Principles of risk management

Risk management is one the most important internal processes in PKO Bank Polski SA, including in abroad branch and as well as in other companies of the PKO Bank Polski SA Group. Risk management aims at ensuring profitability of business activity, with ensuring control of risk level and maintaining it within the risk tolerance and limits system applied by the Bank, in the changing macroeconomic and legal environment. The level of the risks plays an important role in the planning process.

In the PKO Bank Polski SA Group the following types of risk have been identified, which are subject to management (risks considered material were underlined): credit, credit risk concentration currency mortgage loans risk, interest rate, currency, liquidity (including financing risk), commodity price, price equity securities, other price risk, derivative, operational, lack of compliance and conduct risk, macroeconomic changes, models, business (including strategic risk), loss of reputation, conduct risk, capital, excessive leverage and insurance.1

1. The risk relates to the Bank Group’s companies.

A detailed description of management policies for particular risks was presented in the Report on Capital Adequacy and Other Information Subject to Publication.

Specific activities in the area of risk management in the Bank, undertaken in 2016

PKO Bank Polski SA’s priority is to maintain its strong equity position, including effective capital adequacy management, supporting Polish entrepreneurship, customer satisfaction, engaging in creating new standards on a market scale, counteracting cyberthreats, while maintaining the priorities of efficiency and effective cost control and appropriate risk assessment.

In this respect, the Bank took i.a. the following actions in 2016:

  • in 2016 turned the maturing own short-term bonds, on bonds in the amounts PLN 1 billion (in May) and PLN 815 million (in November),
  • in April 2016 turned the maturing own short-term bonds, on bonds with a maturity to one year in the amounts EUR 200 million,
  • in connection with the acquisition of 100% shares in Raiffeisen-Leasing Polska SA by PKO Leasing on 1 December 2016, a decision was taken not to pay dividend from the Bank’s profits earned in 2015 and retained earnings.

In 2016, the Bank conducted operating risk management-related preparatory work for starting operations of the Bank’s new branch in the Czech Republic, the opening of which is planned for March 2017.

As part of this work, in November 2016, the Bank filed an application with the Polish Financial Supervision Authority requesting consent for joint application of advanced measurement approach (AMA) and basic indicator approach (BIA) consisting of the Bank’s calculating the requirements relating to own funds in respect of operational risk using the BIA method in respect of the operations of the Bank’s branch in the Federal Republic of Germany and in the Czech Republic, and using the AMA approach in the remaining operations of the Bank.

In the fourth quarter of 2016, the Bank introduced changes to the process of managing the exposure concentration risk, which constitute the fulfilment of the requirements of Resolution No. 351/2016 of the Polish Financial Supervision Authority dated 24 May 2016 on issuing Recommendation C and include: concentration risk management objectives and process, new measures of tolerance to concentration risk, including internal limits mitigating the risk of excessive concentration and the method of performing stress tests regarding concentration risk.

In the fourth quarter of the year, the Bank updated and considerably simplified the method of assessing credited entrepreneurs in the formula of specialist financing, which allows an adequate credit risk assessment of large projects involving financing income-generating residential and commercial real estate.

In the first half of 2016, the Bank and PKO Bank Hipoteczny SA continued work related to model risk management in the process of adapting to the requirements of Recommendation W on risk management in banks, issued by the Polish Financial Supervision Authority in July 2015. As of 30 June 2016 the process of model risk management in the Bank and in PKO Bank Hipoteczny SA is conducted pursuant to the requirements of Recommendation W.

Within the Group, mortgage loan portfolios which had been extended by PKO Bank Polski SA are gradually transferred to PKO Bank Hipoteczny SA. The nominal value of the portfolio transferred in 2016 amounted to PLN 5.8 billion.

In the first half of 2016, PKO Bank Hipoteczny SA conducted two issues of mortgage bonds addressed to institutional investors, in the total amount of PLN 1 billion, with a maturity period of 5 years and 1 day as of the date of issue. Among the institutions which purchased mortgage bonds are both domestic and foreign investors. Mortgage bonds of PKO Bank Hipoteczny are one of the safest debt instruments on the Polish financial market. Moody’s rating of Aa3, which is the highest rating achievable by Polish securities, attests to this.

In the second half of 2016 PKO Bank Hipoteczny SA conducted 1 benchmark foreign issue of mortgage bonds addressed to institutional investors, with a value of EUR 0.5 billion and period to redemption of 5 years and 8 months. The securities bear an interest rate of 0.125 p.p. and yield of 0.178 p.p. Among the institutions which purchased mortgage bonds are both domestic and foreign investors, including the European Bank of Reconstruction and Development.

Credit risk

Definition

Credit risk is defined as a risk of occurrence of losses due to counterparty’s default of payments to the Bank or as a risk of decrease in economic value of amounts due to the Bank as a result of deterioration of counterparty’s ability to repay amounts due to the Bank.

Management objective

The objective of credit risk management is to minimize losses on the credit portfolio as well as to minimize the risk of occurrence of loans threatened with impairment exposure, while keeping expected level of profitability and value of credit portfolio at the same time.

The Bank and subsidiaries of the Group are primarily driven by the following principles of credit risk management:

  • each loan transaction is subject to comprehensive credit risk assessment, which is reflected in an internal rating or credit scoring,
  • credit risk relating to loan transactions is measured on the stage of examining loan application and on a regular basis, as part of the monitoring process taking into consideration changes in external conditions and in the financial standing of the borrowers,
  • credit risk assessment of exposures which are significant due to their risk levels or its value is subject to additional verification by credit risk assessment teams, which are independent of the business teams,
  • terms of loan transactions that are offered to a customer depend on the assessment of credit risk level or its value generated by the transaction,
  • loan granting decisions are made only by authorized persons,
  • credit risk is diversified particularly by geographical location, by industry, by product and by customers,
  • expected credit risk level is mitigated by collateral received by the Bank, margins from customers and allowances (provisions) for credit losses.

The above-mentioned principles are executed by the Bank through the use of advanced credit risk management methods, both on the level of individual credit exposures and on the level of the whole credit portfolio of the Bank. These methods are verified and developed to ensure compliance with the internal rating method– based requirements (IRB), i.e. advanced credit risk measurement method, which can be used while calculating requirements as regards own funds for credit risk after being approved by the Polish Financial Supervision Authority.

The Group entities, which have significant credit risk levels (the KREDOBANK SA Group, the PKO Leasing SA Group, PKO Bank Hipoteczny SA and a subsidiary: Finansowa Kompania ‘Prywatne Inwestycje’ Sp. z o.o.) manage their credit risk individually, but the methods used by them for credit risk assessment and measurement are adjusted to the methods used by PKO Bank Polski SA, taking into account the specific nature of the activities of these companies.

Any changes to the solutions used by the Group’s subsidiaries are agreed every time with the Bank's units responsible for risk management.

The PKO Leasing SA Group, the KREDOBANK SA Group and the subsidiaries: Finansowa Kompania ‘Prywatne Inwestycje’ Sp. z o.o. and PKO Bank Hipoteczny SA regularly measure credit risk, and submit the results of such measurements to the Bank.

The KREDOBANK SA Group and the PKO Leasing SA Group have organizational units responsible for risk in their organizational structures, which are in particular responsible for:

  • developing methods of credit risk assessment, recognizing provisions and allowances,
  • controlling and monitoring credit risk during the lending process,
  • the quality and efficiency of restructuring and enforcement of the amounts due from customers.

In these companies, the credit decision limits depend primarily on: the amount of the exposure to a given customer, the amount of an individual credit transaction and the period of credit transaction.

