RISK AND OPPORTUNITY REPORT
Risk report
Risk management system
MLP considers risk management to be the use of a comprehensive array of instruments for managing risks in line with the strategy set out by the Executive Board and the risk-bearing ability process. Because of the potential growth and extra earnings they can offer, risks should be addressed and taken in a conscious and controlled manner within the scope of internal control/monitoring procedures.
The operational and organisational structure and the risk management and controlling processes, as well as the special Risk Controlling, Compliance and Internal Audit functions, represent key components of the Group-wide risk management system.
Group-wide risk management
MLP SE, Wiesloch; MLP Banking AG, Wiesloch; MLP Finanzberatung SE, Wiesloch; MLPdialog GmbH, Wiesloch; FERI AG, Bad Homburg v. d. Höhe; FERI Trust GmbH, Bad Homburg v. d. Höhe; FEREAL AG, Bad Homburg v. d. Höhe; FERI Trust (Luxembourg) S.A., Luxembourg; as well as DOMCURA AG, Kiel; NORDVERS GmbH, Kiel; and nordias GmbH Versicherungsmakler, Kiel are included in the Group-wide risk management (scope of consolidation pursuant to § 25a of the German Banking Act (KWG) – Germany's "MaRisk consolidation scope").
Scopes of consolidation – difference between the IFRS and MaRisk scope of consolidation
| Segment | Company | IFRS scope of consolidation | MaRisk scope of consolidation (§25a German Banking Act, KWG) | |
| Holding | MLP SE | X | X | |
| Banking | MLP Banking AG | X | X | |
| Financial consulting | MLP Finanzberatung SE | X | X | |
| TPC GmbH | X | |||
| ZSH GmbH | X | |||
| MLPdialog GmbH | X | X | ||
| MLP Hyp GmbH * | X | |||
| FERI | FERI AG | X | X | |
| FERI Trust GmbH | X | X | ||
| FEREAL AG | X | X | ||
| FERI Trust (Luxembourg) S.A. | X | X | ||
| DOMCURA | DOMCURA AG | X | X | |
| NORDVERS GmbH | X | X | ||
| Nordias GmbH Versicherungsmakler | X | X | ||
| Willy F. O. Köster GmbH | X | |||
| Siebert GmbH Versicherungsmakler | X | |||
Within the meaning of § 25a (3) of the German Banking Act (KWG) and in conjunction with Section 4.5 of Germany's Minimum Requirements for Risk Management (MaRisk), the Executive Board of MLP Banking AG, which as per Article 11 of the Capital Requirements Regulation (CRR) is the controlling body of the MLP Financial Holding Group (MLP FHG) as the depository institution, ensured appropriate control and monitoring of the significant risks at Group level through suitable processes. This approach encompasses in particular
- defining Group-wide strategies
- securing the Group's risk-bearing ability
- establishing structural and organisational regulations for the Group
- implementing Group-wide risk management and controlling processes
- setting up an Internal Audit department that will operate throughout the Group.
In the context of the strategy process and the risk inventory, MLP Banking AG, acting as a controlling company of the Financial Holding Group, obtains an overview of Group risks on a regular and ad hoc basis. Based on the risks identified in the individual companies and their relative weighting, the "MaRisk scope of consolidation" is formed, which defines the scope of the Group-wide risk management system. In principle all risks identified as significant within the Group by the controlling company are taken into account. Group-wide regulations and policies for establishing Group-wide risk management at the MLP Financial Holding Group are defined taking into account the type, scope, complexity and risk content and the different application options provided by company law on an individual basis.
Risk policies
The Executive Board of the controlling company defines the business strategy and a consistent risk strategy for the MLP Financial Holding Group. Group-wide risk propensity is derived from the risk strategy, taking risk-bearing ability into account. On this basis framework conditions for risk management in the MLP Financial Holding Group are then defined. The readiness to take risks is regularly checked and adjusted as necessary.
The following basic principles are consistent with the business strategy and describe the central framework conditions for risk management at the MLP Financial Holding Group:
The Executive Board is responsible for the proper organisation of the business and its further development:
This responsibility includes defining appropriate strategies and setting up appropriate internal control procedures in particular, thereby assuming responsibility for all significant elements of risk management. The task of defining the business and risk strategy cannot be delegated. It is the responsibility of the Executive Board to implement strategies, assess the risks associated with them and also put in place and monitor measures to ensure that these risks are limited. These also include the development, promotion and integration of an appropriate risk culture.
The Executive Board bears responsibility for the risk strategy:
The Executive Board of the controlling company defines the risk strategy for the MLP Financial Holding Group, including the significant elements and assumptions on risk-bearing ability. The risk strategy reflects risk propensity or risk tolerance based on the targeted risk/earnings ratio. The Executive Board ensures that a comprehensive approach, incorporating all key risk types, is incorporated in the companies and that suitable steps are taken to implement the risk strategy.
