ITAÚ UNIBANCO HOLDING S.A. 
3Q
23
_Risk and Capital
Management - Pillar 3
Third Quarter of 2023
Itaú Unibanco Holding S.A.
Contents | |
OV1: Overview of risk-weighted assets (RWA) | 8 |
Links between financial statements and regulatory exposures | 9 |
LIA: Explanations of differences between accounting and regulatory exposure amounts | 9 |
LI1: Differences between accounting and regulatory scopes of consolidation and mapping of financial | 10 |
statement categories with regulatory risk categories | |
LI2: Main sources of differences between regulatory exposure amounts and carrying values in financial | 11 |
statements | |
PV1: Prudent valuation adjustments (PVA) | 11 |
Institutions that comprise the Financial Statement of Itaú Unibanco Holding | 12 |
Non Consolidated Institutions | 16 |
Material Entities | 16 |
Composition of Capital | 17 |
CCA: Main features of regulatory capital instuments | 17 |
CC1: Composition of regulatory capital | 18 |
CC2: Reconciliation of regulatory capital to balance sheet | 20 |
Macroprudential Indicators | 21 |
CCyB1: Geographical distribution of credit risk exposures considered in the calculation of the | 21 |
Countercyclical Capital Buffer | |
GSIB1: Disclosure of G-SIB indicators | 21 |
Leverage Ratio | 22 |
LR1: Summary comparison of accounting assets vs leverage ratio exposure measure (RA) | 22 |
LR2: Leverage ratio common disclosure | 22 |
Liquidity Ratios | 23 |
LIQA: Liquidity Risk Management Information | 23 |
Framework and Treatment | 23 |
LIQ1: Liquidity Coverage Ratio (LCR) | 24 |
LIQ2: Net Stable Funding Ratio (NSFR) | 25 |
Credit Risk | 26 |
CRA: Qualitative information on credit risk management | 26 |
CR1: Credit Quality of Assets | 27 |
CR2: Changes in Stock of defaulted loans and debts securities | 27 |
CRB: Additional disclosure related to the credit quality of assets Credit risk mitigation | 28 |
Exposure by industry | 28 |
Exposure by remaining maturity | 28 |
Overdue exposures | 29 |
Exposure by geographical area in Brazil and by country | 29 |
Largest debtors exposures | 29 |
Restructured exposures | 30 |
CRC: Qualitative disclosure related to Credit Risk Mitigation techniques | 30 |
CR3: Credit Risk mitigation techniques - overview | 31 |
CR4: Standardized Approach - Credit Risk exposure and credit risk mitigation effects | 32 |
CR5: Standardized Approach - exposures by asset classes and risk weights | 33 |
Counterparty Credit Risk (CCR) | 37 |
CCRA: Qualitative disclosure related to CCR | 37 |
CCR1: Analysis of CCR exposures by approach | 37 |
CCR3: Standardized approach - CCR exposures by regulatory portfolio and risk weights | 37 |
CCR5: Composition of collateral for CCR exposures | 38 |
CCR6: CCR associated with credit derivatives exposures | 38 |
CCR8: CCR associated with Exposures to central counterparties | 39 |
Securitization Exposures | 40 |
SECA: Qualitative disclosure requirements related to securitisation exposures | 40 |
SEC1: Securitisation exposures in the banking book | 41 |
SEC2: Securitisation exposures in the trading book | 41 |
SEC3: Securitisation exposures in the banking book and associated regulatory capital requirements - | 41 |
bank acting as originator or as sponsor | |
SEC4: Securitisation exposures in the banking book and associated capital requirements - bank acting | 41 |
as investor | |
Market Risk | 42 |
MRA: Qualitative disclosure requirements related to market risk | 42 |
MR1: Market risk under standardized approach | 44 |
MRB: Qualitative disclosures on market risk in the Internal Models Approach (IMA) | 45 |
MR2: RWA flow statements of market risk exposures under an IMA | 47 |
Exposures subject to market risk | 47 |
MR3: IMA values for trading portfolios | 47 |
MR4: Comparison of VaR estimates with gains/losses | 48 |
Backtesting | 48 |
Total Exposure associated with Derivatives | 48 |
IRRBB | 49 |
IRRBBA: IRRBB risk management objectives and policies | 49 |
Framework and Treatment | 49 |
Other Risks | 52 |
Insurance products, pension plans and premium bonds risks | 52 |
Social, Environmental and Climatic Risks | 52 |
Model Risk | 53 |
Regulatory or Compliance Risk | 53 |
Reputational Risk | 54 |
Cyber Risk | 55 |
Country Risk | 55 |
Business and Strategy Risk | 56 |
Contagion Risk | 56 |
Emerging Risks | 56 |
Operational Risk | 56 |
Crisis Management and Business Continuity | 57 |
Independent Validation of Risk Models | 58 |
Glossary of Acronyms | 60 |
Glossary of Regulations | 63 |
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
Objective
