Credit risk
Given the particular business of the Group’s companies, credit risk is the most important element to consider as far as the general risks assumed by the Group are concerned. Maintaining an effective credit risk management is a strategic objective for the Banca Ifis Group, pursued by adopting integrated tools and processes that ensure proper credit risk management at all stages (preparation, lending, monitoring and management, and interventions on troubled loans).
Credit risk is continuously monitored with the help of procedures and tools that allow for the timely identification of positions that present particular anomalies. Over time, the Banca Ifis Group has implemented instruments and procedures allowing to specifically evaluate and monitor risks for each type of customer and product.
The Banca Ifis Group pays particular attention to the concentration of credit risk with reference to all Group companies, at both individual and consolidated level. Banca Ifis’s Board of Directors has mandated the Top Management to take action to contain major risks. In line with the directives of the Board, those positions that are at risk and engage the Group to a considerable extent are subject to systematic monitoring.
Credit risk mitigation techniques
Credit risk mitigation techniques include those instruments that help limit the loss the Group would suffer should the counterparty default; specifically, these are the collateral and personal guarantees pledged by customers, and any agreements that could potentially reduce credit risk.
In general, as part of the credit granting and management process, for certain types of credit lines, customers are encouraged to provide suitable guarantees in order to reduce their risk. These may consist of collateral, such as liens on financial assets, mortgages on residential or non-residential property, and/or personal guarantees (usually sureties) provided by a third party, where an individual or legal entity takes responsibility for the customer’s obligations in the event of insolvency.
In particular:
- as part of factoring operations, when the type and/or quality of factored receivables do not fully satisfy requirements or, more generally, the invoice seller is not sufficiently creditworthy, the bank’s established practice is to hedge the credit risk assumed by the Group by obtaining additional surety bonds from the shareholders or directors of the invoice seller. As regards the assigned debtors in factoring relationships, where it is believed that the evaluation elements available on the assigned debtor do not enable a correct evaluation/assumption of the credit risk connected to the debtor counterparty, or that the risk amount proposed exceeds limits identified when assessing the counterparty, the default risk of the assigned debtor is suitably hedged. Guarantees issued by correspondent factors and/or insurance policies underwritten with specialised operators are the main hedge against non-domestic account debtors in non-recourse operations;
- in the area of loans to companies, where possible, suitable guarantees are acquired from the Central Guarantee Fund or from other companies within the public sphere such as SACE S.p.A .;
- in regard to Structured Finance, collateral is acquired according to the counterparty’s standing as well as the term and type of the facility. Said collateral includes mortgage guarantees, liens on plant and equipment, pledges, surety bonds, credit insurance, and collateral deposits;
- as for finance leases, the credit risk is mitigated by the leased asset. The lessor maintains the ownership until the purchase option is exercised, ensuring a higher recovery rate in the event the client defaults;
- in relation to financial leases, it should be noted that the credit risk is mitigated by the presence of the leased asset. The Lessor maintains the ownership until the final purchase option becomes available, thus ensuring for itself a greater recovery rate in case of a default by the customer;
- in relation to transactions involving non-performing loans and the purchase of tax receivables from insolvency proceedings, and the related business model, no actions are normally taken to hedge against credit risks;
- salary-backed loans have a low-risk technical form, considering the characteristics of this product which necessarily requires insurance coverage against the risk of death and/or loss of employment and the constraint, as a greater guarantee of the loan, on the Severance Pay accrued by the customer.
- the operation of financing to pharmacies involves an advance payment combined with a transfer or a mandate for the collection of receivables with the possibility of using the subsequent advances to reduce existing loans.
In line with the provisions of the Liquidity Decree (Italian Legislative Decree no. 23 of 8 April 2020) the Group took advantage of the guarantees offered by the state Guarantee Fund for the type of customers and loans provided for by the Decree, with coverage that can reach up to 100%. This guarantee allows for a reduction in RWAs relating to credit risk, in proportion to the amount of exposure covered by the Fund.
The acquired NPL portfolios include positions secured by mortgages on properties that present a lower risk than the overall acquired portfolio.
When calculating the overall credit limit for an individual customer and/or legal and economic group, the Bank considers specific criteria when weighing the different categories of risks and guarantees. Specifically, when measuring collateral, it applies prudential ‘spreads’ differentiated by type of guarantee.
The Group continuously checks the quality and adequacy of guarantees acquired on the loan portfolio, with second-level controls carried out by the Parent Company’s Risk Management function and performed in the Single File Review (SFR) area.
For further information, please refer to the 2023 consolidated reports and financial statements.
