|
Risk Pillar 1: Customer and
conduct
We deliver fair customer outcomes
and meet the expectations of our regulators.
|
|
|
Principal risk
|
|
P1. Customer
The risk of poor customer outcomes
due to poor design, distribution and execution of products and
services or poor governance and processes.
|
Key
considerations
Our target customer cohorts require
robust practices to support responsible lending for borrowers under
financial pressure and provide appropriate solutions to meet our
customers' needs. We continually seek improvement to our product
governance processes and customer outcome monitoring activity
across the First and Second Lines of Defence, and proactively
provide compliance advice and guidance on key matters.
We continue to see a high volume of
complaints driven by Claims Management Companies (CMCs), with one
such CMC accounting for 80% of the volume. CMCs are regulated by
the Solicitors Regulation Authority and therefore do not follow FCA
guidelines. Due to this, we are witnessing poor practices, such as
lack of customer due diligence on their part, and the level of
upheld complaints has been consistently low for both the Group and
the Financial Ombudsman Service (FOS).
Mitigating actions
- Customer, Culture
and Ethics Committee oversaw the development, embedding and
monitoring of the Group's customer objectives.
- The
Group successfully delivered the requirements to meet the FCA's
Consumer Duty regulations in July 2023.
- Board-approved
conduct risk framework and supporting metrics are embedded across
the Group to ensure delivery of good customer outcomes across all
high-risk interactions, such as lending, forbearance, vulnerability
and complaints.
- A rigorous customer
outcomes assurance activity programme is in place.
- A complaints
methodology and forum have been established to identify and learn
from complaints trends and FOS referral outcomes.
- In November 2023,
the FCA confirmed receipt of our update on queries relating to
Borrowers in Financial Difficulty (BiFD) action and acknowledged
our ongoing progress to deliver the BiFD action plan.
|
|
P2. Regulatory
The risk that our systems and
controls do not support effective regulatory compliance and we fail
to meet the expectations of our regulators.
|
Key
considerations
As a dual regulated firm, we need to
adapt to the regulatory environment as it continues to develop to
ensure our lending is sustainable, suitable and affordable. The
PRA/FCA published 'The Regulatory Initiatives Grid' in November
2023 and it highlights a number of key initiatives that are being
proposed for 2024/25. The current initiatives do not pose a risk at
this stage to the Group.
The FCA announced in January 2024
that it intends to review how motor finance firms have implemented
a ban, originally introduced back in 2021, on discretionary
(variable) commission levels. The announcement does not impact the
Group directly as we do not pay discretionary commission currently
or historically, only fixed, on our vehicle finance
products.
Mitigating actions
- SMCR
responsibilities are aligned to the RMF and Group Delegated
Authorities Manual (GDAM) providing a complete and clear view of
accountability, risk and control ownership and clarity around
delegations and mandates for approval. Senior management functions
are required to attest to their understanding and agreement of
these.
-
Conduct and regulatory policies and procedures are in place to
ensure the Group has appropriate controls and processes to deliver
fair customer outcomes.
- A compliance monitoring
plan is in place, supported by a robust methodology, to
independently assess the adequacy and effectiveness of the control
frameworks in place to drive fair customer outcomes and regulatory
compliance.
- Strong and proactive
regulatory relationships with regular lines of communication are in
place with both the FCA and PRA, who have been kept abreast of our
strategic initiatives, key risk management activities and responses
to regulatory developments e.g. Consumer Duty implementation and
BiFD action plan.
- Following the PRA's
Periodic Summary Meeting in March 2023, we have successfully
completed all actions due for delivery in 2023, with a small number
to deliver in Q1 2024.
|
|
P3.
Financial crime
The risk that the Group's products
and services are used to facilitate financial crime against the
Group, customers or third parties.
|
Key
considerations
Financial crime includes anti-money
laundering (AML), counter terrorist financing (CTF), financial
sanctions, external and internal fraud and anti-bribery and
corruption (ABC).
On average, we monitor 11 million
transactions and 1.75 million customers each month for signs of
financial crime. The banking industry continues to suffer from
organised crime groups socially coercing individuals into providing
security information, exposing them to fraud. In addition, the
Group's fraud exposure has increased as a result of the Group's
changing risk profile due to an increase in brand prominence, the
launch of digital wallets and higher average credit limits/loan
values offered to customers. Further technology developments are
ongoing in support of our detection and prevention
objectives.
