Standard Bank Group. Risk and capital management report and annual financial statements 2012

Transcription

1 Standard Bank Group Risk and capital management report and annual financial statements

2 Contents Risk and capital management report Overview 1 Capital management 19 Credit risk 25 Country risk 55 Liquidity risk 57 Market risk 66 Insurance risk 79 Operational risk 84 Business risk 91 Reputational risk 92 Restatements 93 Annual financial statements Directors responsibility for financial reporting 95 Group secretary s certification 95 Report of the group audit committee 96 Directors report 98 Independent auditors report 103 Statement of financial position 104 Income statement 105 Statement of other comprehensive income 106 Statement of cash flows 107 Statement of changes in equity 108 Accounting policy elections 110 Notes to the annual financial statements 112 Standard Bank Group Limited company annual financial statements 206 Annexure A restatements 212 Annexure B subsidiaries 213 Annexure C associates and joint ventures 218 Annexure D group share incentive schemes 221 Annexure E detailed accounting policies 229 Annexure F emoluments and share incentives of directors 252 and prescribed officers Annexure G special resolutions 264 Annexure H third-party funds under management 265 Annexure I seven-year review 266 Annexure J segmental statement of financial position 278 Annexure K banking activities average statement of financial 280 position (normalised) Additional information Financial and other definitions 282 Acronyms and abbreviations 285 Contact details 287 Our reports We produce a full suite of reporting publications to cater for the needs of our diverse stakeholders. The following reports, which support our primary annual integrated report, are tailored to readers requiring specific information. Financial results presentation and booklet Provides management s analysis of financial results for the period and the performance of the group s divisions. Sustainability report Presents a balanced and comprehensive analysis of the group s sustainability performance in relation to issues material to the group and stakeholders. Risk and capital management report Provides a detailed discussion of the management of strategic risks related to the group s banking and insurance operations, including capital and liquidity management and regulatory developments. Annual financial statements Sets out the full audited annual financial statements for the Standard Bank Group (the group), including the report of the group audit committee (GAC). The Standard Bank of South Africa Limited annual report The Standard Bank of South Africa is the group s largest subsidiary. The group s other subsidiaries, including Standard Bank Plc, also produce their own annual reports. These reports are available at As a separate listed entity, Liberty Holdings Limited (Liberty) prepares its own annual integrated report which is available at Cross-referencing tools Indicates that additional information is available online. The following icons refer readers to information relevant to a specific section elsewhere in this report, or in other reports that form part of the group s suite of reporting publications: Feedback We welcome the views of our stakeholders. Please contact us at Annual.Report@standardbank.co.za with your feedback. AIR Annual integrated report SR Sustainability report RCM AFS Risk and capital management report and annual financial statements (this report) Audited Denotes text in the risk and capital management report that forms part of the group s audited annual financial statements

3 Standard Bank Group Risk and capital management report > Overview Risk and capital management report Overview Introduction 1 Board responsibility 1 Statement from the chairman of the group risk and capital management 2 committee The year in brief 4 Focus areas for Regulatory developments 7 Reporting framework 10 Risk types 12 Risk management framework 13 Risk governance committees 14 Risk governance process 14 The group s approach to risk appetite 17 The group s approach to stress testing 18 Basel II approaches adopted 18 Introduction Effective risk and capital management continues to be fundamental to the business activities of the group. Risks are controlled at individual exposure level as well as in aggregate within and across all three business lines, legal entities and risk types. Capital is managed using regulatory and economic capital metrics at both business line and legal entity level. The group s three business lines are: Personal & Business Banking (PBB) Corporate & Investment Banking (CIB) Liberty. Board responsibility The Standard Bank Group board of directors (board) has ultimate responsibility for risk and capital management. Various committees within the governance structure enable the board to evaluate the risks faced by the group and the effectiveness of the group s management of these risks. The board relies on quarterly reports from these committees, as well as periodic attestations by senior risk managers and group internal audit (GIA), to satisfy itself that the group s risk management processes are fit for purpose and are operating effectively. During the year under review, the business activities of the group and its subsidiaries have been managed within the board-approved risk appetite. The board is satisfied that the group s risk management processes operated effectively in the period under review. 1

4 Risk and capital management report Annual financial statements Additional information Overview continued Statement from the chairman of the group risk and capital management committee I have been chairman of the group risk and capital management committee (GRCMC) since July Other members of the committee during were Doug Band, Richard Dunne, Saki Macozoma, Fred Phaswana, Ted Woods (who became a member in March ) and Hongli Zhang (alternate: Yagan Liu). With the exception of Hongli Zhang and Saki Macozoma, all members of the GRCMC are independent non-executive directors. Myles Ruck Chairman of the GRCMC 6 March 2013 AIR Attendance of each member at meetings of the GRCMC in can be found in the corporate governance statement on page 108 Richard Dunne is also the chairman of GAC, and Ted Woods is chairman of the remuneration committee. This common membership enables effective oversight of all finance and risk issues, and that relevant finance and risk matters are considered in the determination of appropriate levels of compensation. The main purpose of the GRCMC is to provide independent and objective oversight of risk and capital management in the group. The committee also reviews and assesses the adequacy and effectiveness of risk governance standards and the integrity of risk controls and systems. AIR The key terms of reference of the GRCMC can be found in the corporate governance statement on page 104 and these are considered annually by the GRCMC and approved by the board A total of six meetings of the GRCMC were held during : four scheduled quarterly meetings, a special meeting on the group s recovery and resolution plan and one to approve the interim risk and capital management report. The GRCMC is responsible for: determining the group s risk appetite monitoring the risk profile and potential future risk exposures of the group to ensure that the group is managed within risk appetite approving macroeconomic scenarios used for stress testing, and evaluating the results of stress tests providing oversight and advice to the group, including The Standard Bank of South Africa Limited (SBSA) and other material subsidiary boards, in relation to current and potential future risk exposures of the group reviewing and providing oversight in respect of the adequacy and effectiveness of the group s risk management framework approving risk and capital management governance standards, frameworks and policies reviewing the impact of significant transactions entered into by the group on capital overseeing the implementation of an IT governance framework and monitoring significant IT investments evaluating and approving significant outsourcing arrangements assisting on such other matters as may be referred to it by the group risk oversight committee (GROC) 2