The process of credit decision-making in the KREDOBANK SA Group, the PKO Leasing SA Group is supported by credit committees, which are involved in the case of credit transactions which generate increased credit risk level.

Appropriate organizational units of the Risk Management Area participate in managing the credit risk in the Group entities by giving their opinions on projects and periodically reviewing internal regulations of these companies relating to the assessment of credit risk and preparation of recommendations relating to amendments in the drafts of regulations. The Bank supports implementation of the recommended changes in principles for assessing credit risk in the Group entities.

Measurement and assessment of credit risk

Credit risk measurement and assessment methods

In order to assess the level of credit risk and profitability of loan portfolios, the Bank uses different credit risk measurement and valuation methods, including:

  • Probability of Default (PD),
  • Expected Loss (EL),
  • Unexpected Loss (UL),
  • Loss Given Default (LGD),
  • Credit Value at Risk (CVaR),
  • share and structure of impaired loans,
  • ratio of impaired loans (under IAS) to impairment allowances (coverage ratio),
  • cost of credit risk.

The Bank extends regularly the scope of credit risk measures used, taking into account the internal rating-based method (IRB) requirements, and extends the use of risk measures to fully cover the whole Bank’s loan portfolio with these methods.

The portfolio credit risk measurement methods allow i.a. to reflect the credit risk in the price of products, determine the optimum conditions of financing availability and determine rates of impairment allowances.

The Bank performs analysis and stress-tests regarding the influence of potential changes in macroeconomic environment on the quality of Bank’s loan portfolio. The test results are reported to the Bank’s authorities. The above-mentioned information enables to identify and take measures to limit the negative influence of unfavourable market changes on the Bank’s performance.

Rating and scoring methods

The Bank assesses the risk of individual credit transactions with the use of scoring and rating methods, which are created, developed and supervised by the Banking Risk Division. These methods are supported by specialist IT application software. The scoring method is defined by Bank’s internal regulations whose main aim is to ensure uniform and objective assessment of credit risk during the lending process.

The Bank assess the credit risk of retail customers in two dimensions: creditworthiness assessed quantitatively and qualitatively. The quantitative assessment of creditworthiness consists of evaluation of the financial situation, whereas the qualitative assessment involves scoring and evaluating the customer’s credit history obtained from internal records of the Bank and external databases.

In the case of corporate customers from the small and medium enterprises segment that meet certain criteria, the Bank assesses credit risk using the scoring method. Such assessment refers to low-value, uncomplicated loan transactions and it is performed in two dimensions: customer’s borrowing capacity and his creditworthiness. The assessment of borrowing capacity involves examination of the customer’s economic and financial situation, whereas the creditworthiness assessment involves scoring and evaluation of the customer’s credit history obtained from internal records of the Bank and external databases.

In other cases, rating method is widely used.

The evaluation of credit risk related to financing corporate customers is performed in two dimensions: in respect of the customer and of the transaction. The assessment measures comprise the assessment of the credibility of the customer, i.e. rating: and the assessment of the transaction, i.e. liability repayment capacity in the specified amount and timing.

Rating models for corporate customers were prepared using internal data of the Bank which ensures that they are tailored to the risk profile of the Bank's customers. Models are based on a statistical dependence analysis between the default and a customer's risk scoring. Scoring includes an assessment of the financial indicators, qualitative factors and evaluation of behavioural factors. The customer's risk assessment depends on the size of the enterprise for which analysis is made. In addition, the Bank uses a model for assessment of credited entrepreneurs in the formula of specialist financing, which allows adequate credit risk assessment of large projects involving real estate financing (e.g. office space, retail areas, industrial areas) and infrastructure projects (e.g. telecommunications, industrial, public utility infrastructure).

The rating models are implemented in the IT tool supporting the Bank’s credit risk assessment related to financing institutional customers.

In order to examine the correctness of functioning of method applied in the Bank, the methodologies of credit risk assessment connected with individual credit exposures are subject to periodical reviews.

The credit risk assessment process in Bank takes into account the requirements of the Polish Financial Supervision Authority as defined in the Recommendation S, relating to best practices for the management of mortgage-secured loan exposures and Recommendation T relating to best practices for the management of retail credit exposures.

The information about ratings and scoring is widely used in the Bank for the purposes of credit risk management, the system of credit decision making powers, determining the conditions in which credit assessment services are activated and in the credit risk assessment and reporting system.

Monitoring of credit risk

Monitoring of credit risk is performed at individual credit transaction level and at portfolio level.

Monitoring of credit risk at the individual credit transaction level is governed, in particular, by the Bank’s internal regulations concerning:

  • the principles for the recognition of impairment allowances for credit exposures and write-downs of loans payable in respect of unsettled forward transactions;
  • the rules of functioning of the Early Warning System in the Bank;
  • early monitoring of delays in the collection of receivables;
  • the principles for the classification of credit exposures and determining the level of specific provisions.

In order to shorten the time of reaction to the warning signals observed, signalling an increase in the credit risk level, the Bank uses and develops an IT application, an Early Warning System (EWS).

Monitoring of credit risk at the portfolio level consists of:

  • supervising the level of the portfolio credit risk on the basis of the adopted tools used for measuring credit risk, taking into consideration the identified sources of credit risk and analyzing the effects and actions taken as part of system management,
  • recommending preventive measures in the event of identifying an increased level of credit risk.

The Bank’s exposure to credit risk Credit risk reporting

The Bank prepares monthly and quarterly credit risk reports. The reporting of credit risk covers specifically cyclic information on the risk exposure of the credit portfolio. In addition to the information concerning the Bank, the reports also contain information about the credit risk level for the Group subsidiaries (i.a. KREDOBANK SA Group and the PKO Leasing SA Group), which have significant credit risk levels.

Management actions concerning credit risk

Basic credit risk management tools used by the Bank include:

  • minimum transaction requirements (risk parameters) determined for a given type of transaction (e.g. minimum LTV value, maximum loan amount, required collateral),
  • the principles of defining credit availability, including cut-offs – the minimum number of points awarded in the process of creditworthiness assessment with the use of a scoring system (for retail customers and SMEs) or the customer’s rating class (for corporate customers), which a customer must obtain to receive a loan,
  • concentration limits – the limits defined in article 395, item 1 of the CRR Regulation and in the Banking Law,
  • industry-related limits – limits which reduce the risk level related to financing institutional customers that conduct business activities in industries characterized by high level of credit risk,
  • limits on credit exposures related to the Bank's customers– the limits defining the appetite for credit risk as result of among others the recommendations S and T,
  • credit limits defining the Bank’s maximum exposure to a given customer or country in respect of wholesale operations and settlement limits and limits for the period of exposure,
  • competence limits – they define the maximum level of credit decision-making powers with regard to the Bank’s customers, the limits depend primarily on the amount of the Bank’s exposure to a given customer (or a group of related customers) and the loan transaction period, the competence limit depends on the credit decision-making level (in the Bank’s organizational structure),
  • minimum credit margins – credit risk margins relating to a given credit transaction concluded by the Bank with a given corporate customer, but the interest rate offered to a customer cannot be lower than the reference rate plus credit risk margin.