This document presents Itaú Unibanco Holding S.A. (Itaú Unibanco) information required by the Central Bank of Brazil (BACEN) through Resolution BCB nº 54 and subsequent amendments, which addresses the disclosure of information on risks and capital management, the comparison between accounting and prudential information, the liquidity and market risk indicators, the calculation of risk-weighted assets (RWA), the calculation of the Total Capital ("Patrimônio de Referência" - PR), and the compensation of management members. 1
The referred Resolution brought several amendments in the disclosure format of the Pillar 3 information, besides changes in the scope and frequency of the information disclosed. All these amendments, implemented by the Central Bank, aim the convergence of the Brazilian financial regulation to the recommendations of the Basel Committee, seeking to harmonize the information disclosed by financial institutions at an international level, and taking into account the structural conditions of the Brazilian economy.
The disclosure policy of the Risk and Capital Management Report presents the guidelines and responsibilities of the areas involved in its preparation, as well as the description of the information that must be disclosed and the integrity endorsement and approval governance, as established by the article 56 of the Resolution nº. 4,557.
Key indicators
Itaú Unibanco's risk and capital management focuses on maintaining the institution in line with the risk strategy approved by the Board of Directors. The key indicators based on the Prudential Consolidation, on September 30, 2023, are summarized below.
1Compensation of management members data is reported annually.
__________________________________________________________________________________________
Itaú Unibanco
1
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
Prudential Metrics and Risk Management
Itaú Unibanco invests in robust and company-wide risk management processes to serve as a basis for its strategic decisions intended to ensure business sustainability.
The key prudential metrics related to regulatory capital and information on the bank's integrated risk management are presented below.
KM1: Key metrics at consolidated level
In order to ensure the soundness of Itaú Unibanco and the availability of capital to support business growth, Itaú Unibanco maintains capital levels above the minimum requirements, as demonstrated by the Common Equity Tier I, Tier I Capital and Total CapitaI ratios.
On September 30, 2023, the Total Capital (PR) reached R$ 197,653 million, R$ 177,795 million of Tier I and R$ 19,858 million of Tier II.
(3)
The Total | Capital Ratio reached 16.3% at 09/30/2023, an increase of 1.2 p.p. when |
compared | to 06/30/2023 driven by the net income for the period and decrease in risk-weighted assets, driven |
by the entry into force of the BACEN Resolution No. 229 and evolution of internal models. |
__________________________________________________________________________________________
Itaú Unibanco
2
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
Besides, Itaú Unibanco has a R$ 100,465 million capital excess in relation to its minimum required Total Capital. It corresponds to 8,3 p.p. above the minimum requirement (8%) and higher than the Capital Buffer requirement of 3.5% (R$ 42,520 million). Considering the Capital Buffers, the capital excess would be 4,8 p.p.
The fixed assets ratio shows the commitment percentage of adjusted Total Capital with the adjusted permanent assets. Itaú Unibanco falls within the maximum limit of 50% of adjusted Total Capital, established by BACEN. On September 30, 2023, fixed assets ratio reached 20.3%, showing a surplus of R$ 58,676 million.
OVA - Bank risk management approach
Scope and main characteristics of risk management
To undertake and manage risks is one of the activities of Itaú Unibanco. For this reason, the institution must have clearly established risk management objectives. In this context, the risk appetite defines the nature and the level of risks acceptable for the institution, while the risk culture guides the attitudes required to manage them. Itaú Unibanco invests in robust risk management processes, that are the basis for its strategic decisions to ensure business sustainability and maximize shareholder value creation.
These processes are in line with the guidelines of the Board of Directors and Executives who, through corporate bodies, define the institution's global objectives, which are then translated into targets and thresholds for the business units that manage risks. Control and capital management units, in turn, support Itaú Unibanco's management through the processes of analysis and monitoring of capital and risk.
