Each identified risk is assessed in terms of its significance. If the risk is recognized as significant, it is measured (provided that it is classified as measurable) or evaluated (for risks that are difficult to measure) and monitored and controlled in accordance with methods and procedures applicable to a given type of risk. The purpose of risk assessment and measurement methods is to comply with applicable legal requirements, regulator guidelines and best practices.
Governance
Approach to risk management
Bank Pekao has a risk management strategy described in the ICAAP Policy – Risk and Capital Management Principles (hereinafter: “ICAAP Policy”), adopted by the Management Board and approved by the Supervisory Board of the Bank. This document defines major elements of the Bank’s comprehensive approach to risks connected with its operations and arising from its business strategy, both at the level of the Bank and the whole Capital Group of the Bank. The ICAAP Policy defines the identified risks and the criteria for their recognition as material, indicating the objectives and associated risk management principles, the target risk structure associated with the activities carried out and the acceptable level and structure of risks, as defined in the adopted risk appetite.
The Bank uses formal risk reduction limits in accordance with its risk appetite and defines principles for handling situations when limits are exceeded. The Bank’s management information system makes it possible to monitor risk levels. The Bank’s organizational structure is adjusted to the size and profile of the Bank’s risks. While managing the risk of the Capital Group, the Bank supervises risks associated with the activities of its subsidiaries.
In the risk management systems in place at the Bank, the Management Board is responsible for developing, implementing and effective operation of risk management processes and an internal capital estimation process adjusted to the size and profile of the risk appetite, including the risk of the Bank’s subsidiaries. The Management Board of the Bank is regularly informed about the current risk profile of the Bank, about the largest exposures and concentrations of credit exposures.
The Bank’s Supervisory Board, supported by the Risk Committee, supervises the assess risk management system and its adequacy and effectiveness. In addition, the Supervisory Board supervises the compliance of the Bank’s risk management policy with the strategy and financial plan of the Bank.
The risk management strategy (including risk appetite) and system of the Bank are reviewed and updated on a regular basis to keep them adequate in terms of their scale and complexity of the Bank’s operations.
The Bank’s risk management system constitutes an integral element of the Bank’s management system. Risk management improves decision-making processes while ensuring that decisions are in line with best market practices and applicable regulatory requirements.
Due to the nature of the Bank’s operations, all risks identified as significant and resulting from guidelines of regulatory bodies, including types of risks related to social, employee, environment, respect for human rights, anti-corruption, related to products and relations with external environment, including counterparties, have been appropriately defined and included in separate regulations. Selected regulations in this field have been cited in this Statement on non-financial information of the Bank Pekao S.A. Capital Group for the year 2022.
In 2022, the Bank continued the development of risk management competencies and took actions related to the optimization of credit processes in all business segments by simplifying procedures and implementing modern tools improving processes, including the implementation of automatic tools supporting credit decision making.
At the end of 2022, the Bank’s cost of risk excluding provisions related to foreign currency housing loans was 0.41%. As a risk management leader, the Bank has maintained its cost of risk at one of the lowest levels in the sector.