The enterprise risk discipline synthesises the risks of all risk areas and performs analyses to determine at a strategic level which circumstances and developments may potentially influence Triodos Bank’s risk profile. Triodos Bank manages enterprise risk by means of specific tasks and related activities: performing strategic risk assessments, defining the risk appetite, assessing capital and liquidity requirements, and monitoring the risk profile through periodic enterprise risk management (ERM) reporting.
Risk appetite
Triodos Bank's risk appetite process aligns its risk profile with the willingness to take risk in delivering its business objectives. The Risk Appetite Statement is reviewed yearly and is endorsed by the Supervisory Board based on advice from the Audit and Risk Committee. Triodos Bank's risk appetite and the connection with the strategy and business objectives are illustrated below:

The risk appetite is based on three objectives that match Triodos Bank’s corporate goals and ensure a sustainable banking model. These objectives are: (1) to protect identity and reputation, (2) to maintain sound balance sheet relations, and (3) to realise adequate financial returns.
Triodos Bank uses a defined set of key risk indicators and limits to test the actual risk profile of Triodos Bank against its risk appetite. Triodos Bank strives for an overall modest risk profile. The risk limits, determined at Group level, are cascaded for each business unit. Breaches of risk appetite limits are governed by a specific breach procedure.
Enterprise risk reporting
The principal objective of the ERM report is to set the actual risk profile of Triodos Bank against its risk appetite, to assess if key risk indicators have been breached and to determine what actions may need to be taken. In addition, the ERM report creates a single point of reference for all risk-related profiles and activities within Triodos Bank. The ERM report provides insights into specific risk themes and provides an integrated picture of risk at corporate level. This report is discussed in the Enterprise Risk Committee and the Executive Board, and shared with the Audit and Risk Committee and the Supervisory Board.
Every risk discipline reports on a regular and periodic basis depending on the characteristics of the respective risk types. These risk reports are discussed in corresponding risk committees and measures are taken whenever needed. On a quarterly basis, they are integrated in the ERM report, which provides insights into the aggregated Triodos Bank risk profile in relation to its risk appetite.
Stress testing
Stress testing is part of Triodos Bank’s risk management practice. It is of critical importance, in establishing a well-balanced forward-looking management view, to incorporate adverse developments and circumstances that the bank might be exposed to. Stress testing exercises provide valuable insights into the exposure of the portfolio to risk events. Stress testing for capital and liquidity adequacy at Triodos Bank is conducted at several levels: Group-wide, by at-risk domain and at sector level. Sensitivity tests are also carried out as part of the annual business banking sector analyses.
The firm-wide scenario stress-test analysis process may be broken down into a sequence of phases, which translate defined stress scenarios into risk events and indicators that measure their associated risk levels. After determination of the impact and the aggregation of the results, the outcome is reported and discussed in the Enterprise Risk Committee. Scenarios that are assessed are of a varied nature, including climate stress, macro-economic stress and idiosyncratic stress (e.g. operational and reputational stress).
Recovery
The Recovery Plan specifies measures that allow Triodos Bank to recover from possible severe circumstances. The aim of the Recovery Plan is to be prepared for such events, ready to act if there are any breaches forecasted and to identify and quantify the effectiveness of measures in different stress scenarios.
Strategic risk
Strategic risk may be described as the risk of a lack of achievement of the bank’s overall objectives due to internal and/or external causes. Strategic risk can be broken down into three subcategories:
- Direction risk: the risk that Triodos Bank does not select the optimal strategy given the status of, and outlook on, the external and internal environment.
- Execution risk: the risk that the selected strategy is not implemented and/or executed adequately as per planning, budget or other requirements.
- Modification risk: the risk that the selected strategy becomes obsolete due to changes in the external and/or internal environment.
The external landscape is subject to constant change and related uncertainty. In particular, geopolitical circumstances, the interest rate environment, climate change, energy transition, regulatory requirements and technological progress are examples of relevant developments. Additionally, more sudden and disruptive events may occur, such as the COVID-19 pandemic and the Ukraine crisis. The challenges that arise from these changes continuously influence Triodos Bank. The strategy of Triodos Bank is therefore assessed from a strategic risk perspective to ensure timely adjustment if deemed necessary.
Environmental, social and governance risks
Environmental, social and governance (ESG) risks refer to the non-financial risks, stemming from the current or prospective impacts of ESG factors on the bank’s counterparties, that may negatively affect the bank’s financial performance. The ESG factors are described in the following paragraphs.
Environmental factors
Climate change and environmental degradation are sources of structural change that affect the quality of life and economic activity as well as the financial system. Climate-related and environmental factors can be divided into two distinct categories:
Physical: The physical environmental factors refer to the financial impact of a changing climate, including more frequent extreme weather events and gradual changes in climate and of environmental degradation (e.g. pollution, biodiversity loss and deforestation). The physical driver is categorised as ‘acute’ when it arises from extreme events (e.g. droughts, floods and storms) or ‘chronic’ when it arises from progressive shifts (e.g. sea-level rises and resource scarcity).
Transitional: The transitional factors refer to the possible financial loss that may result, directly or indirectly, from the process of adjustment towards a lower-carbon and more environmentally sustainable economy (e.g. due to a relatively abrupt adoption of climate and environmental policies, technological progress or changes in market sentiment and preferences).
Social factors
Social factors are related to the rights, well-being and interests of people and communities and include factors such as equality, health, inclusiveness, labour relations and workplace health and safety. In general, it concerns the bank’s interaction with its social environment, i.e. the relationships with its broader stakeholder audience: clients, co-workers, regulators and relevant communities/markets in which it operates.