MLP promotes a strong awareness of risks and a pronounced risk culture:
An appropriate risk culture is critical for effective risk management. MLP sees its risk culture as the way in which employees handle risks within the performance of their duties. The objective of our risk culture is to promote the identification and conscious handling of risks, while ensuring that decision-making processes lead to results that are also balanced in terms of risk criteria. Our risk culture is characterised by the clear commitment of the Executive Board to risk-appropriate conduct, strict observance by all employees of the risk appetite communicated by the Executive Board, and the facilitation and promotion of transparent and open dialogue on risk-relevant questions within the Group. A strong awareness of risks across all divisions that goes beyond each employee's own area of responsibility and a corresponding risk culture are encouraged through appropriate organisational and incentive structures. The appropriateness of the risk management and controlling system is continuously monitored, and any adjustments that become necessary are implemented as quickly as possible. Appropriate quality standards are established and subjected to continuous checks.
MLP pursues a strategy of comprehensive risk communication and risk reporting:
Detected risks are reported to the responsible management levels openly and without restriction. The Executive Board is informed in a comprehensive and timely manner (ad hoc if necessary) of the risk profile of the relevant risks, and profit and losses at the MLP Financial Holding Group. The Supervisory Board receives the information required to meet its legal obligations. Internal risk communication and risk reporting is supplemented by comprehensive external publications that cater to the interests of MLP SE shareholders and the capital market and also comply with supervisory requirements.
Objective
Entrepreneurial activity invariably involves taking risks. For the MLP Financial Holding Group, “risk” means the danger of possible losses or lost profits. This danger can be attributable to internal or external factors. Since it will not be possible to eliminate all risks, a risk that is commensurate with the expected return must be targeted. The aim is to identify risks as early as possible in order to react to them quickly and appropriately.
Appropriate identification, assessment, control, monitoring and communication of the key risks is guaranteed with the help of and on the basis of Group-wide risk management at MLP. Risk management is a key component of the value-driven management and planning system in the MLP Financial Holding Group. Moreover the Group's risk culture is continuously consolidated, and efforts are made to communicate information relevant to risk across all business segments.
Risk capital management, liquidity management and stress tests
Risk capital management – risk-bearing ability
Risk capital management is an integral part of the Group management system in the MLP Financial Holding Group. Active control to provide sufficient financial capital, in compliance with supervisory requirements, ensures that risk-taking is always in line with capital backing.
Risks are only accepted within limits derived from aspects of the risk-bearing ability to achieve adequate returns, taking into account risk/earning factors. In particular this prevents risks that could threaten the continuity of the business model.
The Executive Board defines the risk capital based on business policy targets and controls the risk profile in an appropriate ratio to the risk coverage fund. The focus is on key risks for the MLP Financial Holding Group, which are identified at least once a year within the scope of a risk inventory (risk profile) conducted throughout the Group. The Group-wide risk profile represents the basis for both risk capital management and the risk management and controlling processes. With reference to the minimum requirements of risk management systems (MaRisk), we take into account the proportionality principle with regard to the implementation of § 25a of the German Banking Act (KWG).
The key risk types of counterparty default, market price, liquidity and operational risks are in particular quantified within the scope of the Group’s risk-bearing ability. General business and reputation risks (other risks) also represent significant risk types, although they are currently not quantified. Amongst other things, these are taken into account in calculating risk-bearing ability in the form of additional buffers.
In addition to managing financial risk capital, the minimum regulatory capital adequacy requirements (as per the Capital Requirements Regulation (CRR)) represent supplementary conditions which must be strictly adhered to.
Pursuant to the minimum risk management requirements of the German Federal Financial Supervisory Authority ("MaRisk"), we primarily pursue the objective of safeguarding the continued existence of the MLP Financial Holding Group in the normal scenario (going-concern approach) in our internal process for securing our Risk-bearing ability. In addition the protection of the providers of debt capital and its owners is examined from an economic perspective within the scope of the liquidation approach. Among other things this is applied in the form of stress scenarios.
Furthermore MLP has implemented a process for planning future capital requirements. This instrument supports MLP in identifying and planning future capital requirements, as well as in implementing suitable measures to cover them. Unlike the one-year review period of the risk-bearing capacity concept, this is based on a multi-year time frame. This component, which stretches further into the future, is intended to supplement the risk-bearing capacity concept in a sensible way to ensure the early identification of any necessary capital increases.
At 41.0%, the Banking segment accounts for the largest portion of the risk coverage fund in the MLP Financial Holding Group. This is because of the risk inherent to the banking business.
Liquidity capacity
Securing appropriate liquidity capacity is based on the idea of establishing an appropriate risk-return structure, while at the same time ensuring the solvency of the companies in the MLP FHG at all times. The concept of and compliance with the liquidity capacity is also derived from Pillar 2 of the Basel Accord.