The principles that provide the risk management and the risk appetite foundations, as well as guidelines regarding the actions taken by Itaú Unibanco's employees in their daily routines are as follows:
- Sustainability and customer satisfaction: the vision of Itaú Unibanco is to be a leading bank in sustainable
performance and customer satisfaction. For this reason, the institution is concerned about creating shared values for employees, customers, shareholders and society to ensure the longevity of the business. Itaú Unibanco is concerned about doing business that is good for customers and for the institution;
- Risk culture: the institution's risk culture goes beyond policies, procedures and processes. It strengths the
individual and collective responsibility of all employees to manage and mitigate risks consciously, respecting the ethic way of doing business. The risk culture is described in the item "Risk Culture";
- Risk Pricing: Itaú Unibanco operates and assumes risks in business that it knows and understands, avoids
the ones that are unknown or that do not provide competitive advantages, and carefully assesses risk-return ratios;
- Diversification: the institution has low appetite for volatility in its results. Accordingly, it operates with a
diversified base of customers, products and business, seeking risk diversification and giving priority to low-risk transactions;
- Operational excellence: Itaú Unibanco intends to provide agility, as well as a robust and stable infrastructure, in order to offer high quality services;
- Ethics and respect for regulations: at Itaú Unibanco, ethics is non-negotiable. For this reason, the
institution promotes an institutional environment of integrity, educating its employees to cultivate ethical relationships and businesses, as well as respecting the norms, and therefore looking after the institution's reputation.
Since August, 2017, the Resolution CMN 4,557 came into force, which established the structure of risk and capital management. The resolution highlights are the implementation of a continuous and integrated risk management framework; the requirements for the definition of the Risk Appetite Statement (RAS) and the stress test program;
__________________________________________________________________________________________
Itaú Unibanco
3
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
the establishment of a Risk Committee; the indication, before BACEN, of the Chief Risk Officer (CRO); and the CRO's roles, responsibilities and independence requirements.
Risk and Capital Governance
The Board of Directors is the main body responsible for establishing the guidelines, policies and authority levels regarding risk and capital management. In turn, the Risk and Capital Management Committee (CGRC) provides support to the Board of Directors in the performance of their duties relating to risk and capital management. At the executive level, corporate bodies headed by Itaú Unibanco's Chief Executive Officer (CEO) are established to manage risks and capital. Their decisions are overseen by the CGRC.
Additionally, the Itaú Unibanco Holding has corporate bodies that perform delegated duties in the risk and capital management, under the responsibility of the CRO (Chief Risk Officer).
To support this structure, the Risk Area is structured with specialized departments. The objective is to provide independent and centralized management of the institution's risks and capital, and to ensure the accordance with the established rules and procedures.
Itaú Unibanco's risk management organizational structure complies with Brazilian and international regulations in place and is aligned with the market's best practices, including governance for identifying emerging risks, which are those with medium and long-term impact potentially material about the business.
Responsibilities for risk management at Itaú Unibanco are structured according to the concept of three lines of defense, namely:
- in the first line of defense, the business and corporate support areas manage risks they give rise to, by identifying, assessing, controlling and reporting such risks;
- in the second line of defense, an independent unit provides central control, so as to ensure that Itaú
Unibanco's risk is managed according to the risk appetite and established policies and procedures. This centralized control provides the Board and executives with a global overview of Itaú Unibanco's exposure, to ensure correct and timely corporate decisions;
- in the third line of defense, internal audit provides an independent assessment of the institution's activities,
so that senior management can see that controls are adequate, risk management is effective and institutional standards and regulatory requirements are being complied with.
Itaú Unibanco uses robust automated systems for full compliance with capital regulations, as well as for measuring risks in accordance with the regulatory determinations and models in place. It also monitors adherence to the qualitative and quantitative regulators' minimum capital and risk management requirements.
Risk Culture
Aiming at strengthening its values and aligning the behavior of its employees with risk management guidelines, the institution adopts several initiatives to disseminate and strengthen a culture that values and encourages conscious risk taking, discussions and actions on the institution's risks, and each and everyone's responsibility for risk management.
