescales to deliver pre-determined benefits. Projects therefore inherently carry some degree of risk:
- Failure to deliver the expected changes to time/cost or quality,
- Failure to realise expected benefits, implementation of the projects failing or impacting on normal business operations,
- Increasing the risk profile of the business into which change has been implemented through weakened controls or inefficient processes.
Identification and management of change related risks is therefore integrated into day-to-day management of projects and programmes and is fully embedded within the Risk Management Framework.
Effective governance structures have been established to evaluate the capacity and prioritisation of the change portfolio. Reviews of each programme are undertaken on a regular basis, considering resource requirements, progress and risks.
A Business Implementation Management function has been established in Change Management to manage the release of change and provide clear sight of implementation dependencies between programmes.
7. Liquidity risk
Liquidity risk arises from the timing of cash flows generated from CFS’ assets, liabilities and off-balance sheet instruments. Treasury and Investment Management manage CFS’ entities liquidity with guidelines laid down by the Asset & Liability Committee (ALCO) and in accordance with the standards established by regulators.
The Bank’s primary policy is to fund 85% of retail assets by retail deposits to ensure there is no over reliance on wholesale funding. The Bank’s structural liquidity risk management is therefore retail based and is dependent on behavioural analysis of both customer demand deposit and loan drawdown profiles by product category based on experience over the last eight years. The behaviour of retail products is reviewed by ALCO on a quarterly basis. The policy is to hold sufficient marketable assets for the worst gross monthly outflow (excluding offsetting inflows) experienced on a gross product basis. The retail and corporate deposit bases are very stable as the deposits are attracted to the Bank by good customer service and its ethical policy.
In addition the Bank has maturity mismatch limits to control the exposure to longer term mismatches.
Day-to-day cash flows (tactical liquidity) is managed by Treasury within guidelines laid down by ALCO and in accordance with the standards established for all banks by banking regulators. The Bank undertakes tactical liquidity stress tests, assuming restricted access to wholesale market funding, with the aim of having sufficient liquidity for six months non-access.
8. Reputational risk
CFS Reputational Risk is the current or prospective risk to earnings and capital arising from adverse perception of CFS or another member of the Co-operative Group’s reputation on the part of customers, counterparties, shareholders, investors, regulators or other stakeholders.