5 Standard Bank Group Risk and capital management report > Overview promoting a risk awareness culture within the group reporting to the board any matters within its remit in respect of which it considers that action or improvement is needed and making recommendations as to the steps to be taken. The GRCMC considered the group s risk profile relative to the group s strategy. The committee reported to the board following each meeting on its consideration of the risk profile of the group and any longer-term macro or perceived strategic threats to the group, and made recommendations as appropriate. Through this oversight, the GRCMC was satisfied that there were no material risks that presently threaten the sustainability of the group. The committee also considered the group s exposure to country, single name obligor and sector concentration risk and ensured that rigorous stress testing of the group s business was undertaken, supplemented by forward-looking strategic risk threat analyses. The output of this testing was reviewed by the GRCMC throughout, with a view to ensuring appropriate actions were taken where necessary. In relation to capital adequacy, the committee approved the internal capital adequacy assessment process (ICAAP) and submission to the South African Reserve Bank (SARB). Capital adequacy was also assessed in light of Basel Capital Accord (Basel) III requirements. with the group s minimum control requirements, as articulated in the group s risk governance standards. The GRCMC received regular reports on the development of the group s risk appetite, and potential future risk exposures of the group, thereby making recommendations to the board on risk appetite as part of an ongoing process. During, an internal self assessment on the effectiveness of the GRCMC was conducted. This assessment concluded that the committee was operating effectively. In addition, the externally facilitated board evaluation, which included board committees, concluded that the GRCMC was operating effectively. Myles Ruck Chairman, GRCMC Reports on the South African unsecured lending portfolio and debt counselling regulatory and industry developments were considered. At each meeting of the GRCMC, the group chief risk officer (CRO) provided the committee with an overview of the key risk issues discussed at GROC. An update was also given by the individual group risk type heads on the specific issues of group-level significance as well as other relevant items in their respective areas of responsibility. The group risk framework provides a basis for ongoing self-assessment of appropriate risk appetite and compliance 3

6 Risk and capital management report Annual financial statements Additional information Overview continued The year in brief Credit risk In, the South African retail portfolio grew steadily across all product types, particularly in the lending asset class. The quality of the portfolio also improved, continuing the positive trend experienced in, albeit at a slower pace. Corporate demand remained weak and the impact of low economic growth in European markets, the moderate slowing down in demand from China, and relatively subdued capital and investment flows were evident. The portfolios outside South Africa were particularly impacted by the tough economic conditions, high inflation and volatile exchange rates. Credit quality deteriorated and impairments increased. Unsecured exposure to customers earning less than R8 000 per month, referred to as the group s inclusive banking loan book grew to R3,7 billion (: R2,0 billion). Country risk During, the relative concentration of cross-border exposure to the sub-saharan region continued to increase, consistent with the group s strategic focus. The group s direct exposure to troubled European periphery economies remained limited and tightly managed. Market risk The group s banking book interest rate risk remained within approved limits, with the largest exposure on the SBSA balance sheet. Trading book market risk remained within approved limits. Average value-at-risk (VaR) was low and largely unchanged from the prior year. The daily profit and loss results for the year showed a profit for 248 of 260 trading days, which is reflective of the group s client flow business model. Operational risk The operational risk management framework, previously deployed in SBSA, was embedded throughout the group s banking operations. This framework forms the basis of SBSA s compliance with the advanced measurement approach (AMA) criteria under Basel II. As required by the SARB, SBSA ran the AMA capital model for the calculation of regulatory capital for operational risk in parallel with the existing standardised approach capital calculation method for the past year. Following the submission of an AMA application to the SARB in, SBSA engaged with the SARB throughout the year in respect of the AMA approval process. The group expects this approval process to conclude in The operational risk function within Liberty was strengthened during with the creation of a head of operational risk role. In addition, the Liberty operational risk management framework is being aligned to the group s banking operations framework. Financial crime control Independent reports published by forensic firms continued to reflect an international trend of increased levels of fraud and corruption involving staff. The group recorded an overall decrease of net fraud losses of 18% compared to. The increased global staff awareness campaigns and the publication of staff dismissals produced good results. The increased utilisation of FraudStop and the whistle-blowing hotline, resulted in fraud prevention and recovery improvements of 32% from to. The money laundering surveillance capability was enhanced in the group s South African operations and is being rolled out to the group s operations in the rest of Africa. The introduction of new minimum technology standards in our ATM safes resulted in the reduction of ATM attacks during the latter part of. Sustainability Significant changes in environmental legislation and regulation combined with progressively higher enforcement and penalties placed increased pressure on screening of lending and operational activities across the global banking sector. Soft regulation, linked to central banks and other stakeholders, is increasing and builds on expectations from funding organisations and other stakeholders relating to their environmental and social risk management. The group contributed to the development of a Banking Association of South Africa (BASA) code to address environmental and social risk. This code has been incorporated into the group s policies. Legal risk During, there was a significant increase in litigation against certain of our African businesses, all of which were defended and none of which are expected to have a material adverse impact on the group. In South Africa, the curator of a pension fund has instituted legal proceedings, in which he claims return of various listed securities delivered to SBSA in 2002 on the grounds that the applicable contract was void. In February 2013 a competent tribunal ruled that the contract was not void but only voidable. The dispute is scheduled to proceed to arbitration in April

