Non-Financial Risk Management
Historically, banks have always had to manage financial risk, particularly credit risk and market risk. However, nowadays banks also have to deal with non-financial risks: special attention has to be given to legal, operational and Compliance risks and at ING we have set up a Non-Financial Risks Management department dedicated to these specific risks.
Its main purpose is to support the business lines by analysing and assessing the risks in these areas and providing advice on documentation, procedures and controls, with a view to optimal management of these risks and to ensure that business develops harmoniously.
This is a strategic department made up of three complementary sub-departments:
‘No one is above the law’ is the adage that our Legal department impresses upon the various departments, both operational and commercial. It preserves the legal identity of the bank by checking that each transaction properly complies with the laws applicable in Luxembourg.
Maintaining ING’s reputation is the primary concern of our Compliance department, which is responsible for protecting the Bank from any potential loss caused by failure to comply with the applicable standards (imposed by local regulations and by the ING Group) in various areas including for example combating money laundering, investor protection, conflicts of interests and ethics.
The main task of the Operational Risk Management department is to coordinate operational risk management in our bank, namely the risk of failure, be it human error, IT malfunction, process or control problems that might cause or have caused operational losses. The objective is to identify the cause of the problem and take the necessary steps to ensure that the incident does not recur or that it has less impact if it does recur. In this department, the Information Risk Management unit works specifically on information risks (confidentiality, integrity, availability) and IT security in the broadest sense.