Risk management

Objective

The primary purpose of risk management is to ensure the Bank’s long-term financial sustainability and operational resilience while enabling the CEB to fulfil its social mandate. Risk management identifies, assesses, monitors, reports, mitigates and controls the Bank’s exposure to the main financial risks it faces in its regular course of business, namely credit risk, market risk, liquidity risk, and operational risk. 

Principles

As a reference for its risk management framework, the CEB implements international best banking practices such as the EU directives on banking regulation and the Basel Committee on Banking Supervision recommendations, and those applicable to its status as a multilateral development bank.

The CEB's Risk Management Framework includes objectives, policies, procedures, limits and controls which provide the CEB with the appropriate tools to manage the risks arising from the Bank’s activities. It ensures consistency with prudential requirements and is articulated around three lines of defence of pivotal importance for the Bank’s governance: Business Activity, Risk, and Internal Audit functions.

The key instruments for the CEB’s risk management are the following:

• The Risk Management Charter, which defines the risk management architecture, codifies the core risk management principles and sets out the objectives and principles of risk management governance.
• The Financial and Risk Policy, approved by the Administrative Council (AC) and the Financial and Risk Policy Guidelines presented to the AC for information.
• The Financial and Risk Policy Handbook, approved at the Credit Risk Committee, a living document that is regularly updated to capture the changing economic and financial environment (latest update: April 2023).  

On a quarterly basis, a report on CEB’s risk management is submitted on a quarterly basis to the Administrative Council and Governing Board to inform about the  development of CEB’s exposure to the main types of risks: credit, market, liquidity, operational risks and climate risk and compliance with the Risk Appetite Framework, as defined internally.

The annual Financial Report takes stock of the risk management processes and practices during the financial year, thus contributing to external risk reporting. To promote transparency, this report is also filed with the U.S. SEC on Form 18-K.

Finally, the annual Risk Management Disclosure Report provides information on the elements of CEB's Risk Appetite Framework, the Bank’s approach to credit, market, liquidity and capital adequacy, climate and operational risk management.

Organisation

The Risk & Control Directorate (R&C) is responsible for implementing the Risk Management Framework. In coordination with other directorates, R&C makes proposals for risk management policies and methodologies, supervises their implementation, ensures and warrants the completeness of risk reporting. Independent of other operational and business directorates and reporting directly to the Governor, R&C covers the following risk areas: credit risk, market risk - including the Asset & Liability Management (ALM) from a risk angle - and operational risk.

The Finance Directorate is responsible for the operational management of the Asset & Liability risks, including the Bank’s liquidity position.

The following decision-making committees, chaired by the Governor, define and oversee risk management policies:

• The Credit Risk Committee (CRC) addresses, on a weekly basis, credit decisions related to lending and treasury exposure based on internal credit risk assessments and recommendations.
• The Asset & Liability Committee (ALCO) meets on a monthly basis - or more frequently if necessary - to formulate strategic orientations and address on a forward-looking basis interest rate, foreign exchange rate and liquidity risk.
• The Committee for Operational Risks & Organisation (CORO) semi-annually reviews operational risk issues and ensures that measures are taken to mitigate, monitor and control these risks.

Controlling bodies

Internal Audit (IA) is a permanent, autonomous body within the CEB’s internal control system. It provides independent and objective assurance of effective and controlled businesses, operational activities and performance in compliance with existing policies, procedures and best practices. It assesses associated risks and proposes recommendations for potential improvements of CEB’s operations.

The Office of the Chief Compliance Officer (OCCO) promotes ethical business standards by addressing money laundering / financing of terrorism and tax evasion risks, as well as integrity, corruption and fraud issues. OCCO safeguards the Bank’s deontology and integrity in its financial and loan operations, and prevents reputational risks.

The Chief Information Security Officer (CISO) in the Compliance Unit defines the Bank’s security framework and develops processes across the CEB to reduce information and IT risks. 

The Auditing Board examines the accuracy of the CEB’s accounts and checks the Bank’s sound financial management. It is composed of three representatives from member states appointed on a rotating basis by the Governing Board for a three-year term (outgoing members act as advisors for an additional year). The Auditing Board’s report, an excerpt of which is appended to the financial statements, is presented to the CEB’s governing bodies when the annual financial statements are submitted for approval.

As part of external reporting, the External Audit is responsible for auditing the Bank’s financial statements according to International Standards on Auditing (ISAs) issued by the International Auditing and Assurance Standards Board (IAASB), and for reviewing its internal control and risk management processes. The External Audit drafts various reports, including the Independent auditor’s report on the annual financial statements. The External Audit is appointed by the Governing Board for a four-year term – renewable once for three years following a tender procedure – based on the Auditing Board’s opinion and recommendations by the Administrative Council.

Additionally, the Bank is assessed by the major credit rating agencies, namely Moody’s, Standard & Poor’s and Fitch Ratings, which annually perform in-depth analyses of the Bank’s financial situation and creditworthiness, as well as environmental, social and governance criteria. CEB is also assigned unsolicited rating from Scope Ratings since 2021.

Triple-A rating

The CEB currently has a triple A rating (stable outlook) with Moody’s Standard & Poor’s and Fitch. The Bank has also been rated AAA, stable outlook, by Scope Ratings (unsolicited).