FUIB has an effective risk management system, that meets the requirements of the NBU Regulation No. 64 dated June 11, 2018 "On the Organization of the Risk Management System in Ukrainian Banks and Banking Groups". The risk management system is part of the overall corporate management system of the bank and is aimed at ensuring the stable development of the bank within the framework of the implementation of the bank's development strategy in all areas of business.

To implement all the requirements of the NBU, the following internal regulatory documents have been developed by FUIB: ​

1.  Declaration of risk exposure. The document defines: 

- the aggregate level of risk appetite and the types of risks that the bank intends to take and hold to achieve its business goals

- the maximum level of risk acceptable for the bank based on the amount of available resources (capital and liquidity needs);

- quantitative and qualitative indicators by types of material risks;

- individual level of risk appetite for each type of material risk;

- types of risks that the bank should avoid.

2. Risk Management Policy and Risk Management Strategy. The documents regulate the organization of a clear process for effective risk management by setting limits and thresholds for each type of risk, which aims to implement a systematic process of identifying, measuring, monitoring, controlling, reporting and mitigating all types of risks at all organizational levels of the bank.

To ensure the stability and security of the bank's business, along with the risk management system, the internal control system (ICS) has been implemented, which is regulated by the internal regulatory document "Policy on Organization of the Internal Control System". The document fully complies with the requirements of the NBU Regulation No. 88 dated July 2, 2019 "On Organization of the Internal Control System in Ukrainian Banks and Banking Groups". The ICS is based on the model of three lines of defense.

The first line of defense includes business and support units of the bank. The second line is the risk management and compliance departments. On the third line, the Internal Audit Department evaluates the effectiveness of the risk management system by the units of the first and second levels of protection and assesses the effectiveness of the internal control system.

The 3 lines of defense provide:

• Risk identification. The bank's structural units that carry out banking operations and provide their support are involved in the process of identifying, assessing and monitoring risks, comply with the requirements of internal regulations on risk management, and take into account the level of risk in the course of operations.
• Risk management. The Risk Management and Compliance Control departments develop risk management mechanisms and methodology, assess and monitor the level of risks, prepare risk reports, perform aggregate risk assessment, and evaluate the ratio of risk to the established risk appetite.
• Internal audit. It conducts an independent assessment of the effectiveness of the risk management system, corporate governance and internal control system, identifies violations and makes proposals for improving the risk management system.

To control and timely respond to any events that may affect the sustainable development of the bank, monthly, quarterly and annual reports are provided, which are reviewed by the Management Board and the Supervisory Board of the bank. To regulate social issues, FUIB has developed and implemented the following regulatory documents:

• Code of Corporate Ethics
• Anti-corruption program
• Code of Corporate Governance
• Regulations on the settlement of conflicts of interest
• Procedure for organizing the work of the SCM trust line
• Financial monitoring rules
• Procedure for giving and receiving gifts and invitations
• Procedure for staff training
• Procedure for the formation of the staffing table

​ With regard to environmental issues, FUIB decided to develop ESG direction. Thus, the Declaration of Risk Exposure records the impact of climate risks on credit risks of corporate clients regarding the loss of collateral, borrower default, lack of insurance of collateral; and operational risks regarding the loss of property and/or suspension of the bank's operations (direct impact of natural factors on business continuity is assessed) as a result of natural disasters. In 2021, FUIB developed and approved the concept of climate risk management. This is a new direction that will be developed in the bank as part of the Risk Management System.

In 2021, the main risks were related to ensuring business continuity in the context of COVID-19. We implemented measures that allowed us to work efficiently and without slowing down the pace of business. At the same time, the bank's clients were provided with comfortable and reliable remote and branch services.

For 2022, the list of the bank's material risks has not changed, but the causes of these risks have changed since February 24, 2022. Thus, for credit and operational risks, the main reasons for their growth were military operations and the introduction of martial law in Ukraine. Credit risks also increased due to the loss of customer solvency during the war. 78% of all actual losses from operational risk in 2022 were losses of property and assets due to hostilities.

Back in January 2022, FUIB developed and approved a clear response plan for all types of material risks in the event of a threat of hostilities. In terms of credit risks, algorithms for suspending customer lending and debt restructuring scenarios were developed in advance and implemented in March 2022 to reduce the credit burden on Ukrainian individuals and legal entities. To prevent the loss of property and assets, emergency evacuation plans for valuables and personnel were developed, as well as to ensure the continuous operation of critical processes and systems. As a result, the bank's losses were recorded only in the occupied territories and in the territories of hostilities for property that could not be evacuated due to significant danger and for buildings that were damaged or destroyed as a result of shelling.

Policy of risks management