P.
81
2018 Pillar 3 Disclosures
Annex
•
Stop-loss limits measure the maximum real loss
authorised both for the Trading Room and for its
various constituent desks, incorporating the result
of intraday operations. There is one monthly and
another annual limit, along with a weekly and
22-calendar-day references.
The Stop-Loss limits are reviewed periodically, with
this review coinciding with the corresponding process
applied to the VaR limits.
In addition, in order to have a greater degree of
control, monitoring of a VaR reference in situations
already affecting stress is established.
Any excess over the total limit of the Finance Area,
both monthly and annually, must be analysed in an
extraordinary ALCO, where the actions to be taken are
decided.
3. Operational risk
The General Risk Management Framework approved by
the Board, implementing the Risk Tolerance Framework,
contains the policies regarding the assumption and
management of operational risk.
The objective of Cecabank with regard to operational
risks is management and control, so as to align
the operational risk “profile” of the bank with the
guidelines established by the governance bodies.
Cecabank adopts the policy of comprehensive
management of operational risk, applied in a uniform
and systematic manner to all structural units of the
organisation, whether they are business or support
units, and to the foreign branches. It will also apply
to subsidiaries under the principle of proportionality,
depending on their relative importance for the bank;
in any case, the comprehensive management policy
will include subsidiaries whose ordinary margins, total
assets and number of employees represent a percentage
exceeding 5% of the group.
The operational risk scope covers the management of
the different types of operational risk affecting the bank
as a whole.
Operational risk is managed at the Associate Services,
Control and Resources Department by means of the
Operational Risk Unit (ORU). ORU is responsible
for preparing the bank’s non-financial risk maps,
and planning, organising and coordinating the
implementation of the operational risk management
system at the bank. In this area, it develops operational
risk management procedures in their different phases
(identification, assessment, monitoring and control),
applying the approved policies and procedures relating
to the identification and collection of operational
events that have produced losses at the bank and
coordinating the preparation and implementation of
action plans aimed at mitigating operational
risk.Italso proposes establishing measurement methodologies
and indicators, and identifies internal and external
risk factors that may affect the bank’s operational risk
level, and proposes the methodologies to cover these
with provisions or resources.
The Operational Risk Unit carries out its tasks under the
principle of functional collaboration with the various
areas. Each Corporate Director designates one or more
people in charge of managing the operational risk for
their department, whose functions are to develop the
principles of operational risk management in the terms
established by the Compliance and Operational Risk
Committee. Specifically, it identifies and reports all the
actual or potential risk situations that may arise within
processes and events that are subject to operational
losses and the causes thereof.
As regards legal risks and the like, the Operational Risk
Unit will oversee its functions in coordination with the
Regulatory Compliance Function.
OPERATIONAL RISK MANAGEMENT POLICIES
As previously stated, the General Risk Management
Framework approved by the Board, implementing
the Risk Tolerance Framework, contains the policies
regarding the assumption and management of
operational risk.
There follows an overview of the policies connected
with operational risk management.
3.1 Identification of
operational risk
All activities, products and services of the bank are
subjected to a periodic analytical process in order to
identify inherent operational risks and control points
aimed at their mitigation.
A|A.I