7 Standard Bank Group Risk and capital management report > Overview Insurance risk The governance structure for insurance risk was aligned with the other risk types through the creation of a head of insurance risk role. Additionally, the group insurance risk committee (GIRC), a subcommittee of GROC, was established and an insurance risk governance standard was introduced, supported by policies on reinsurance and product development. Capital management The group has successfully maintained its strong capital position, meeting or exceeding all target ratios. The group spent significant time and effort in to ensure that it will be Basel III compliant from January These actions included: interpretation of the capital framework for South Africa and assessing the impact on the group participation in the quantitative impact assessments and Basel III parallel run tests initiated by the SARB contribution to the discussions held in the meetings conducted by BASA together with the SARB and providing input into the finalisation of various Basel III interpretation papers submitted to the SARB setting internal capital adequacy target ratios for 2013 to 2019 in line with the final capital framework issued by the SARB revised capital allocations to business in line with the revised capital adequacy target ratios incorporation of the Basel III interpretations into the group s capital forecasts enhancements to regulatory reporting systems. Liquidity management During, the group maintained its liquidity positions within the approved limits. Appropriate liquidity buffers were held in excess of regulatory, prudential and internal stress-testing requirements, taking into account ongoing global risk appetite and market conditions. The implications of the proposed Basel lll liquidity framework continued to be an area of focus, especially the liquidity coverage ratio (LCR) with the support of the SARB s committed liquidity facility. The group s liquidity contingency recovery plan was comprehensively reviewed and updated in. The updates were completed in conjunction with the construction of a recovery plan for the group. During the year, the group undertook a liquidity stress-testing exercise, where a crisis was simulated for its impact on the group and the viability of various legal entity contingent liquidity plans. The simulation exercise provided valuable learnings and supported the enhancement of the group s existing recovery planning, while illustrating the robust nature of existing plans and sufficient contingent liquidity supporting the group. Focus areas for 2013 The group will focus on the following areas during Credit risk The group will continue to apply appropriate and responsible lending criteria to ensure prudent lending practices in line with anticipated country-specific economic conditions and risk appetite. Focus will be placed on standardising credit risk methodologies and processes across the group, with particular focus on operations in the rest of Africa and Liberty. This will further enhance the integrated management of credit risk across the group. Another key focus area will include refining the credit risk framework and supporting tools to manage risk against credit risk appetite and tolerance. Country risk Focus will be placed on proactively managing country risk appetite and mitigating country specific risks in response to a challenging global economic and political risk environment. A revised risk appetite setting framework will be implemented, which will take account of a more geographically focused strategy. The group will be implementing a revised country risk modeling suite that takes account of structural changes in the global economy, especially in developed markets, and this will provide more targeted measurement of transfer and convertibility risk. Operational risk The group will make use of the AMA framework to further advance business decision-making and ensure capital optimisation. Levels of sophistication will be increased by making use of quantitative methodologies to manage operational risk appetite and tolerance. The group aims to implement increasingly risk-based quantitative methodologies into the group s banking operations across the rest of Africa, as these entities progress towards AMA implementation. The operational risk framework for Liberty will be enhanced in line with the solvency assessment management (SAM) requirements and will leverage off the group s banking operations. The group also plans to introduce a groupwide IT system to support the minimum standards for business continuity management. 5

8 Risk and capital management report Annual financial statements Additional information Overview continued Focus areas for 2013 continued Financial crime control During 2013, the group will focus on the facilitation of customer migration out of the branches by promoting the usage of the self-service channels. This will be done without compromising customer safety and security. Group physical security will explore sustainable and cost-effective operational solutions to ensure the reduction of the value of losses and number of incidents. Financial crime risk assessments will be conducted across the group which will be aligned to the group s policies. Additionally, money laundering surveillance system rollouts will continue to be implemented across Africa. Sustainability Group sustainability aims to further reduce our sustainability risk, which includes occupational health and safety, and environmental and social risk. This will be achieved by improving internal management of such risks, including those posed by climate change, energy and water security, and by providing products and services to clients who are also faced with these challenges. Compliance risk Legislative change continues to be driven mainly by consumer protection and reforms to support increasing supervisory expectations. With this in mind, the compliance function will place particular emphasis on initiatives relating to treating customers fairly, customer confidentiality, anti-money laundering and combating the financing of terrorism, conflicts management and surveillance systems to support both customers and supervisory expectations. A key strategic enabler to support our compliance risk management objectives will be the attention given to our regulatory surveillance, reporting systems and staff training. Legal risk The capacity of the legal resources in South Africa will be enhanced to better service the transactions originated outside of South Africa but booked onto the South African balance sheet. Additionally, the legal network will be improved to ensure minimum and uniform standards of legal support and more efficient access groupwide to available legal expertise. Market risk The group will focus on monitoring and managing the banking book interest rate risk and associated hedges in the context of current market volatility and monetary policy expectations. Stress-testing methodologies will be adapted to reflect the low interest rate levels. Capital and liquidity management The group will be Basel III compliant with effect from 1 January Taking this into consideration, the specific focus areas include: ensuring that the group is adequately positioned to respond to regulatory capital rules under the Basel III phase-in requirements, and considering different Basel III adoption timelines by regulators in the different jurisdictions that the group operates in ensuring that capital management practices in the group s rest of Africa banks are consistent with the group s standards further embedding risk-adjusted performance measurement into the group s performance measurement and reporting processes optimising capital and liquidity allocation between product lines, trading desks, industry sectors and legal entities that result in financial resources being allocated in a manner that enhances the overall group economic profit and return on equity (ROE) implementing updated funds transfer pricing methodologies to more accurately price and measure the internal cost of funding concluding discussions with the SARB regarding the committed liquidity facility to be made available to South African banks continually extending SBSA s asset and liability management system to include the group s rest of Africa banking entities while materially automating reporting. The updates to the South African Banks Act 94 of 1990 (Banks Act) which is being implemented in 2013, in line with Basel III, require a number of changes to our liquidity reporting, which include: additional tenor buckets in business-as-usual and bank-specific stress regulatory submissions providing additional information on off-balance sheet exposures providing group LCR and net stable funding ratio (NSFR) calculations on a quarterly basis. Insurance risk The group will focus on developing the insurance risk component of the SAM programme and will continue to develop policies that support the insurance risk governance standard. In an effort to reduce insurance risk, the group will continue to develop insights into the insurance risk profile of the insurance businesses through the group insurance risk oversight function. 6

