Risk Governance and Management Framework

Resilient Risk Governance Framework

ICICI Bank is exposed to several risks on account of the nature of its business. These risks relate to credit, market, liquidity, operation, technology, cyber, compliance, legal and reputation. Led by its strategic approach to driving risk-calibrated growth in core operating profit excluding provisions, the Bank remains committed to the effective management of material risks and active capitalisation of opportunities.

The Bank’s risk management framework is rooted in resilience and is defined by its clear understanding of various risks, disciplined risk assessment and measurement procedures, and continuous monitoring. The Board of Directors oversees all the risks faced by the Bank, while specific committees provide focussed oversight of various risk types. The Board of Directors/Committees of the Board approve various policies from time to time. These policies constitute the governing framework for each type of risk, along with the business activities that need to be undertaken as part of the framework.

The Bank has set up various groups and subgroups to support independent evaluation, monitoring and reporting of various risks. Dedicated groups are in place to identify, assess and monitor all the principal risks of the Bank in line with the defined policies and procedures. These groups include Risk Management Group, Compliance Group, Corporate Legal Group and Internal Audit Group. The Bank has also constituted the Financial Crime Prevention Group (FCPG) to manage the fraud risk. This group oversees prevention, detection, investigation, monitoring, reporting and creating awareness about the fraud risk. The groups operate independently of the Bank’s business groups/subgroups.

Board committees include Risk, Credit, Audit, and IT Strategy Committees.

(Best viewed on desktop)

The Risk Management Group is led by the Group Chief Risk Officer, who reports to the Risk Committee of the Board of Directors. The Group further comprises the Credit Risk Management Group, Market Risk Management Group, Operational Risk Management Group, Information Security Group.

The Enterprise Risk Management (ERM) and Risk Appetite Framework (RAF) enables the Bank to elucidate the risk appetite. It expounds the risk appetite as a limit framework for various risk categories faced by various business lines. The Bank conducts portfolio reviews, that are presented to the Credit and Risk Committees in accordance with the approved calendar of reviews. The reviews cover the trends prevailing across various economic indicators and their impact on the Bank’s portfolio. The reviews are eventually presented to the Risk Committee for evaluation and action. The Bank also has a structured system for evaluating various industries. The outcomes assessment are presented to the Credit Committee for review and guidance.

Independent groups monitoring risks include Risk Management Group, Compliance Group, Internal Audit Group, and Financial Crime Prevention & Reputation Risk Management Group.

(Best viewed on desktop)

The Bank follows a well-defined Internal Capital Adequacy Assessment Process (ICAAP), which includes four-year capital planning, assessment of material risks, and the relationship between risk and capital. An important facet of the risk management framework is stress testing, which helps the Bank secure insights into the impact of extreme but plausible scenarios on its overall risk profile and capital position.