Clear and effective individual decision-making authority, controlled risk-taking and monitoring by the Board of Directors, CEO and dedicated committees, form the cornerstones of risk management at Landsbankinn.
Risks in the Bank's operation are evaluated using several metrics based on the nature of each risk. These metrics are used to determine risk limits, analyse risk factors and changes to them, communicate information and manage risk. Economic capital (EC) represents the combined evaluation of all risk.
The Bank's internal assessment of EC for credit risk (loans and claims on customers and financial undertakings) decreased by 1% in 2019 in line with positive changes to the quality of the portfolio. Total EC decreased slightly during the year, from ISK 99.6 bn to ISK 98.2 bn. The Bank adjusted its evaluation of EC for business risk in 2019 and simultaneously updated its sector concentration model. The risk exposure amount (REA) also increased slightly in 2019 and EC was 9.6% of REA at the end of 2019 as compared with 10.0% at year-end 2018.
Risk management involves the identification, assessment and control of risks in the Bank's operation. Landsbankinn sets detailed risk rules and develops an effective internal governance structure that ensures a clear division of responsibility, risk management and follow-up on risk management.
As provided in the Bank’s risk policy, all pertinent risks in the operation are considered, both financial and otherwise, including credit risk, market risk, liquidity risk, concentration risk, operational risk, business risk, legal risk, reputational risk, conduct risk, compliance risk, information security risk, data risk and model risk.
Landsbankinn’s governance structure sets out the committee organisation and decision-making process on key risks, the decision-making authority of individuals, follow-up and control by the Board of Directors, CEO and individual committees.
The Board of Directors has determined a risk appetite which functions as a management tool that controls risk-taking and functions as a limit for aggregate risk in the Bank’s operational platform. Risk appetite is reviewed at least annually or as needed to reflect the Bank’s risk-taking objectives at each time.
In the management of risk relating to IT, Landsbankinn aims to limit such risk through clear procedures in the operation, maintenance, development and testing of IT systems and hardware. Key to Landsbankinn’s monitoring of information security risk is a risk assessment of the main assets on which its IT framework is based. Landsbankinn bases its policy on information security on cultivating trust and integrity in its customer relationships. Landsbankinn strives to maximise data and information system security with an eye to confidentiality, accuracy and availability. Compliance with the ISO 27001 standard on information security management is one of the tools that guides these efforts.
Risk management involves processes that combine the Bank’s risk appetite and business plan. The process consists of both self-assessment and risk assessment which are utilised in further analysis and management of risk. Strategy is also based on risk appetite and risk management. As a result, risk policy is an integral part of the Bank’s operation and risk management is a dynamic process implemented throughout the Bank on the back of a robust risk culture.
Risk factor | Metric |
---|---|
Credit risk |
Expected loss |
Average probability of default | |
Loss given default | |
Sector concentration | |
Borrower concentration | |
Market risk |
Equities |
Debentures | |
Currency | |
Interest rate and indexation risk in the banking book | |
Indexation risk | |
Liquidity risk | Aggregate LCR - total |
Aggregate LCR - ISK | |
Aggregate LCR - FX | |
Operational risk | Operational scope - Real changes to REA base |
Funding risk | Net stable funding ratio - total |
Net stable funding ratio - FX | |
Economic capital targets |
Active internal controls form a cornerstone of robust risk governance and are conducive to the Bank operating in accordance with its risk policy and risk appetite. A total of 64 employees work in Landsbankinn's internal control functions; within the Risk Management division, in Compliance (a special function directly under the CEO), and in Internal Audit.
Internal control is a process shaped by the management and employees of Landsbankinn. Internal control comprises all actions taken with the aim to support, manage, mitigate or monitor certain activities and in so doing increase the likelihood of the Bank attaining set goals.
Landsbankinn endeavours to maintain good relations with regulators and to ensure that information disclosure is at all times accurate.
Landsbankinn publishes a risk report that provides in-depth information on all aspects of the Bank's risk management and risk assessment methods. The report complies with the disclosure requirements of Pillar III of the Basel III rules on the capital requirements of financial undertakings.
Landsbankinn published a risk report on 6 February 2020. The report is in English.