ZASADY DOTYCZĄCE COOKIES

Uprzejmie informujemy, że w ramach naszej witryny używamy plików cookies w celu świadczenia usług na najwyższym poziomie oraz w sposób dostosowany do Twoich indywidualnych preferencji. Korzystanie z witryny bez zmiany ustawień oznacza, że akceptujesz otrzymywanie plików cookies. Zmiany ustawień dla plików cookies możesz dokonać w każdym momencie użytkowania serwisu.
Więcej szczegółów w zakładce Polityka Prywatności

Annual
Report 2022

Bank in 2022

Major sources of risk and threats

Risk management

Effective risk management is a prerequisite for maintaining a high level of security of the funds entrusted to the Group, and for achieving a sustainable and balanced profit growth within the Group’s risk appetite.

The key risks material for the Group include credit risk, liquidity, market risks and operational risk. Moreover, the Group identifies the following risks as material in its business activity: business, macroeconomic, reputation, compliance, excessive leverage, bancassurance, real estate, financial investment, and model risks. The Group also identifies ESG risk defined as risk arising from environmental, social and governance factors that may have negative impact (directly or indirectly) on the Group. ESG risk is managed within the types of risk identified in the Group’s activity that are affected by ESG risk factors (mainly credit risk). The ESG Council supports the Management Board in decision making process concerning ESG issues.

The Group has adopted a comprehensive and consolidated approach to risk management. It extends to all units of the Bank and subsidiaries. Risks are monitored and managed taking into account business profitability and the capital required to cover the losses resulting from these risks.

The Management Board of the Bank is responsible for achieving the strategic risk management goals, while the Supervisory Board, supported by the Risk Committee, oversees whether the Group’s policy of taking various risks is compliant with the overall strategy and financial plan. The Credit Committee plays an important role in the credit risk management, the Asset, Liability and Risk Committee and Liquidity and Market Risk Committee in market and liquidity risk management, the Operational Risk Committee in the management of the operational risk and the Model Risk Committee in model risk management.

The rules of managing each of the risks are defined by internal procedures and the guidelines set up by the credit risk policy, investment and market risk policy and the operational risk strategy and policy accepted annually by the Management Board and approved by the Supervisory Board.

Detailed reports on credit, liquidity, market, operational and model risks are presented to the Management Board and the Supervisory Board on a regular basis.

The rules and instruments of managing each of the risks and information on the risk exposure are included in Note 46 to the Consolidated Financial Statements of Bank Pekao S.A. for the period ended on 31 December, 2022 and in the document “Information in respect to capital adequacy of Bank Pekao S.A Group as at 31 December 2022” published on the Bank’s website.

Operational risk

The objective of proper operational risk management is to maintain the operational risk the Group takes, on the level consistent with a specific risk appetite. Operational risk management is based on internal procedures that are consistent with the law requirements, resolutions, recommendations and guidelines of the supervisor and includes: identification, assessment, monitoring, preventing and reporting of operational risk.

The operational risk profile is determined mainly by two operational event categories, in which the highest exposure to operational risk is identified i.e. Clients, products and business practices and Execution, delivery and process management.

This is reflected in the table below, which presents the distribution of losses resulting from operational events by categories as defined by the Article 324 of Regulation (EU) No 575/2013 of the European Parliament and of the Council. In connection with the acquisition of the part of Idea Bank, the operational risk profile has not changed. According to the Decision of the Bank Guarantee Fund (BFG) the part of the Idea Bank business with higher exposure to operational risk was not acquired by Bank Pekao.

OPERATIONAL EVENTS BY CATEGORIES 2021 2022
Internal frauds 0.00% 0.09%
External frauds 4.98% 0.55%
Employment practices and workplace safety 1.42% 0.18%
Clients, products and business practices 57.20% 96.21%
Damages to physical assets 5.68% 0.09%
Business disruption and system failures 0.44% 0.50%
Execution, delivery and process management 30.28% 2.38%
Total 100.00% 100.00%
OPERATIONAL EVENTS BY CATEGORIES 2021 2022
Internal frauds 0.00% 0.10%
External frauds 5.08% 0.60%
Employment practices and workplace safety 1.44% 0.20%
Clients, products and business practices 56.04% 96.42%
Damages to physical assets 5.81% 0.10%
Business disruption and system failures 0.45% 0.13%
Execution, delivery and process management 31.18% 2.45%
Total 100.00% 100.00%

Credit risk

Managing credit risk and maintaining it at a safe level is vital for the Bank’s financial performance. In order to minimize credit risk, special procedures have been established, pertaining in particular to the rules of assessing obligor and transaction risk, collateralization of loan and lease receivables, credit decision powers and concentration risk management .

Prudent credit risk management at Bank Pekao S.A. is based on the Credit Risk Policy, which takes into account, among the others, measures reducing the potential threats coming from macroeconomic factors related to the armed conflict in Ukraine and the related disturbances in the supply of raw materials and their impact on the quality of the loan portfolio. The same approach is applied in the Bank’s subsidiaries.