Use of credit risk mitigation techniques - Collateral

Collateral management policy as regards credit risk plays a significant role in establishing minimum transaction terms. The Bank and the entities of the Group’s collateral management is meant to secure properly the credit risk, to which the Group is exposed, including first of all the fact of establishing collateral that will ensure the highest possible level of recovery in the event of realization of debt collateral activity

In assessing collateral, the following factors are taken into account in particular:

  • the economic and financial or social and financial situation of the entities providing personal guarantees,
  • the condition and market value of the assets accepted as collateral and their vulnerability to depreciation in the period of maintaining the collateral (the impact of the technological wear and tear of a collateralized asset on its value),
  • potential economic benefits of the Bank resulting from a specific method of securing receivables, including, in particular, the possibility of reducing impairment allowances,
  • the method of establishing collateral, including the typical duration and complexity of formalities, as well as the necessary costs (the costs of maintaining collateral and the enforcement against the collateral), using the Bank’s internal regulations concerning the assessment of collateral,
  • the complexity, time-consuming nature and economic and legal conditions of the effective realization of collateral, in the context of enforcement restrictions and the applicable principles for the distribution of the sums obtained from individual enforcement or in the course of bankruptcy proceedings, the ranking of claims.

The type of collateral depends on the product and the customer segment. The policy regarding collateral is defined by the internal regulations of the Group subsidiaries.

The structure of loan portfolio and impairment allowances of the PKO Bank Polski SA Group (in PLN million)

 31.12.201631.12.2015
 GrossWrite-downsNetGrossWrite-downsNet
Loans and advances to customers      
the individualized method, incuding:
impaired
no identified impairment
the portfolio method
Impaired
No identified impairment
to the group method (IBNR)
Loans and advances to customers - net

In 2016 the gross value of loans extended by the Group, assessed using the individual method decreased by PLN 999 million, and assessed using the portfolio method decreased by PLN 505 million, while those assessed using the group method increased by PLN 11 412 million.

The share of impaired loans and advances in the PKO Bank Polski SA Group and the coverage ratio to total allowances





The share of impaired loans of the PKO Bank Polski SA Group in gross loan portfolio as at 31 December 2016 amounted to 5.8% and dropped by 0.7 p.p. y/y compared with 31 December 2015.

The coverage ratio of impaired loans for the PKO Bank Polski SA Group as at 31 December 2016 amounted to 65.5%, compared with 63.3% as at 31 December 2015.

Risk management of foreign currency mortgage loans for individuals

As the result of the abandonment of EUR/CHF peg by the Swiss National Bank in January 2015 there was a significant appreciation of the Swiss franc against foreign currencies, including the Polish zloty. The bank constantly analyses the impact of these events on the financial results including the risk of deterioration in the quality of the portfolio of mortgage loans denominated in CHF. The risk is partly mitigated by a decline in reference interest rates, CHF LIBOR.

Due to the fact that the significant appreciation of the CHF against Polish zloty is a risk arising of an excessive burden for household which took mortgage loans indexed to CHF, thus timely debt service, from the beginning of the 2015 the public debate continues on how to reduce the risk of insolvency of these borrowers. Emerging proposals for system solutions, submitted in form of civil or parliamentary bills, as well as presented by the public and supervisory authorities, may result in incurring losses by the Bank on the portfolio in the future periods.

The Group has taken a number of actions designed to help the customers and at the same time to reduce the growth of the credit risk associated with the appreciation of the CHF – among other, lowering transaction exchange rates CHF/PLN at which amount payable in CHF is converted (i.e. currency spread) and taking into account the negative LIBOR for all customers.

The Group monitors the volatility of the exchange rate of the CHF, the value of the portfolio of housing loans denominated in CHF and the impact of the changes in the foreign exchange rates on the capital adequacy on a current basis.

As at the end of 2016 the value of the Bank’s portfolio of loans for denominated in CHF granted to households amounted to PLN 29.8 billion compared to PLN 30.8 billion as at the end of 2015.

Interest rate risk

Definition  The interest rate risk is a risk of incurring losses on the Group’s statement of financial position and off-balance sheet items sensitive to interest rate fluctuations, as a result of changes in the interest rates on the market.
Management objectiveMitigate the risk of potential losses arising from market interest rate changes to an acceptable level by appropriate shaping the structure of statement of financial position and off-balance sheet items.
Risk identification and measurement 

The Group utilizes such interest rate risk measures as:

  • sensitivity of interest income,
  • sensitivity of economic value,
  • value at risk (VaR),
  • stress tests,
  • repricing gap.  
ControlControl over interest rate risk covers determining interest rate risk limits and thresholds tailored to the scale and complexity of the Group’s operations, in particular the strategic limit of tolerance to interest rate risk.
Forecasting and monitoring  

The following, in particular, are monitored by the Group on a regular basis:

  • the level of interest rate risk, 
  • the degree of utilization of the strategic limit of interest rate risk tolerance, 
  • the degree of utilization of internal limits and threshold values relating to interest rate risk.  
ReportingThe reports on interest rate risk are developed on a daily, weekly, monthly and quarterly basis.
Management actions  

The main tools used in interest rate risk management in the Group include:

  • procedures for interest rate risk management, 
  • limits and thresholds for interest rate risk.

The Group established limits and thresholds for interest rate risk comprising i.a. the following:

  • price sensitivity,
  • sensitivity of the economic value and loss.

Methods of managing interest rate risk in Group subsidiaries are determined by internal regulations introduced by the companies for which the interest rate risk measures are significantly high. These regulations are developed after the Bank’s opinion has been sought and in consideration of the recommendations addressed to the companies by the Bank.

As at 31 December 2016, the exposure of PKO Group Polski SA to interest rate risk within the accepted limits. The Group within adopted limits was mainly exposed to PLN interest rate risk. Of all employed by the Group stress tests involving a parallel shift of interest rate curves, most unfavorable for the Group was the scenario of a parallel shift in PLN interest curves.

The effect of the materialization of this scenario at 31 December 2016 amounted to approx. PLN 1.75 billion, while as at 31 December 2015 this figure amounted to approx. PLN 1.6 billion. Interest rate risk generated by the Group entities with regard to PLN, EUR and CHF did not have a significant effect on the interest rate risk of the entire Group and therefore did not significantly affect its risk profile. Interest rate risk with regard to USD was significantly altered by exposure of the Group entities, in which the biggest part has the exposure of KREDOBANK SA.

VaR of PKO Bank Polski SA and stress-tests analysis of the Group's exposure to the interest rate risk

Name of sensitivity measure31.12.201631.12.2015
VaR for a 10-day time horizon (in PLN milion)*269272
Parallel movement of the interest rate curves by 200 b.p. (in PLN milion) (stress-test)**2 0592 014

*Due to the nature of the activities carried out by the other Group entities generating significant interest rate risk as well as the specific nature of the market on which they operate, the Group does not calculate consolidated VaR. These companies apply their own risk measures in the interest rate risk management. The KREDOBANK SA uses the 10-day interest rate VaR for the main currencies. As at 31 December 2016 the value of VaR in the KREDOBANK SA amounted to approx. PLN 8.9 million and PLN 11.5 million as at 31 December 2015.
** The table presents the value of the most adverse stress-test of the scenarios: movement of interest rate curves in particular currencies by 200 b.p. up and by 200 b.p. down.

As at 31 December 2016 the Bank’s interest rate VaR for a 10-day time horizon (10-day VaR) amounted to PLN 269 million, which accounted for approximately 0.9% of the Bank’s own funds. As at 31 December 2015, VaR for the Bank amounted to PLN 272 million, which accounted for approximately 1.00% of the Bank’s own funds.

