Transaction governance in wholesale banks – review

A clear framework and governance process for considering risks from transactions is an important aspect of wholesale banks’ risk management.

This multi-firm review will be of interest to wholesale banks.

The most robust firms demonstrated clear awareness of their risk appetite and robust risk ownership throughout both first and second lines of defence.

Firms’ risk appetite statements generally covered financial risks more clearly and comprehensively than non-financial risks.

Approaches to reputational risk varied significantly:

Best practices: some firms set out their reputational risk appetite in detail, defining it both qualitatively and quantitatively and with clear escalation thresholds and risk appetite monitoring.

Weakest approaches: reputational risk received only cursory treatment in the firms’ risk appetite statements. The absence of a clear and central definition creates the risk of greater inconsistency in decision making and may make oversight by senior management more difficult.

Transaction governance structures varied significantly across firms, reflecting different business models and group structures.

All firms – except one - provided an organogram and process chart outlining key elements of their transaction governance framework. These structures were generally well understood by those involved in the process.

In the outlying case, some senior officers struggled to provide an overview of the framework.

In all firms we reviewed, the greater part of deal screening work took place at the pre-committee stage. This stage involved:

• Routine processing for straightforward transactions.
• Extensive work by first and second lines of defence on more complex transactions, ensuring they were properly prepared for committee review.

This can be a critical stage for:

• Identifying risks.
• Identifying potential mitigants and conditions to apply.
• Refining transactions before committee presentation.
• It is also at this stage that the majority of transaction rejections take place.

One firm stood out for its comprehensive documentation, providing detailed records of early-stage rejections and referrals. However, more generally, across the sample, early-stage informal committees, discussions and processes were not well documented.

While we do not mandate a specific approach, senior managers may want to consider whether they are comfortable with the balance between encouraging early-stage views from a range of stakeholders and tracking early-stage discussions, particularly those which can provide valuable reference points for revisiting transactions or considering similar future activities.

Committees were chaired by either second-line representatives or independent first-line personnel – not by those from the originating business department, avoiding conflicts of interest.

In one instance, a decision was made without a quorate committee. While on this occasion it didn’t give rise to issues, lapses in procedures may impair the quality of decision-making and increase the risk of poorer outcomes.

In better deal memos, the first line of defence put forward the business case and analysed risks, and the second line of defence challenged and enhanced the risk assessment and proposed conditions before the transaction could go ahead.

Less satisfactory deal memos or deal checklists appeared to be a tick-box exercise with limited assessment of risks by the first line and limited quality assurance by management.

In one case, the first line of defence submitted a deal checklist which listed no risks for a transaction. The committee approved the transaction. Later, the second line of defence identified several risks, leading to a cut in limits for the transaction. These risks ought to have been identified earlier in the process by the first line as the transaction related to a long-standing client whose risk profile was well known.

In one case, a committee approved in principle a particular client and its anticipated transactions. This allowed proper due diligence to be conducted and risks to be considered so that future short notice decisions immediately before issuance were fully informed and could be taken quickly.

More generally, deals were resubmitted to committees when:

• The approval period expired, or
• There were material changes in circumstances between approval and execution.

Some transactions – typically renewals of past approvals or for logistical reasons – were reviewed and approved via email. Senior managers may wish to consider:

• What data should be included in email approvals.
• Which transaction types are suitable for offline review, given the benefits of in-person or virtual committee discussions for challenge, condition-setting, and documentation.

The form and level of detail in committee minutes varied widely across firms and committees. Clear, comprehensive and timely minutes strengthen audit trails and accountability.

A significant number of transactions submitted to formal committees were approved with conditions. While previous reviews identified weaknesses in tracking these conditions, this review found that committees generally ensured their implementation. 

We observed firms using technology to improve operational rigour and reduce operational risk. One effective example was the use of a workflow tool which:

• Enhanced record-keeping and tracking of condition implementation, and
• Created structural barriers, ensuring key conditions were met before deal execution.

Better firms demonstrated evidence of comprehensive management information (MI).

In weaker cases, significant gaps included:

• Not providing timely MI on reputational risk arising from transactions.
• Failures in documenting aggregate reputational risk.

We observed strengthened governance for overseas-originated transactions booked into the UK. Firms should consider whether they have appropriate UK representation on cross-border committees and in cross-border processes, and if ownership of the transactions and their risks is clear.    

In most cases, UK representatives had clear authority to impose conditions or veto decisions and could demonstrate effective risk acceptance.

In one instance, UK transaction governance representatives were not well integrated into the overseas process.