Further information on this process is available at:
credit-suisse.com/riskmanagementReputational Risk Review Process
Credit Suisse uses a wide range of risk management practices to address the diverse risks that could arise from our business activities. Reputational risk is among the key categories of risk considered in that process. Potential reputational risks may arise from various sources, including, but not limited to, the nature or purpose of a proposed transaction or service, the identity or activities of a potential client, the regulatory or political context in which the business will be transacted, and any potentially controversial environmental or social impacts of a transaction.
Reputational risk potentially arising from proposed business transactions and client activity is assessed in the bank-wide Reputational Risk Review Process (RRRP). The Group’s global policy on reputational risk requires employees to be conservative when assessing potential reputational impact and, where certain indicators give rise to potential reputational risk, the relevant business proposal or service must undergo the RRRP.
As part of the RRRP, submissions are subject to review by senior managers who are independent from the business, and may be approved, approved with conditions, or rejected. Conditions are imposed for a number of reasons, including restrictions on the use of proceeds or requirements for enhanced monitoring of a particular issue relating to the client. Any conditions that are imposed as a condition of approval are assigned to a business owner and are systematically tracked to completion, including a four-eye review. Adherence with conditions is monitored to ensure timely completion, with any breaches potentially subject to disciplinary action.
During 2020, an updated governance structure was introduced to reduce complexity and fragmentation of decision-making around client risks. The reputational risk process is overseen by the Position & Client Risk (PCR) cycle of the Capital Allocation & Risk Management Committee (CARMC), which assumed the responsibilities of the former Reputational Risk Sustainability Committee (RRSC) in 2020. A transaction, activity, relationship or submission to the RRRP may be escalated to the Divisional Client Risk Committee (DCRC), or in specific cases, to the Global Client Risk Committee (GCRC), with escalation criteria established to define the necessary governance:
- The DCRCs are jointly chaired by the Divisional Chief Risk Officer and Divisional Chief Compliance Officer and serve as a discussion and decision-making senior management forum for reputational risk, sustainability risk and compliance (including Financial Crime Compliance, FCC). They serve as an escalation point for high-risk and complex clients or transactions. The escalation criteria assess both qualitative and quantitative factors of individual client cases.
- The reputational risk process is overseen by the PCR cycle of CARMC, which delegates authority to the GCRC. The GCRC assesses complex or cross-divisional client and transaction risks arising from reputational risk, sustainability risk and compliance (including FCC) according to defined escalation criteria.
To ensure a more holistic perspective when managing the bank’s client risks, the Reputational Risk organization was brought under the oversight of Credit Risk in September 2019, with changes to the governance structure and escalation process implemented during 2020. Further enhancements are being developed to create a common and transparent process across Compliance and Reputational Risk for the assessment of client risks through the development of a standardized onboarding template and an integrated case management solution.