Market risk
Interest rate risk and price risk – supervisory trading book
Market risk represents the risk of loss due to adverse movements in market prices (share prices, interest rates, foreign exchange rates, commodity prices, volatility of risk factors, and so on) in connection with the trading book for Supervisory purposes (position, settlement and concentration risks) and with the Bank’s entire budget (exchange rate and position risk on commodities).
In 2023, the investment strategy continued, as regulated in the “Banca Ifis Proprietary Portfolio Management Policy” and in the “Policy for Managing Securitisation & Structured Solutions investment operations” is structured to coincide with the risk appetite formulated by the Board of Directors under the scope of the Risk Appetite Framework (RAF) and laid out in the “Group Market Risk Management Policy”, as well as with the system of objectives and limits. In keeping with the ‘conservative stance’ outlined in the above-mentioned documents, the overall investment strategy focused for the best part of the year on risk containment. This was implemented mainly by seeking out securities characterised by high liquidity and a strategy of steady returns over the medium term.
The component relating to the “trading book” from which the market risk in question originates was marginal with respect to the total investments in the banking book both in absolute terms of the risk values recorded and with respect to the established limits. The trading book mainly comprises options and futures deriving from hedging transactions and ancillary enhancements to the investment strategy in assets that are part of the “banking book” and “discretionary trading” portfolio, characterised by short-term speculation and marginal exposure.
The trading book also contains residual transactions from the Corporate Banking operations, as part of which clients were offered derivative contracts hedging the financial risks they assumed. In order to remove market risk, all outstanding transactions are hedged with “back to back” trades, in which the Bank assumes a position opposite to the one sold to corporate clients with independent market counterparties.
Interest rate risk and price risk – banking book
As a general principle, the Group does not assume significant interest rate risks. In terms of breakdown of the balance sheet with reference to the types of risk in question, in respect of the liabilities, the main funding source is still the on-line savings accounts and the Rendimax current account, structured into the technical forms of fixed-rate customer deposit accounts for the restricted component and the non index-linked variable rate that can be unilaterally revised by the Group Bank in respect of the rules and contracts, for the technical forms of unrestricted demand and on-call current accounts. The other main components of funding concern fixed-rate bond funding, variable-rate securitisation operations, repurchase agreements at both fixed and variable rate and loans with the Eurosystem (referred to as TLTRO and LTRO) at variable rates.
With regard to assets, customer loans remain mainly at variable rates, both with regard to the commercial credit component and to corporate loans.
As for the operations concerning distressed retail loans carried out by the subsidiaries Ifis Npl Investing, Revalea and Ifis Npl Servicing, the first two are characterised by a business model focused on acquiring receivables at prices lower than their nominal amount, and there is a potential interest rate risk also associated with the uncertainty about when the receivables will be collected.
At 31 December 2023, the comprehensive bond portfolio mainly comprises government securities for a percentage of 66%; the modified average duration and average maturity of the portfolio total 2,2 years and 2,9 years.
The Capital Markets function is appointed to guarantee the rate risk management, which, in line with the risk appetite established, defines what action is necessary to pursue this. The Risk Management function is responsible for proposing the risk appetite, identifying the most appropriate risk indicators and monitoring the relevant performance of the assets and liabilities in connection with the pre-set limits. Each year, the Top Management proposes to the Board of Directors of the Banca Ifis Parent Company its lending and funding policies and its interest rate risk management policies. It also suggests any appropriate action to ensure that it carries out its activities in accordance with the risk policies approved by the Group.
The Risk Management department periodically reports to the Parent Company’s Board of Directors on the interest rate risk position as part of the specific monthly reports prepared by the Risk Management department for top management.
For further information, please refer to the 2023 consolidated reports and financial statements.
Currency risk
The assumption of currency risk, intended as an operating element that could potentially improve treasury performance, represents an operation that is not part of the Group’s policies. The Banca Ifis Group’s foreign currency operations largely involve collections and payments associated with factoring operations and in hedging assets in foreign currencies, like units of UCITS. In this sense, the assets in question are generally hedged with deposits and/or loans from other banks in the same currency, thus eliminating for the most part the risk of losses associated with exchange rate fluctuations. In some cases, synthetic instruments are used as hedging instruments.
A residual currency risk arises as a natural consequence of the mismatch between the clients’ borrowings and the Capital Markets function’s funding operations in foreign currency. Such mismatches are mainly a result of the difficulty in correctly anticipating financial trends connected with factoring operations, with particular reference to cash flows from account debtors vis-à-vis the maturities of loans granted to customers, as well as the effect of interest on them.
