The Risk Group identifies, monitors, controls, and manages the Bank’s risks against limits and tolerance levels. The Chief Risk Officer (CRO) manages the following risk areas: credit, investment, operational, conduct, market, liquidity, interest rate, IT, security, reputational, regulatory, legal, social and environmental, and other non-financial risks, as well as the Treasury Middle Office and Internal Control Management functions. The Risk Group’s Enterprise Risk Management (ERM) framework provides a holistic overview of all types of risks across the organization. CIB’s ERM framework dates back to 2014, positioning the Bank as a pioneer in the MENA region. The ERM framework provides the Bank with a cohesive approach to risk, integrated with an active risk culture, a flexible technology platform, and strong data governance, all tied together with a solid risk appetite framework. The ERM framework is comprised of control, governance, and oversight, which mitigate risks by utilizing existing risk-management capabilities, helping improve the operating environment and reducing operational surprises. The group proactively monitors triggers for adverse events and provides an effective risk response.
Risk Group Framework and Governance
CIB’s risk governance structure utilizes the lines-of-defense model, with robust committee structures and a comprehensive set of policies and operating guidelines approved by the BoD and the Bank’s executive committees. The BoD, directly or in conjunction with BoD Committees, provides oversight of risk levels as well as key performance and risk indicators.
The CRO along with experienced risk officers, who are key members of all risk-related committees, are responsible for the identification, assessment, and reporting of all types of risks across all business lines.
|Committee Name||Function||Risk Type|
High Lending and Investment Committee (HLIC)
Responsible for managing the asset side of the balance sheet, with the aim of maintaining CIB’s sustainable business growth rate while ensuring that the Bank is compliant with internal credit policies and the CBE’s rules and regulations.
Consumer Risk Committee (CRC)
Responsible for managing, approving, and monitoring all matters related to the Consumer Banking portfolio growth and quality. CRC decisions are primarily guided by the Bank’s approved risk appetite, while ensuring compliance with the principles stipulated by the Consumer Credit Policy Guide.
Business Banking Risk Committee (BBRC)
Responsible for managing, monitoring and concurring/approving all aspects related to the quality and growth of the Business Banking portfolio. The Committee’s decisions are guided first and foremost by the current risk appetite of the Bank as well as the prevailing market trends, while ensuring full adherence to the stipulated guidelines set by the Business Banking Credit Policy Guide.
Asset and Liability Committee (ALCO)
Non-Financial Risks and Compliance Committee (NFRCC)
Responsible for the consolidation of non-financial and compliance risks and enhancing risk-response efficiency. The main objective is to oversee operational, reputational, conduct, and security risks and compliance frameworks, in addition to monitoring vendor and IT risks, and any new emerging non-financial risks.
Institutional Banking Credit Risk
CIB continued to pursue its prudent growth momentum in alignment with the IB credit portfolio quality. This risk-adjusted growth is a result of the consistent commitment to the credit risk process outlined via a comprehensive set of policies and operating guidelines adopted by Bank’s staff under the supervision of the BoD.
The following are the key tools used in credit risk identification and assessment:
- Internal Credit Rating Assessment Model: This is used to evaluate corporate portfolio customers’ risk ratings through several phases, capturing all regulatory guidelines and historical financial data and translating all aspects into qualitative and quantitative measures.
- Credit Risk Analysis: The Bank employs a risk-progressive strategy in the credit approval process. This strategy takes into consideration industry norms, both domestic and international, along with a broad review of associated credit risks, which are weighed against the probability of occurrence.
- Early Warning Signals (EWS) Framework: This is a comprehensive tool that closely monitors the quality of the corporate credit loan portfolio to detect at an early stage the deterioration of a set of key performance indicators that could adversely affect the creditworthiness of borrowers. The framework sets actions and escalating procedures to minimize foreseen losses and safeguard the Bank’s position.
Financial Institutions and Country Risk
The Financial Institutions (FI) and Country Risk Team was formed to actively support correspondent banks’ relationships through the continuous assessment of new markets or products presented by the business FI teams and ensuring an efficient, prudent, and timely approval process.