Lending activities are subject to limits following both from the external regulations (CRR) and the Bank’s internal standards, including limits concerning exposure concentration ratios for individual sectors of the economy, limit on the share of large exposures in the Bank’s loan portfolio, portfolio limits and limits of exposures to countries, foreign banks and domestic financial institutions.

The credit decision powers, lending restrictions as well as internal and external prudential standards, pertain to loans and guarantees as well as derivative transactions and debt instruments. The quality of the loan portfolio is also protected by periodic reviews and ongoing monitoring of the timely servicing of loans and the financial standing of customers.

Internal limits, lending restrictions and the calculation of allowances take into account the risks arising from the COVID-19 pandemic.

The Bank has continued to work on further rationalization of the credit process with an aim to obtaining better efficiency and security, including in particular enhancement of the procedures and tools for risk measurement and monitoring.

According to the applicable regulations the total exposure of the Bank to the risks associated with the single borrower or a group of borrowers in which entities are related by capital or management may not exceed 25% of a bank’s Tier 1 capital. In 2022, the maximum exposure limits set forth in the external regulations were not exceeded.

In order to mitigate credit risk associated with excessive sector concentration the Bank sets up a system for shaping the sectoral structure of credit exposure. Every year within Credit Policy the Bank defines sector limits for particular sectors of economy. These limits are subject to ongoing monitoring. The system applies to credit exposure in particular types of business activity according to the classification based on the Polish Classification of Economic Activities (Polska Klasyfikacja Działalności – PKD).

Concentration limits are set based on the Bank’s current credit exposure and risk assessment of each sector. Periodic monitoring of the Bank’s exposure allows for ongoing identification of the sectors in which the concentration of exposure may be too excessive. In such cases, an analysis of the economic situation of the sector is performed including both the current and forecast trends and an assessment of quality of the current exposure to that sector. These measures enable the Bank to formulate the activities to reduce sector concentration risk and ongoing adaptation of the Bank’s Credit Policy to a changing environment.

The Group’s risk management process

The Bank supervises the risk related with subsidiaries. In particular  an assessment  on size and profile of risk related with their activities is performed. Risk management processes are consistent throughout the Group and adapted to the complexity of the risk profile of individual entities, in accordance with the principle of proportionality.

Compliance risk

Compliance risk is the risk resulting from breaching laws, internal regulations and market standards in the processes functioning within the Bank. Compliance risk can lead to criminal or administrative sanctions, material financial losses, diminished reputation, reduced brand value, reduced development potential and inability to perform contracts, as well as reduction or loss of business opportunities.

There is a separate unit for compliance matters functioning within the Bank, the Compliance Department, organisationally and operationally independent and subordinated directly to the President of the Management Board. Compliance Department is the key element of ensuring compliance within the Bank.

The Bank ensures compliance through application of suitable control mechanisms and compliance risk management process coordinated by the Compliance Department. Within the control function, the Compliance Department designsand supervises the implementation of control mechanisms with the aim to ensure compliance with law, internal regulations and market standards. The Compliance Department  autonomously applies some of such control mechanism and performs independent monitoring of their compliance by other organizational units of the Bank, as well as reports the results of this monitoring. The compliance risk management process includes the following stages: identification, assessment, control, monitoring and reporting of the compliance risk level.

  • current vertical verification on a continuous basis within risk-based approach on selected processes operating at the Bank (ex-ante activities),
  • vertical testing, including monitoring of adherence to selected on risk-based approach control mechanisms, performed in the case of completed activities  within selected processes functioning at the Bank (ex-post activities), within the scope defined in the Regulations of functioning of the Compliance Department.

As part of compliance with laws, internal regulations and market standards each employee of the Bank is obliged to apply appropriate control mechanisms and to perform independent monitoring of adherence to control mechanisms, within the scope of duties assigned to him/her.

Assumptions of compliance risk management process were defined in Bank Pekao S.A. Compliance Policy developed by the Management Board and approved by the Supervisory Board and the Compliance Department Regulation There are following

  • supervision of the Supervisory Board and responsibility of the Management Board for the effective management of compliance risk and observance of the Compliance Policy,
  • responsibility of the Bank’s employees for ensuring compliance within the scope of their duties,
  • properly defined organizational structure including appropriate location of Compliance Department,
  • internal regulations on compliance matters,
  • training,
  • regular cooperation of Compliance Department with Internal Audit Department and other internal control system units.

The reports on performance of tasks by Compliance Department together with the level of assessed compliance risk are presented to the Management Board and Supervisory Board. The oversight of compliance risk related to the activities of subsidiaries is performed in the Bank.

Implementation and application of the compliance risk management standards are key factors in creating the enterprise value, reinforcing and protecting the Bank’s reputation, and winning public trust in the Bank’s activities and its standing.

Search results