Stress tests
Stress tests are conducted on a regular and ad hoc basis for the special analysis of the effects of unusual yet still plausible events. Comprehensive analyses have therefore been implemented, both at the level of the individual risk types and across all risk types. The effects of potential risk concentration are also taken into account.
When conducting the standardised stress tests, the key risk drivers are scaled in such a way that they reflect disproportionately negative economic situations. The stress tests implemented can then be used to check whether the MLP Financial Holding Group’s risk-bearing ability can still be secured even in unfavourable economic framework conditions. The market-value effects on the financial situation, the liquidity situation and the results of operations are also investigated in this connection.
Organisation
The Executive Board is responsible for establishing an appropriate and effective risk management system in the MLP Financial Holding Group. Set against this background, operational and organisational precautions are put in place.
Functional separation
Our risk management concept follows clearly defined basic principles that are applied as binding throughout the entire Group, compliance with which is continuously checked. A crucial element of these principles is a clear organisational and operational distinction between the individual functions and activities of risk management.
The operational and organisational structure is regularly checked and assessed through internal audits and adapted to internal and external developments as they happen.
Group Risk Manager
The Group Risk Manager is responsible for the risk monitoring and control activities in the MLP Financial Holding Group. He is kept continuously informed of the risk situation in the Financial Holding Group and gives regular reports on this to the entire Executive and Supervisory Boards.
Risk controlling function
An independent risk controlling function has been set up at MLP to address risk topics at an early stage and sustainably throughout the Group, while also increasing risk awareness. This function is responsible for the independent monitoring and communication of risks.
Risk management and controlling processes
Risk management in the MLP Financial Holding Group and its local operating implementation in the business units is conducted on the basis of the risk strategy. The units responsible for risk management reach decisions for the conscious acceptance, reduction, transfer or avoidance of risks, observing the framework conditions specified centrally.
The Risk Controlling unit in particular is responsible for the identification and assessment of risks, as well as for monitoring defined limits. It reports risks to the Executive Board and the business units that control the risks. Suitable early detection systems support risk monitoring, identify potential problems at an early stage and thereby permit the prompt planning of measures.
Appropriate guidelines and an efficient monitoring process also ensure that the regulatory requirements for risk management and controlling are met by the principal Group companies.
The methods used at the MLP Financial Holding Group to assess risks are in line with the current level of knowledge, and are aligned with practices in the banking sector as well as recommendations of the Federal Financial Supervisory Authority. The results determined through the risk models for controlling risks and the underlying quantification methods are subject to regular reviews by risk controlling, as well as internal and external audits. Despite careful model development and regular checks, however, it is conceivable for circumstances to occur that lead to greater losses than those predicted by the risk models.
Controlling monitors earnings trends
Controlling is responsible for planning processes and continuously monitoring trends in earnings. The planning process is broken down into short-term and medium-term planning horizons with varying degrees of detail.
To monitor planned and target variables the revenue and earnings figures actually achieved are compared against the corresponding plan figures within the scope of daily, weekly and monthly reporting. This provides continuous transparency for Management.
Internal controlling system in the accounting process
With regard to the accounting and management reporting processes, the Internal Control System (ICS) is used to provide an accurate picture of actual conditions in terms of the net assets, financial position and results of operations at MLP Banking AG and the MLP Group. The objective of the ICS is to secure the complete and accurate recording, processing and documentation of all business transactions in accordance with the regulations, standards and guidelines of applicable legislation and the Company's Articles of Association.
MLP’s organisational, corporate and control structures are outstandingly clear. All units involved in the accounting process comply with their respective quantitative and qualitative requirements. The employees tasked with conducting the accounting process receive regular training. Group Accounting is the central point of contact for all questions in connection with accounting issues.
The checks in the accounting process aim to ensure that the individual and consolidated financial statements are drafted in line with the provisions of German commercial law and the International Financial Reporting Standards (IFRS), as well as proper and timely internal and external financial reporting. The scope of the checks and responsibilities integrated into the procedures is clearly regulated.
In addition, financial and risk data, which itself is subject to a comparable internal monitoring system, is also incorporated in the management report.
Functional separation, the dual-control principle and the audit activities of the Internal Audit department represent key control instruments for all accounting-related processes. The processes of the accounting-based ICS are documented and specified in work instructions that are regularly updated and published in the organisation manual.
The bank's separate financial statements and the consolidated financial statements are generally prepared using standard software. Group Accounting ensures the completeness and accuracy of the relevant disclosures on the basis of the information provided.
The adequacy and effectiveness of the accounting-based ICS are regularly checked and monitored.
Compliance function
The Executive Board has also set up a compliance function, the duties of which include identifying and monitoring key legal provisions and requirements, non-compliance with which can potentially jeopardise the assets of the MLP Financial Holding Group.
