Search results

No notes
Basket is empty
Send to print

Risk management foundations

Vision of the risk management area

The risk management process is conducted at all levels of the organizational structure, starting at the levels of the Supervisory Board (including the Risk Committee of the Supervisory Board) and the bank’s Management Board, through specialised committees and units responsible for risk identification, measurement, monitoring, control and reduction, down to each business unit.

Lines of defence

Risk management roles and responsibilities in mBank Group are organised around the three lines of defence scheme:

Business and Risk Forum of mBank Group

In the risk management process, the bank attaches high importance to the communication between organizational units in the area of risk management and lines of defence in mBank as well as between the bank and the Group subsidiaries. An important role in this regard is played by the Business and Risk Forum of mBank Group which is a formal decision and communication platform dedicated for finding solutions ensuring the optimal relation between profits and risk taking, in accordance with the risk appetite approved by the Management Board.

The Committees are composed of the representatives of business lines and respective risk management area departments of mBank and the respective organizational units of the Group subsidiaries. Each Committee is responsible for all risks generated by business activity of the given business line.

The Forum is constituted by the following Committees assigned to individual business lines:

Structure and tasks of the risk management area

The management function at the strategic level and the function of control of credit, market, liquidity and operational risks and risk of models used to quantify the aforesaid risk types are performed in the risk management area supervised by the Vice-President of the Management Board, Chief Risk Officer.

Individual units have specific roles in the process of identifying, measuring, monitoring and controlling risk. Within the scope of their powers, the units develop methodologies and systems supporting the aforesaid areas. Furthermore, the risk control units report the risk and support the major authorities of the bank.

The risk management area is functioning within the following organizational structure:

Vice-President of the Management Board, Chief Risk Officer
Integrated Risk and Capital Management Department
  • Integrated risk, capital and liquidity management in the bank and the Group, in particular through: control of risk profile, capital and liquidity adequacy, and risk bearing capacity; integration of risk valuation; integration of control of non-financial risks and Internal Control System Self-assessment (ICS).
  • Identifying, measuring, controlling, monitoring and developing methods for measuring market risk, interest rate risk of the banking book, liquidity risk and counterparty risk.
  • Monitoring of overall risk profile of organizational units in the area of financial markets.
  • Managing the process of integrated risk, capital and liquidity reporting.
Projects and Risk Architecture Management Department
  • Risk Projects Portfolio Management.
  • Performing the function of competence centre in the area of process management.
  • Development and optimization of the architecture of IT processes and applications of Risk.
  • Management of the IT applications of Risk (maintenance and development).
  • Risk data management and cooperation with the Finance Division within the scope of centralized management information system.
Corporate Risk Assessment Department
  • Implementation of the bank’s credit policy regarding corporate customers, countries and financial institutions.
  • Credit risk management in the bank and the Group subsidiaries in the abovementioned areas.
Processes and Risk Measurement Department
  • Developing and implementation of corporate credit process and supervision over its effectiveness.
  • Preparing corporate credit risk management strategy of mBank Group as well as credit policies including policies regarding industrial risk appetite.
  • Preparing portfolio analysis and reports for the purpose of management of corporate credit risk.
  • Developing and monitoring the quality of rating models for retail and corporate clients and financial institutions (credit risk modelling).
  • Verification of value, liquidity and attractiveness of real estate and movables provided for collateral of loans.
Retail Risk Management Department
  • Development of risk management principles and processes.
  • Acceptance of retail banking products, including the impact on the different types of risk and capital requirements.
  • Development of reports for monitoring of risk management policies.
  • Development and management of systems supporting the risk assessment and decision-making process.
Retail Debt Restructuring and Collection Department
  • Handling the processes of debt restructuring and collection of receivables arising from retail loans granted on the Polish market.
  • Debt sale transaction of NPL for receivables arising from retail loans granted on the Polish market.
Credit Processes and Retail Risk Assessment Department
  • Making credit decisions concerning retail banking products.
  • Monitoring credit agreements and performing administrative activities.
  • Developing and effectively using anti-fraud systems and tools.
  • Preventing credit fraud and exercising control over operational risk in the credit process for retail and corporate banking products, as well as developing the methodology of these processes.
  • Identifying gaps in processes, products and systems that impact an increase in fraud exposure and applying measures to eliminate such gaps.
Validation Unit
  • Integration of model and their risk management.
  • Validation of quantitative models.
Position for risk development
  • Managing development activities of the managerial staff and employees of the risk management area.

Organizational units outside the risk management area are in charge of the management and control of other risks (capital risk, business risk, reputational risk, legal risk, compliance risk, outsourcing risk, IT risk, cyber risk).