However, the Capital Markets function strives to minimise such mismatches every day, constantly realigning the size and timing of foreign currency positions.
Currency risk related to the Bank’s business is assumed and managed according to the risk policies and limits set by the Parent Company’s Board of Directors, with precise delegations of power limiting the autonomy of those authorised to operate, as well as especially strict limits on the daily net currency position.
The business functions responsible for ensuring the currency risk is managed correctly are: the Capital Markets function, which, amongst other duties, directly manages the Bank’s funding operations and currency position; the Risk Management function, responsible for selecting the most appropriate risk indicators and monitoring them with reference to pre-set limits; and the Top Management, which every year, based on the Capital Markets function’s proposals, shall consider these suggestions and make proposals to the Banca Ifis Board of Directors regarding policies on funding and the management of currency risk, as well as suggest appropriate actions during the year in order to ensure that operations are conducted consistently with the risk policies approved by the Group.
For further information, please refer to the 2023 consolidated reports and financial statements.
Liquidity risk
The liquidity risk refers to the possibility that the Group fails to service its debt obligations due to the inability to raise funds or sell enough assets on the market to address liquidity needs. The liquidity risk also refers to the inability to secure new adequate financial resources, in terms of amount and cost, to meet its operating needs and opportunities, hence forcing the Group to either slow down or stop its operations or incur excessive funding costs in order to service its obligations, significantly affecting its profitability.
At 31 December 2023, financial sources mainly consisted of equity, online funding (Rendimax product), including on-demand and time deposits, medium/long-term bonds issued as part of the EMTN programme, medium/long-term securitisation transactions, as well as funding from corporate customers. Funding in the form of repurchase agreements, entered into with leading banks, continued to be a significant source of funding in 2023.
Finally, with regard to the Eurosystem’s funding (TLTRO), it remained an important form of funding at the end of 2023. However, also in view of the fact that 2024 will see the natural end of maturity of these instruments, it was decided to bring forward the redemption of 500 million Euro already to the end of 2023, bringing the amount used from approximately 2 billion Euro to about 1,5 billion Euro.
The Group is constantly engaged in the harmonious development of its financial resources, both in terms of size and costs, in order to have available liquidity reserves adequate for the current and future business volumes.
The corporate functions of the Parent Company responsible for ensuring the correct application of the liquidity policy are the Capital Markets function, which handles the direct management of liquidity, and the Risk Management function, which proposes the risk appetite, identifying the most appropriate risk indicators and monitoring their trend in relation to the pre-set limits and supporting the activities of Top Management. The latter, together with the Capital Markets function, proposes funding and liquidity risk management policies to the Board of Directors on an annual basis, and suggests any appropriate actions during the year to ensure that activities are carried out in full compliance with the approved risk policies. As part of the ongoing process of adapting liquidity risk procedures and policies and taking into account the evolution of the prudential supervisory provisions of reference, the Parent Company uses an internal framework for the governance, monitoring and management of liquidity risk at Group level.
In compliance with supervisory provisions, the Group also has a Contingency Funding Plan aimed at protecting itself from losses or threats arising from a potential liquidity crisis and guaranteeing business continuity even in the midst of a serious emergency arising from its own internal organisation and/or the market situation.
The Risk Management function periodically reports on the liquidity risk position by means of a Dashboard prepared for the Board of Directors of Banca Ifis.
With reference to the Polish and Romanian subsidiary, the treasury activity is coordinated by the Parent Company.
For further information, please refer to the 2023 consolidated reports and financial statements.
Impacts deriving from the macroeconomic environment
The Covid-19-related health emergency in early March 2020 generated unprecedented impacts on global economic growth. This circumstance prompted intermediaries to consider possible impacts on credit risk produced by such extraordinary risk factors not adequately captured by the expected loss (ECL) calculation models in use. This, coupled with the need to capture expectations of a rapid deterioration in macroeconomic conditions from a forward-looking perspective, led the Group to introduce prudential adjustments (“management overlays”) over time in the determination of expected losses (ECL); these adjustments were aimed in particular at capturing the risks associated with exposures to counterparties belonging to the economic sectors that are potentially the most vulnerable to the health emergency.
After 2021 and in particular during 2022 and 2023, as a result of geopolitical tensions related to the Russia-Ukraine conflict and the conflict in the Middle East, the inflationary scenario and the slowdown in economic growth, the prudential adjustments applied and previously described were replaced and restated with the aim of factoring in the risks emerging from the macroeconomic context of reference.