Mitigating actions
- Financial crime
oversight has been consolidated across all products, implementing
consistent risk oversight supported by Group-wide AML, CTF,
sanctions, fraud and bribery policies, overseen by a Group Money
Laundering Reporting Officer (MLRO).
- The Financial Crime
Risk Forum provides oversight and challenge on the Group's
financial crime risk systems and controls. The Group MLRO provides
twice-annual updates to the Risk Committee.
- Industry-standard
prevention and detection systems are in place covering fraudulent
transactions, suspicious activity, customer screening and
application fraud. These are regularly reviewed and refined to
ensure effectiveness.
- A
Group-wide Fraud Strategy and Analytics team is in place within the
First Line of Defence, which focuses on fraud prevention,
consistent and fair customer outcomes and loss
mitigation.
- A
detailed business-wide financial crime risk assessment is in place
to measure financial crime risk consistently and effectively. This
is now being extended to cover the vehicle finance
product.
- Oversight of our outsourced
operations administering our savings products has been enhanced and
the articulation of the financial crime controls. All new products
are subject to a financial crime risk assessment.
|
|
Risk Pillar 2: Financial
We manage our credit risk exposures,
supported by financial strength and liquidity in normal and
stressed conditions.
|
|
|
Principal risk
|
|
|
P4. Capital
The risk that the Group fails to
maintain the minimum regulatory capital requirements, management
buffer on a consolidated basis to cover risk exposures and
withstand a severe stress.
|
Key
considerations
The Group and Bank maintain
sufficient capital resources, both in terms of amount and quality,
to support the business strategy and provide a buffer for stress
events. Throughout the year, the Group and Bank have maintained
capital ratios in excess of regulatory requirements (see capital
risk management section on page 140 for the Group's capital
position). In assessing the adequacy of capital resources, the
Group and Bank consider the material risk to which they are exposed
and the appropriate strategies required to manage those
risks.
The 'Strong and Simple' regulatory
initiative will be monitored for any impacts on the Group's and
Bank's management of capital risk. The PRA is expected to begin
consultation on capital requirements for simpler regime firms in Q2
2024. The implementation of Basel 3.1 is expected to have limited
impact on the capital position.
Mitigating actions
- The
capital framework is reviewed by the Board as part of the annual
Internal Capital Adequacy Assessment Process (ICAAP).
- Capital risk appetite
metrics are monitored by the Board, Risk Committee and Assets and
Liabilities Committee (ALCO).
- Capital is held to
meet Pillar 1 requirements, the most significant elements for the
Group and Bank being credit and operational risks.
- In addition, the PRA
requires firms to hold capital to meet Pillar 2A requirements, as
assessed in the ICAAP. This confirms the amount of capital required
to be held to meet risk partially covered by Pillar 1 and risk not
covered by Pillar 1. The combination of Pillar 1 and Pillar 2A
requirements forms the TCR.
- To protect against
consuming its TCR, firms are also subject to regulatory capital
buffers and the PRA may set an additional firm-specific PRA buffer,
forming the OCR.
- In
March 2023, the Group announced a reduction to its TCR from the PRA
to 11.9% (previously 18.3%). The OCR reduced from 21.8% to 15.4%,
which included the regulatory combined buffer prevailing at the
time of 3.5% but excluded confidential buffers set by the PRA and
additional internal management buffers.
- The
Group's Pillar 3 disclosures for the year ended 31 December 2023
are published separately on the Group's website. Pillar 3
complements Basel's Pillar 1 and 2 framework and seeks to encourage
market discipline by developing a set of disclosure requirements,
which would allow market participants to assess key pieces of
information on a firm's capital, risk exposures, risk management
processes, leverage and remuneration.
|
|
P5. Funding and liquidity
The risk that the Group has
insufficient financial resources to meet its obligations (cash or
collateral requirements) as they fall due, resulting in the failure
to meet regulatory liquidity requirements, or is only able to
secure such resources at excessive cost.
|
Key
considerations
The Group and the Bank maintain
sufficient liquid assets both in terms of amount and quality, to
meet daily cash flow needs and stressed scenarios driven by the
Group's own risk assessment and regulatory requirements. Throughout
the year, the Group and Bank have maintained funding and liquidity
ratios in excess of regulatory requirements. Liquid assets solely
comprise of reserves held with the Bank of England (see liquidity
risk management section on pages 136 to 138). The 'Strong and
Simple' regulatory initiative will be monitored for any impacts on
the Group's and Bank's management of funding and liquidity risk.