9 Standard Bank Group Risk and capital management report > Overview Regulatory developments Impacting the group s banking operations Global Basel III South Africa is one of the 11 Basel Committee on Banking Supervision (BCBS) member countries that adopted Basel III on 1 January Subsequent to this, the BCBS published significant changes to the LCR requirements. These changes result in a material reduction of the group s LCR requirements. It also eased global concerns about the potential negative impact of the proposed Basel III liquidity requirements on economic growth and development. The key changes announced were the following: Instead of a comprehensive adoption on January 2015, the LCR rule will be phased in from 2015 over four years up to January The range of assets banks can recognise as high quality liquid assets has been widened to include corporate debt, mortgage-backed securities and equity assets. The LCR stress scenario for calculating the amount of liquid assets banks must hold was eased, resulting in lower outflows to be covered. Anticipated future developments on Basel III include: finalisation of the NSFR liquidity requirements by the BCBS alignment of the credit valuation adjustment (CVA) application across jurisdictions changes to the standardised approaches for credit and operational risk development of a more consistent and effective framework for measuring and controlling large credit exposures other changes resulting from the BCBS monitoring exercises. Systemically important financial institutions (SIFIs) It is anticipated that the guidance developed by the BCBS and the Financial Stability Board (International FSB) will form the basis for the future requirements of domestic systemically important banks in South Africa. These South African banks are currently in the process of developing their recovery and resolution plans in line with global standards. Implementation of IFRS 9 Financial Instruments (IFRS 9) The International Accounting Standards Board (IASB) is currently replacing International Accounting Standards (IAS) 39 Financial Instruments: Recognition and Measurement (IAS 39) with International Financial Reporting Standards (IFRS) 9 Financial Instruments (IFRS 9). The replacement of IAS 39 with IFRS 9 will be achieved through three distinct phases. The first of these phases, being the classification and measurement of financial assets and financial liabilities, has been completed (subject to further proposed amendments that were issued by the IASB during ). Both phase two, which encompasses the proposed expected loss impairment model that will replace IAS 39 s incurred loss model, and phase three, which encompasses proposed simplifications to IAS 39 s hedge accounting requirements, are yet to be finalised by the IASB. The group continues to participate in industry body discussions on the proposed changes. While phase one is available for early adoption, IFRS 9 as a standard will only require mandatory adoption by the group for its financial year commencing 1 January The group expects to adopt all the requirements of IFRS 9 simultaneously, in line with IFRS 9 s effective date requirements and this will be a key accounting standard in the measurement and reporting of financial risks. Over the counter (OTC) derivatives Globally there has been a focus on increasing the transparency and regulation of OTC derivatives and to reduce the systemic risk posed by OTC derivative transactions, markets and practices. The G20 s reform programme and subsequent agreements resulted in various principles being defined for use of exchanges or electronic platforms, clearing through central counterparties, reporting to trade repositories and higher capital and margin requirements for derivatives that are not cleared centrally. Other key regulatory topics Other key papers that were released during the past year, which are expected to set the tone for global regulatory developments during 2013, include: fundamental review of the trading book principles for effective risk data aggregation and reporting oversight and regulation of shadow banking revisions to the Basel securitisation framework. The recovery plan focuses on plausible management or recovery actions that can be taken to reduce risk and conserve capital during times of severe stress. Resolution plans are typically developed by the supervisor with the objective of ensuring that SIFIs are resolvable and will not become a burden to tax payers. 7

10 Risk and capital management report Annual financial statements Additional information Overview continued Regulatory developments continued South Africa Protection of Personal Information Bill The Protection of Personal Information Bill which provides for conditions of privacy and protection of personal information is near completion and needs to be approved by the National Council of Provinces in order to be finalised. This bill has an extensive impact on the group, particularly in relation to the manner in which it uses information, both within South Africa and internationally. We take care to protect the personal information of our customers and will be strengthening our controls to align to the bill s requirements. A group data privacy officer has also been appointed. Financial Markets Bill The Financial Markets Bill has been finalised and will impact a number of activities within CIB. This bill regulates the functioning of the stock exchange, as well as market abuse such as insider trading and price manipulation. It introduces a regulatory framework for derivatives trading, including a centralised clearing house for derivative trades. The bill is expected to be enacted in Financial Services General Laws Amendment Bill The Financial Services General Laws Amendment Bill was tabled in Parliament in and seeks to amend 10 statutes, including the Financial Services Board Act 97 of 1990 and the Long-term Insurance Act 52 of 1998 (Long-term Insurance Act) and Short-term Insurance Act 53 of 1998 (Short-term Insurance Act). These amendments will impact the provision of specific products and services by the group. National Treasury also published proposals to reform the retirement and savings industry, which will provide opportunities for the group to develop new savings products for customers. Treating Customers Fairly (TCF) The Financial Services Board (FSB) published a roadmap in March for the implementation of a programme for regulating the market conduct of financial services firms, entitled TCF. TCF comprises six fairness outcomes and seeks to ensure that the fair treatment of customers is embedded within the culture of financial services firms. The target implementation date is the first quarter of In order to meet the outcomes, the group has put governance structures in place and is developing suitable measures and implementing control mechanisms. Other Amendments to other statutes were proposed in that impact the group. Examples include the Broad-based Black Economic Empowerment Amendment Bill, the Sectional Title Amendment Bill, the Employment Equity Amendment Bill, and the Electronic Communications and Transactions Amendment Bill. The group is assessing these proposals and responding where appropriate. United Kingdom, Europe and the United States In the United Kingdom (UK), reforms to the way that financial institutions will be regulated are underway and are expected to take effect by April Prudential supervision will be transferred to the new Prudential Regulation Authority under the Bank of England and the remaining functions of the Financial Services Authority (FSA) will be transferred to a new Consumer Protection and Markets Authority. A new Serious Economic Crime Agency will police economic crime. A law requiring ring-fencing of entities which accept deposits from individuals and from small- and medium-sized enterprises continues to develop in the UK, and a draft is currently being considered by the legislature. In Europe, new regulations on short selling came into effect in. The Dodd-Frank Wall Street Reform and the South African Consumer Protection Act 68 of 2008 (Consumer Protection Act) aims to regulate the financial markets in the United States (US). The group is impacted as a result of our derivatives dealings with US counterparties, particularly with regards to OTC derivatives. New developments are continuously monitored and adopted as required. Rest of Africa A number of jurisdictions promulgated new or enhanced legislation focused on anti-money laundering and terrorist financing control to meet international standards. Other regulatory focus areas include consumer protection and treating customers fairly legislation. In Nigeria, the Sustainable Banking Principles for banks, discount houses and development finance institutions came into effect during the year. The principles are intended to serve as a common baseline and framework to deliver positive development impacts to the society, while protecting the communities and environments in which financial institutions and their clients operate. The group actively engages with regulators and provides input during the commentary phase of the administrative legislative procedure. While the various boards of directors of affected group entities will ensure that TCF is central to the entities ethics, values, culture and strategy, senior management owns TCF. 8

