Risk Management oversight
The management of risk is fundamental to the successful execution of our Strategic Plan and to the resilience of our operations. The Group continues to support its key markets and deliver stable and resilient services that meet our clients’ needs.
- LSEG's Risk Culture
- Strategic Risk Objectives
- Current Risk Focus
- Group Risk Appetite
- Three Lines of Defence
- Risk Management Approach
- Risk Governance Structure
- CCP Risk Management and Oversight
LSEG’s Risk Culture
Our formal risk framework codifies the objectives that drive consistent risk management across the Group. Our risk culture determines the manner in which we manage risks every day.
Our management culture embeds risk awareness, transparency and accountability. An emphasis is placed on the timely identification and reporting of risk exposures and on the strategic analysis of prevailing or anticipated trends.
The ultimate responsibility for identifying and managing risks rests with management and with the Executive Committee, with independent oversight from our Group Risk Management Team and from the Group Board Risk Committee. Our risk culture is one of the fundamental tools for effective risk management. Our codes of behaviour feed into the criteria used to assess the effectiveness of our risk management, including the ability to communicate, escalate and use the risk analysis in making strategic decisions.
Strategic Risk Objectives
LSEG’s Strategic Risk Objectives are derived from the overall strategy of the Group, which is defined annually by the Board. The key risk objectives of the Group are as follows:
- Maintaining a strong risk culture throughout the Group: the Risk Management Framework is embedded within divisions and functions across the new combined organization post Refinitiv transaction
- Maintaining stakeholder confidence: the Group’s stakeholders have confidence in its ability to deliver its strategic objectives with robust and effective governance and operational controls
- Maintaining stable earnings growth: the strategic growth of the business is delivered in a controlled manner with long-term value enhancement and low volatility of underlying profitability through diversification
- Maintaining capital requirements: the Group has sufficient capital resources to meet regulatory requirements, to cover unexpected losses and to meet the Group’s strategic ambitions
- Maintaining liquidity: the Group retains or has adequate access to funding to meet its obligations, taking into account the availability of funds
- Monitoring and managing credit risk exposure in conjunction with prevailing macroeconomic and geopolitical factors to ensure Group Thresholds are always adhered to
- Ensuring prudent levels of margin, default funds and liquidity arrangements in the Group’s CCPs
- Ensuring operational resilience across the new combined organization post Refinitiv transaction by facilitating orderly market operations: the Group’s operations are delivered in a secure and efficient manner without disruption, for all divisions of the combined company i.e. the newly formed Data & Analytics as well as Capital Markets and Post Trade
- Achieving operational excellence consistent with the Group’s aspiration to be operationally “best in class”
- Maintaining physical and IT security to protect the Group’s assets, our people, infrastructure, data and other assets
- Adhering to regulatory requirements: the Group conducts activities at all times in full compliance with its regulatory obligations
- Maintain the risk framework which is appropriate to support delivery of the firm’s Sustainability strategy and management of all ESG risks within appetite
Current Risk Focus
The Group’s acquisitions increase the transformation risk, whilst delivering opportunities to compete globally. Most recently, the consolidation of LSEG and Refinitiv companies brings together two outstanding businesses with a shared commitment to partnership approach, creating a leading global financial markets infrastructure and data provider. The success of this transaction is dependent upon LSEG’s ability to integrate the existing and new businesses of Refinitiv, and embed a common Enterprise Risk Management Framework across the new combined organization.
Other current and emerging risks on which we continue to focus include:
- Geopolitical uncertainty: Ongoing political tension fuels uncertainty in the markets. In addition, global economy underperformance is likely to affect the markets in which we operate
- Climate-related risk: Increased focus on climate-related risks from regulators, investors and stakeholders has generated a requirement for enhanced climate-related risk oversight
- Emerging technology: Integrating artificial intelligence (AI) in digital transformation strategies brings with it associated risks such as automated decisions which are not aligned with current societal expectations or organisational values
- Regulatory change: Regulatory change affects the operations of the Group as well as those of our users and customers, and the widening of the Group’s footprint which increases regulatory compliance and business risks. The post Brexit regulatory changes in the regulatory landscape could also impact the Group operationally and financially.
- Financial risk: The risk of financial failure, reputational loss, loss of earnings or capital as a result of investment activity, lack of liquidity or funding, or the inappropriate reporting and disclosure of financial results, taxation or regulatory information
- Operational resilience including security: The security and resilience, including Cyber security, of systems and processes represent a key emerging risk across the whole global financial services industry, attracting significant regulatory scrutiny
- HR risks: Ongoing COVID-19 pandemic and its impacts have increased a variety of risks related to human capital.
