Annual report 2009 - Dexia.com

More documents

Recommendations

Info

Risk managementManagement reportConsolidatedfinancial statementsAnnual financial statementsAdditional informationOperational riskDefinitionDexia defines operational risk as follows: operational risk isthe risk of financial or non-financial impact resulting frominadequate or failed internal processes, people and systems,or from external events. The definition includes IT, legal andcompliance risk but excludes strategic risk.Dexia’s definition of operational risk is based on, but notrestricted to, the one used by the Basel Committee, whichfocuses on losses (negative financial impacts). Dexia’s policyalso requires the collection of events which lead to financialgains.GovernanceThe Operational Risk Management framework relies on stronggovernance with clearly defined roles and responsibilities.The Management Board, organised on a weekly basis, regularlyreviews the evolution of the risk profile of the differentGroup activities and takes the required decisions.The Risk Policy Committee, a strategic committee with representativesof the Management Board, approves Group-widepolicies. This committee is organised on a quarterly basis.The Operational Risk Guidelines Committee, chaired quarterlyby the Group Chief Risk Officer, details the approved policiesin guidelines adapted to business activities, and transversallyreviews the operational risk events and related analysis.The Operational Risk Management Committee, chairedmonthly by the Head of Group Operational Risk, ensuresthe development of a consistent Group-wide operational riskframework integrating Business Continuity and Crisis Management,Information Security and Insurance.The Line Management function is primarily responsible foroperational risk management. For their activity field theyappoint Operational Risk Correspondents whose role is tocoordinate the collection of risk event data and the Risk andControl Self-Assessment, with the support of the local OperationalRisk Management function.Management of the riskThe operational risk framework relies on the followingelements:Operational risk event data collectionThe systematic capture and monitoring of risk events is oneof the most important requirements stated by the Basel Committee,whatever the approach chosen for the capital calculation(Standardised or Advanced Measurement Approach):“Data on a bank’s historical loss experience could providemeaningful information for assessing the bank’s exposure tooperational risk and developing a policy to mitigate/controlthe risk”.As a consequence, the continuous collection of risk eventdata enables Dexia both to be compliant with regulatoryrequirements, and to obtain very valuable informationin order to improve the quality of the internal control system.Strict guidelines have been defined and deployed atGroup level in terms of reporting, in order to ensure thatthe most important information is escalated in due time toSenior Management (in particular, the compulsory declarationthreshold has been set at EUR 2,500). The most significantevents including a risk mitigation action plan defined by theLine Management are reported to the Management Board bythe Operational Risk function.Over the last 3 years, the split of the total amount of lossesamong standard event types is the following:InternalfraudExternalfraudBusiness Disruptionand System Failures11%19%1%12%Clients,Products &Business Practices54%~0%3%Damage toPhysical AssetsEmploymentPractices andWorkplaceSafetyExecution,Delivery &ProcessManagementThe largest proportion of the losses is due to Execution,Delivery & Process Management events, which also representthe majority of all events, present in all businesses and supportfunctions. These events and the related action plans arereviewed on a quarterly basis with the key stakeholders (inparticular the Operations & IT line).The proportion of frauds increased in 2009 in the retail bankingactivities. Global mitigating plans have been approved bythe Management Board, so that existing processes can beadapted to all threats.Other categories remain limited in number and amount.Major events when they occur are of course subject tothe definition of corrective actions approved by the SeniorManagement.64Dexia Annual report 2009
Risk managementRisk and control self-assessmentIn addition to building a history of losses, it is also necessaryto determine the exposure of Dexia to main risks through riskmapping of all significant activities. This objective is achievedon the basis of bottom-up Risk and Control Self-Assessmentexercises, carried out in all entities of the Dexia Group. Theseexercises focus on the identification and assessment of themain risks and controls, and can lead to the definition ofmitigating actions. They provide a good view of the mostimportant risk areas in the different entities and activities,with the objective of reporting the results to Managementacross the organisation.These Risk and Control Self-Assessments are updated on aregular basis.Information security and business continuitymanagementThe Information Security Policy and the related InformationSecurity Guidelines, Standards and Practices aim to securethe Dexia information assets.Security programmes and well-defined responsibilitiesensure that all business activities are organised in a secureenvironment.As required by the Group Business Continuity Policy, businesslines are required to make business impact analyses of criticalbusiness activities, define and document recovery plans, andensure that business continuity plans are tested and updatedat least once a year. On the basis of regular reporting, theManagement Board validates recovery strategies, residualrisks, and action plans for continuous improvement.Management of insurance policiesMitigation of the operational risks to which Dexia is exposedis also ensured through the purchase of group insurancepolicies, principally covering professional liability, fraud andtheft, and business interruption. On the basis of the groupinsurance policy, the objective is also to develop insuranceguidelines regarding the different risks within the Group,for application at Group level, and at entity level, and centrallyto manage the negotiations with brokers and insurancecompanies.Definition and follow-up of action plansLine Management defines corrective actions related to majorevents or to key risks identified. A regular