11 Standard Bank Group Risk and capital management report > Overview Impacting the group s short- and long-term insurance operations South Africa Solvency assessment management The FSB is developing a risk-based regulatory requirement for South African insurance and reinsurance organisations, known as SAM. This new regulatory standard aims to address the adequacy of capital allocation and risk management to protect policyholders. This initiative will align the South African insurance industry with international standards. An industrywide adoption of SAM is expected by January 2015 with the implementation of interim measures for long-term insurers and short-term insurers expected during SAM is likely to have a significant impact on the South African insurance industry. The key issues are: Capital requirements: Although there is still uncertainty as to the quantitative impact of SAM, it is expected to be far greater in the smaller (unlisted) niche insurance business, which may result in further consolidation within the industry. Product profitability: Generally, it is expected that the quality of earnings will improve due to more accurate pricing of risk and the withdrawal of higher-risk products. Assets and investment preferences: The relative attractiveness of asset classes will shift, with assets reallocated towards SAM-optimised investments. Risks and risk transfer: As SAM is likely to recognise correlation within a group and between risk types, the quantification of risk diversification could prompt the realisation of benefits through rationalisation or organisational structures or transfer of risk between structures. Costs: SAM will result in higher costs of compliance, resulting in higher costs for providing insurance services. With capital constraints, insurers will be more focused on reducing costs and increasing efficiencies. This may result in further industry-level consolidations to improve advantages of scale. Industry structure: The supervision by regulators will be split between prudential supervision of re-insurers and banks, while market conduct will be subject to separate supervision by the FSB. The new SAM regime will drive key changes to Liberty s business applications. These changes will predominantly lead to enhanced business capability in respect of risk-adjusted decision-making processes within Liberty. Liberty is well-represented at all levels of the FSB s SAM industry forums through participation in the 12 task groups, the SAM steering committee and its subcommittees. Treating customers fairly The TCF focus continues to be developed by Liberty, through means of various initiatives within the Liberty group. Social security and retirement reform National Treasury has announced its intention to reform the pension and retirement savings industry, including steps to deal with certain preservation, portability and governance aspects involving retirement funds. There will also be a focus on fees and commissions with respect to annuity products in particular. Other National Treasury focus areas will be non-retirement savings and further tax incentives around retirement funding. During, draft regulations were issued by National Treasury relating to the demarcation between long- and short-term insurance products and medical schemes which may have implications for the group. Pension Funds Act amendments relating to fund member investment restrictions Amendments to Regulation 28 of the Pension Funds Act were implemented during, relating to limitations on individual fund member policyholder investment portfolios. Various projects to facilitate communications to fund members, as well as reports being provided to the FSB have been initiated. The Financial Advisory and Intermediary Services Act s fit and proper requirements for financial advisers All the group s registered financial advisers were required to pass examinations during. The majority of these financial advisers have passed the examinations. Where financial advisers did not pass the exams, they have been removed from the representative registers and their customers have been re-intermediated to other advisers. Insurance act review The Long-term Insurance Act and Short-term Insurance Act are being reviewed by the regulators as part of the SAM implementation process. Other regulatory developments A directive was issued by the FSB during requiring compliance with certain minimum requirements for outsourcing arrangements where third parties conduct policyholder-related activities on behalf of insurers. 9

12 Risk and capital management report Annual financial statements Additional information Overview continued Reporting framework The risk and capital information disclosed within these sections is in accordance with two frameworks, namely IFRS and Basel II. All tables, diagrams, quantitative information and commentary in this risk and capital management report are unaudited unless stated as audited. RCM AFS Restatement of financial information is set out in annexure A on page 212 Sections forming part of the audited annual financial statements Specific information on risk and capital management integral to the audited annual financial statements can be found under the following sections of this risk and capital management report: capital management, starting on page 19 credit risk, starting on page 25 liquidity risk, starting on page 57 market risk, starting on page 66 insurance risk, starting on page 79. Reporting framework differences While the overarching aim of both the IFRS and Basel II reporting frameworks is transparency and accountability, there are some fundamental differences in underlying principles, with the Basel II principles being more conservative. Asset class differences Under IFRS, the reporting of exposures is categorised by class of financial instrument while Basel II requires classification by Basel II asset class. Classes are determined for IFRS purposes by taking into account the nature of the information to be disclosed and the characteristics of the underlying financial instruments. Basel II asset classes, under the internal ratings-based (IRB) approach, are based on their homogeneous risk characteristics and aligned to the risk mitigation factors applied in the Basel II calculations. Fair value instruments IFRS permits any financial asset or financial liability, on meeting specific criteria, to be designated at fair value with all changes in fair value being recognised in profit or loss. RCM AFS Refer to page 177 for the changes in fair value attributable to changes in own credit risk on such liabilities which are required to be disclosed in the financial statements Available-for-sale instruments IFRS permits certain financial assets such as non-trading debt and equity instruments to be classified as available-for-sale. These are measured at fair value with all fair value adjustments recognised in other comprehensive income (OCI). Basel II pillar 3 (pillar 3) requires these fair value adjustments to be reversed when determining regulatory capital as they may be transient and, therefore, not permanently available. Impairments In terms of IFRS, assets are specifically impaired and the resulting losses recognised only if: there is objective evidence of impairment resulting from one or more events that have occurred after the initial recognition of the asset, and that event has an impact on the estimated future cash flows of assets that can be reliably measured. To provide for latent losses in a portfolio of loans where the loans have not yet been individually identified as impaired, impairment for incurred but not reported losses is recognised based on historic loss patterns and estimated emergence periods. While IFRS impairment is based on an incurred loss approach, Basel II is based on the concepts of expected and unexpected losses. Expected losses are accounted for through the level of impairments held against the underlying exposure. Unexpected losses are accounted for through holding regulatory capital in relation to the size and nature of the exposure held. Basel II requires statistical modeling of expected losses whereas IFRS, although it allows for statistical models, requires a trigger event to have occurred before an impairment loss can be recognised. Default The difference between default under Basel II and impairment under IFRS relates to timing. Basel II defines default as the obligor being 90 days past due on the obligation (extended to 180 days for some products) whereas IFRS defines default as actual breach of contract (including a missed capital or interest payment) or changes in macroeconomic variables before the reporting date that have a correlation with default on assets. Basel II requires that fair value gains and losses attributable to own credit risk be excluded when calculating regulatory capital. 10

