Strategic Report Strategic Report Strategic Report Financial Additional Overview Strategy Performance Governance Statements Information Bank’s proprietary trading position is limited by the ALCO Operational risk to a maximum of 10% of the Bank’s total regulatory capital Definition: Operational risk is the risk of loss arising from as defined by NBG. The open currency position is also limited systems failure, human error, fraud or external events. by the ALCO to an annual VAR limit of GEL 50 million with When controls fail to perform, operational risks can a 98.0% “tolerance threshold”. cause damage to reputation, have legal or regulatory The ALCO limits are more conservative than NBG implications, or lead to financial loss. The Bank cannot requirements, which allow banks to keep open positions expect to eliminate all operational risks, but through a of up to 20.0% of regulatory capital. The Bank also applies risk management and integrated control framework and sensitivity stress tests to its open currency positions to by monitoring and responding to potential risks, the Bank estimate any potential negative impact on its net assets aims to manage the risks. and earnings. Mitigation: The Bank manages its operational risks by Interest rate risk: The Bank has exposure to interest rate establishing, monitoring and continuously improving its risk as a result of lending at fixed and floating interest policies and procedures relating to the various aspects rates in amounts and for periods which differ from those of the Bank’s cash, payments, accounting, trading of term borrowings at fixed and floating interest rates. and core processing operations and data back-up and Interest margins on assets and liabilities having different disaster recovery arrangements. The Bank has elaborated maturities may increase or decrease as a result of changes a framework, which is in compliance with normative in market interest rates. acts defined by Georgian legislation and international standards. Regular review of and amendments to Similarly to other Georgian banks, the majority of the the policy are performed by the Management Board Bank’s assets and deposits have fixed interest rates. and overseen by the Risk Committee, which are also In order to minimise interest rate risk, the Bank monitors responsible for setting an overall risk appetite. its interest rate (re-pricing) gap and maintains an interest The Operational Risk Management department is rate margin (net interest income before impairment responsible for development of policies, processes and of interest-earning assets divided by average interest- procedures for managing operational risks in all products, earning assets) sufficient to cover operational expenses activities, processes and systems, consistently implementing and risk premium. Within limits approved by the Bank’s an operational risk framework throughout the Bank. Supervisory Board, the ALCO approves ranges of interest The department is responsible for the identification and rates for different maturities at which the Bank may assessment of operational risks, detecting critical risk place assets and attract liabilities. The Quantitative Risk areas or groups of operations with an increased risk level, Management and Risk Analytics department analyses developing escalation processes, considering business duration gap and capital sensitivity to interest rate recommendations and mitigation action plans. changes. Interest rate risk levels for each currency are monitored by Finance, Treasury and Quantitative Risk The Operational Risk Management Committee is Management and Risk Analytics. responsible for setting and overseeing qualitative and As of 31 December 2018, the Group’s floating rate quantitative parameters of operational risk appetite borrowings accounted for 9.2% of the Group’s and tolerance. total liabilities. Operational risks are identified and assessed by using Prepayment risk: The Bank is also subject to prepayment several methodologies, including: internal loss database risk, which is the risk that the Bank will incur a financial collection and analysis, scenario analysis, Risk and Control loss because its customers and counterparties repay or Self-Assessment (RCSA), new products assessment, and request repayment earlier than expected, such as fixed Key Risk Indicators (KRIs) analysis. To mitigate the impact rate mortgages when interest rates fall. The Bank reviews of operational risk, the Bank applies approaches, including the prior history of early repayments by calculating the the implementation of control elements in a business weighted average effective rate of early repayments process, segregation of duties, access, authorisation and across each credit product, individually, applying these reconciliation procedures, and development of preventive historical rates to the outstanding carrying amount of control tools within operating systems. each loan product as of the reporting date and then To ensure that adequate risk management competency multiplying the product by the weighted average effective levels are achieved and maintained, the Bank provides annual interest rates for each product. This allows the regular staff education and training courses as part of Bank to calculate the expected amount of unforeseen the risk management process. Specific risk management losses in the case of early repayments. training sessions are held on an annual basis aimed at For further information on the Group’s market risk see providing an overview of the risk management framework. Note 27 of the Notes to the Consolidated Financial The Head of Operational Risk Management, who reports Statements of this Annual Report. to the Bank’s Deputy CEO, Chief Risk Officer, is responsible for the oversight of the Bank’s operational risks. Annual Report 2018Bank of Georgia Group PLC 59