follow-up and aquarterly reporting for all activities have been set up by OperationalRisk Management.By virtue of this process, the internal control system is continuouslyimproved and the main risks appropriately mitigatedover time.Increased coordination with other functionsinvolved in the internal control systemA new software tool was developed in 2009 aimed at coveringmost of the building blocks of the Operational Risk Managementframework, and also offering some key functionsfor other central functions such as Internal Audit, Compliance,Permanent Control or Quality Control. The implementationof this software solution at the beginning of 2010 willallow the use of common language and systems of referenceamong these functions, as well as the production ofconsolidated information for Line Management, especiallyregarding any kind of action plans or recommendation to befollowed up over time.Calculation of regulatory capitalrequirementsDexia has decided to apply the Basel II Standardised Approachfor the calculation of the capital requirement for operationalrisk management.This approach mainly consists of applying a percentage(called “Beta” factor, in a range between 12% and 18%) toa relevant indicator calculated for each of the eight businesslines defined by the Basel Committee (Corporate Finance,Commercial Banking, Retail Banking, Trading and Sales, AssetManagement, Agency Services, Retail Brokerage, Paymentand Settlement).The relevant indicator is principally made of the operatingincome of the underlying activities (i.e. mainly excluding thenon-recurring items and the impact of the financial crisis)which comprises net interest and net commission income.Income from insurance activities is not taken into consideration,as they are not subject to Basel II regulation.The sum of capital requirements for each business line is usedto calculate the total capital requirement of the operationalrisk, as an average over the last three years. The calculationis updated on a yearly basis, for the regulatory reporting asat 31 December each year.The capital requirement for the last calculation periods is thefollowing:Capital requirements(in millions of EUR)2008 2009821.5 833.5An increase of the capital requirements of 1.5% can beobserved between 2008 and 2009. This is linked to the factthat the 2006 gross income is replaced in the calculation bythe 2009 gross income, which is slightly higher, as the developmentof DenizBank activities more than offset the reductionin other businesses.Management reportConsolidatedfinancial statementsAnnual financial statementsAdditional informationAnnual report 2009 Dexia 65
Page 1 and 2:
9Annual report 2009
Page 3 and 4:
9Annual report 2009Management repor
Page 5 and 6:
9Management report
Page 7 and 8:
Group profi leSIMPLIFIED GROUP STRU
Page 9 and 10:
Group profi leQUALITY OF RISKS Dexi
Page 11 and 12:
In accordance with the agreement wi
Page 13 and 14:
2009 and early 2010 highlightsExit
Page 15 and 16: 2009 and early 2010 highlightsCreat
Page 17 and 18: Corporate governanceIntroduction: t
Page 19 and 20: Corporate governanceThe European Ad
Page 21 and 22: Corporate governanceNAMEPIERREMARIA
Page 23 and 24: Corporate governanceNAMEROBERTDE ME
Page 25 and 26: Corporate governanceNAMESPECIALISTC
Page 27 and 28: Corporate governanceNAMEKOEN VAN LO
Page 29 and 30: Corporate governanceNew directors a
Page 31 and 32: Corporate governanceConsidering tho
Page 33 and 34: Corporate governancemade and the fi
Page 35 and 36: Corporate governanceDIRECTORS’ AN
Page 37 and 38: Corporate governanceOperation and a
Page 39 and 40: Corporate governanceThe Appointment
Page 41 and 42: Corporate governanceResponsibilitie
Page 43 and 44: Corporate governanceVariable compen
Page 45 and 46: Corporate governancetional entities
Page 47 and 48: Corporate governance• It identifi
Page 49 and 50: Shareholder informationStock market
Page 51 and 52: Shareholder informationPRINCIPAL DE
Page 53 and 54: Human resourcesAGE PYRAMID> 5955-59
Page 55 and 56: Sustainable developmentThe 2009 Dex
Page 57 and 58: Risk managementIntroductionIn 2009,
Page 59 and 60: Risk managementThe Rating Committee
Page 61 and 62: Risk managementAsset qualityBy the
Page 63 and 64: Risk managementBond portfolioDexia
Page 65: Risk managementThis good performanc
Page 69 and 70: Risk managementECONOMIC CAPITALBY T
Page 71 and 72: Financial resultsPreliminary notes
Page 73 and 74: Financial resultsSolvency31/12/08 3
Page 75 and 76: Financial resultsAssetsLoans and ad
Page 77 and 78: Activity and results of the busines
Page 89 and 90: General information3. Overview of t
Page 91 and 92: General informationAll the above-me
Page 93 and 94: General information4.5. Dexia banka
Page 95 and 96: General information6.3. Notificatio
Page 98 and 99: Consolidated balance sheet ........
Page 100 and 101: Consolidated balance sheetManagemen
Page 102 and 103: Consolidated statementof incomeMana
Page 104 and 105: Management reportConsolidatedfinanc
Page 106 and 107: Consolidated statementof comprehens
Page 108 and 109: Notes to the consolidated financial
Page 110 and 111: Notes to the consolidated fi nancia
Page 116 and 117:
Notes to the consolidated fi nancia
Page 118 and 119:
Page 120 and 121:
Page 122 and 123:
Page 124 and 125:
Page 126 and 127:
Page 128 and 129:
Page 130 and 131:
Page 132 and 133:
Page 134 and 135:
Page 136 and 137:
Page 138 and 139:
Page 140 and 141:
Page 142 and 143:
Page 144 and 145:
Page 146 and 147:
Page 148 and 149:
Page 150 and 151:
Page 152 and 153:
Page 154 and 155:
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 168 and 169:
Page 170 and 171:
Page 172 and 173:
Page 174 and 175:
Page 176 and 177:
Page 178 and 179:
Page 180 and 181:
Page 182 and 183:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214:
Statutory Auditor’s reportManagem
Page 217 and 218:
9Annual financial statementsFINANCI
Page 219 and 220:
SHAREHOLDERS’ EQUITY AND LIABILIT
Page 221 and 222:
Notes to the annualfinancial statem
Page 223 and 224:
Notes to the annual fi nancial stat
Page 225 and 226:
Page 227 and 228:
Page 229 and 230:
Page 231 and 232:
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Statutory Auditor’s report• Wit
Page 247 and 248:
Additional informationGeneral dataN
Page 249 and 250:
Additional informationDexia FP Hold
Page 251 and 252:
Dexia’s annual report 2009 has be
show all

Annual report 2009 - Dexia.com

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?