Besides the risk management policies, procedures and processes, the institution has as a central element of its Corporate Culture the message "Ethics is non-negotiable". Behavioral guidelines, also described in this culture, reinforce and strengthen the Conglomerate's risk management behavior by emphasizing a behavior that helps people of all company levels to undertake and manage risks in a conscious way. By disseminating these principles, the institution fosters the understanding and the open discussion about risks, so that they are kept within the risk appetite levels established and each employee individually, regardless of their position, area or duties, may also assume responsibility for managing the risks of the business.
__________________________________________________________________________________________
Itaú Unibanco
4
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
Itaú Unibanco also makes some channels available for communication of operating failures, internal or external fraud, conflicts at the workplace, or cases that may result in inconveniences and/or losses for the institution or its customers. All employees or third parties are responsible for informing any problems immediately, as soon as they become aware of the situation.
Risk Appetite
Itaú Unibanco has a risk appetite policy, which was established and approved by the Board of Directors and guides the institution's business strategy. The bank's risk appetite is grounded on the following declaration of the Board of Directors:
"We are a universal bank, operating predominantly in Latin America. Supported by our risk culture, we operate based on rigorous ethical and regulatory compliance standards, seeking high and growing results, with low volatility, by means of the long-lasting relationship with clients, correctly pricing risks, well-distributedfund-raising and proper use of capital."
Based on this declaration, the bank established six dimensions, each of which comprising a set of metrics associated with the key risks involved, combining complementary measurements and seeking a comprehensive view of its exposure:
- Capitalization: establishes that Itaú Unibanco should have sufficient capital to protect itself against a
serious recession or stress events without the need to adjust its capital structure under adverse circumstances. It is monitored by following up the bank's capital ratios, in usual or stress situations, and the institution's debt issue ratings.
- Liquidity: establishes that the institution's liquidity should be able to support long stress periods. It is monitored by following up on liquidity ratios.
- Composition of results: establishes that business will mainly focus on Latin America, where Itaú Unibanco
will have a diversified range of customers and products, with low appetite for results volatility and high risk. This dimension includes business and profitability, as well as market risk and IRRBB, underwriting and credit risk, including social, environmental and climate dimensions. The metrics monitored by the bank seek to ensure, by means of exposure concentration limits such as, for example, industry sectors, quality of counterparties, countries and geographic regions and risk factors, a suitable composition of the bank's portfolios, aiming at low volatility of results and business sustainability.
- Operational risk: focuses on controlling operational risk events that may adversely impact the bank's
business strategy and operations. This control is carried out by monitoring key operational risk events and incurred losses.
- Reputation: deals with risks that may impact brand value and the institution's reputation before its
customers, employees, regulators, investors and the general public. In this dimension, risks are monitored by observation of the institution's conduct.
- Customer: addresses risks that may compromise customer satisfaction and experience, and is monitored by tracking customer satisfaction, direct impacts on customers, and suitability indicators.
The Board of Directors is responsible for approving risk appetite guidelines and limits, performing its activities with the support of the Risk and Capital Management Committee (CGRC) and the Chief Risk Officer (CRO).
Metrics are regularly monitored and must comply with the limits defined. The monitoring is reported to the risk commissions and to the Board of Directors, guiding the use of preventive measures to ensure that exposures are within the limits provided and in line with the bank's strategy.
__________________________________________________________________________________________
Itaú Unibanco
5
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
Stress Testing
The stress test is a process of simulating extreme economic and market conditions on Itaú Unibanco's results, liquidity and capital. The institution has been carrying out this test in order to assess its solvency in plausible scenarios of crisis, as well as to identify areas that are more susceptible to the impact of stress that may be the subject of risk mitigation.
For the purposes of the test, the economic research area estimates macroeconomic variables for each stress scenario. The elaboration of stress scenarios considers the qualitative analysis of the Brazilian and the global conjuncture, historical and hypothetical elements, short- and long- term risks, among other aspects, as defined in CMN Resolution 4,557.
In this process, the main potential risks to the economy are assessed based on the judgment of the bank's team of economists, endorsed by the Chief Economist of Itaú Unibanco and approved by the Board of Directors. Projections for the macroeconomic variables (such as GDP, the basic interest rate and inflation) and for variables in the credit market (such as raisings, lending, rates of default, margins and charges) used are based on exogenous shocks or through use of models validated by an independent area.
Then, the stress scenarios adopted are used to influence the budgeted result and balance sheet. In addition to the scenario analysis methodology, sensitivity analysis and the Reverse Stress Test are also used.
