Company

Risk management

Macquarie’s approach to risk management is based on stable and robust core risk management principles.

Risk management principles

Ownership of risk at the business level

Group Heads are responsible for ownership of material risks that arise in, or because of, the business operations, including identification, measurement, evaluation, monitoring, control and mitigation of these risks. Before making decisions, clear analysis of the risks is sought to ensure those decisions are consistent with the risk appetite and strategy of Macquarie.

Understanding worst-case outcomes

Macquarie’s risk management approach is based on examining the consequences of worst-case outcomes and determining whether these are acceptable and within Macquarie’s risk appetite. This approach is adopted for all material risk types and is often achieved by stress testing. Macquarie operates a number of sophisticated quantitative risk management processes, but the foundation of the approach is the informed consideration of both quantitative and qualitative inputs by experienced professionals.

Requirement for an independent sign-off by Risk Management Group (RMG)

Macquarie places significant importance on having a strong, independent risk management function to review, challenge and sign-off all material risk acceptance decisions. It is essential that RMG has the capability to do this effectively. RMG has invested in recruiting skilled professionals from a range of industries, including those with trading or advisory and capital markets experience. For all material proposals, RMG’s opinion must be sought at an early stage in the decision-making process. The approval document submitted to Senior Management must include independent input from RMG on risk and return.

Clear accountability for risk management

Macquarie’s approach to risk management adopts the ‘three lines of defence’ model which sets risk ownership responsibilities functionally independent from oversight and assurance: 

  • primary responsibility for day-to-day risk management lies with the business. The risk owner is the first line of defence. All staff throughout Macquarie are expected to manage risks in accordance with the risk management framework
  • RMG forms the second line of defence and provides independent and objective review and challenge, oversight, monitoring and reporting in relation to Macquarie’s material risks
  • Internal Audit, as the third line, provides independent and objective risk-based assurance on the compliance with, and effectiveness of, Macquarie’s financial and risk management framework.

Risk culture

A sound risk culture has been integral to Macquarie’s risk management framework since inception. Primary responsibility for risk management at Macquarie, including risk culture, is at the business level. The Board, assisted by the Board Risk Committee, is responsible for forming a view on Macquarie’s risk culture and the extent to which it supports the ability of Macquarie to operate consistently within its risk appetite. The Board also identifies and monitors any desirable actions to change the risk culture.

Risks we manage

Macquarie’s risk management framework is the totality of systems, structures, policies, processes and people within Macquarie that identify, measure, evaluate, monitor, report and control or mitigate all internal and external sources of material risk. Material risks are those that could have a material impact, financial or non-financial, on Macquarie. Reputational considerations underpin our approach to financial and non-financial risk management. 

The assessment and monitoring of risks takes place both at the individual and aggregate risk level.

Macquarie’s material risks include:

Macquarie owns physical assets for the purpose of generating a return. Asset risk arises from changes in the value of those physical assets.

The business is responsible for monitoring changes in asset value. RMG Credit and Financial Management Group (FMG) provide independent review. 

RMG Credit is responsible for reporting on asset risk to Senior Management, Board Committees and the Board.

Macquarie defines conduct risk as the risk of behaviour, action or omission by individuals employed by, or on behalf of, Macquarie or taken collectively in representing Macquarie that may have a negative outcome for our clients, counterparties, the communities and markets in which we operate, our staff, or Macquarie.

Refer here for further details on conduct risk management.  

 

The risk that a counterparty will fail to complete its contractual obligations when they fall due (default risk) or changes in the creditworthiness of the obligor (migration risk).

Our tolerance for credit risk is monitored through counterparty, portfolio, country and industry limits which are set in response to Macquarie’s business strategy and business needs.

Single counterparty risk - Risk of an obligor failing to complete its contractual obligations when they fall due.

Portfolio concentration risk - Risk of concentrations to a group of particular obligors with similar risk characteristics.

Country risk – risk of economic, political, and business environment conditions within a jurisdiction that could cause Macquarie to suffer financial loss.