Internal audits
The main duty of the internal audit department at MLP Banking AG is to assess the effectiveness and appropriateness of risk management in general and of the internal control system in particular. Audit tasks are conducted throughout the Group on the basis of service level agreements and outsourcing contracts with key Group companies, as well as the function of MLP Banking AG as a controlling company pursuant to § 10a (2) of the German Banking Act (KWG). The focus is on compliance with legislative requirements, supervisory requirements, guidelines, regulations and internal provisions for business processes. To this end, audit procedures are conducted using a systematic and targeted approach on the basis of the COSO model to assess the effectiveness and appropriateness of risk management, the controls and the management and monitoring processes. Risk-oriented audits are conducted at regular intervals and the results are reported. The internal audit department monitors the rectification of any issues detected. In addition, it provides independent advisory services with a view to creating added value and improving business processes.
The minimum requirements for risk management governing the internal audit function are complied with throughout the Group. The internal audit department operates in an independent capacity throughout the Group on behalf of the Executive Board.
Risk reporting
A substantial risk reporting scheme forms the basis for appropriate and successful corporate management. This is complemented by an extensive system of internal reporting, which provides key decision-makers with prompt information on the current risk situation. Risk reports are generated at fixed intervals (monthly or quarterly) or produced if and when necessary. In addition, planning, simulation and control instruments highlight possible positive and negative implications for the most important value and controlling parameters of the business model and their effect on the net assets, financial position and results of operations.
Risk reports are submitted to the controlling units, the Executive Board and the Supervisory Board. Prompt and comprehensive information is provided on any changes to relevant influential factors.
Statement of risks
The MLP Financial Holding Group is exposed to various financial risks, especially counterparty default risk, market price risk and liquidity risks. As well as financial risks there are also operational and other risks, such as general business risks and reputation risks. The risks are mitigated by risk-reducing measures such as insurance policies.
The key risk types in the various segments are presented below:
| Segments | Default risks | Market price risks | Liquidity risks | Operational risks | Other risks |
| Holding | x | x | x | x | |
| Banking | x | x | x | x | x |
| Financial consulting | x | x | x | x | |
| FERI | x | x | x | x | x |
| DOMCURA | x | x | x | ||
Counterparty default risks
The counterparty default risk is the risk of a loss due to the defaulting of or deterioration in creditworthiness of a business partner. As well as credit risk, the counterparty default risk encompasses the contracting party risk (re-covering risk, as well as performance and counterparty settlement risk), issuer risk, investment risk and risks relating to specific countries, although the latter are only of secondary importance to the MLP Financial Holding Group.
The counterparty default risks of the MLP Financial Holding Group are essentially made up of the client credit business under the Company's own liability, the Company's own business and the commission receivables against our product partners. There are no significant risks related to specific countries, since the majority of lending (more than 95%) is limited to borrowers domiciled in the Federal Republic of Germany.
Concentration of risk
The identification of potential concentrations of risks constitutes another key component of credit risk management. Those risks which come about because of an uneven distribution of business partners in credit relations or other business relations, or which are caused by sectoral/geographical business focuses and are capable of generating such great losses that the solvency of an institution may be threatened, are classed as concentrations of risk in the credit portfolio. To be able to identify concentrations of risk in the lending business at an early stage, the portfolio is analysed using various approaches, such as investigations based on sector, size and risk classes or security categories. Concentrations of risk are also given special consideration in the stress tests specific to the risk types.
To minimise potential concentrations of risk in the proprietary business before they can even occur, the MLP Financial Holding Group follows a strategy of diversification. Investments are diversified into bonds, debentures and other financial instruments across various sectors. We have defined binding investment limits for the individual sectors and issuers via our capital investment directive. These limits were observed at all times over the course of the year.
In the private client business, potential concentrations in ratings classes with high failure rates should be avoided. This is achieved by focusing on retail products of credit cards and accounts in connection with the targeted client segments. In addition, the minimisation of large individual risks with a low credit rating is a further central component of the credit policy in place at the MLP Financial Holding Group. Focusing on specific professional groups enables an attractive earnings margin to be achieved thanks to relatively low default risks.
Credit management
Responsibilities in the credit business, from application through authorisation to completion, and including regular monitoring with regular creditworthiness analyses, have been defined and documented in the organisational guidelines. Decision-making authority is laid down in the authority regulations, which themselves are based on the risk content of the transactions.
Loan approval, in particular in the client credit business, takes the form of credit limits being granted for the individual borrower or borrower unit. Individual credit decisions are reached by specialised employees following clearly defined guidelines based on the size, creditworthiness and collateral of the borrower. A special scoring process allows quick decisions to be made, in particular for credit cards and accounts in the retail lending business, while also securing consistently high quality.
The basis of our credit decisions is always the creditworthiness of the borrower. Collateral does not have any influence on the borrower's rating. Depending on the structure of a transaction, however, collateral can be of significance for the risk assessment of a commitment.