Social and Environmental Credit Risk Management
The Social and Environmental Credit Risk Team aims to safeguard the Bank against credit risks resulting from adverse social and/or environmental impacts from customer activities. This is achieved by implementing a comprehensive due diligence process to assess this risk for all clients prior to credit facility approval, as well as providing customers with tools to facilitate and encourage their shift to a greener economy.
Consumer and Business Banking Risk Management
Consumer and Business Banking risk is managed using a robust risk framework based on best practices, which ensures sound risk identification and assessment. Mitigants are in place to ensure portfolio quality is within the Bank’s risk appetite. The Risk Team leverages an optimized Risk Reward Strategy with the help of advanced early warning indicators and solid data analytics to ensure prudence and due diligence in customers’ selection as well as proactive portfolio monitoring to maximize the risk adjusted yields across asset products.
Consumer risk follows a holistic credit cycle management approach, with specialist teams and functions managing products and policies: credit underwriting, collections and recoveries, strategic analytics, and account maintenance. On the Business Banking front, the Bank is transitioning to a new model in line with best practices and has revamped strategies with an eye on aggressive growth to enhance this portfolio in a sustained and profitable manner. The new Business Banking Risk Management Structure was enriched with a holistic organizational structure encompassing the entire credit cycle with new and specialized units being established for early warning and account monitoring, centralized fraud, and rehabilitation of customers to ensure appropriate control over the portfolio. Simultaneously, the Business Banking Policy was revamped and approved by the BoD and re-engineered Standard Operating Processes have been put in place.
The key pillars of the strategy are targeted industry analysis and customer segmentation, the adoption of data-driven analytics for decision-making and customer selection, and the installment of a robust risk infrastructure for aggressive growth within the Bank’s risk appetite.
With respect to the Consumer and Business Banking portfolio quality, the Risk Group continues to adopt rigorous portfolio monitoring measures to detect key risks and maintain a healthy portfolio in line with the Bank’s approved risk appetite. Moreover, the Risk Group incorporated dynamic collection strategies to counter the impact of inflation and volatile macroeconomic conditions and took preemptive action to safeguard the Bank’s rights. With respect to portfolio growth and supporting the Consumer Bank’s Segmentation Strategy, the Consumer Risk Division collaborated with the business to put in place customized programs and promotions to target new business from the key segments.
Trading Market Risk
CIB sets key limits to monitor and control market risk by considering both the Bank’s risk appetite as well as the projected business plan. These limits include position, stop-loss, and value at risk (VaR) limits. The Bank primarily uses the VaR methodology to quantify market risk. VaR is a probabilistic measure of the potential loss under normal market conditions at a specific confidence level over a certain period.
Non-Trading Market Risk (Interest Rate Risk in the Banking Book)
CIB uses an effective risk-management process that maintains interest rate risk within prudent levels that ensure the Bank remains on safe and stable ground. CIB proactively positions the balance sheet to benefit from a volatile interest rate environment. The Bank uses complementary technical approaches to measure and control interest rate risk, including duration, re-pricing gaps, change in economic value of equity (EVE), and earnings-at-risk (EaR). The Bank has an Interest Rate Risk Policy, including related authorities and responsibilities for interest rate risk management. The policy sets and enforces operating limits and parameters that maintain exposures within levels consistent with internal parameters covered in the policy to keep interest rate risk exposure within given boundaries over a range of possible changes in interest rates.
Liquidity and Funding Risks
The Bank has robust liquidity risk management guidelines within the Treasury Policy Guide and Treasury Risk Guide that summarize the Bank’s liquidity framework. This framework is critical in maintaining adequate liquidity and ensuring the Bank is able to meet all payment obligations. The Bank has established a liquidity risk management framework that is seamlessly integrated into the risk management process.
The Operational Risk Management framework was developed through sound monitoring tools, governance, and policies to manage operational risk across the whole organization and to minimize and mitigate potential and unexpected losses. The framework uses the following approaches to measure and control operational risk:
- Loss Events Database includes the Bank’s operational risk events.