Changes announced to date have limited impact on the management of
this risk, which are due to go live throughout H1 2024.
Mitigating actions
- The
funding and liquidity framework is reviewed by the Board as part of
the annual Internal Liquidity Adequacy Assessment Process (ILAAP).
ALCO is responsible for managing the balance sheet structure,
including the funding plan and its risks.
- To
ensure that there is no significant risk that liabilities cannot be
met as they fall due, business cash flows are managed and stress
tested. The Group and Bank maintain liquid asset buffers of at
least 100% of the anticipated outflows seen under internal stress
test scenarios (90-day stress) and the regulatory prescribed
liquidity coverage ratio (30-day stress).
- Funding and
liquidity metrics are monitored through daily liquidity reporting,
reported monthly at ALCO meetings and quarterly to the Risk
Committee and Board.
- Throughout the year,
the Group has moved to a more retail deposit source of funds,
having successfully repaid maturing wholesale funding sources.
Additionally, the Bank has demonstrated that it continues to have
access to the retail deposit market through fixed-rate deposits.
The Group has worked closely with our third-party provider,
Newcastle Strategic Solutions Limited, to make operational
improvements and has broadened the range of retail products it
offers to include 30-day and 90-day notice accounts. The Bank will
continue to ensure it has sufficient and diverse access to retail
deposit markets.
|
|
P6. Market
The risk that the net value of or
net income arising from assets and liabilities are impacted as a
result of changes in market prices or rates, specifically interest
rates, currency rates or equity prices.
|
Key
considerations
The Group and the Bank do not take
significant unmatched positions and do not operate trading books.
Some financial assets and liabilities are linked to an underlying
index, such as Sterling Overnight Index Average (SONIA) or Bank of
England base rate. The principal market risks the Group and Bank
are exposed to are interest rate risk and basis risk (see market
risk management section on pages 138 and 139).
Mitigating actions
- The Group and the
Bank use interest rate sensitivity gap analysis to inform them of
any significant unmatched positions.
- The
increased quality of interest rate risk in the banking book (IRRBB)
management and the capability to transact external and internal
interest rate swaps have significantly enhanced the monitoring and
management of market risk.
- The
market risk position is reported monthly to ALCO and includes risk
appetite metrics set for earnings at risk, market value
sensitivity, economic value of equity and basis risk. This includes
the risk under different interest rate risk scenarios as prescribed
by regulation.
- The
Group and the Bank have limited appetite for market risk, which is
only taken if essential to core business activities.
|
|
P7. Credit
The risk of unexpected credit losses
due to customers failing to meet their contractual
obligations.
|
Key
considerations
The Group is exposed to credit risk
at all stages in the customer lifecycle, which can fluctuate from
the point of application and various stages through the agreement.
Credit risk is impacted by a number of factors outside of the
Group's control, including wider economic conditions.
The Group's credit quality has
progressively and materially improved over the year, partly due to
the strategy enhancements, improvements in credit decisioning and
processes, and targeted credit tightening in response to market and
regulatory changes. As a result, overall average customer quality
has improved and unit delinquency rates are lower than pre-Covid-19
(see credit risk management section on page 136).
Mitigating actions
- Credit risk is managed
within a formal credit risk management framework, consisting of
Board-approved risk appetite, credit policies and RCSA.
- The
Group Credit Committee assists the Chief Risk Officer in execution
of their delegated authorities in overseeing the credit risk
management of our portfolios.
- Main
credit scorecards continue to be redeveloped based on enhanced
modelling approaches and upgraded data sets.
-
Credit and affordability strategies continue to be adjusted
according to the changing market and economic conditions and
tightened where appropriate.
- Portfolio
performance monitoring continues to be enhanced to capture newly
emerging risks.
-
Credit data and management information continue to be augmented by
newly available data sources, including the most up-to-date credit
reference data and open banking insights sourced through
Snoop.
- IFRS 9 models and
impairment provisioning processes have been redeveloped with
enhanced oversight from the Model Governance Committee.
|
|
|
| |