Currency risk

DefinitionCurrency risk is the risk of incurring losses due to unfavourable exchange rate changes. The risk is generated by maintaining open currency positions in a given foreign currency.
Management objectiveMitigate the risk of incurring potential losses arising from exchange rate fluctuations to an acceptable level by appropriate shaping the structure of statement of the financial position and off-balance sheet items.
Risk identification and measurement

The Group utilizes the following currency rate risk measures:

  • value at risk (VaR),
  • stress tests.
ControlControl over currency rate risk covers determining currency risk limits and thresholds tailored to the scale and complexity of the Group’s operations, in particular the strategic limit of tolerance to currency risk.  
Forecasting and monitoring  

The following, in particular, are monitored by the Group on a regular basis:

  • the level of currency risk,
  • the degree of utilization of the strategic limit of currency risk tolerance,
  • the degree of utilization of internal limits and threshold values relating to currency risk.
ReportingThe reports on currency risk are developed on a daily, weekly, monthly and quarterly basis.
Management actions  

Main tools used in currency risk management in the Group include:

  • procedures for currency risk management,
  • limits and thresholds for currency risk,
  • defining allowable types of transactions in foreign currencies and the exchange rates used in such transactions.

The Group has set limits and threshold values for currency risk for i.a.: currency positions, Value at Risk calculated for a 10-day time horizon and daily loss from transactions on currency market. Methods of currency risk management in the Group’s subsidiaries are defined by internal regulations implemented by these entities, which are characterized by the significant values of currency risk measures. The regulations are developed after consultation with the Bank and taking into account recommendations issued to the entities by the Bank.  

VaR PKO Bank Polski SA and stress-tests of the Group’s exposure to the currency risk, cumulatively for all currencies

Name of sensitivity measure31.12.201631.12.2015
VaR for a 10-day time horizon (in PLN milion)*1025
Change in CUR/PLN rates by 20% (in PLN milion) (stress-test)**252

the nature of the activities carried out by the other Group entities generating significant currency risk as well as the specific nature of the market on which they operate, the Bank does not calculate consolidated VaR. These entities apply their own risk measures in the currency risk management. The KREDOBANK SA Group uses the 10-day VaR, which amounted to approx. PLN 0.35 million as at 31 December 2015 and approx. PLN 4.8 million as at 31 December 2014.
** The table presents the value of the most adverse stress-test of the scenarios: PLN appreciation by 20% and PLN depreciation by 20%.

The currency position for particular currencies in the Group

Currencies31.12.201631.12.2015
EUR-170.194.1
USD29.9-87.3
CHF-36.5-72.5
GBP8.6-1.8
Other (global net)88.7171.1

The amount of foreign currency positions is the key (apart from volatility of foreign exchange rates) factor determining the level of foreign currency risk to which the Group is exposed. All foreign currency transactions concluded, both balance-sheet and off-balance sheet have an impact on the foreign exchange position. The Bank’s exposure to foreign exchange risk is low (in respect of the Bank’s own funds as at 31 December 2016 10-day VaR for the Bank’s foreign exchange position amounted to approx. 0.03%).

Liquidity risk

Definition  

The liquidity risk is defined as the lack of possibility to pay the debts on time due to the lack of liquid assets. Lack of liquidity may arise from inappropriate structure of the statement of financial position, misfit of cash flows, not received payments from counterparties, sudden withdrawal of cash by customers or other market events.

The Bank manages the financing risk, which takes into account the risk of loss of financing sources and the lack of opportunities to renew matured funding, or loss of access to new financing sources.

  Management objectiveEnsure the necessary level the funds to pay present and future debts (also potential) on time, taking into account the nature of performed activities and requirements which may occur due to changes in market environment, by shaping the structure statement of financial position and off-balance sheet liabilities.
Risk identification and measurement

The Group makes use of the following liquidity risk measures:

  • the contractual and adjusted liquidity gap in real terms, 
  • liquidity reserve,
  • liquidity surplus,
  • ratio of stable funding to illiquid assets,
  • liquidity coverage ratio (LCR),
  • national supervisory liquidity measures (M1-M4),
  • measure of stability of deposit and loan portfolios,
  • stress-tests (liquidity stress-tests).
ControlControl over liquidity risk covers determining liquidity risk limits and thresholds tailored to the scale and complexity of the Group’s operations, in particular the strategic limit of tolerance to liquidity risk.
Forecasting and monitoring of risk  

The Group regularly monitors:

  • utilization level of strategic tolerance risk losses limit,
  • the degree of utilization of supervisory liquidity standards,
  • the degree of utilization of internal limits and threshold values relating to liquidity risk,
  • concentration of sources of financing,
  • early warning signals – monitoring their level is aimed at the early discovery of unfavourable phenomena which could have a negative impact on the Bank’s or the financial sector’s liquidity position (which, when exceeded, launch liquidity contingency plans). 
The Group also performs cyclic forecasts of liquidity risk levels, in consideration of the current developments in the Group’s operations. Liquidity forecasts account mainly for the level of particular liquidity risk measures in conditions of realizing the Group’s balance sheet forecasts and realizing selected stress-test scenarios.  
ReportingLiquidity reports are developed: on a daily, weekly, monthly and quarterly basis and, once a year, an in-depth long-term liquidity analysis is conducted.  
Management actions 

The main tools for liquidity risk management in the Group are as follows:

  • procedures for liquidity risk management, in particular emergency plans,
  • limits and thresholds mitigating for liquidity risk,
  • deposit, investment, derivative transactions, including structured forex transactions, and purchase and sales transactions of securities,
  • transactions ensuring long-term financing of the lending activities. 

Methods of liquidity risk management in the subsidiaries of the Group are defined by internal regulations implemented by the entities which are characterized by the significant value of liquidity risk measures. These regulations are developed after consultation with the Bank and take into account recommendations issued to the entities by the Bank.

The Group policy concerning liquidity is based on keeping a portfolio of appropriate level of liquidity surplus through an increase in portfolio of liquid securities and stable sources of financing (stable deposit base, in particular). In liquidity risk management money market instruments, including NBP open market operations are also used.

The Bank’s Group liquidity reserve and excess liquidity as at 31 December 2016 and 31 December 2015 are shown in the Table below.

Liquidity reserve and excess liquidity of PKO Bank Polski SA Group (in PLN billion)

Name of sensitivity measure31.12.201631.12.2015
Liquidity reserve up to 1 month*3130
Overliquidity in a horizon of up to 30 days**1315

* Liquidity reserve equals the gap between the most liquid assets and expected and potential liabilities which mature in a given period of time.
** Excess liquidity – excess liquidity determines the Bank’s ability to maintain liquidity on each day during the period called the ‘horizon of survival’ if predefined stress test scenarios occur.

The Group’s supervisory liquidity measured as at 31 December 2016 and 31 December 2015 are shown in the Table below.

Supervisory liquidity measures

Supervisory liquidity measures31.12.201631.12.2015
M124 46418 907
M21.91.7
M311.69.9
M41.21.2
LCR136.3%131.5%

In the period from 31 December 2015 to 31 December 2016 ratios supervisory measures remained above the supervisory limits. Indicated in the table, the LCR indicator shows the value for the Group.

As at 31 December 2016 the level of permanent balances on deposits constituted approx. 93.8% of all deposits in the Bank (excluding interbank market), which means a decrease by approximately 0.3 p.p. as compared to the end of 2015.