All forms of traditional loan collateral are essentially used throughout. This specifically includes mortgages on residential and commercial property, warranties, sureties, life insurance policies, financial collateral and assigned receivables.
In addition, potential default risks are continuously measured and evaluated by comparing allowances for bad debts with the credit volumes subject to risk. For accounts that are regarded as carrying acute risk, we build up appropriate allowances for bad debt. You can find detailed information on the process and the development of loan loss provisions in the notes. Loans identified as non-performing are transferred to specialist departments, where they are individually managed by experts. We use deferral in line with article 178 of the Capital Requirements Regulation (CRR) as the definition of default. As a matter of basic principle, allowances for losses on individual accounts are conducted on a case-by-case assessment.
In addition to these risks in the client credit business there is an issuer risk from the bonds, debentures and other financial instruments acquired. We reduce the risk of default among issuers whose securities we have acquired within the scope of capital investment management through the specified creditworthiness requirements of our capital investment directive. Where available, the MLP Financial Holding Group also bases its decisions in the field of financial investments on external ratings.
The credit value at risk is approximated on the basis of the capital adequacy requirements as per CRR for calculating the economic counterparty default risk, and for the purpose of internally controlling the counterparty default risks. Various methods are available for this in accordance with the CRR. In terms of the calculation methods, a distinction is drawn between the standardised approach to credit risk (CRSA) and the approach based on internal ratings (IRBA). Depending on the rating status of receivables due to the MLP Financial Holding Group, the internal control system is based on the various supervisory calculation methods.
Market price risks
The MLP Financial Holding Group understands market price risks as the uncertainty regarding changes in market prices and rates (including interest rates, share prices, exchange rates and raw material prices), the correlations between them and their volatility. Besides interest rate and share price risks, there are also spread risks on proprietary investments. There are currently only very minor open risk items in foreign currency and commodities. There was no speculative use of financial instruments with a view to making profits in the short term in the year under review, nor is it envisaged for the future. MLP Banking AG continues to hold the status of a non-trading book institution. The subcategory of market price risk, which is important for us, represents the general interest risk.
Interest rate risks
Interest rate risks essentially come about from incomplete congruency of interest rate agreements between the loans granted and the business on own account as well as their refinancing. These maturity transformation risks are continuously monitored and assessed in compliance with supervisory requirements, by means of stress scenarios, among other things.
Within the scope of the risk-bearing capacity assessment, a simulation is conducted in which the net interest for interest-bearing and interest-sensitive items is determined for the interest risk in the event of an ad hoc change in interest rates.
Possible effects of different interest development scenarios are portrayed via planning and simulation calculations. The risks and their effects are made transparent based on assumptions of multilayer interest scenarios. In this context, changes in the cash value of all items in the asset ledger are shown in relation to the equity, with the application of the changes in interest rates prescribed by the Federal Financial Supervisory Authority. The simulation is conducted by automated means for all interest-bearing and interest-sensitive items. This is how interest risk is controlled.
The change in value determined in the reporting period always remained significantly below the threshold of 20% of equity.
Interest rate risks of the MLP Financial Holding Group
| Amount in € million | Interest rate shock/parallel shift | |||
| Change in value + 200 BP | Change in value - 200 BP | |||
| 2018 | 2017 | 2018 | 2017 | |
| Total | -0.1 | -3.5 | -0.4 | 0.8 |
Liquidity risks
The MLP Financial Holding Group understands liquidity risks to mean uncertainty in terms of the availability of funds to meet payment obligations or reduce risk items that are either insufficient or can only be secured by accepting higher rates. Liquidity risks can result from both internal and external risk factors.
The fundamental principles of liquidity control and planning are defined in the internal guidelines. We employ two different approaches to control liquidity risk: discretionary and structural.
Operational liquidity control
Within the scope of strategic or short-term liquidity control at Group level, the liquidity risk is assessed and controlled in particular using the KPI from the Liquidity Directive and the Liquidity Coverage Ratio (LCR). The LCR represents a stress scenario from the supervisory perspective with a review period of 30 days, during which the interbank market no longer functions. In addition, the volume of daily net cash inflows and outflows is observed and incorporated into the risk assessment based on the liquidity at risk (LaR) within the scope of liquidity control. The LaR describes the anticipated cash payment surplus (net funding requirement) which will not be exceeded at a defined level of probability within a given period of time. Additionally an expected shortfall is monitored for the assessment of any outliers. Sufficient funds were available to cover short-term liquidity requirements at any time.
Structural liquidity control
Structural (medium- to long-term) liquidity control of the Group is conducted on the basis of liquidity gap analyses, which highlight the anticipated development of liquidity over various time horizons. In addition, the effects of various cash flow scenarios, and thereby also on the liquidity situation of MLP, are analysed using the funding matrix. Additional Monitoring Metrics for Liquidity Reporting (AMM) provide information additional to the Net Stable Funding Ratio (NSFR), particularly with regard to concentrations.