- Risk and Control Self-Assessment (RCSA) is the identification of operational risks and controls and the effectiveness of each unit. It is related to assessments using validation processes, risks categories, control assessments, and the implementation of action plans and their related tracking and testing mechanisms. The outcome of the RCSA exercise is the risk heat map, which represents the residual risk assessment that evaluates the adequacy and effectiveness of the set controls.
- Key Risk Indicators (KRIs) consist of monitoring indicators and their results, in addition to assisting the concerned parties with the issues and identified gaps.
- Stress Testing consists of utilizing the internal models to proactively assess extreme events.
The division also runs regular awareness programs and training sessions to promote a strong risk culture. It has also cultivated internal risk champions through the Champions Program who are responsible for identifying and monitoring operational risks in their respective departments.
As part of the Reputation Risk roadmap, CIB launched a social media listening tool for monitoring day-to-day incidents, tracking sentiment, and capturing the perception of the Bank. The Reputation Risk Team works on engaging the Bank’s key internal and external stakeholders through annual surveys to identify their expectations and prioritize the risks to a heat map. Any incident that could impact the Bank’s reputation is escalated to the Reputation Risk Team, which in turn invokes the reputation event management process. The Reputation Risk Team holds ongoing culture awareness programs for all Bank’s employees through E-learning and one-to-one technical induction programs.
CIB took the initiative to be the first local Bank in Egypt to establish a Conduct Risk Framework, benchmarked against the Financial Conduct Authority (FCA) in the UK. The initiative is part of the ERM framework and includes a Treating Customers Fairly (TCF) component that emphasizes client needs starting from product design and approval and ending with post-sales services and complaint management. A conduct risk assessment is performed for all of the Bank’s products and digital channels.
CIB has a process in place to evaluate and monitor all the Bank’s vendors to ensure they meet the predefined criteria of approved suppliers and also to conduct relevant risk assessments.
Information Technology Risk
IT risks are primarily monitored via RCSA based on the best practice COBIT 5 Framework for the governance and management of enterprise IT. Top IT risks are monitored and reported with action plans to the Non-Financial Risks and Compliance Committee (NFRCC) and the Board Operations and Technology Committee.
Model risk is established as a centralized independent function under the Risk Group to strengthen the independency of internal model validation.
A framework is under development to manage the process of identifying, assessing, monitoring, and mitigating any internal or external risks that might affect the Bank’s business strategy and strategic objective execution.
Other Risk Functions
Internal Control Management (ICM)
ICM is considered one of the main pillars of control that captures risks by conducting various reviews across the entire branch network and different departments. Special investigations and assignments assess the risks and compliance of applied policies and procedures to ensure overall performance is consistent with predetermined standards, plans, and objectives.
Treasury Middle Office (TMO)
TMO monitors and controls all the Treasury Group positions on an intraday/daily basis against the Treasury Policy Guide (TPG), Credit Policy Guide (CPG), Investment Policy Guide (Direct Investment) limits, and CBE regulations to improve overall control. It also prepares Treasury Compliance Reports.
Strong Asset Quality
CIB maintained its robust asset quality throughout the year. Default ratio improved from 6.95% in 2017 to 4.06% in 2018 (5.41% excluding the effect of the change in unearned treatment), evidencing the Bank’s effective strategy of maintaining a credit-worthy portfolio during challenging economic conditions. The NPL coverage ratio recorded a healthy 269%.
Sustainable Capital and Liquidity
CIB maintained its CAR at 19.09%, well above the minimum requirement. The increased minimum requirements in 2019 do not constitute a threat to the Bank as CIB currently exceeds this minimum by a reasonable buffer. The Bank maintained its comfortable liquidity position above CBE requirements and Basel III guidelines in both local currency and foreign currency. The LCY CBE liquidity ratio remained well above the regulator’s 20% requirement, recording 66.21% at the end of 2018, while the FCY liquidity ratio reached 55.04%, above the regulatory threshold of 25%. Net stable funding ratio (NSFR) was 243.36% for local currency and 165.61% for foreign currency, and the liquidity coverage ratio (LCR) was 667.84% for local currency and 338.82% for foreign currency, all above the 100% Basel III requirement.