13 Standard Bank Group Risk and capital management report > Overview Treatment of differences between the impairment values The difference between the two impairment values produces a shortfall if the expected loss amount under Basel II exceeds total impairments under IFRS, or an excess if total impairments exceed the expected loss amount. Basel II requires shortfall amounts, if any, to be deducted from capital in the ratio of 50% from tier I capital and 50% from tier II capital. Basis of consolidation The differences relating to consolidation methods under Basel II and IFRS are explained in the table below. Reporting framework differences Basis for determining treatment Basel ll pillar 3 The key basis is the nature of the underlying activity of the entity. There are different treatments for entities which conduct banking, securities or financial activities as defined, and those which do not. IFRS All entities, regardless of the nature of their underlying activities, are either consolidated or equity accounted based on the extent of control or influence that the group has on those entities. The principles of control and the consequential reporting requirements are governed by the accounting standard IAS 27, which will be superceded by IFRS 10 from January Subsidiaries conducting banking, securities Consolidated 2 Consolidated or financial activities as defined 1 Other subsidiaries Deducted 3 Consolidated Significant influence or joint control of entities conducting banking, securities or financial activities, as defined 1 Significant influence or joint control of entities conducting other activities Proportionally consolidated 4 Deducted 3 Equity accounted Equity accounted 1 Refer to the definitions shown in the table on the next page. 2 Includes the full risk-weighted exposure amounts of the subsidiary in the group s consolidated risk-weighted exposures. 3 The investment in the entity is deducted from the group s consolidated regulatory capital and reserve funds and the related assets are removed from the consolidated balance sheet. 4 Includes the pro rata portion (based on the group s share in the entity) of the risk-weighted exposure amounts of the entity in the group s consolidated risk-weighted exposure. Group and individual bank disclosure Basel II disclosures apply at a group level only and not at an individual bank level. Banking regulations require the consolidation of group companies (subsidiaries, joint ventures and voluntarily consolidated minority-owned entities) that conduct banking, securities and financial activities. These include credit institutions, securities firms and financial entities, but no other companies. 11

14 Risk and capital management report Annual financial statements Additional information Overview continued Reporting framework continued Treatment of legal entities under the Basel II consolidation Banks 1 Securities firms 2 Financial entities 3 Commercial entities 4 Insurance entities 5 Consolidated Proportionately consolidated 7 4 Deducted Total Consolidated Proportionately consolidated 7 4 Deducted Total Banks public companies registered as banks in terms of the Banks Act or the relevant legislation if the entity is registered outside of the Republic of South Africa. 2 Securities firms entities that provide securities services as envisaged in the Securities Services Act 36 of 2004 or the relevant legislation if the entity is registered outside the Republic of South Africa. 3 Financial entities entities that conduct financial activities, for example, lending, financial leasing, consumer credit, mortgage credit, money transmission, portfolio management or money broking. 4 Commercial entities entities primarily involved in the production of goods or non-financial services. 5 Insurance entities entities that conduct insurance business including any entity registered as an insurer in terms of the Short-term Insurance Act or Long-term Insurance Act or the relevant legislation if the entity is registered outside the Republic of South Africa. 6 Consolidated includes the full risk-weighted exposure amounts of the subsidiary in the group s consolidated risk-weighted exposures. 7 Proportionally consolidated includes the pro rata portion (based on the group s share in the entity) of the risk-weighted exposure amounts of the entity in the group s consolidated risk-weighted exposures. 8 Deducted the investment in the entity is deducted from the group s consolidated regulatory capital and reserve funds and the related assets are removed from the consolidated balance sheet. Risk types The risk types that the group is exposed to are defined below. The definitions are consistent with those used in the risk taxonomy, a key component of the risk framework. Credit risk Credit risk is the risk of loss arising out of the failure of counterparties to meet their financial or contractual obligations when due. Credit risk comprises counterparty risk, settlement risk and concentration risk. These risk types are defined as follows: Counterparty risk: The risk of credit loss to the group as a result of the failure by a counterparty to meet its financial and/or contractual obligations to the group as they fall due. This risk type has three components: Primary credit risk: The exposure at default (EAD) arising from lending and related banking product activities, including their underwriting. Pre-settlement credit risk: The EAD arising from unsettled forward and derivative transactions where the group is acting in a principal capacity or as a clearer. This risk arises from the default of the counterparty to the transaction and is measured as the cost of replacing the transaction at current market rates. Issuer risk: The EAD arising from traded credit and equity products, including underwriting the issue of these products in the primary market. Settlement risk: The risk of loss to the group from settling a transaction where value is exchanged, but where the group may not receive all or part of the counter value. Credit concentration risk: The risk of loss to the group as a result of excessive build-up of exposure to a specific counterparty or counterparty group, an industry, market, product, financial instrument or type of security, a country or geography, or a maturity. This concentration typically exists where a number of counterparties are engaged in similar activities and have similar characteristics, which could result in their ability to meet contractual obligations being similarly affected by changes in economic or other conditions. Country risk Country risk is the risk of loss arising when political or economic conditions or events in a particular country inhibit the ability of counterparties in that country to meet their financial obligations. Country risk events may include sovereign defaults, banking or currency crises, social instability and governmental policy changes or interventions such as expropriation, nationalisation and asset confiscation. Transfer and convertibility risk is an important element of cross-border country risk. Examples of 12

15 Standard Bank Group Risk and capital management report > Overview transfer and convertibility events are exchange controls and foreign debt moratoria. Liquidity risk Liquidity risk arises when the group is unable to maintain or generate sufficient cash resources to meet its payment obligations as they fall due, or can only do so on materially disadvantageous terms. This inability to maintain or generate sufficient cash resources occurs when counterparties who provide the group with funding withdraw or do not roll over that funding, or as a result of a general disruption in asset markets that renders normally liquid assets illiquid. Market risk Market risk is the risk of a change in the market value, earnings (actual or effective) or future cash flows of a portfolio of financial instruments, including commodities, caused by movements in market variables such as equity, bond and commodity prices, currency exchange rates and interest rates, credit spreads, recovery rates, correlations and implied volatilities in all of these variables. Insurance risk Insurance risk is the risk that future demographic and related expense experience will exceed the allowance for expected demographic experience and expenses, as determined through measuring policyholder liabilities and ultimately against the product pricing basis. Insurance risk arises due to uncertainty regarding the timing and amount of future cash flows from insurance contracts. This could be due to variations in mortality, morbidity, policyholder behaviour or expense experience in the case of life products, or claims incidence and severity assumptions in the case of short-term insurance products. Operational risk Operational risk is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. Reputational risk and strategic risk are, in line with general market convention, excluded from the definition of operational risk. Reputational risk is defined separately alongside. Strategic risk is included in the definition of business risk alongside. Business risk Business risk is the risk of loss, due to operating revenues not covering operating costs and is usually caused by the following: inflexible cost structures market-driven pressures, such as decreased demand, increased competition or cost increases group-specific causes, such as a poor choice of strategy, reputational damage or the decision to absorb costs or losses to preserve reputation. It includes strategic risk and post-retirement obligation risk. Strategic risk Strategic risk is the risk that the group s future business plans and strategies may be inadequate to prevent financial loss or protect the group s competitive position and shareholder returns. Post-retirement obligation risk The risk arises because the estimated value of the pension or medical liabilities might increase, the market value of the fund s assets might decline or their investment returns might reduce. Reputational risk Reputational risk results from damage to the group s image which may impair its ability to retain and generate business. Such damage may result in a breakdown of trust, confidence or business relationships. Risk management framework The group s risk management framework comprises the following components: risk governance committees at a board and management level as described on the next page management organisation structure to support the three lines of defence model as described on page 16 risk governance standards as described on page 17 policies to support the risk governance standards. 13