The liquidity value at risk (LVaR), which indicates the additional refinancing costs required to close open liquidity items, represents a key instrument of structural liquidity control and is also used in risk capital management. When determining the LVaR as of December 31, 2018, net cash inflows for the year were in line with forecasts and no additional refinancing costs are thus expected to occur.
If, contrary to expectations, net cash outflows should occur, sufficient cash reserves are available. The liquidity risk in the MLP Financial Holding Group results primarily from MLP Banking AG as the deposit-taking bank. The refinancing structure is based largely on client deposits. Appropriate short- and medium-term credit lines have also been agreed to safeguard against a possible short-term liquidity shortfall.
Alongside the assumed development in standard scenarios, we have also defined stress scenarios to simulate potential increases in liquidity requirements as a result of a negative change in the market environment. These enable us to introduce any countermeasures deemed necessary in good time.
MLP Banking AG has established a simple system to allow the internal allocation of liquidity costs, liquidity benefits and liquidity risks to be monitored and controlled.
Operational risks
The management of operational risks is based on the definition of Article 4 of the Capital Requirements Regulation (CRR). As such, operational risk is the risk of losses caused by the inadequacy or failure of internal procedures and systems, people or by external events. This definition includes legal risks.
Operational risks are identified and assessed locally throughout the Group in the individual organisational units. To this end, an operational risks inventory is conducted at least once a year. Experts from all specialist departments examine and assess operational risks on the basis of self-assessments. They are broken down into an assessment of risk potential for identification and evaluation of the main risks and suggested measures derived from this.
The probability of the occurrence and potential extent of damages presented by the risk scenario being examined are determined when assessing an identified operational risk. Both empirical values and projections for the upcoming period of one year are applied. The risks identified are managed using risk control strategies.
In addition, any loss/damage occurring at the MLP Financial Holding Group is continuously recorded and analysed. By collecting damage data, loss events can be detected and analysed in order to identify trends and any concentration of operational risks. The results are collated and checked for feasibility by risk controlling, and then made available to the Executive Board and the controlling units.
Risks from internal procedures
The operational and organisational structure of the MLP Financial Holding Group is comprehensively documented and set out in internal organisation guidelines and the organisation manual. Operational risks arising from internal processes are primarily managed through the continuous improvement of business processes and the expansion of the internal control/monitoring system. Further safeguarding measures include risk transfer through the conclusion of insurance policies, and the conscious avoidance of risky products. In order to secure the continuation of business operations, comprehensive emergency and business continuity plans are also in place for the most important areas and processes.
A Business Impact Analysis (BIA), conducted within the scope of Business Continuity Management (BCM), is used to identify critical company processes whose disruption or failure can have a significant influence on the Group's business activities. To this end, suitable measures are defined in the form of alternative actions. In the event of an emergency, these measures allow business operations to continue, albeit with reduced performance. Critical processes and the effectiveness of the defined measures are subject to regular monitoring and continuous development. The BCM is documented in the organisation manual and is thus available to the business segments and employees.
Within the scope of defined adjustment processes in the event of changes to operational processes or structures, acquisitions and mergers, as well as the process for introducing new products – or rather when expanding activities to include new markets or via new sales channels – safeguards are in place to ensure that all affected staff at MLP are involved, potential key risks are identified and a corresponding concept is drawn up prior to the implementation of planned measures.
Risks from human errors and employee availability
The MLP Financial Holding Group places great value on having qualified employees and managers. Nevertheless, human error cannot be completely ruled out. In this context we employ an open culture of constructive criticism with the objective of detecting mistakes at an early stage, continuously improving our processes and strengthening our innovative capacity. Staff resources and necessary qualification/training of employees are secured by the responsible specialist departments. We reduce the risk of staff shortages through appropriate personnel allocation measures.
Employees working with confidential information undertake to observe the relevant regulations and handle the information responsibly. A clear separation of management and control functions restricts the risk of breaching internal and external regulations. Defined substitute and successor regulations secure our business and decision-making processes.
A possible error in client consulting, investment and acquisition brokerage or finance portfolio management and associated claims for damages can present a consulting and liability risk. We minimise potential consulting risks by maintaining consistently high-quality consulting, for example with IT-supported consulting tools. Consultations with our clients and their results are comprehensively documented. Our own Corporate University ensures a high standard of consultant training. Indeed, each consultant attends extra-occupational training to become a Financial Consultant and then later a Senior Financial Consultant.
IT risks
The MLP Financial Holding Group operates a comprehensive information security management system for the effective management of IT-related risks.
In terms of our software strategy we typically rely on sector-specific standard software from well-known providers, though we bring in qualified specialists for business-specific proprietary IT applications. Prior to commissioning, new IT systems and software components are checked to ensure their correct functioning. The availability and consistency of the data is secured by distributing data processing operations across multiple locations, backup and recovery processes and a business continuity management system. In addition we use leading service providers to operate our systems. We protect our IT systems from unauthorised access through a system of authorisation management, comprehensive malware protection and security measures at network level in order to secure the confidentiality, authenticity and integrity of our data.
