Risk appetite expresses the aggregate level of risk that we are willing to assume to achieve our strategic objectives, as defined by a set of minimum quantitative metrics and qualitative statements. Risk capacity is defined as the maximum level of risk we can assume given our capital and liquidity base, risk management and control capabilities, and our regulatory constraints.
Risk appetite is an integral element in our business planning processes via our risk plan and strategy, to promote the appropriate alignment of risk, capital and performance targets, while at the same time considering risk capacity and appetite constraints from both financial and non-financial risks. Compliance of the plan with our risk appetite and capacity is also tested under stressed market conditions. Top-down risk appetite serves as the limit for risk-taking for the bottom-up planning from the business functions.
The Management Board reviews and approves our risk appetite and capacity on an annual basis, or more frequently in the event of unexpected changes to the risk environment, with the aim of ensuring that they are consistent with our Group’s strategy, business and regulatory environment and stakeholders’ requirements.
In order to determine our risk appetite and capacity, we set different group level triggers and thresholds on a forward looking basis and define the escalation requirements for further action. We assign risk metrics that are sensitive to the material risks to which we are exposed and which are able to function as key indicators of financial health. In addition to that, we link our risk and recovery management governance framework with the risk appetite framework. In detail, we assess a suite of metrics under stress (Common Equity Tier 1 (“CET 1”) Ratio, Leverage Ratio (“LR”), Internal Capital Adequacy (“ICA”) Ratio, and Stressed Net Liquidity Position (“SNLP”)) within the regularly performed group-wide stress tests.
Reports relating to our risk profile as compared to our risk appetite and strategy and our monitoring thereof are presented regularly up to the Management Board. In the event that our desired risk appetite is breached, a predefined escalation governance matrix is applied so these breaches are highlighted to the respective committees. Amendments to the risk appetite and capacity must be approved by the Group Risk Committee or the full Management Board, depending on their significance.