In particular, a number of new prudential adjustments were introduced to take into account the macroeconomic context strongly influenced by geopolitical tensions, the impact of rising energy prices, inflationary dynamics, and the significant increase in interest rates in order to intercept risk factors relating to counterparties belonging to sectors considered particularly exposed to new emerging risks; in particular, companies in the manufacturing, agricultural, transport, trading and energy sectors. The approach and criteria used have been made progressively more analytical and consistent over time through refinements introduced to reflect the Group’s improved perception of the evolution of related risks.
For further information, please refer to the 2023 consolidated reports and financial statements.
Operational risks
The operational risk is defined as the risk of suffering losses resulting from inadequate or dysfunctional processes, human resources, internal systems or external events. This definition does not include strategic risk and reputational risk, but it does include legal risk (i.e. the risk of losses deriving from failure to comply with laws or regulations, contractual or extra-contractual liability, or other disputes), IT risk, risk of non- compliance, fraud risk, risk of money laundering and terrorist financing, and the risk of financial misstatement.
The main sources of operational risk are operational errors, the inefficiency or inadequacy of operational processes and of related controls/safeguards, internal and external fraud, lack of internal regulation compliance with external regulations, the outsourcing of company functions, quality level of physical and logical security, inadequacy or unavailability of hardware and software systems, increasing use of automation, insufficient number of personnel compared to the size of operations and lastly inadequacy of personnel management and training policies.
The Banca Ifis Group has for some time now defined – in line with the appropriate regulatory requirements and best practices in the sector – the overall framework for the management of operational risk, represented by a set of rules, procedures, resources (human, technological and organisational) and control activities aimed at identifying, assessing, monitoring, preventing or mitigating and communicating to the appropriate hierarchical levels all the operational risks assumed or that can be assumed in the various organisational units. The key processes for proper operational risk management are the following:
- Loss Data Collection activity has now been consolidated, also thanks to Risk Management’s constant efforts to disseminate a culture of pro-actively managing and raising awareness of operational risks among the various structures;
- by the prospective self-assessment of risk exposure through the execution of periodic Risk Self Assessment and Model Risk Self Assessment campaigns, aimed at obtaining an overall view of risks in terms of frequency and/or potential financial impact and of the related organisational safeguards.
With specific reference to the monitoring of the evolution of ICT and Security risk and the assessment of the effectiveness of ICT resource protection measures, the Banca Ifis Group, in compliance with the regulatory requirement has opted for a shared responsibility model, assigning tasks to the Risk Management and Compliance corporate control functions, in relation to the roles, responsibilities and competences of each of the two functions. In particular, the Risk Management function conducts ICT and security risk analysis processes in accordance with the organisational and methodological framework approved by the Board of Directors in order, for example, to verify compliance with the ICT and security risk propensity level, the related risk objectives that the Group intends to achieve, and the resulting operational limits. If the level of ICT and security risk exceeds the defined threshold value, in order to bring it back within the acceptable risk threshold, measures are identified to deal with it, which flow into the “Treatment Plan” that identifies responsibilities for implementing individual corrective actions.
The results of the above-mentioned analyses are reported in the “Summary Report on the ICT and Security Risk Situation” subject to annual approval by the CEO in his capacity as the body with management functions.
In addition to the activities described above, according to its operational risk management framework (including the ICT and Security risk), the Group defines a set of measures that can promptly identify the presence of vulnerabilities in the exposure of the Bank and its subsidiaries to operational risks. These indicators are continuously monitored and disclosed in periodic reports by means of summary risk measures that are shared with the competent structures and bodies: events such as the breach of certain thresholds or the emergence of anomalies trigger specific escalation processes aimed at defining and implementing appropriate mitigation actions. In addition, as part of the definition of the Risk Appetite Framework (RAF) and the preparation of the Recovery Plan and ICAAP Report, the Risk Management function performs analyses to assess its exposure to exceptional but plausible operational risk events. These are called stress analyses and help to identify the resilience of the Group by simulating the impacts of adverse situations in terms of riskiness under the assumption of adverse scenarios.
It should also be noted that, in order to prevent and manage operational risk, the Parent Company’s Risk Management function works with other corporate functions to supervise the risks associated with the outsourcing of simple, essential or important operational functions; to assess the risks associated with the introduction of new products and services; and to carry out a preliminary assessment of the impact, in operational terms, of significant changes to the economic and contractual conditions of products.
Concerning the Companies of the Banca IFIS Group, please note that the management of operational risks is guaranteed by the strong involvement of the Parent Company, which makes decisions in terms of risk management.
For the purposes of determining the capital requirement for operational risks, the Group has adopted the so-called Basic Method set out by prudential regulations.
For further information, please refer to the 2023 consolidated reports and financial statements.