The business owns credit risk arising from their activities. RMG Credit provides independent and objective review and challenge, oversight, monitoring and reporting on credit risk undertaken by Macquarie.

Where businesses have established business credit teams, they are subject to RMG Credit oversight. The Heads of Business Credit have a functional reporting line to the Head of Credit, Head of MBL Credit or a senior RMG Credit delegate.

The risk of regulatory, reputational or financial impacts due to failure to identify or manage material environmental or social issues (including labour and employment practices, human rights, resource efficiency, climate risk, pollution prevention, biodiversity and cultural heritage) arising from or with respect to our investment, financing, client activities or supply chain. It includes the risk of breach of environmental obligations or internationally accepted human rights standards, and negative impacts on the natural environment or communities of people.

Refer here for further details.

 

The risk of a change in value of a Macquarie equity investment.

The business owns equity risk arising from their activities. For all material equity investments, RMG Credit is responsible for independently assessing material equity risk across the Group and for rating equity for the purposes of capital treatment.

All material equity risk positions are subject to approval by RMG and by Senior Management and/or the Board, depending on the size and nature of the risk. The Board also delegates the discretion to approve equity exposures of a certain amount to designated individuals within Macquarie.

RMG Credit monitors the overall usage of the Equity Risk Limit (ERL), the upcoming transaction pipeline, and the portfolio composition. 

The risk of knowingly or unknowingly perpetuating or helping parties to commit or to further potentially illegal activity through Macquarie. Financial crime risk encapsulates the risks of money laundering, terrorism financing, bribery and corruption, and non-compliance with sanctions.

All Operating and Central Service Groups are responsible for the management of financial crime risk arising from its activities. The RMG Financial Crime Risk (FCR) function manages and oversees financial crime risk, engages with regulators and maintains and monitors the effectiveness of global financial crime risk frameworks, programs and policies for Macquarie. RMG FCR reports regularly to Senior Management, Board Committees and the Board on Macquarie’s financial crime risk profile. 

Legal risk is the risk of failure to comply with the law; or create, maintain, perform or enforce legal obligations, including the risk of failure to appropriately maintain and govern legal entities within the Group.

Legal risks are managed through identification and assessment of legal risks, and by minimising or mitigating legal risks as far as practical. Legal risks include actual or perceived breaches of laws, regulation, as well as the risks associated with creating and enforcing contractual or legal relationships or states of affairs.

Legal and Governance Group (LGG) is responsible for oversight of legal risk for Macquarie. 

The risk that Macquarie is unable to meet financial obligations as and when they fall due.

Liquidity management is performed centrally by Group Treasury, with oversight from RMG, the Asset and Liability Committee (ALCO), and the Board.

RMG Market Risk, Treasury Risk Management provides independent oversight of FMG Group Treasury’s implementation of the liquidity risk framework.

The risk of a change in the value of Macquarie’s positions as a result of changes in market conditions.

The business owns market risk arising from their activities. RMG Market Risk is responsible for the market risk management framework and independent oversight of market risk. Oversight of the Market Risk Management Framework is provided by the Market Risk Committee.

RMG Market Risk undertakes a review of market risk taking areas and limit structures over an eighteen-month cycle to confirm that the application of the risk management framework is current for each business reviewed.

Traded Market Risk

Traded market risk is market risk arising in Macquarie’s Trading Book.

Macquarie enforces a strict ‘no limit, no dealing’ rule. Trading positions taken must be within Traded Market Risk Limits as set out in the Risk Appetite Statements and must be approved by RMG Market Risk prior to dealing.

Traded market risk exposures are monitored by RMG Market Risk and reported daily to Senior Management. Limit breaches are immediately investigated by RMG Market Risk and a resolution sought with the trading desk concerned. Breaches are reported to Senior Management and the Board in accordance with the Market Risk Limits Policy.

Value at Risk (VaR) exposures are calculated daily by RMG Market Risk, for use in the daily calculation of regulatory capital requirements. RMG Market Risk also examines daily profits and losses for consistency with limits and riskiness of position.