Risks from external events
Companies operating in the financial services sector focus on their core competencies, i.e. financial services products, support and information services, specialist consulting and sales expertise. In this market environment, the MLP Financial Holding Group makes use of external partners for activities that are not part of its core business. Based on Germany's "MaRisk" minimum risk management requirements, key outsourcing activities are incorporated into risk management within the standard scope of risk controlling and management processes with continuous risk identification, assessment, control and reporting (outsourcing analysis).
The MLP Financial Holding Group operates a central system of outsourcing management. Responsibilities for outsourced processes are clearly defined. This ensures that any potential organisational, structural or process-based risks that may occur because of outsourced business activities are closely controlled.
In addition, insurance policies have been concluded where appropriate to minimise risks from external events such as fraud, burglary, theft or damage due to force majeure.
Internal security measures are also used to thwart fraudulent activities, where possible before they even occur.
Potential risks arising for the MLP Financial Holding Group from fraudulent or other criminal conduct are identified and regularly assessed within the scope of the risk analysis conducted to identify potential hazards caused by criminal conduct (both internally and externally). Both the risk assessment and the individual measures implemented to avoid criminal conduct are conducted by the relevant section at company HQ pursuant to § 25h of the German Banking Act (KWG), and they are also incorporated in the operational risk inventory process.
In 2013 the significant legal provisions and stipulations for the MLP Financial Holding Group were identified within the scope of the requirements of the Compliance function in line with Section 4.4.2 of Germany's "MaRisk" minimum risk management requirements. Failure to comply with these provisions and requirements could pose a considerable threat to the assets of the MLP Group. As per Germany's "MaRisk" minimum risk management requirements, the Compliance function works towards implementing effective procedures in addition to control measures by the competent departments in order to comply with the significant legal stipulations and internal regulations, submitting regular reports on its activities, including ad hoc reports when necessary, to the Executive Board and the Supervisory Board.
Legal risks
Our legal department controls legal risks. In addition to consulting on corporate decisions and designing business processes, its tasks include following and assessing current legal disputes. Possible legal risks are detected at an early stage and possible solutions for minimising, limiting or preventing such risks are proposed. The legal department coordinates the commissioning and integration of external lawyers. Within the scope of risk mitigation the legal department, in cooperation with product management, checks and monitors the existing insurance coverage for economic loss and initiates any necessary adjustments. According to our review, the pending or threatening legal proceedings against the MLP Financial Holding Group do not represent risks which could endanger the Group's continued existence.
Taxation risks
Changes that emerge in tax law are continually checked and reviewed with regard to their potential effects on the Group. Compliance with the fiscal requirements of the controlling company, MLP SE, is checked by internal and external experts in accordance with the tax regulations and all accompanying documentation issued by the fiscal authority. Corresponding provisions are formed for subsequent payments to be anticipated.
Capital charge according to the basic indicator approach
The MLP Financial Holding Group currently uses the basic indicator approach in line with sections 315 and 316 of the Capital Requirements Regulation (CRR). On this basis the capital charge is 15% of the average gross proceeds of the last three financial years, whereby only positive gross proceeds are taken into account.
Other risks
Other risks include reputation risks and general business risks (including strategic risks). These also include potential step-in risks for a non-consolidated company, insofar as support is provided without contractual obligation.
Reputation risks
Reputation is defined as the reputation of MLP as a whole or of individual Group companies in terms of expertise, integrity and trustworthiness that results from the perception of different stakeholder groups. Examples of stakeholders are clients, employees, consultants and office managers, shareholders and creditors, other institutions, ratings agencies, the press and the world of politics. Reputation risk is understood to mean an existing or future risk regarding income, equity or liquidity as a result of reputation damage.
The management of reputation risks in the MLP Financial Holding Group is always conducted decentrally within the scope of a defined regulatory cycle following the principle of managing operational risks. Besides reactive control directly after the occurrence of a damage event, preventive risk management is particularly important here.
The potential risk of mistakes made while providing consulting services to our clients also impacting our reputation is minimised by ensuring that consulting is of consistently high quality. The instruments used to secure this high level of consulting include IT-based consulting tools, and consultations with clients are comprehensively documented.
General business risks
General business risks arise as a result of altered framework conditions. These include, for example, the market environment, client behaviour, sustainability risks and technical progress. Achieving the planned results can potentially be jeopardised as a result of the inadequate alignment of the Company to a business environment that may have changed abruptly. Risks of this kind can in particular occur as a result of an inadequate strategic decision-making process, unforeseeable discontinuities in the market, products that have not been properly matched to the market or poor implementation of the chosen strategy.
