The Enterprise Risk discipline synthesises the risks of all risk areas and performs analyses to determine at a strategic level which larger trends can potentially influence Triodos Bank’s risk profile. Triodos Bank manages Enterprise Risk by means of specific tasks and related activities: performing strategic risk assessments, defining the risk appetite, assessing capital and liquidity requirements, and monitoring the risk profile through periodic enterprise risk management reporting.

Risk appetite

A risk appetite process is implemented across Triodos Bank to align its risk profile with the willingness to take risk in delivering its business objectives. The Risk Appetite Statement is reviewed yearly and is endorsed by the Supervisory Board upon advice by the Audit and Risk Committee. The general concept of risk appetite and the link to the Strategy and Business objectives is illustrated below:

The risk appetite is based on three objectives that fit with Triodos Bank’s corporate goals and guarantee a sustainable banking model. These objectives are to: (1) protect identity and reputation, (2) maintain sound balance sheet relations and (3) ensure stable profits.

Triodos Bank uses a set of indicators and limits to measure and assess the level of risk appetite and risk profile of the organisation. The risk limits, determined at group level, are translated into a localised limit structure for each business unit.

Reputational risk

Triodos Bank defines Reputational Risk as the risk arising from negative perception by customers, counterparties, shareholders or regulators, which can adversely affect the bank’s ability to maintain existing, or establish new, (business) relationships and continued access to sources of funding.

Being a mission-driven bank, Triodos Bank’s reputation is vital to its ability to pursue its mission. As such, Triodos Bank’s reputation is managed in a proactive manner, for the most part by ‘doing things right’ and ‘doing right in line with Triodos Bank’s mission’. Generally, proactively managing its reputation implies for Triodos Bank (i) to attract and retain qualified employees with a strong affinity with Triodos Bank’s mission and values; (ii) to maintain a sound risk governance structure, enabling the execution and control of the bank-related processes correctly; and (iii) to actively position Triodos Bank’s identity, its positive impact (for the longer term) and connection to society.

Enterprise risk reporting

The principal objective of the Enterprise Risk Management (ERM) report is to set the actual risk profile of Triodos Bank against its risk appetite, assess if key risk indicators have been breached and what actions may need to be taken. In addition, the ERM report creates a single point of reference for all risk related profiles and activities within Triodos Bank. The ERM report provides insights into specific risk themes and provides an integrated picture of risk at corporate level. This report is discussed in the Enterprise Risk Committee and shared with the Audit and Risk Committee and Supervisory Board.

Every risk discipline reports on a monthly basis or on a quarterly basis. These reports are discussed in corresponding committees and measures are taken whenever needed. On a quarterly basis, they are integrated in the ERM Report which provides insights into the Triodos Bank risk profile in relation to its risk appetite.

Strategic risk

Strategic Risks relate to inadequate initial strategy selection, execution or modification over time and may impact the realization of the organisation’s purpose. Therefore, Strategic Risk Assessments (SRA) are performed at Executive Board level for Triodos Bank as a whole and at business unit level for each business unit. The SRA contains an assessment of the strategic risk exposures that can ultimately affect shareholder value or the viability of the organization.

The external landscape changes, in particular the low interest rate environment, climate change, energy transition, regulatory requirements, the European political landscape and technological developments. Next to these areas more sudden and disruptive events may occur such as the COVID-19 pandemic. The challenges that arise from these changes will continuously influence Triodos Bank.

Triodos Bank considers its banking model to have a moderate risk profile. While on the one hand the bank's mission is to support the real economy and society with basic and straightforward banking products, the risk appetite reflects the recognition that the relatively fast-changing external environment requires us to adapt.