Interest Rate Risk in the Banking Book

Interest Rate Risk in the Banking Book (IRRBB) is the risk of loss in earnings or in the economic value of banking book items as a consequence of movements in interest rates. Macquarie has limited appetite for IRRBB as set out in the  Risk Appetite Statements.

Some residual interest rate risks are unavoidable as a result of underlying business activity. Macquarie’s policy is to hold capital against the economic value sensitivity of these residual interest rate risks. RMG Market Risk provides independent oversight of residual Interest rate risk on a monthly basis.

Risk of failure to manage internal processes, people, systems, data, records, models, suppliers, change or external events. 

Macquarie recognises that the potential for failure to manage internal process, people, systems, data, records, models, or from suppliers, change or external events can give rise to material risk events and/or impacts. 

The business is responsible for managing operational risk arising from their business activities and is required to maintain controls and procedures in place to manage these risks. RMG Operational Risk is responsible for the independent oversight of operational risk. 

Cyber and information security risk

The risk of accidental or intentional unauthorised use, modification, disclosure or destruction of technology systems or information resources, which compromises their confidentiality, integrity or availability in a way that significantly impacts the operations of a Macquarie business.

Macquarie has a dedicated, centralised team, responsible for monitoring, detecting and responding to cyber and information security risk events. Dedicated specialist teams provide expertise to the broader business and technology, perform security reviews, design and implement protection controls to prevent cyber events from occurring and minimise the impact of a cyber and information security incident.

The risk of failure to comply with laws, regulations, rules, statements of regulatory policy, and codes of conduct applicable to Macquarie’s financial services and other regulated activities.

The business is responsible for the regulatory and compliance risks arising from their business activities, and for having adequate systems, processes and controls to manage these risks.

As a diverse global financial services company, Macquarie is regulated and supervised by a significant number of regulators globally. Macquarie seeks to maintain constructive and transparent engagement with our regulators.

RMG Prudential Risk has responsibility for developing and maintaining the framework to ensure Macquarie has a consistent approach to managing regulatory engagements globally. 

The risk of Macquarie’s business model being inadequate in the medium to long term.

Strategic / business risk is managed through Macquarie’s annual strategy and business planning process. Operating and Central Service Groups are responsible for regularly reassessing their business strategy and the return for risk arising from their strategy.

The risk of failure to comply with applicable tax laws, regulations or rulings, or failure to meet other revenue authority requirements or expectations. This includes any event, conduct, action, or inaction in tax strategy, operations, financial reporting or compliance that has the potential to either adversely affect Macquarie’s tax or business objectives or result in any unanticipated or unacceptable level of monetary, financial statement or reputational loss or exposure.

Oversight of tax risk is undertaken by FMG Tax, a specialist division within Macquarie’s Financial Management Group, which is independent of the business and takes an integrated view of tax risk for the Macquarie Group as a whole. FMG Tax provides taxation support to all areas of Macquarie and manages Macquarie’s relationships with revenue authorities globally.

The risk of incidence of work-related injury, illness or disease or other events impacting health and safety of employees, contractors, visitors, and members of the public; and/or regulatory breach/failure or inspection by a health / safety regulator.

Macquarie recognises, supports, and promotes the right of every worker to return home safely from their workplace. Accordingly, we are committed to our Work Health and Safety (WHS) vision of building and promoting safe and healthy Workplaces which enable and empower people to do their best work. To achieve this, we build and maintain a safety-positive workplace culture and manage our WHS risks effectively.

The business owns WHS risk arising from their activities. RMG Operational Risk is responsible for the assessment, challenge and advice on the effective identification, evaluation and management of WHS risk.

WHS risk is governed by the WHS Policy and associated standards, procedures and processes which provide detailed requirements for businesses to ensure consistent and effective management of WHS risk.

Significant incidents and unmitigated risks are escalated to Senior Management, RMG Operational Risk and the Board as appropriate.

For further details refer to: