Defining Risk Appetite for Banks: Qualitative and Quantitative

Banks must take risks; there is no risk-free path to achieving objectives. Effective risk management requires a strong, organization-wide governance structure that makes risk considerations a priority of the Board and senior management. Without such leadership and commitment, efforts to enhance risk management may be perceived as a bureaucratic “compliance exercise”.

An effective risk appetite statement is linked to the institution’s short- and long-term strategic, capital, and financial plans, as well as compensation programs. The challenge lies in identifying, prioritizing, and addressing the right risks at an optimal level, in the most effective ways. Banks often place great importance on quantitative risk appetite levels over qualitative levels. Leading banks that implemented GPRC effectively have found a way to do both.

Quantitative risk appetite: Defining a bank’s risk capacity is a crucial step in developing a comprehensive and effective Risk Appetite Statement (RAS). The RAS is also the area in which the concept of risk appetite connects directly with those of ICAAP/ILAAP and recovery planning. Therefore, risk capacity is mostly calculated in terms of capital adequacy. However, after the collapse of SVB, a liquidity risk capacity is equally important and many banks use regulatory stress-based metrics for this purpose such as LCR (Liquidity Coverage Ratio).

Qualitative risk appetite: Leading banks have addressed more difficult to quantify risks in their RAF and RAS. Examples relate to reputation and conduct risks as well as money laundering and unethical practices. It also clearly articulates the motivations for taking on or avoiding certain types of risks, products, services, organizations, customers, cyber, ESG, country/regional exposures, or other categories.

Read this blog to learn more about how banks are getting ready for business-integrated GRC (also known as GPRC).

New report offers insights into how Australian boards are thinking about and acting on climate - Read more

Reserve Bank of New Zealand: New measures to build cyber resilience - Read more

MSS publicizes typical case to remind public of overseas cyber ransom attacks - Read more

Europe leads with landmark AI Act: Safeguarding rights and fostering innovation - Read more

Dive in for more – and subscribe to our newsletter, so you never miss a post!

? Corporater | All rights reserved.

Corporater offers a single platform and integrated solutions for Governance, Performance, Risk, and Compliance (GPRC).

www.corporater.com