While the day-to-day management of Operational Risk is the primary responsibility of our business divisions and infrastructure functions as risk owners, NFRM oversees the Group-wide management of operational risks, identifies and reports risk concentrations and promotes a consistent application of the ORMF across the Bank. NFRM is part of the Group Risk function which is headed by the Chief Risk Officer.
The Chief Risk Officer appoints the Head of Non-Financial Risk Management who is accountable for the design, implementation and maintenance of an effective, efficient and regulatory compliant ORMF, including the Operational Risk capital model.
The Non-Financial Risk Committee (“NFRC”), which is co-chaired by the Chief Risk Officer and the Chief Regulatory Officer, is responsible for the oversight, governance and coordination of the management of Operational Risk in the Group on behalf of the Management Board by establishing a cross-risk and holistic perspective of the key operational risks of the Group. Its decision-making and policy related authorities include the review, advice and management of all Operational Risk issues which may impact the risk profile of our business divisions and infrastructure functions. Several sub-fora with attendees from both, the 1st and 2nd LoDs support the Non-Financial Risk Committee (NFRC) to effectively fulfil its mandate. In 2017, we have established additional councils to enhance the effectiveness of the NFRC with regards to e.g. new technology, framework and culture themes.