|Risk Framework
|
Our risk governance structure
We are committed to the highest standards of corporate governance in every part of our business, including risk management. For details of our governance, including the Board and its Committees, see the ‘Governance’ section of this Annual Report. The Board delegates certain responsibilities to Board Level Committees as needed and where appropriate. Our risk governance structure strengthens our ability to identify, assess, manage and report risks, as follows:
–Committees: A number of Board and Executive committees are responsible for specific parts of our Risk Framework
–Key senior management roles: A number of senior roles have specific responsibilities for risk management
–Risk organisational structure: We have the ‘three lines of defence’ model built into the way we run our business.
Committees
The Board and Board Level Committee responsibilities for risk are:
|Board Level Committee
|Main risk responsibilities
|The Board (including the Santander UK plc Board)
–Has overall responsibility for business execution and for managing risk
–Reviews and approves the Risk Framework and Risk Appetite
|Board Risk Committee (BRC)
–Assesses the Risk Framework and recommends it to the Board for approval
–Advises the Board on our overall Risk Appetite, tolerance and strategy
–Oversees our exposure to risk and our strategy and advises the Board on both
–Reviews the effectiveness of our risk management systems and internal controls
–Receives regular updates on financial crime compliance measures and risks including money laundering, bribery and corruption and sanctions compliance and monitors KPIs to measure progress to return to approved Board risk appetite and sustain returns to Board risk appetite
|Board Responsible Banking Committee
–Responsible for culture and operational risk from conduct, compliance, competition & legal matters
–Reviews reports from the CLRO on the adequacy and effectiveness of the compliance function
–Ensures that adequate and effective control processes are in place to identify and manage reputational risks
–Oversees our Corporate Social Responsibility programme and how it impacts on employees, communities, the environment including sustainability and climate change, reputation, brand and market positioning
|Board Audit Committee
–Monitors and reviews the financial statements integrity, and any formal announcements on financial performance
–Reviews the adequacy and effectiveness of the internal financial controls and whistleblowing arrangements
–Monitors and reviews the effectiveness of the internal audit function
–Oversees the independence and performance of our auditors
|Board Remuneration Committee
–Oversees implementation of remuneration policies, ensuring they promote sound and effective risk management
The Executive Level Committee responsibilities for risk are:
|Executive Level Committee
|Main risk responsibilities
|Executive Committee
–Reviews business plans in line with our Risk Framework and Risk Appetite before they are sent to the Board to approve
–Receives updates on key risk issues managed by CEO-level committees and monitors the actions taken
|Senior Management Committee
–Focuses on the responsibilities of the Executive Committee Senior Management Function holders and how they are discharged
–Reviews updates on key risk issues, customer, reputational and conduct matters
|Executive Risk Control Committee (ERCC)
–Reviews Risk Appetite proposals before they are sent to the Board Risk Committee and the Board to approve
–Ensures that we comply with our Risk Framework, Risk Appetite and risk policies
–Reviews and monitors our risk exposures and approves any corrective steps we need to take
|Asset and Liability Committee (ALCO)
–Reviews liquidity risk appetite (LRA) proposals
–Ensures we measure and control structural balance sheet risks, including capital, funding and liquidity, in line with the policies, strategies and plans set by the Board
–Reviews and monitors key asset and liability management activities to ensure we keep our exposures within our Risk Appetite
|Pensions Committee
–Reviews pension risk appetite proposals
–Approves actuarial valuations and reviews the impact they may have on our contributions, capital and funding
–Consults with the pension scheme trustees on the scheme’s investment strategy
|Capital Committee
–Puts in place reporting systems and risk control processes to make sure capital risks are managed within our Risk Framework
–Reviews capital adequacy and capital plans, including the ICAAP, before they are sent to the Board to approve
|Incident Accountability Committee
–Considers, calibrates, challenges and agrees any appropriate individual remuneration adjustments
–Presents recommendations to the Board Remuneration Committee
|Credit Approval Committee
–Approves corporate and wholesale credit transactions which exceed levels delegated to lower level forums or individuals
|Investment Approval Committee
–Approves equity type investment transactions which exceed levels delegated to lower level approval forums or individuals
|Financial Crime Committee
–Ensures due reporting, consideration, oversight and informed decision making regarding compliance by the Company and its subsidiaries with financial crime laws and regulations, and best industry practice aligned to the Company’s stated risk appetite
Key senior management roles
Senior roles with specific responsibilities for risk management are:
Role
Main risk responsibilities
|Chief Executive Officer
|The Board delegates responsibility for our business activities and managing risk on a day-to-day basis to the CEO. The CEO proposes our strategy and business plan, puts them into practice and manages the risks involved. The CEO must also ensure we have a suitable system of controls to manage risks and report to the Board on it.
|Chief Risk Officer (CRO)
|Oversees and challenges risk activities, and ensures lending decisions are made within our Risk Appetite. Accountable for control and oversight of credit, market, liquidity, capital, pension, strategic & business, operational, model risk and risks associated with climate change.
|Chief Legal and Regulatory Officer (CLRO)
|Accountable for the control and oversight of legal, conduct and regulatory, reputational and financial crime risk, and is responsible for reporting on these risks to the CRO, to provide the CRO with a holistic enterprise wide view of all risks.
|Chief Financial Officer
|Responsible for developing strategy, leadership and management of the CFO Division. In supporting our corporate goals within our risk appetite, the CFO is responsible for managing interest rate, liquidity, pension and capital risks. The CFO aims to maximise the return on Regulatory and Economic Capital, ensuring transactions create value with the right risk-based profile.
|Chief Internal Auditor (CIA)
|Designs and uses an audit system that identifies key risks and evaluates controls. The CIA also develops an audit plan to assess existing risks that involve producing audit, assurance and monitoring reports.
|Money Laundering Reporting Officer (MLRO)
|Responsible to the CLRO for control and oversight of financial crime risk but has regulatory responsibility to report on this risk type to Executive and Board Committees and the FCA.