16 Risk and capital management report Annual financial statements Additional information Overview continued Risk governance committees Standard Bank Group board Management committees Board committees Group executive committee Group chief executive 1 Jacko Maree 2 Group risk and capital management committee Group audit committee SBSA large exposure credit committee 3 Group model approval committee Group strategic technology and operations forum Deputy chief executive Peter Wharton-Hood 1 Group risk oversight committee Group chief risk officer Paul Smith 1 PBB model approval committee Chief risk officer PBB Keith Fuller 1 CIB model approval committee Chief risk officer CIB Roselyne Renel 1 1 Chairman of management committee. 2 Group chief executive as at 31 December. 3 A subcommittee of SBSA. Risk governance process The group s risk governance process relies on both individual responsibility and collective oversight, supported by comprehensive and independent reporting. This approach balances strong corporate oversight at group level with participation by the senior executives of the group in all significant risk matters. The governance committees are a key component of the risk management framework. They have clearly defined mandates and delegated authorities, which are reviewed regularly. RCM AFS As a general principle, risk management issues are dealt with at the appropriate GROC subcommittee, refer to page 16 Material issues are escalated to GROC, as are decisions requiring GROC approval. GROC evaluates reports provided to it by the GROC subcommittees and the CROs, together with specific deep drill reports. Material issues are escalated to the GRCMC, as are decisions requiring the GRCMC approval. The GRCMC accounts to the board in the same manner. The primary communication up the hierarchy is undertaken by the relevant committee chairman. Wherever regulations require noting or approval by the board committee the regulations overrule any internal processes. A similar process is adopted in relation to the GAC where the reporting process commences at the level of the head of GIA and the head of governance and assurance. 14

17 Standard Bank Group Risk and capital management report > Overview Board committees Board subcommittees responsible for effective risk management comprise the GAC, the GRCMC, the SBSA large exposure credit committee and the group model approval committee. Key roles and responsibilities of these committees, as they relate to risk and capital management, are detailed in the sections that follow. Group audit committee The GAC reviews the group s financial position and makes recommendations to the board on all financial matters, risks, internal financial controls, fraud and IT risks relevant to financial reporting. In relation to risk and capital management, the GAC plays a crucial role in ensuring that the group s internal financial controls are adequate to effectively and efficiently mitigate risks. Minutes of the GRCMC meetings are tabled at the GAC meetings on a quarterly basis. In addition, the CRO provides quarterly strategic risk overviews to the GAC on significant matters relating to risk and capital management discussed at the GRCMC and GROC meetings. Furthermore, on a quarterly basis, the chairman of the GAC meets with the group chief compliance officer and chief audit officer, in the absence of management, to discuss the adequacy and effectiveness of the management of risks to which the group is exposed. AIR Further details on the GAC s roles, responsibilities and membership can be found in the corporate governance statement on pages 102 and 103 of the group s annual integrated report Group risk and capital management committee The GRCMC provides independent and objective oversight of risk and capital management across the group by: reviewing and providing oversight in respect of the adequacy and effectiveness of the group s risk management framework approving risk and capital management governance standards and policies approving the group s risk appetite statements and monitoring the group s risk profile monitoring and evaluating significant IT investment and expenditure. SBSA large exposure credit committee This committee is designated by the SBSA board to discharge the responsibility of ensuring compliance with the Banks Act regulations in respect of large exposures. It meets as required, with the requirements for a quorum being mandatory in terms of guidance from the SARB, and reports quarterly to the SBSA board through its chairman on all large exposures as defined in the regulations. Group model approval committee The group model approval committee was established, effective 1 January, in line with the Banks Act regulations. This committee is responsible for assisting the board in reviewing and approving all aspects of the group s material credit rating models. This committee reports to the board and the GRCMC through its chairman. This committee is supported by the PBB and CIB model approval subcommittees. Management committees Group risk oversight committee Executive management oversight for all risk types has been delegated by the group executive committee to GROC which, in turn, assists the GRCMC to fulfil its mandate. GROC considers and, to the extent required, recommends for approval by the relevant board committees for the following: risk appetite statements approval of macroeconomic scenarios for stress testing, stress-testing results and scenario analyses risk governance standards for each risk type actions on the risk profile and/or risk tendency risk strategy and key risk controls across the group ICAAP. 15

18 Risk and capital management report Annual financial statements Additional information Overview continued Risk governance process continued GROC subcommittees There are 14 GROC subcommittees, as detailed in the committee structure below. Subcommittee CIB credit governance committee Group asset and liability committee Subcommittee: group capital management committee Group compliance committee Group country risk management committee Group credit portfolio management committee 1 Group equity risk committee 1 Group insurance risk committee 1 Group internal financial control governance committee Group operational risk committee Group regulatory and legislative oversight committee Group sanctions review committee Group stress testing committee Intragroup exposure committee PBB credit governance committee Chairman Roselyne Renel, chief risk officer, CIB Simon Ridley, group financial director Isabel Lawrence, group chief compliance officer Roselyne Renel, chief risk officer, CIB Paul Smith, group chief risk officer Roselyne Renel, chief risk officer, CIB Calvin Quan, group head insurance risk Simon Ridley, group financial director Paul Rew, group head operational risk Sim Tshabalala, deputy group chief executive Sim Tshabalala, deputy group chief executive Richard Pantcheff, group chief credit officer Simon Ridley, group financial director Keith Fuller, chief risk officer, PBB 1 Established in. Three lines of defence model The group adopts the three lines of defence model which reinforces segregation of duties between and independence of various control functions. The three lines of defence are described below. First line of defence Second line of defence Third line of defence Consists of management of business lines and legal entities. finance function risk management function legal function governance and assurance function excluding GIA. GIA function (administratively part of governance and assurance). Responsibilities measures, assesses and controls risks through the day-to-day activities of the business within the governance framework. supports the governance framework provides independent oversight of the first line of defence reports to management and board governance committees. supports the governance framework provides independent assessment of first and second lines of defence reports to GAC. 16

