BBVA in 2013

Global Risk Management: BBVA Group’s risk management function

Print this page

The BBVA Group considers the risk function to be one of the essential and distinguishing elements of its business strategy. Within this function, the Board of Directors is responsible for approving the risk control and management policy, as well as periodically monitoring the internal reporting and control systems. In order to perform this duty as well as possible, the Board is supported by the Executive Committee and the Risk Committee. Both the corporate Global Risk Management (GRM) area and the risk units of the business areas also play an essential role in the Group’s risk management, each with well defined roles and responsibilities. The objectives of the corporate GRM area include maintaining the solvency of BBVA Group and collaborating on the definition of its strategy in relation to the risks it assumes. The risk units of the business areas propose and maintain the risk profile of each customer independently, but within the corporate framework for action.

The Group’s risk function is a unique, independent and global area whose principles are:

  • The assumed risks must be compatible with the target capital adequacy and must be identified, measured and assessed. Monitoring and management procedures and sound control and mitigation systems must likewise be in place.
  • All risks must be managed in an integrated way during their life cycle. They must be treated differently depending on their type and with active portfolio management based on a common variable: economic capital.
  • It is each business area’s responsibility to propose and maintain its own risk profile both independently and within the corporate action framework (defined as the set of risk policies and procedures established by the Group), using an adequate risk infrastructure.
  • The risk infrastructure must be suitable in terms of people, tools, databases, information systems and procedures so that there is a clear definition of roles and responsibilities, ensuring efficient allocation of resources between the corporate area and the risk units of the business areas.

The Group has developed a comprehensive risk management system based on these principles and structured around five core elements:

1. A system of governance and organization for the risk function that takes into account:

  • The definition of roles and responsibilities in the different functions.
  • An organizational structure of the corporate GRM area and the risk units of the business areas, including relationship and codependence mechanisms.
  • A set of committees at corporate and business area level.
  • A structure for delegating risks and functions.
  • A system of internal controls in line with the nature and size of the risks assumed.

2. A general framework of risk appetite that defines the profile of the Group’s target risks and the levels of tolerance that the Bank is willing to assume to undertake its strategic plan without significant deviations, even in situations of stress.

3. A corporate risk management scheme that includes:

  • A set of regulations governing policies and procedures, tolerance and corrective actions.
  • A scheme for annual planning of risk that incorporates risk appetite into the Group’s business decisions.
  • Ongoing management of financial and non-financial risks.

4. A framework for identifying, evaluating, monitoring and reporting the risks assumed in baseline and stress scenarios, which allow a prospective and dynamic assessment of risk.

5. An infrastructure that includes all the risk tools, methodologies and culture making up the foundations on which the differential risk management scheme is organized.