Three main sources from which social factors - and subsequent risks - may originate are distinguished:
• Environment: The continuous deterioration of environmental conditions implies heightened social risks, such as when climate-related physical change or water stress affect (deprived parts of) a geographical area and (already disadvantaged) populations. Environmental degradation can exacerbate migration and social and political unrest in the most affected regions, with potentially more devastating repercussions and contagion across the globe.
• Market and social sentiment: The ongoing evolution of collective value systems brings forth new social frameworks of reference. The social transformation towards a more inclusive, equitable society is an example of such an evolution.
• Policy actions: Policy actions can and have been taken in response to social movements (e.g. demanding equal pay or equal representation, in addition to workforce diversity). Such policy actions may constitute a risk for companies that are not prepared or willing to adapt.
Governance factors
Governance factors cover governance practices, including executive leadership, executive pay, audits, internal controls, board independence, shareholder rights and the ways in which banks include environmental and social factors in their policies and procedures. Note that governance factors in the ESG context do not refer to the regular governance arrangements of the bank, but instead to governance factors that have an impact on or are impacted by the bank’s counterparties or invested assets, including governance arrangements for the environmental and social factors in counterparty policies and procedures. Governance factors may be part of national legislation, such as corporate governance codes, that aim at long-term sustainable value creation (rather than short-term benefits).
Management of ESG risks
Triodos Bank employs strict criteria to ensure the sustainability of products and services. It employs both positive criteria, to ensure it is actively doing good, and negative criteria for exclusion, to ensure it does not do any harm. The negative criteria exclude loans and investments in sectors or activities that are damaging to society and environment. The positive criteria identify leading businesses and encourage their contributions to a sustainable society.
Triodos Bank’s strategy, credit granting process and product approval process are aligned with its sustainable and values-based mission. Triodos Bank assesses the impact, risk and return of its business decisions in line with its mission and Risk Appetite Statement. The Minimum Standards set out the absolute minimum requirements that Triodos Bank applies to its banking and investment activities. In its day-to-day decision-making Triodos Bank is guided by its Business Principles. All sustainability criteria referred to in this section can be found on the bank's website. Lending criteria and minimum standards are available on the website.
Because the sustainable and values-based mission is the starting point of its lending process, Triodos Bank’s exposure to transition risks is considered minimal. Business banking lending is focused on financing enterprises that contribute to a low-carbon future. As a strategic target, Triodos Bank has set itself the objective of reaching a net-zero emission level by 2035, underlining its commitment to contribute to a sustainable future.
As a result of climate change Triodos Bank’s portfolio is exposed to physical climate risks. On an annual basis, Triodos Bank carries out climate-risk stress tests, to assess the potential impact of extreme weather events such as storms, floods and droughts to its asset portfolio. Within the financial planning period a material impact of physical climate risk is considered to be unlikely.
The Executive Board, under the supervision of the Supervisory Board, is accountable for the management of environmental and climate-related risks as well as for setting and overseeing Triodos Bank’s strategy in this respect. The approach to managing environmental and climate-related risks is assigned to the Enterprise Risk Committee. At board level the Chief Risk Officer is primarily responsible for the oversight of environmental and climate-related risks. The Enterprise Risk Management department is responsible for the framework that governs environmental and climate-related risks and ensures alignment with relevant risk policies within the larger risk policy framework.
ESG considerations are shared at all levels of Triodos Bank and are an integral part of its management, including the evaluation of risks. ESG-related aspects are taken into account in all day-to-day business decisions whenever relevant. ESG-related risk factors all have their specific characteristics and are captured in the relevant policies and guidelines. Triodos Bank is currently in the process of combining these different policies and guidelines in one single overarching Group ESG framework to further improve the effectiveness of its risk management.
Reputational risk
Triodos Bank defines reputational risk as the risk arising from negative perception by customers, counterparties, shareholders or regulators, which can adversely affect the bank’s ability to maintain existing, or establish new, (business) relationships and continued access to sources of funding.
As a values-based bank, Triodos Bank’s reputation is vital to its ability to pursue its mission. As such, Triodos Bank’s reputation is managed in a proactive manner, for the most part by ‘doing things right’ and ‘doing right in line with Triodos Bank’s mission’. Generally, proactively managing its reputation implies for Triodos Bank: (1) attracting and retaining qualified employees that have a strong affinity with Triodos Bank’s mission and values; (2) maintaining a sound risk governance structure that enables the correct execution and control of bank-related processes; and (3) actively positioning Triodos Bank’s identity, its positive impact (for the longer term) and connection to society.
Model risk
Model risk refers to the potential for negative consequences arising from the decisions made based on incorrect or misused model outputs and reports. It can result in financial loss, poor decision-making, and damage to the reputation of Triodos Bank.
Triodos Bank develops and uses internal models to quantify the risk for most risk types in the risk taxonomy. The models for credit, market, liquidity and strategic risk are the most widely used to measure the level of risk. Model outputs are used to support day-to-day decision-making and as input in management and regulatory reporting.
New models require approval before being implemented and used. Internal approval for the use (or continued use) of a model is obtained from the Model Approval and Review Committee (MARC). The Group Modelling and Valuation department develops models in close cooperation with the relevant business and risk experts.
Model Risk Management proposes and maintains standards for the model lifecycle and validation, and facilitates model risk identification and measurement and reports on model risk in line with the model risk management framework, which includes model validation standards and procedures. Model data, methodology, performance and implementation are checked according to these standards and reviewed against internal and regulatory requirements.