Group Risk Appetite
LSEG’s Risk Appetite is defined as the level of risk that the Group will accept in pursuit of its strategic objectives. The Group Risk Appetite Statement, proposed by the Executive Committee, is approved by the Board at least annually and is determined in conjunction with the Group’s strategy and aligned to the Strategic Objectives. The components of Risk Appetite that relate to Central Counterparty Clearing Houses (CCPs) and Central Securities Depositories (CSDs) are also approved by the respective Boards within the Group, in compliance with EMIR, CSDR and other applicable regulations.
The Risk Appetite has recently been updated to reflect the profile of the new combined organization post Refinitiv transaction, and constitutes a part of the overall Enterprise Risk Management Framework which is in place on Day 1 of the enlarged Group.
The Group Risk Appetite is cascaded down to each business unit across the Group. Regular reporting at both Group and Business Unit levels uses Risk Appetite as a benchmark that is incorporated into the Group Risk Policy Framework.
Risks that are outside Risk Appetite are escalated to Executive Committee members and to the appropriate Risk Committee. The Risk Appetite status is also reported to the Board Risk Committee and to the Board for all aggregated Group risks.
Three Lines of Defence
LSEG’s risk control structure is based on the ‘3 lines of defence’ model:
- The First line (Management) is responsible and accountable for identifying, assessing and managing risk
- The Second line (Risk Management and Compliance) is responsible for defining the Risk Management standards and policy framework, and for providing challenge to the first line on Risk Management activities, risk assessments and reporting to the Group Board Committees on risk exposure
- The Third line (Internal Audit) provides independent assurance to the Board and other key stakeholders over the effectiveness of the systems of controls and the Enterprise Risk Management Framework
Risk Management Approach
Our approach to managing risks includes a bottom up and a top down approaches. Key external and internal factors are stress tested across our Group operations to assess the potential impact on the financial results, strategic plans and operational resilience.
The risk function is centralised at the Group level, with the additional risk teams within the CCPs in compliance with the EMIR requirements. The risk function’s main role is to maintain and oversee a fit for purpose Enterprise Risk Management Framework and its implementation across the Group. It also analyses, monitors and challenges the risk profile of the Group and its subsidiaries, ensuring it remains within Risk Appetite.
The updated Enterprise Risk Management Framework which reflects the profile of the new combined organization post Refinitiv transaction has been put in effect and is being rolled out consistently across the enlarged Group.
The function supports the Risk Committee members by providing the reports on the Group’s risk profile including timely escalation of exceptions. It also monitors compliance with rules and regulations, and is responsible for escalating principal risks that could materially impact the reputation, financial position or operations of the Group.
Key Elements of the Enterprise Management Framework (ERMF)
The Risk Management Cycle begins with, and feeds back to, the Business Strategy – which is ultimately driven by both internal and external drivers. This ensures that the management and assessment of risk remains a component of the Group’s strategic decision-making process.
Key risk categories include strategic, operational and financial risks. Operational Risk includes IT risk, resilience risk, as well as all risks associated with operational processes. Financial risk includes credit, clearing and market risks. We recognise that each of these risks, if not properly managed and/or mitigated, could have an impact on the performance and reputation of the Group and its subsidiaries.
The above risk categories are reflected in both the Group Risk Appetite statements and the Risk Taxonomy. These key risks are managed through principles set out in the Group’s policies. Risk assessments determine whether risks are within the appetite set by the Board, and the reporting to senior management and the Board highlights the risks, helping to direct the allocation of effort and resources.
Enterprise Value-at-Risk (EVaR)
The primary purpose of EVaR is to serve as a fungible barometer of risk within the organization, providing a holistic view of all risks across LSEG’s Risk Appetite categories.
LSEG’s EVaR model consists of four risk components (credit, market, operational and business), and enables the Group to consistently quantify its risk-taking activities. Each risk category contributes to the Group’s total economic capital, with Operational risk representing the largest component.
EVaR is a dynamic measure of the riskiness of our activities and the external environment, also comparing relative risks across the various activities and divisions of the Group. It reflects the effectiveness of our controls across the Group, both direct and indirect (e.g: Risk Culture), and it ultimately incentivises the businesses to improve risk management and reduce loss incidents.
Stress Testing Capabilities
The Group’s viability statement is underpinned by the Group’s stress testing process. Under this process, a set of severe but plausible scenarios appropriate to the business of the Group and reflecting our principal risks are defined by Management, and the financial impact of each on the Group is quantified. The stress test scenarios are re-assessed annually and may be updated either during this review process or at other times during the year where the external environment changes.
A 3-year horizon is used for LSEG’s financial viability statement, consistent with the Group’s strategic planning cycle. The scenario impacts are evaluated on the Group’s key financial metrics: liquidity headroom, leverage, interest cover and regulatory capital headroom.
