CRO Tan Teck Long
The Board and senior management drive a robust process to identify and monitor our top and emerging risks, which include credit, market, liquidity, capital and technology risks.
In 2018, we focused our attention on the following four areas (i) Credit risk and portfolio management, (ii) Compliance and regulatory risk, (iii) Cyber security, and (iv) Data protection.
We started the year with optimism that the global growth momentum from 2017 would continue, supported by strong US growth, buoyant equity markets and a rebound in oil prices. The optimism abated in the second half of the year as an escalation of US-China trade tensions exacerbated the risks from China’s ongoing deleveraging of its corporate sector. In addition, there were widespread concerns about the increased pace of US interest rate hikes and depreciation of emerging market currencies.
As a consequence of the growing headwinds, we heightened vigilance over our credit portfolio. We also conducted thematic portfolio reviews based on the risks that had emerged in the second half of 2018. These included detailed analyses of our China, India and Indonesia exposures.
We grew our overall portfolio by 7% during the year and while idiosyncratic risks cannot be completely eliminated, we remain comfortable with its quality. Our portfolio is diversified across industry and business segments, with more than 70% of corporate and institutional exposure to investment-grade borrowers.
There were local developments in the real estate markets in Singapore and Hong Kong, where the majority of our property exposures is. An additional round of property cooling measures in Singapore weakened market sentiment in July. The quality of our portfolio remained strong, with an average loan-to-value ratio of less than 60%. Our exposures to the building and construction as well as developer sectors were also healthy as they were primarily to well-established developers and diversified across the residential, commercial, office and industrial sub-sectors. In Hong Kong, housing prices began correcting in the second half of the year. Our portfolio has remained stable over the past few years. Our loans were well-collateralised with approximately 90% having a loan-to-value ratio under 50%, providing protection against any price correction.
We continue to see loan growth, driven by our corporate customers’ acquisitions in the London and Australia real estate markets, particularly in the office, hospitality and logistic sub-sectors.
Given ongoing macroeconomic challenges, we will continue to exercise prudence in our client selection and credit underwriting criteria.
Reimagining new approaches to managing financial crime risk remained our priority during the year. We developed advanced analytic models for surveillance and implemented various automation initiatives. To continue this journey, we beefed up our resourcing in technology and operations. We actively participated in Singapore’s Anti Money Laundering/ Countering the Financing of Terrorism (AML/ CFT) Industry Partnership initiative and steered the most recent publication on the use of data analytics.
In 2017 and 2018, we enhanced our capabilities to detect potential sanctions evasion, with focus on North Korea and Iran. Amongst other measures, we tightened controls around shipping routes and reviewed economic linkages to help us identify potential areas for further assessment.
We made significant progress on the client suitability agenda, which seeks to ensure fair outcomes when our clients invest in financial products. We reviewed our remuneration policy and tightened controls to align with a broader conduct agenda and added a conduct mandate to our Group Fair Dealing and Conduct Committee. This committee tracks metrics on fair dealing and conduct, as well as actions taken in response to incidents or trends which raise concerns.
It has become increasingly clear that technology plays a more significant role in our cyber defence strategy. Multi-layered defences combining innovative technology solutions, such as virtual web browsing isolation and micro-network segregation, were adopted to reduce entry points for potential cyber attacks. We also developed user behaviour analytics to detect and respond swiftly in the event of an attack. Our employees participated in a training and awareness campaign on cyber hygiene and cyber risks. We will continue to enhance cyber security capabilities to protect our data and maintain high reliability hygiene of our technology environment.
We developed a framework for the responsible use of data, which seeks to ensure that DBS’ analytics processes and the ensuing conclusions are applied appropriately, in accordance with legal standards and societal expectations. DBS is also the first bank in Singapore to be certified with the Data Protection Trustmark. The certification is testament to the fact that we have accountable and responsible data protection practices.
Given our multiple customer touchpoints and also in light of the risks evolving from a fast-changing digital landscape, we piloted an ecosystems risk management framework to ensure that DBS data transmitted to an ecosystem partner would be managed according to DBS’ standards.
We expect to continue with our sustained efforts in ensuring cybersecurity and protecting our employee and customer data in 2019.
Overall, we believe our risk processes and policies are sound and continue to be in good stead.
Read more about our principal risks and risk management approach here.
Tan Teck Long
Chief Risk Officer
DBS Group Holdings