Other market risks

Commodity price risk

DefinitionCommodity price risk is the risk of incurring a loss due to changes in commodity prices, generated by maintaining open positions on particular types of goods.
Management objectiveReduce potential losses resulting from changes in commodity prices to the acceptable level by shaping the appropriate structure of these items.
Risk identification and measurementIn respect of the measurement of the prices of commodities in the other companies of the Group, information on the positions taken by the Group in particular commodities is utilized.
ControlControl of commodity prices covers determining respective limits and threshold levels tailored to the scale and complexity of the Group’s operations.
Forecasting and monitoringIn respect of the commodity price risk the Group regularly monitors, in particular open commodity positions, if they arise.
ReportingReports on commodity price risks are developed on a daily, weekly, monthly and quarterly basis.
Management actionsCommodity price risk is managed by imposing limits on instruments generating the commodity price risk, monitoring their use and reporting the risk level. The effect of commodity price risk on the Group's financial position is immaterial. Currently, commodity risk in the remaining Group companies is non-existent.

Price risk of equity securities

DefinitionThe price risk of equity securities is the risk of incurring a loss due to changes in the prices of equity securities on the public market or stock exchange indices, generated by maintaining open positions in instruments sensitive to changes in these market parameters. The price risk of equity securities results from operations conducted as part of trading activities of the Bank’s Brokerage House, investing activities and from other operations as part of banking activities generating a position in equity securities.
Management objectiveLimiting possible losses due to changes in the prices of equity securities on the public market or stock exchange indices to acceptable level, by optimizing the positions taken in instruments sensitive to changes in these market parameters.
Risk identification and measurement

For the purpose of equity securities price risk management the Group utilizes:

  • analyses of stress tests, in consideration of changes in market prices of the base instrument and changes in its volatility,
  • information on the positions taken in the equity securities portfolio.
ControlControl over equity securities risk covers determining equity securities risk limits and thresholds tailored to the scale and complexity of the Group’s operations.
Forecasting and monitoringThe Group regularly monitors the level of price risk of equity securities and the level of utilization of the limits on positions taken in the equity securities portfolio.    
ReportingReports on the risk of equity securities are prepared on a monthly and quarterly basis.
Management actionsThe risk is managed by imposing limits on the activities of the Bank’s Brokerage House and by monitoring the utilization thereof. The effect of the price risk of equity securities on the financial position of the Group was assessed as immaterial. The positions taken in equity securities and index instruments are limited, and are not expected to increase significantly.

Derivative instruments risk

DefinitionThe risk of derivative instruments is a risk resulting from the Bank’s taking up a position in financial instruments.
Management objectiveLimiting potential losses in respect of changes in factors specific for derivatives (other than foreign currency rates or interest rates) to acceptable levels by appropriate formation of the structure of positions taken in those instruments.
Risk identification and measurement

For the purpose of managing derivatives risk, the Group uses:

  • the Value at Risk (VaR) model,
  • analyses of stress tests, in consideration of changes in market prices of the base instrument, changes in its volatility, and changes in interest rates,
  • sensitivity ratios of options.
Information on the positions taken by the companies in particular derivative instruments indicated by the Bank is used in respect of the measurement of derivatives risk in the Group’s other companies.
ControlControl over derivatives risk covers determining derivatives risk limits and thresholds tailored to the scale and complexity of the Group’s operations.
Forecasting and monitoringMonitoring the risk of derivative instruments takes place as part of monitoring of other types of financial and credit risk. The Bank puts particular emphasis to monitor financial risk related to the maintenance of currency options portfolio and customer credit risk resulting from amounts due to the Bank in respect of derivative instruments.
ReportingIn the Group the reports on risk are developed on a daily, weekly, monthly and quarterly basis
Management actions

The main tools used in derivative risk management are as follows:

  • written procedures for derivative risk management, 
  • limits and thresholds set for the risk related to derivative instruments,
  • master agreements specifying, i.a. settlement mechanisms, 
  • collateral agreements, under which selected customers of the Bank are required to establish a collateral on exposures due to derivative instruments.

Risk management is carried out by imposing limits on the derivative instruments, monitoring limits and reporting risk level.

The derivative risk management process is integrated in the Bank with management of the following types of risk: interest rate, currency, liquidity and credit risk. However, due to the specific nature of derivatives it is subject to special control specified in the internal regulations of the Bank.

Master agreements concluded by the Bank with the major business partners based on the standards developed by the Polish Banks Association (domestic banks) and ISDA (foreign banks and credit institutions), which allow offsetting mutual liabilities, both due (mitigation of settlement risk) and not yet due (mitigation of pre-settlement risk), are particularly important for mitigating the risk associated with derivative instruments. Additional collateral for exposures, resulting from derivative instruments are collateral deposits escrowed by counterparties as a part of CSA agreement (Credit Support Annex).

Methods of derivative risk management in the Group’s subsidiaries are defined by internal regulations implemented by these entities which take up positions in derivative instruments or plan to take positions in such instruments. These regulations are developed after consultation with the Bank and take into account the recommendations issued to entities by the Bank.

Positions taken by the other Group entities in particular derivative instruments are determined in a similar manner to positions taken by the Bank in such instruments, taking into account the specified economic activity of the entities.

Other price risks

Taking into consideration other price risks, at the end of the year 2016, the Bank was exposed to price risk of investment fund participation units in collective investment funds. Influence of this risk to the Bank’s financial situation is immaterial.

Operational risk

DefinitionOperational risk is defined as the risk of occurrence of a loss due to non-compliance or unreliability of internal processes, people and systems or external events. Operational risk takes into account legal risk, and does not include reputational risk and business risk.
Management objective

The objective of operational risk management is to enhance collateral of the operational activity pursued by the Bank by improving the efficient, tailored to the profile and the scale of operations mechanisms of identification, assessment and measurement, controlling, monitoring reduction and reporting of operational risk.

The Group companies manage operational risk in accordance with the management risk policies binding in PKO Bank Polski SA, taking into account the scope and type of relations between the entities comprising the Group, the specific nature and scale of operations of particular companies.

Risk identification and measurement

Operational risk management comprises the identification of operational risk in particular through:

  • collecting data about the operational risk, 
  • the self-assessment of operational risk. 

In order to manage the operational risk, the Bank gathers internal and external data about operational events and the causes and consequences of their occurrence, data on the factors of the business environment, results of operational risk self-assessment, data on KRI and data related to the quality of internal functional controls.

The operational risk self-assessment comprises identification and assessment of operational risk for Bank’s products, processes and applications as well as organizational changes and it is conducted cyclically and before the introduction of new or changed Bank’s products, processes and applications.

The measurement of operational risk comprises:

  • calculation of Key Risk Indicators (KRI), 
  • requirement calculation of own funds for operational risk under the AMA (the Bank) and BIA (Branch in Germany and companies of the Group covered by prudential consolidation), 
  • stress-tests, 
  • calculation of Group’s internal capital.  
ControlControl of operational risk includes setting tailored to the scale and complexity of the Group’s activities risk controls in the form of limits on operational risk, in particular the strategic limits of tolerance and operational risk, losses limits, KRI with thresholds and critical values.
Forecasting and monitoring

The Bank regularly monitors:

  • utilization level of strategic tolerance and operational risk losses limits for the Group,
  • operational events and their consequences, 
  • results of operational risk self-assessment, 
  • the operational risk requirement relating to own funds in accordance with the BIA approach in respect of the operations of the Branch in Germany, and the AMA approach in respect of the Bank’s remaining operations, and the BIA approach in respect of the Group companies covered by prudential consolidation, 
  • the level of risk in Group, areas and tools for operational risk management in Bank, 
  • key Risk Indicators (KRI), in relations to threshold and critical values, 
  • effectiveness and timeliness of actions undertaken to reduce or transfer the operational risk, 
  • management activities, related to the presence of elevated or high levels of operational risk and their effectiveness in reducing the level of operational risk. 
The following entities had a crucial effect on the Group’s operational risk profile: PKO Bank Polski SA, the PKO Leasing SA Group and the KREDOBANK SA Group. Other Group companies, due to the much smaller scale and type of their operations, generate limited operating risk only.
Reporting

Information relating to the Group’s operational risk is reported for the purpose of senior management, the Operational Risk Committee, the Risk Committee, the Management Board and the Supervisory Board.