Itaú Unibanco uses the simulations to manage its portfolio risks, considering Brazil (segregated into wholesale and retail) and External Units, from which the risk-weighted assets and the capital and liquidity ratios are derived.
The stress test is also an integral part of the ICAAP (Internal Capital Adequacy Process), the main purpose of which is to assess whether, even in severely adverse situations, the institution would have adequate levels of capital and liquidity, without any impact on the development of its activities.
This information enables potential offenders to the business to be identified and provides support for the strategic decisions of the Board of Directors, the budgeting and risk management process, as well as serving as an input for the institution's risk appetite metrics.
Recovery Plan
In response to the latest international crises, the Central Bank issued the Resolution No. 4,502, which requires the development of a Recovery Plan for the financial institutions that are classified in the Segment 1, with a total exposure of more than 10% of Gross Domestic Product (GDP). This plan aims to reestablish adequate levels of capital and liquidity, above the regulatory requirements, through appropriate strategies in the event of severe stress shocks of a systemic or idiosyncratic nature. Accordingly, each institution would be able to preserve its financial feasibility and, at the same time, mitigate the impact on the National Financial System.
Itaú Unibanco has a Recovery Plan that contemplates the entire Conglomerate, including foreign subsidiaries, and contains the description of the following items:
- Critical functions rendered by Itaú Unibanco to the market, activities that, if abruptly interrupted, could impact the National Financial System (SFN) and the functioning of the real economy;
- Institution's essential services: activities, operations or services which discontinuity could compromise the bank's viability;
- Monthly monitoring program, establishing critical levels for a set of indicators, with a view to risk monitoring and eventual trigger for the execution of the Recovery Plan;
IV. Stress scenarios, contemplating events that may threaten the business continuity and the viability of the institution, including reverse tests, which seek to identify remote risk scenarios, contributing to an increase of the management sensitivity;
-
Recovery strategies in response to different stress scenarios, including the main risks and barriers, as well as the mitigators of the latter and the procedures for the operationalization of each strategy;
__________________________________________________________________________________________
Itaú Unibanco
6
Risk and Capital Management - Pillar 3
__________________________________________________________________________________________
VI. | Communication plan with stakeholders, seeking its timely execution with the market, regulators and other |
stakeholders; | |
VII. | Governance mechanisms necessary for the coordination and execution of the Recovery Plan, such as the |
definition of the director responsible for the exercise at Itaú Unibanco.
This plan is reviewed annually and is subjected to the approval of the Board of Directors.
With this practice, Itaú Unibanco has been able to continuously demonstrate, that even in severe scenarios, with remote probability of occurrence, it has strategies capable of generating sufficient resources to ensure the sustainable maintenance of critical activities and essential services, without losses to customers, to the financial system and to other participants in the markets in which it operates.
Itaú Unibanco ensures the exercise maintenance to guarantee that strategies remain up-to-date and viable in the face of organizational, competitive or systemic changes.
Capital Adequacy Assessment
For its capital adequacy assessment process, the annual Itaú Unibanco's procedure is as follows:
•
•
•
•
•
Identification of material risks and assessment of the need for additional capital;
Preparation of the capital plan, both in normality and stress situations;
Internal assessment of capital adequacy;
Structuring of capital contingency and recovery plans;
Preparation of management and regulatory reports.
By adopting a prospective stance regarding capital management, Itaú Unibanco implemented its capital management structure and its ICAAP in order to comply with National Monetary Council (CMN) Resolution 4,557, BACEN Circular 3,846 and BACEN Circular Letter 3,907.
The result of the last ICAAP, which includes stress tests - dated as of December 2022 - showed that, in addition to having enough capital to face all material risks, Itaú Unibanco has a significant buffer, thus ensuring the soundness of its equity position.
Capital Adequacy
Itaú Unibanco, through the ICAAP process, assesses the adequacy of its capital to face the incurred risks, composed by regulatory capital for credit, market and operational risks and by the necessary capital to face other risks. In order to ensure the soundness and the availability of Itaú Unibanco's capital to support business growth, the Total Capital levels were maintained above the minimum requirements.
__________________________________________________________________________________________
Itaú Unibanco
7
Attachments
- Original Link
- Original Document
- Permalink
Disclaimer
Itaú Unibanco Holding SA published this content on 06 November 2023 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 06 November 2023 22:11:32 UTC.