Strategic risks need to be carefully managed to realise integrated financial and mission-driven objectives. Sensitivities both at group and local level feed into scenarios, that are used to test Triodos Bank’s capital, liquidity, profitability and operational stability during the year. Triodos Bank has identified the following strategic risks to be taken into account at group level:
• Economic risk: downturn as a result of the COVID-19 pandemic, increasing volatility as a result of political uncertainty, decreasing business confidence which leads to lower investment levels, intervention of central banks to stimulate economic growth which may continue longer than expected with lower interest rates as a result;
• Climate risk: likelihoods associated with and responses to the impacts of climate change on the bank's assets and on the bank itself as well as on how societal constraints shape adaptation options;
• Political and social risk: political uncertainty in the countries we operate in and at EU level and public discontent which leads to more volatility;
• Technological risk: FinTechs create new fields of competition and raise customer expectations which challenge our relationship approach. Increasing cybercrime will force the organisation to spend more effort and investments on safeguarding systems;
• Legal risk: regulations like BRRD and CRR/CRD are still under development and can result in requirements that influence Triodos Bank’s business model.

The Corona crisis has greatly affected the bank in many ways as well as the market environment it operates in. The bank is gradually adapting to new circumstances and establishing a workable ‘new normal’. Developments are however surrounded by many uncertainties. Mitigating strategies are discussed and tailored to fit the situation at hand. In addition, the low interest rate environment and increasing regulatory requirements continue to affect the bank. The first has led to a decreased margin and consequently lower profitability than foreseen. The second one has led to the need for additional co-workers, system adaptation and processes in order to implement new regulatory requirements.

Climate risk contains two important elements:
• the risk that is related to the transition of “old” sources of energy to sustainable sources (transition risk), which can result in so called stranded assets. As an example: power plants using coal must be closed earlier than the precalculated end date,
• the risk that is related to the changes of the climate itself causing physical damage (physical risk). E.g. extreme weather conditions and the rise of sea level.

Given that sustainability considerations are a starting point within our lending processes, transition risks are minimal in our loan portfolio. Our lending is already contributing to a low-carbon future.

Regarding physical risk, the changes in climate leading to storms, floods and droughts may have an impact on our assets. We have not identified assets we consider to be especially vulnerable to these physical risks. In the longer term, impact on weather conditions (such as wind and solar resources) may affect renewable energy generation. However, there are no reliable predictions for this happening, and it is unlikely to affect our portfolio assets within the duration of our current portfolio.

Nevertheless, Triodos Bank carries out annual stress tests which take extreme but plausible situations into account. As part of determining the scenarios, Triodos evaluates whether extreme weather situations could impact the bank’s resilience with a time horizon of three years.

Currently, we find that it is very unlikely to have material impact on this time horizon.

Finally, we are of the opinion that, since these risks certainly are capable of severely affecting society as a whole, on the longer term we must as a society and sector drastically decrease and minimise the financing of unsustainable assets.

Stress testing

Stress testing is part of Triodos Bank’s risk management. It is of critical importance in establishing a well-balanced forward-looking management view to incorporate adverse developments and circumstances that the bank might be exposed to. Stress testing exercises also provide valuable insights in the exposure of the portfolio towards risk events. Stress testing for capital at Triodos Bank is conducted at several levels: group-wide, at risk domain and at sector level. In addition, sensitivity tests are also carried out as part of the annual business banking sector analyses.

The process of firm-wide scenario stress test analysis may be broken down into a sequence of phases, where the defined stress scenarios are translated into risk events and indicators to measure the risk levels. After determination of the impact and the aggregation of the results, the outcome is reported and discussed. Scenarios that are assessed are of a varied nature, including macro-economic stress and idiosyncratic stress (e.g. operational and reputational stress).

Given the selected scenarios, Triodos Bank is sensitive to a long lasting, low interest environment scenario. It shows that profitability would be under pressure in the coming years. This risk will be mitigated by a focus on cost efficiency, pricing and by diversification of income. Finally, Triodos Bank is sensitive to scenarios relating to reputational risk. To prevent such an event, it is essential to communicate clearly about the mission and to act accordingly.

Recovery

The Recovery Plan specifies measures Triodos Bank can take in order to survive a severe crisis. The aim of a recovery plan is to be prepared for a crisis and therefore to lower the probability of the organisation defaulting. It also aims to identify and quantify the effectiveness of measures in different scenarios.