Quarterly reports include in particular information on:

  • the Bank’s operational risk profile, 
  • the level of operational risk for the Bank, and the areas and tools for managing operational risk, 
  • the results of measuring and monitoring operational risk, 
  • the actions taken to limit operational risk and assessing the effectiveness of the actions taken to lower the level of operational risk, 
  • recommendations, decisions and suggestions of the Operational Risk Committee or the Management Board. 
Information on operational risk is prepared in monthly cycles and addressed to senior management, organizational units of the Head Office and specialist organizational units responsible for systemic management of operational risk. The scope of information is diversified and adapted to the scope of responsibilities of particular addressees.
Management actions

Management actions are taken in the following cases:

  • on ORC’s initiative or Management Board, 
  • on the initiative of organizational units and cells of the Bank managing operational risk, 
  • when operational risk exceeded levels described by Management Board or ORC.

Especially when the risk level is elevated or high, the Bank uses the following approach:

1) risk reduction – mitigating the impact of risk factors or the consequences of its materialization by introducing or strengthening various types of instruments for managing operational risk such as:

  • control instruments, 
  • human resources management instruments, 
  • determination or verification of threshold values and critical KRIs, 
  • determination or verification of operational risk levels, 
  • contingency plans. 

2) risk transfer – transfer of responsibility for covering potential losses on a third-party:

  • insurance, 
  • outsourcing. 
3) risk avoidance – resignation from activity that generates risk or elimination the probability of the occurrence of a risk factor.

Other risk

Compliance risk and conduct risk

Definition

The non-compliance risk is the risk of legal sanctions, financial losses, or loss of reputation or credibility, if the Group, Group’s staff or entities acting on behalf of the Group fail to comply with the universally applicable provisions of law, internal regulations, or market standards adopted by the Group.

Conduct risk means a risk which arises on the part of: 1) the customer, 2) the Group, including its credibility, 3) financial markets, with regard to their credibility, as a result of inappropriate action (also unintentional) or any omission by the Group, its staff or related entities, with regard to offering purchase and provision of financial services.

Management objective
  • reinforcing among shareholders, customers, the Group’s staff, business partners, and other market participants, an image of the Group as an institution which abides by the law and market standards, which is trustworthy, reliable and honest, 
  • countervailing financial losses or legal sanctions, or loss of reputation, which can result from the violation of the law, internal regulations of the Group, and market standards adopted by the Group, 
  • Countervailing losses on the part of the Group, which can result from inappropriate conduct (also unintentional) or omission by the Group, its staff or related entities, with regard to offering purchase and provision of financial services.
Risk identification and measurementIdentification and asses through information on cases of non-compliance and the reasons for their occurrence, including information as a result of an internal audit, a functional internal control and external controls is used
Forecasting and Monitoring

This involves:

  • an analysis of cases of non-compliance in the Group and in the banking sector, 
  • the causes and effects thereof, 
  • evaluation of key provisions of the law affecting the operations of the Group, 
  • evaluation of activities undertaken by the Bank and members of the Group as part of the management of the non-compliance risk, 
  • evaluation of the effectiveness and adequacy of the controls connected with mitigation of the non-compliance risk, 
  • an analysis of information about the status of the major adaptation work performed by the Group to adapt to the universally applicable provisions of law, market standards adopted by the Group and notices of external supervisory and control authorities, 
  • an analysis of information about operating events, security incidents, disputes, including litigation, against the Group, complaints and irregularities connected with the conduct risk.
ReportingIn the form of quarterly management reports designated for the Risk Committee, the Management Board, the Supervisory Board Risk Committee, and the Supervisory Board, as well as information submitted for the purposes of external supervision and control authorities.
Management actions

The management comprises, in particular, the following issues:

  • preventing the Group from engaging in illegal activities, 
  • promoting ethical standards and monitoring them, 
  • managing conflicts of interest, 
  • preventing situations in which the conduct of the Group’s employees in official matters could give the impression of being a private interest, 
  • professional, reliable, and transparent preparation of the product offer, as well as advertising and marketing messages, 
  • ensuring the protection of information, 
  • immediate, fair and professional handling of customer complaints, requests and grievances, 
  • preventing situations in which a product incompatible with the customer’s needs could be offered, 
  • determining an adequate manner and form of proposing purchases with regard to the nature of the product offered, 
  • monitoring sales and the reliable performance of agreements concluded with customers. 
The Group adopted the policy of ‘zero tolerance’ for non-compliance which means that the Group focuses its activities on eliminating such risk.

Business risk

DefinitionBusiness risk is the risk of incurring losses due to adverse changes in the business environment, taking bad decisions, the incorrect implementation of decisions taken, or not taking appropriate actions in response to changes in the business environment; this includes in particular strategic risk.
Management objectiveMaintaining, on an acceptable level, the potential negative financial consequences resulting from adverse changes in the business environment, making adverse decisions, improper implementation of adopted decisions or lack of appropriate actions, which would be a response to changes in the business environment.
Risk identification and measurement

Identification is to recognize and determine factors both current and potential, resulting from current and planned activities of the Group and which may significantly affect the financial position of the Group, generating or change in the Group’s income and expense. Business risk identification is performed by identifying and analyzing the factors that had an impact on the significant deviations of realization of income and expense from their forecasted values.

Measurement of business risk is aimed at defining the scale of threats related to the existence of business risk with the use of defined risk measures. The measurement of business risk includes: calculation of internal capital, conducting stress-tests.

ControlControl of the business risk is aimed at striving to maintain the business risk at an acceptable level. Involves setting and periodic review of the risk controls in the form of tolerance limits on the business risk along with its thresholds and critical values, adequate to the scale and complexity of the Group.
Forecasting and Monitoring

Forecasting of the business risk is aimed at determining an anticipated scenario of changes in the income and expense items in the income statement. The forecast is prepared once a quarter on a yearly basis and includes forecasting the level of business risk and internal capital.

Once a quarter, the verification of a business risk forecast (so-called backtesting) is performed.

Monitoring of the business risk is aimed at diagnosing the areas which require management actions.

Monitoring of business risk includes in particular:

  • strategic levels of business risk tolerance – on a quarterly basis, 
  • stress-tests results – on an annual basis, 
  • internal capital level – on a quarterly basis, 
  • deviations from the implementation of business risk forecast – on a quarterly basis,
  • results of a survey conducted among senior management staff of the Bank - on an annual basis.  
ReportingReporting is performed on a quarterly basis. The reports on the business risk level are addressed to the ALCO, the RC, the Management Board, the Risk Committee of the Supervisory Board, and the Supervisory Board.  
Management actions  

Management actions consist of, in particular:

  • verifying and updating quarterly financial forecasts, including actions aimed at lowering the business risk level in accordance with the limits, 
  • monitoring the level of the strategic limit of tolerance to business risk

Reputation risk

DefinitionThe reputation risk is understood as the risk of deterioration of reputation among customers, counterparties, investors, supervisory and control authorities, and the general public as a result of the Group’s business decisions, operating events, instances of non-compliance or other events.
Management objectiveProtect the Group’s reputation by counteracting the occurrence of reputation and limiting the negative effect of image-related events on the Group’s reputation.
monitoringInformation monitoring of image-related events, taking into account every identified, negative information about the Group, in the form of: information disseminated in the media, information disclosed within the principles of information policy of the Group, evaluation of audits firms, analytical institutions and external supervisory and control authorities, public protests and speeches,
Reporting

Reporting the risk of loss of reputation is effected by:

  • management reports for the Risk Committee, the Management Board, the Supervisory Board Risk Committee, and the Supervisory Board, 
  • information submitted on an on-going basis in respect of current events with considerable impact on reputation, to the President of the Management Board Division Director, and the President of the Management Board, 
  • Information included in the Bank’s and the Group’s financial statements, and submitted on request to external supervisory and control authorities.
Management actions

These include, among other things:

  • an analysis of the causes of specific image-related events, 
  • evaluation of the effects thereof,
  • preparing propositions of management activities aimed at mitigating the risk of losing reputation.