General business risks are predominantly controlled by the Controlling department. Within the scope of environmental analyses, regular checks are also conducted to detect and analyse all changes to economic factors or the industry and competitive situation. This results in impulses for the strategic alignment of the MLP Financial Holding Group.
The ongoing period of low interest rates and the potential effects of amendments to the Life Insurance Reform Act (LVRG) are leading to a degree of uncertainty. In addition, the continuing expansion of supervisory requirements presents a challenge to profitability in the banking and financial services sectors overall. We are still observing a great deal of competitive pressure in the German market for financial services, also from new and digitally oriented market players (fintechs).
You can find more detailed information on the environment, sector and competitive situation in the section entitled "Economic report and forecast".
No quantification of other risks is currently conducted within the scope of internal risk management. To cater for the risks resulting from this, a corresponding buffer is maintained in the risk-bearing ability. This is regularly validated within the scope of backtesting and adjusted as and when necessary.
Results of the analysis of risk-bearing ability
The risk-bearing capacity concept ensures that the risks incurred are offset against sufficient risk coverage potential at all times. Within the scope of the risk-bearing capacity concept, the MLP Financial Holding Group primarily pursues a going-concern approach with a confidence level of 97% when controlling risks. This is based on the protection of the minimum capital backing required by law and thereby the continuation of the business operations of the MLP Financial Holding Group. Free equity capital that is available after meeting the regulatory ratios for minimum capitalisation and an additional buffer are in place to serve as risk coverage potential.
In 2018 the Executive Board made a risk coverage fund available based on the risk coverage potential (sum of free supervisory equity and plan EBT) up to an upper threshold of € 100 million to cover the following risk types that MLP categorises as significant: counterparty default risk, market price risk, liquidity risk, operational and other risks.
With shares of 53.9% and 37.8% respectively, counterparty default risks and operational risks account for most of the risk coverage fund available.
The risks incurred are covered by the assigned limits in line with the risk coverage potential. Consistent surplus coverage is in place.
Risk-bearing ability of the MLP Financial Holding Group
| Risk bearing ability | 2018 Utilisation (in %) | 2017 Utilisation (in %) |
| Risk and capital commitment | 74.6 | 76.0 |
| thereof: | ||
| Counterparty default risk | 73.4 | 79.0 |
| Market price risk | 53.4 | 60.9 |
| Operational risk | 83.4 | 78.0 |
| Liquidity risk | 0.0 | 0.0 |
Capital adequacy requirements under banking supervisory law
The backing of risk assets with eligible own funds for tier 1 capital generally requires a minimum ratio of 4.5%. As in the previous year, these requirements have not changed during the financial year 2018.
As per Article 25 et seq. of the CRR, the Group's Tier 1 capital includes the following equity items of IFRS capital: share capital, capital reserves, statutory reserve and retained earnings. Among other factors, intangible assets, treasury stock and goodwill reduce Tier 1 capital.
As was also the case in the previous year, the MLP Financial Holding Group fulfilled all legal requirements relating to minimum capital adequacy throughout the financial year 2018. The relationship between risk assets and equity capital on the balance sheet date is illustrated below.
Supervisory KPIs
| Shareholders’ equity (in € million) | 2018 | 2017 |
| Tier 1 common capital | 288.9 | 291.0 |
| Tier 1 additional capital | – | – |
| Tier 2 capital | – | – |
| Eligible own funds | 288.9 | 291.0 |
| Capital adequacy requirements for counterparty default risks | 77.6 | 73.8 |
| Capital adequacy requirements for operational risk | 40.1 | 42.4 |
| Core capital ratio (in %) | 19.64 | 20.02 |
| Tier 1 common capital ratio (in %) | 19.64 | 20.02 |
Summary
MLP's business development is essentially influenced by financial risks, operational risks, reputation and general business risks. We use our risk management system for the identification, assessment, control, monitoring and communication of our key risks in terms of both current and future developments. The information provided ensured the prompt introduction and prioritisation of risk management measures without exception.
Both the MLP Financial Holding Group as a whole and the business segments always acted within the scope of their financial risk-bearing ability in 2018.
Our Business Continuity Management also ensures regulated business operations in the event of any disruptions. Our risk monitoring and control systems and the consistent alignment of our business model to our risk-bearing ability enable us to ensure that the risks taken in our business activities are backed with adequate risk capital.
The risk management system is subject to continuous further development, in particular with regard to developing the volume and complexity of our business. The effectiveness of our risk management system and its supervisory implementation are also checked cyclically by both external and internal auditors.
The aforementioned risks, and such risks as are not yet known to us or are currently considered insignificant, could have a negative impact on our forecasts detailed in the outlook.
There are currently no discernible risks that could threaten MLP's continued existence, and we do not expect any negative development in the coming year. No appreciable risks that could have a significant influence on the continued existence of the MLP Financial Holding Group occurred at MLP after the balance sheet date.
