BLME adopts the risk management model known as the ‘three lines of defense’ governance model. This is the model of risk management that sits below the Board to implement and control the decisions on strategy, risk and capital that are taken by the Board.
The framework for the oversight and management of risk is as follows:
- First line: Management - responsibility for implementing strategy and the establishment and maintenance of internal control and risk management in the business. This includes senior management and business line heads.
- Second line: Risk management – operating a risk management framework within which risk policies are set, overseen and challenged. This includes the Risk Management Committee, Credit and Risk Management Departments, Sharia’a Supervisory Board, and Compliance Department.
- Third line: Assurance – providing independent and objective assurance of the effectiveness of internal controls established by the first and second lines of defense. This is provided by the Internal Audit function, reporting to the Audit Committee, and by the Sharia’a Supervisory Board.
The Group has exposure to the following risk categories arising from the use of financial instruments:
- Credit risk
- Liquidity risk
- Market risk
- Operational risk
- Profit rate risk
The Group’s risk management policies are established to identify and analyse the risks faced by the Group, to set appropriate risk limits and controls, and to monitor risks and adherence to limits. Risk management policies and systems are reviewed regularly to reflect changes in market conditions, products and services offered. The Board has oversight of these risk management policies.
The Group has a conservative approach to risk. This is based on a customer led culture, and a modest and measured market risk appetite. The dominant risk type is credit, which accounts for over 90 per cent. of Pillar 1 capital usage. Liquidity is also considered a critical risk which is managed under a strict set of ALCO ratios, metrics and targets.