Model risk

DefinitionModel risk is the risk of incurring negative financial effects or reputation as a result of making incorrect business decisions on the basis of the models functioning. As a part of the Group model risk is managed both at the level of the entity of the Group (the owner of the model), and at the level of the Bank as the parent company of the Group.
Management objectiveMitigate the level of risk of incurring losses as a result of making incorrect business decisions on the basis of existing models in the Group through a well-defined and implemented process of models management. One of the elements of the model management process is to cover all significant models in the Group with regular, independent validation.
Risk identification and measurementIdentification of the model risk consists of, in particular, collecting information about the existing models and models planned to be implemented as well as determining the materiality of the models on a periodical basis. The model risk evaluation is aimed at determining the scale of the threats associated with the occurrence of the model risk. The evaluation is made at the level of each model as well as on an aggregate basis at the level of the individual Group entities.
ControlControl of the model risk is aimed at maintaining an aggregated evaluation of the model risk at a level which is acceptable to the Group. Control of the model risk consists of determining the mechanisms used to diagnose the model risk level and tools for reducing the level of this risk. The tools used to diagnose the model risk include, in particular, a strategic limit of tolerance to the model risk and the threshold values of the model risk.
Monitoring

Monitoring of the model risk on a periodical basis is aimed at diagnosing the areas requiring management actions and includes, in particular:

  • updating the model risk level, 
  • evaluating the utilization of the strategic limit of tolerance to the model risk and the threshold values of the model risk, 
  • verifying the stage of implementation and evaluating the effectiveness of the implementation of the activities as part of the mitigation of the model risk.  
ReportingThe results of monitoring the model risk are presented periodically in the reports addressed to the RC, the Management Board, and the Supervisory Board. The reports contain a comprehensive model risk assessment, in particular: information about the degree of utilization of the strategic limit of tolerance to the model risk and about the level of the model risk (from a standalone and consolidated perspective), a model risk map, an evaluation of the effectiveness of the recommendations made to reduce the model risk level, proposed new management actions reducing the model risk (if any).
Management actionsThe purpose of management actions is to form a model risk management process and to affect the level of this risk, in particular by determining acceptable risk levels and making decisions about the use of tools supporting model risk management.

Macroeconomic changes risk

>

DefinitionRisk of macroeconomic changes is a risk of deterioration of the financial situation of the Bank as a result of the adverse impact of changes in macroeconomic conditions.
Management objectiveIdentify macroeconomic factors having a significant impact on the Group's activities and taking actions to reduce the adverse impact of potential changes in the macroeconomic situation on the financial situation of the Group.
Risk identification and measurement

Identification of risk of macroeconomic changes is to determine scenarios of the potential macroeconomic changes and to determine risk factors having the greatest impact on the financial situation of the Group. Risk of macroeconomic changes results from interaction of factors dependent and independent of the Group's activities. The Bank identifies the factors affecting the level of risk of macroeconomic changes during carrying out comprehensive stress-tests.

The risk of macroeconomic changes materializes indirectly through other risks affecting the Group's operations.

For the purpose of measuring the risk of macroeconomic changes the Group uses risk measures based on the results of comprehensive stress-tests, in particular:

  • financial result and its components, 
  • capital adequacy measures and their components, 
  • selected liquidity measures, 
  • data on the quality of the loan portfolio.  
Control

Control of the risk of macroeconomic changes is aimed at striving to mitigate the adverse effect of potential changes in the macroeconomic situation on the financial position of the Group.

Control of the risk of macroeconomic changes consists of determining the acceptable risk level tailored to the scale of the Group’s operations, with the level of the risk of macroeconomic changes being assessed on the basis of the results of comprehensive stress tests. An acceptable level of the risk of macroeconomic changes is a situation in which stress test results do not point to the need to take any remedial measures.  

Monitoring

Monitoring consists of, among other things, analyzing macroeconomic factors and the economic situation on a current basis and includes in particular:

  • changes in the macroeconomic situation, 
  • the macroeconomic factors to which the Bank is sensitive, 
  • stress test results,
  • the level of the risk of macroeconomic changes.  
ReportingReporting is provided in the form of additional information about the risk of macroeconomic changes which accompanies a quarterly report on capital adequacy, in which the stress tests were conducted. The reports are addressed to the ALCO, the RC, the Management Board, and the Supervisory Board.
Management actions

Management actions in particular consist of:

  • issuing internal regulation, 
  • determining acceptable levels of risk, 
  • proposals of actions aimed at reducing the level of risk in the event of elevated or high risk of macroeconomic changes occurrence.

Capital risk

DefinitionCapital risk is the risk of failing to ensure an appropriate level and structure of own funds, with respect to the scale of the Bank operations and risk exposure and, consequently, insufficient for the absorption of unexpected losses, taking into account development plans and extreme situations.
Management objectiveEnsure an appropriate level and structure of own funds, with respect to the scale of the operations and risk exposure of the Group, taking into account of the assumptions of the Bank’s dividend policy as well as supervisory instructions and recommendations concerning capital adequacy.
Control

The purpose of the capital risk control is to strive to keep the Bank’s and the Group’s capital risk level low, i.e. below specific thresholds of adequacy measures.

The control of the capital risk includes determining risk control measures adapted to the scale and complexity of the Bank’s and the Group’s operations, in the form of strategic tolerance limits and thresholds for capital adequacy measures.

Maintaining the capital adequacy measures above thresholds ensure an appropriate capital buffer above supervisory minimum levels.

Risk identification and measurement

The capital risk level for the Group is determined based on the minimum, threshold and maximum values of capital adequacy measures, amongst others, the total capital ratio and basic capital (Tier 1) ratio. In addition, threshold and maximum values are determined for capital adequacy measures, as an excess over the minimum values constituting strategic tolerance limits for the capital adequacy measures.

The capital risk level is determined as follows:

  • low level – when all capital adequacy measures exceed the threshold values, 
  • raised level – when at least one adequacy measure is lower than a threshold value and no capital adequacy measure is lower than the strategic tolerance limit, 
  • high level – when at least one capital adequacy measure is lower than the strategic tolerance limit. 
Should a high level of capital risk be identified, the Bank takes measures to bring capital adequacy measures to a lower level, taking into account of the assumptions of the dividend policy as well as the supervisory instructions and recommendations concerning capital adequacy.
Monitoring and reporting

The Bank regularly monitors and reports the level of capital adequacy measures in order to determine the extent to which the supervisory standards, thresholds and internal strategic limits are met, and to identify cases which require that capital emergency actions be launched.

Reporting the levels of capital adequacy measures is performed on a monthly basis for the Management Board and on a quarterly basis for the Supervisory Board.