In addition, a set of compounded stresses was evaluated to provide further confidence on the ongoing financial viability of the Group even under very highly stressed environments. The process and final output of the stress tests was reviewed by management and by the Board, the Risk and the Audit Committees. They also review and discuss ‘reverse stress testing’, which is performed to assess what would be required to breach the Group’s covenants.
Risk Governance Structure
The risk framework defines the risk roles, responsibilities and governance structure. The Risk Governance structure ensures the appropriate expertise and overall input in order to adequately oversee and challenge the risk positions across the Group.
Each Group-level risk is owned by a member of the Executive Committee who is responsible for managing or mitigating the risk in order to remain within Risk Appetite. The Risk committees, sub-committees and relevant working groups are embedded within the overall governance structure of the Group. The key committees involved in risk management are outlined below.
The Board approves the Risk Strategy and Appetite, reviews the effectiveness of the risk management system, and reviews any significant issues that are raised to it.
The Board Audit Committee reviews and challenges the financial statements and the corporate governance statement, reviews the effectiveness of internal controls and risk management systems, and recommends to the Board statements to be included in the annual report concerning internal controls and risk.
The Board Risk Committee advises the Board on the Company’s overall risk appetite, tolerance and strategy; oversees and advises the Board on the current risk exposure of the Company, emerging risks and future risk strategy, reviews the Company’s risk assessment processes ensuring qualitative and quantitative metrics are used, and considers and approves the remit of the Risk Management function and ensures it has adequate resources and appropriate access to information to perform its function effectively and in accordance with the relevant professional standards.
The Executive Committee deliver the Group’s strategy, manage the day to day strategic, operational and financial risks of the Group, reviews and recommends the Risk Strategy and Appetite to the Board/Board Audit and Risk Committees. It approves detailed risk appetite statements. It ensures appropriate actions are taken with respect to particular risks as they arise.
CCP Risk Management and Oversight
Each of the Group’s CCPs complies with the appropriate regulatory requirements. Consequently, they each manage their risk under the governance of their Board of Directors and of their internal risk management structure.
The Group monitors the CCP’s aggregated risks positions by using tools that measure the overall exposure to counterparty risk, credit risk (including latent market risk where a default can result in a CCP having the market risk inherent in the defaulter’s portfolio) and liquidity risk. It also monitors all key operational risks.
The Group’s CCPs are managed in accordance with our Enterprise Risk Management Framework, which includes a CCP Financial Risk Policy specifying minimum risk standards for margin confidence level, default fund cover, procyclicality, liquidity, counterparty concentrations, new member assessment, reporting and collateral. This promotes consistency in the oversight of our clearing risks while protecting the independence of the CCPs’ risk management processes as required by relevant regulation.
CCP Financial Resources
The Group’s CCPs interpose themselves between 3 counterparties in a trade and assume the legal counterparty risk for eligible transactions that are cleared. If either party defaults on the trade, the CCP becomes accountable for the defaulter’s risk and associated liabilities.
Fundamental to a CCP’s risk process is its collection of high quality and highly liquid collateral from clearing members and clients as security for potential defaulter risk. The CCPs have in place a variety of margin models, across asset classes, to calculate the collateral requirements appropriate to each member’s risk position. Clearing members are also required to pledge collateral to the default fund(s), the overall size of which, for each clearing service, is computed to at least the ‘Cover 2’ level – large enough to cover the 2 members that would create the largest liability given a simultaneous default under extreme but plausible market conditions – and allocated across the members of the clearing service.
The adequacy of the CCP’s Financial Resources (Margins and Default Fund contributions collected from its members) is assessed on at least a daily basis and reported regularly in accordance with the Financial Risk Policy using Group Risk Appetite as a benchmark. The Principles for Financial Market Infrastructures (PFMI) produced by CPMI-IOSCO and EMIR provide the minimum Risk Management standards that a CCP should apply; however, LSEG CCPs apply more stringent margin confidence levels in most cases.
If a clearing member fails, the collateral collected is used by a CCP to complete the trades and fulfil the failed organisation’s obligations. This ensures that the party on the other side of the trade is not negatively impacted by the default. The margin is calculated to cover market moves up to a certain confidence level.
If losses exceed the defaulter’s financial resources, then under EMIR Regulation the CCP is required to utilise a specified proportion of its own capital ‘skin-in-the- game’ before it can utilise the assets of non-defaulters. The skin-in-the-game represents a proportion of the CCP’s own capital that is sufficient to act as an incentive for CCPs to minimise the operational risk related to default management and to adopt robust risk management processes. Once the skin-in-the-game has been exhausted, further losses are allocated to the non-defaulting members via funded member contributions to a mutualised default fund for each asset class or group thereof followed by further cash calls known as assessments and then a loss distribution waterfall set out in the CCP rulebook. CCP operational risk is managed using a bottom-up approach and is aligned with the Group’s operational risk management approach.