2018 was rife with global economic uncertainty that posed a challenge for the Egyptian market. Locally, new rules and regulations governing the banking industry have, in some cases, affected the Bank’s business model. However, the Bank continued to manage these volatile conditions via a forward-looking balance sheet strategy and a dynamic approach to assessing and implementing both local and international regulations to ensure it is fully prepared for any changes.
The Risk Group continued to conduct training sessions to promote risk culture throughout the Bank and maintain a common taxonomy in the organization. The number of Operational and Conduct Risk Champions throughout the organization nearly doubled in 2018.
The SAS engine was upgraded for credit and market risks in line with best practices. A risk assessment of the Bank’s digital products was conducted to ensure CIB’s channels perform as intended with no losses or inconveniences to clients.
The fraud functions have been centralized under the Risk umbrella with an enhanced scope encompassing all new products and services including digital banking, e-commerce, and e-wallets along with a centralized investigation and recovery team and enhanced monitoring tools to minimize fraud.
In line with best practices and the Bank’s strategic goals, the Consumer Risk Division has taken progressive steps to put in place an enhanced risk infrastructure for end-to-end automation of risk processes and policies. Application and behavioral scorecards are also being introduced along with an advanced decision engine and a CRM system.
CIB is compliant with CBE Interest Rate Risk in the Banking Book (IRRBB)’s final guidelines (aligned with Basel standards) and began to report results as of 3Q2018.
In 2018, CIB alongside 28 other global banks helped develop guidelines to bring the banking industry’s operations into alignment with internationally agreed targets detailed in the UN’s Paris Agreement and Sustainable Development Goals. The principles were unveiled in November 2018 during the UNEP-FI’s global roundtable.
The Risk Group made significant strides throughout the year, having been instrumental in the unveiling of the UNEP-FI Principles of Responsible banking — a set of frameworks governing international banking principles in line with sustainability standards. The Bank continued throughout the year to update the Social and Environmental (S&E) Credit Risk Policy Guide to align with international standards for environmental, social, and governance (ESG) standards such as the International Finance Corporation (IFC) Performance Standards. CIB launched its Green Finance Credit Line for customers who wish to shift to a greener approach to economic growth through energy efficiency and renewable energy. The S&E Credit Risk Department aligned with the lighting efficiency and solar solutions developed by the Ministry of Electricity and Renewable Energy and supported by the UNDP, where this allowed CIB to deliver a comprehensive product to customers that requires technical support and financing.
2019 Forward-Looking Strategy
The Risk Group will continue to enhance the Financial and Non-Financial Risks Frameworks while leveraging its agile risk infrastructure to support the strategic shift in the way business will be conducted going forward.
The IFRS 9 project is currently in the final implementation stage and will be finalized in 2019.
The Consumer Risk Team will implement end-to-end automation, under the umbrella of Consumer Risk Transformation, to help the business provide instant decision-making, superior service delivery, and an enhanced customer experience. Similarly, predictive analytics will be implemented via the development of new models to better forecast probabilities of default and expected losses in line with the implementation of new regulations for IFRS9. The team will also support the initiation and expansion of digital products and penetration of untapped segments by using innovative credit tools and techniques for evaluation given the segment typically includes clients who do not have credit history.
The systems and processes of the Collections & Recovery Strategy, and related infrastructure, will be upgraded to provide flexible mapping of strategies and behavioral delinquency trends, facilitating improved collection activities and better recoveries.
On the Business Banking front, focus will be placed on building scalable infrastructure to support the aggressive growth of the business. Attention will also be turned to enhancing the customer experience and the proactive detection of early warning trends and timely actions to maintain portfolio quality.
CIB will also continue to act as a domestic and regional influencer in promoting the UNEP-FI Principals for Responsible Banking while capitalizing on CIB’s Green Finance initiative to introduce new products beyond energy efficiency and renewable energy technologies.