Management actions

Capital risk management is performed by:

  • determining and attaining the capital targets desirable for the Bank, 
  • determining the internal limits for capital adequacy measures, 
  • planning, monitoring and reporting the level and structure of equity, as well as capital adequacy, 
  • allocating the requirement in respect of own funds and internal capital to individual business areas and customer segments in the Bank as well as individual companies in the Group, 
  • evaluation of profitability of individual business areas and customer segments.   

The main capital risk management tools include:

  • dividend policy, 
  • issue of shares and share capital increase, 
  • issue of subordinated debt, 
  • allocating profits of the current period to own funds, loan protection instruments of selected loan receivables portfolios, 
  • restricting lending activities, including lending activities limits, 
  • sale of selected financial assets, 
  • and securitization of portfolio.

Insurance risk

DefinitionInsurance risk is a risk of loss or of adverse change in value of insurance liabilities, due to inadequate pricing and provisioning assumptions (in particular for technical provisions).
Identification, measurement and risk assessment

The exposure to insurance risks is monitored and shaped in accordance with the adopted Risk Management Strategy.

In PKO Życie Towarzystwo Ubezpieczeń S.A., the dominant type of insurance risk differs depending on the type of product in the Company’s portfolio:

  • products with Insurance Capital Funds (UFK) – mainly the contracts withdrawal risk (a relatively short period of time after implementation of the UOKiK decision), 
  • protection products: mortality and claims risks as well as negative selection (decreasing risk), 
  • for all products – the risk associated with comparing expenses with income (unit costs). 

The Company mitigates its exposure to the risks through:

  • reinsurance of the mortality and claims risks in excess of a specified amount per risk and per insurance contract,
  • retention campaigns,
  • monitoring the quality of sales in order to achieve an improvement in the quality of sales, 
  • increasing the scope of cover for investment and protection products. 

In 2015 and 2016, the risk of changes in the approach to surrender fees materialized partially. As a result of the proceedings of the UOKiK and the agreements concluded in 2015 and 2016 as a result of these proceedings, the Company estimated the changes in the distribution of future withdrawals. The amounts of the future surrender fees were also adjusted in accordance with the above agreement. The decisions made constitute the continuation of activities conducted by the Company so far, with regard to reducing the total surrender value of selected life insurance contracts with insurance capital funds. Up until the date of this report, no increase in contract withdrawals in excess of the assumptions for determining the Best Reserve Estimate was observed.

PKO Towarzystwo Ubezpieczeń SA (which commenced its operating activities in 2016) is exposed to the following types of insurance risk:

  • unearned premium and reserve risk – mitigated through proportionate reinsurance, product structure, 
  • catastrophic risk – mitigated through catastrophic reinsurance, 
  • contract withdrawal risk – mitigated through retention measures. 

The dominant type of risk is dependent on the type of product:

  • multi-year loss of source of income insurance contracts – unearned premium and reserve risk, 
  • property insurance – catastrophic risk (flood). 
The measurement of the insurance risk in Insurance Companies is performed, among other things, as part of the analysis of contract withdrawals, claims ratio analysis, the analysis of the amounts of assets to cover technical reserves (APR), and an annual analysis of shock scenarios – stress tests as part of the process of self-assessment of risk and solvency. PKO Życie Towarzystwo Ubezpieczeń SA and PKO Towarzystwo Ubezpieczeń SA have implemented the requirements arising from the new Solvency II system and have been calculating capital ratios under the new regime as from 1 January 2016, maintaining own funds at an adequate level.
Monitoring

As to mitigate the insurance risk exposure, PKO Życie uses among others:

  • reinsurance of risks (mortality, morbidity)
  • grace periods, 
  • exemptions, 
  • retention activities. 

Ceded reinsurance of PKO Życie is performed on the basis of:

  • obligatory-optional, quota share - surplus reinsurance treaties, on the basis of risk – premium, 
  • optional reinsurance treaties, on the basis of risk – premium, 
  • obligatory, proportionate reinsurance treaties, 
  • obligatory catastrophic reinsurance treaties, 
  • obligatory excess of loss reinsurance treaties. 

Facultative reinsurance is applied for all insurance agreements and risks not covered by obligatory – facultative reinsurance agreements, in which the sum on the gross risk exceeds agreed amount.

In case of the new products and the risks, PKO Życie Towarzystwo Ubezpieczeń SA and PKO Towarzystwo Ubezpieczeń SA chose reinsurer, level of protection, conditions of the reinsurance, changes in concluded reinsurance contracts and concluding new reinsurance contracts in relation to the newly introduced to offer or modified insurance products and new risks.

ReportingReporting on insurance risk is provided in the form of periodical reports to the Management Board and for the Asset and Liabilities Committee, the Local Risk Committee, and the Risk Committee of the Supervisory Board.
The assets to cover technical reserves (APR) remained at a sufficient level (over 100%) and had an appropriate structure. As at the end of 2016, the aggregate assets to reserves ratio amounted to 103% for PKO Życie Towarzystwo Ubezpieczeń S.A. and 140% for PKO Towarzystwo Ubezpieczeń SA.

Risk of excessive leverage

DefinitionThe risk of excessive financial leverage is the risk resulting from vulnerability to threats due to financial leverage or conditional financial leverage that may require taking unintended action to adjust business plans, including an emergency sale of assets which could result in losses or result in the need for valuation adjustments of other assets.
Management objectiveThe objective of managing the risk of excessive leverage is to ensure an appropriate relationship between the amount of the core capital (Tier 1) and the total of balance sheet assets and off-balance sheet liabilities granted by the Group.
Risk identification and measurementThe risk of excessive leverage materializes as a mismatch of scale of activities and structure of the sources of financing and insufficient equipment of Group’s own funds. For the purpose of measuring the risk of excessive financial leverage, a leverage ratio is calculated as a measure of Tier 1 capital divided by the measure of total exposure and is expressed as a percentage rate. The leverage ratio is calculated on the reporting reference date. The leverage ratio is calculated both with reference to Tier 1 capital and in accordance with the transitional definition of Tier 1 capital.
ControlThe objective of the control of the risk of excessive leverage is to strive to maintain the Bank’s risk of excessive leverage at an acceptable level. It covers a periodical review of the risk control mechanisms in the form of a tolerance limit, including its threshold value.
Forecasting and monitoring

The following parameters are in particular subject to monitoring of the risk of excessive leverage:

  • value of the leverage ratio, 
  • threshold of the risk of excessive leverage, 
  • deviation of the leverage ratio from forecasts.  
ReportingReporting is performed on a quarterly basis. The reports on the level of the risk of excessive leverage are addressed to the RC, the Management Board, the Risk Committee of the Supervisory Board, and the Supervisory Board.
Management actionsThe management actions concerning the risk of excessive financial leverage are identical to the management actions concerning capital risk. In the event of an increased risk, actions are taken to bring capital adequacy measures to a decreased level, taking into account the assumptions of the dividend policy as well as supervisory suggestions and recommendations concerning capital adequacy.

Comprehensive stress-tests

Comprehensive stress-tests are an integral part of the Group’s risk management and are complementary to stress-tests specific to particular types of risks. They collectively include the types of risk considered by the Group to be material. They include an analysis of the impact of changes in the environment and the functioning of the Group on the Group’s financial position, in particular: the income statement, statement of financial position, own funds, capital adequacy, including own fund requirements, internal capital, capital adequacy measures, and selected liquidity measures.

Comprehensive stress-tests for the Group’s own use are carried out at least once a year in a three-year horizon, and for the Bank – every six months in a three-year horizon, taking into account changes in the value and structure of balance sheet and income statement items (dynamic tests). Supervisory tests are carried out at the request of the supervisory authorities in accordance with the assumptions provided by the supervisory authorities.