Four distinct risk management processes are used by the Bank for the management of strategic, financial, reputational and operational risk:
The strategic risk management process is integrated into the strategic planning process of the Bank, during which process risks at a strategic level are identified and assessed.
Financial risk is managed by the Financial Markets Department. Specialised financial risk management systems and procedures, based on best practice standards, are in place to manage financial risks pertaining to domestic and foreign-exchange market operations.
Reputational risk is managed by the executive management and heads of department of the Bank, while the Head of Strategy and Communications has a specific responsibility in this regard from a communication perspective.
Operational risk emanating from all the operational activities of the Bank is managed by the heads of department and their management teams. Specialised types of operational risk or operational risks with a Bank-wide impact are managed by specific structures or committees established for that purpose. These types of operational risk include business continuity risk, information security risk, and occupational health, safety and environmental risk.