RISK FRAMEWORK
Our risk governance structure
We are committed to the highest standards of corporate governance
in every part of our business. This includes risk management. For
details of our governance, including the Board and its Committees,
see the ‘Governance’ section of this Annual Report. The
Board delegates certain responsibilities to Board Level Committees
as needed and where appropriate. Our risk governance structure
strengthens our ability to identify, assess, manage and report
risks, as follows:
|
|•
|
|
Committees: A number of Board
and Executive committees are responsible for specific parts of our
Risk Framework
|
|•
|
|
Key senior management roles with risk management
responsibilities: Senior roles with specific
responsibilities for risk
|
|•
|
|
Risk organisational
structure: We have ‘three lines of
defence’ built into the way we run our business.
Committees
The Board Level Committee responsibilities for risk are:
|
|
|
|
Board Level Committee
|
|
Main risk responsibilities
|
|
|
The Board (including the
Santander UK plc Board)
|
|
• Has overall responsibility for business
execution and for managing risk
• Reviews and approves the Risk Framework and
Risk Appetite.
|
|
|
Board Risk Committee
|
|
• Assesses the Risk Framework and recommends it
to the Board for approval
|
|
|
|
|
• Advises the Board on our overall Risk
Appetite, tolerance and strategy
|
|
|
|
|
• Oversees our exposure to risk and our strategy
and advises the Board on both
|
|
|
|
|
• Reviews the effectiveness of our risk
management systems and internal controls.
|
|
|
Board Responsible Banking
Committee
|
|
• Responsible for culture and operational risks
relating to conduct, compliance, competition, financial crime and
legal matters
|
|
|
|
|
• Reviews reports from the CLRO on the adequacy
and effectiveness of the compliance function
|
|
|
|
|
• Ensures that adequate and effective control
processes are in place to identify and manage reputational
risks
|
|
|
|
|
• Oversees our reputation and how this impacts
our brand and market positioning.
|
|
|
Board Audit Committee
|
|
• Monitors and reviews the integrity of the
financial statements, and any formal announcements relating to
financial performance
|
|
|
|
|
• Reviews the adequacy and effectiveness of the
internal financial controls and whistleblowing arrangements
|
|
|
|
|
• Monitors and reviews the effectiveness of
Santander UK’s internal audit function.
|
|
|
The Executive Level Committee responsibilities for risk are:
|
|
|
|
Executive Level Committee
|
|
Main risk responsibilities
|
|
|
Executive Committee
|
|
• Reviews and approves business plans in line
with our Risk Framework and Risk Appetite before they are
recommended to the Board for approval
• Receives updates on key risk issues managed
by CEO-level committees
and monitors the actions taken.
|
|
|
Senior Management
Committee
|
|
• Focuses on the responsibilities of the
Executive Committee Senior Management Function holders and how they
are discharged
|
|
|
|
|
• Reviews updates on key risk issues, customer,
reputational and conduct matters.
|
|
|
Executive Risk Control
Committee (ERCC)
|
|
• Reviews Risk Appetite proposals before they
are sent to the Board Risk Committee and the Board to approve
|
|
|
|
|
• Ensures that we comply with our Risk
Framework, Risk Appetite and risk policies
|
|
|
|
|
• Reviews and monitors our risk exposures and
approves any corrective steps we need to take.
|
|
|
Asset and Liability
Committee (ALCO)
|
|
• Reviews liquidity risk appetite (LRA)
proposals
|
|
• Ensures we measure and control structural
balance sheet risks, including capital, funding and liquidity, in
line with the policies, strategies and plans set by the Board
|
|
|
|
|
• Reviews and monitors our key asset and
liability management activities to ensure we keep our exposure in
line with our Risk Appetite.
|
|
|
Pensions Committee
|
|
• Reviews pension risk appetite proposals
|
|
|
|
|
• Approves actuarial valuations and reviews the
impact they may have on our contributions, capital and funding
|
|
|
|
|
• Consults with the pension scheme trustees on
the scheme’s investment strategy.
|
|
|
Capital Committee
|
|
• Puts in place reporting systems and risk
control processes to make sure capital risks are managed within our
Risk Framework
|
|
|
|
|
• Reviews capital adequacy and capital plans,
including the ICAAP, before they are sent to the Board to
approve.
|
|
|
Incident Accountability
Committee
|
|
• Considers, calibrates, challenges and agrees
any appropriate individual remuneration adjustments
• Presents recommendations to the Board
Remuneration Committee.
|
|
|
Executive Credit
Approval Committee
|
|
• Approves corporate and wholesale credit
transactions which exceed levels delegated to lower level approval
forums or individuals.
|
|
|
Executive Investment
Approval Committee
|
|
• Approves equity type investment transactions
which exceed levels delegated to lower level approval forums or
individuals.
Key senior management roles with risk management
responsibilities
Chief Executive Officer
The Board delegates responsibility for our business activities and
managing risk on a day-to-day basis
to the CEO. The CEO proposes our strategy and business plan, puts
them into practice and manages the risks involved. The CEO also has
to ensure that we have a suitable system of controls to manage
risks and report to the Board on it.
Chief Risk Officer
As the leader of the Risk Division, the CRO oversees and challenges
risk activities, and ensures new lending decisions are made within
our Risk Appetite. The CRO is accountable for the control and
oversight of credit, market, liquidity, capital, pension,
strategic, operational and model risk.
Chief Legal and Regulatory Officer
The CLRO is accountable for the control and oversight of legal,
conduct and regulatory, reputational and financial crime risk, and
is responsible for reporting on these risks to the CRO to provide
them with a holistic enterprise wide view of all risks.
Chief Financial Officer
The CFO is responsible for the development of strategy, leadership
and management of the CFO Division. In supporting Santander
UK’s corporate goals within the constraints of risk appetite,
the CFO is responsible for the management of interest rate,
liquidity, pension and capital risks.
Chief Internal Auditor
The Chief Internal Auditor (CIA) designs and uses an audit system
that identifies key risks and evaluates controls. The CIA also
develops an audit plan to assess existing risks that involve
producing audit, assurance and monitoring reports.
Money Laundering Reporting Officer
The Money Laundering Reporting Officer (MLRO) is responsible to the
CLRO for control and oversight of Financial crime risk but has
regulatory responsibility to report on this risk type to Executive
and Board Committees and the FCA.