Need help reading this page? Click to activate Recite Me popup.

Risk management

Risk management is integral to our business model and strategy, taking advantage of appropriate opportunities and ensuring sustainable growth for the Group. A strong risk management culture is crucial to keep the Group, our colleagues and our customers safe and secure from existing and emerging risks.

Our enterprise risk management framework
 

The enterprise risk management framework (ERMF) is the foundation for the delivery of effective and consistent risk control across the whole Group, and is regularly updated to ensure it remains in line with regulatory expectations, corporate governance and industry good practice. The ERMF enables proactive identification, active management and monitoring of the Group’s risks, and enables a consistent approach across the Group’s entities and sub-groups. 

The ERMF is regularly updated to ensure it remains in line with regulation, law, corporate governance and industry good practice.

Role of the Board and senior management

The Board and senior management are responsible for the approval of the ERMF, together with Group-wide principles and policies

The Board delegates executive authorities to ensure there is effective oversight of risk management

Risk culture and the customer

The Group’s Code of Ethics and Responsibility helps foster the appropriate culture, which ensures performance, risk and reward are aligned and good customer outcomes are consistently delivered.

Risk appetite

Risk appetite is approved by the Board annually and is defined as the type and aggregate level of risk that the Group is willing to take or accept in pursuit of its strategic aims and business plans

Board-level risk appetite metrics are augmented further by lower-level measures to facilitate the management of Board risk appetite

Risk and control self assessment

The Group adopts a continuous risk management approach from identifying the risks through risk and control self-assessment, and managing the risks through to producing appropriate, accurate and focused risk reporting

Risk governance

The governance framework supports a consistent approach to enterprise-wide behaviour and decision making.

Senior executives are supported by a committee-based structure, which is designed to ensure open challenge and enable effective Board engagement and decision making.

Three lines of defence

The three lines of defence model defines the responsibilities and accountabilities for risk management, with effective independent oversight and assurance enhancements have been made to the model during 2024.

Risk profile and performance

The Group is committed to maintaining support for its customers during continued economic uncertainties in both global and domestic markets.

The Group’s credit performance improved in the year. The Group’s loan portfolio continues to be well positioned and is closely monitored to identify signs of stress. 

Potential impacts to customers, shareholders and the Group’s risk and control profile following the Court of Appeal decision on motor finance commissions continue to be closely monitored and assessed.

As part of the Group’s strategy, there will be continued investment in technology and infrastructure. The Group’s operational risks continue to be a key area of focus, particularly relating to cyber risk and supply chain management.

The management of financial crime risks and consumer fraud remains a key priority for the Group. The economic crime prevention strategy has been reviewed, with funding allocated to deliver improved systems and controls.

Model risk and the use of artificial intelligence are also areas of significant internal and external focus.

Download the 2024 annual report and accounts to see our principal risks and emerging and topical risks.

2024 annual report