19 Standard Bank Group Risk and capital management report > Overview Second line of defence functions The second line of defence functions comprise various specialist functions which are set out below. Finance function Risk management function Legal function Governance and assurance function Consists of treasury and capital management (TCM) function: capital management liquidity risk banking book interest rate risk business risk portfolio management group tax function group financial control function. credit risk country risk market risk operational risk, including business continuity and resilience information risk management long- and short-term insurance risk integrated risk. prudential, by geographic region transactional, by product type. governance office financial crime control sustainability management compliance occupational health and safety physical security. Each of these four functions has resources at both the centre and embedded within the business lines. The central resources provide a groupwide governance framework for the specific function. The resources dedicated to the business lines support business line management in ensuring that business line specific risks are effectively managed as close to the source as possible. Centre and embedded resources jointly address risk management at a legal entity level. Third line of defence The GIA function, under the stewardship of the chief audit officer, reports to and operates under a mandate from the GAC. In terms of this mandate, the GIA s role is to provide independent and objective assurance, designed to add value and improve group operations. The GIA has the authority to independently determine the scope and extent of work to be performed. All internal audit employees in the group report operationally to the chief audit officer and administratively to management in their country of residence. Risk governance standards The specialist second line of defence functions maintain risk governance standards for each major risk type to which the group is exposed. The risk governance standards set out minimum control requirements and ensure alignment and consistency in the manner in which the major risk types and capital management metrics across the group are dealt with. All risk governance standards are applied consistently across the group and are approved by the GRCMC. Supporting policies and procedures are implemented by the management team and monitored by the embedded risk resources. Compliance with risk governance standards is controlled through annual self-assessments by the second line of defence and reviews by the GIA. The group s approach to risk appetite The following terms have specific meanings within the group. Risk appetite: An expression of the amount or type of risk an entity is generally willing to take in pursuit of its financial and strategic objectives, reflecting its capacity to sustain losses and continue to meet its obligations as they fall due, under both normal and a range of stress conditions. Risk appetite could be exceeded either as a result of an adverse economic event more severe than that envisaged under the range of stress conditions (passive), or as a result of a decision to increase the risk profile to accommodate market, client or portfolio requirements (active). Risk tolerance: The maximum amount or type of risk the group is prepared to tolerate above risk appetite for short periods of time on the understanding that management action is taken to get back within risk appetite. Risk capacity: The maximum amount of risk the group is able to support within its available financial resources. Risk profile: The amount or type of risk the group holds at a specified point in time. Risk tendency: The forward-looking view of how the group s risk profile may change as a result of portfolio effects and/or changes in economic conditions. The changes in economic conditions may either be in the form of formally approved macroeconomic stress scenarios as part of the budgeting process or ad-hoc stress scenarios. 17

20 Risk and capital management report Annual financial statements Additional information Overview continued The group s approach to risk appetite continued The board establishes parameters for risk appetite by: providing strategic leadership and guidance reviewing and approving annual budgets and forecasts, under normal and stressed conditions, for the group, each business line and material legal entity regularly reviewing and monitoring performance in relation to risk through quarterly board reports analysing risk tendency against risk appetite. The board delegates the determination of risk appetite to the GRCMC, which in turn ensures that risk appetite is in line with group strategy and the desired balance between risk and return. GROC recommends the level of risk appetite to both the GRCMC and the board. Risk appetite at a group level is described by the following metrics which are supplemented by qualitative criteria: earnings at risk liquidity regulatory capital economic capital. These metrics are converted into: portfolio limits, for example, concentrations, credit loss ratios and VaR operational limits, for example, facilities by name desk-specific limits across the relevant risk types. The group s approach to stress testing Stress testing is a key management tool within the group and facilitates a forward-looking perspective of the organisation s risk profile or risk tendency. Stress testing supports a number of business processes including: strategic planning and budgeting the ICAAP process, including capital planning and management, and the setting of capital buffers liquidity planning and management informing the setting of risk tolerance providing a forward looking assessment of the impact of stress conditions on the risk profile identifying and proactively mitigating risks through actions such as reviewing and changing risk limits, limiting exposures and hedging facilitating the development of risk mitigation or contingency plans across a range of stressed conditions communicating with internal and external stakeholders. Stress-testing results inform decision-making at the appropriate management levels including strategic business decisions of the board and senior management. Stress tests are conducted at group, business line and material legal entity level. Groupwide macroeconomic stress testing is conducted regularly across all major risk types for a range of common scenarios. This allows the group to monitor its risk profile and risk tendency against its risk appetite. This groupwide stress testing is augmented by portfolio-specific stress testing and sensitivity analyses to identify the drivers of risk tendency and necessary actions to constrain risk. The appropriateness of the macroeconomic stress scenarios and the severity of the relevant scenarios used for capital planning are approved by the GRCMC. Basel II approaches adopted Credit risk The group has approval from the SARB to adopt the advanced internal ratings-based (AIRB) approach for its credit portfolios in SBSA and the foundation internal ratings-based (FIRB) approach for Standard Bank Plc. For internal management purposes, the group utilises internal measures and principles wherever possible. Equity risk The group has approval from the SARB to adopt the market-based approach for certain equity portfolios in SBSA while the risk-weighted IRB approach is used for Standard Bank Plc equity portfolios. Operational risk The group currently applies the standardised approach for operational risk. During, the group calculated capital based on the AMA model for SBSA. This has been used for SBSA economic capital purposes, and for the parallel run for regulatory capital purposes. Provided that the necessary approval is obtained from the SARB, the group will adopt a partial approach, that is, SBSA will make use of the AMA for regulatory capital purposes, while the other entities will remain on the standardised approach for regulatory capital until they are ready to migrate to the AMA under home and host regulatory requirements. Market risk The group has approval from the SARB to adopt the internal models approach for most trading product groups and across most market risk types for SBSA and Standard Bank Plc. 18