Prinsippene for risikostyring i Norges Bank Investment Management er basert på at investeringsvirksomheten er forskjellig fra de andre funksjonene som Norges Bank utfører i sin rolle som sentralbank. Risikoen forbundet med investeringsvirksomheten skiller seg dermed fra risikoen forbundet med Norges Banks øvrige funksjoner. Prinsippene tar for seg måten porteføljen skal forvaltes på med hensyn til håndtering av risiko og reflekterer NBIMs målsetning og holdning til risikostyring. Styring av risiko skal integreres i NBIMs forretningsprosesser, i strategiplanleggingen og i prosedyrene for endringshåndtering. Prinsippene skal i tillegg omfatte tiltak for å kontrollere og validere gjeldende risikobilde og gi en oversikt over de kontrolltiltakene som er iverksatt for å Kontrollere risikoen.
Dokumentet finnes bare på engelsk.
1. Purpose and objective
These principles represent our objectives and commitment to management of risk in the Government Pension Fund Global (the fund). Management of risks shall be embedded in Norges Bank Investment Management’s (NBIM) practices and business processes, strategic planning, and change management procedures. Measures shall be implemented for on-going control and validation of the status of risks and the controls put in place to manage risk.
NBIM shall have an approach to risk management that is:
- tailored to Norges Bank’s specific tasks and responsibilities and takes into account the distinguishing features of Norges Bank as a government institution;
- balanced with regard to return and risk in the management of the fund;
- systematic and structured throughout the organisation;
- integrated into the processes and internal decision making; and
- compliant with legal and regulatory requirements as well as guidelines laid down by the fund owners.
The approach to risk management applies similarly to all investments, unless a separate approach is required due to the objectives, investment universe or risk profile.
2. Roles and responsibilities
The investment management activities carried out by NBIM shall be organised to ensure an appropriate segregation of duties.
There shall be segregation of duties between the operational management activities (1st line of defence) and the risk management and control functions (2nd line of defence). Norges Bank’s internal and external auditors (3rd line of defence) perform independent reviews of NBIM’s investment management activities.
3. Risk identification and assessment
NBIM shall have clear methodologies and processes to identify and capture risks.
Every asset and liability shall be valued according to its fair value at the time of measurement and in accordance with the International Financial Reporting Standards (“IFRS”) methodology.
Performance measurement shall be calculated and presented in accordance with Global Investment Performance Standards (“GIPS”).
All new investment activities or significant strategic or operational changes (e.g. changes in business policies, providers, systems or organisational structure) shall be subject to an assessment in order to identify potential risks. Prior to the implementation of investments in new instruments or markets, a thorough and documented risk assessment process must be completed. In each individual case the risk assessment must provide an overview of the relevant issues relating to valuation, return measurement, as well as the management and control of risks associated with the investment activities.
All unlisted investments shall be subject to due diligence. The due diligence process shall include relevant risk assessments, such as market risk, liquidity risk, credit risk, counterparty risk, operational risk, legal risk, tax risk and technical risks. The process shall also include assessments of health, safety, environmental, social and governance risk factors, including risks relating to handling of various stakeholders affected by the investment. The process shall include an assessment of whether necessary systems and procedures are in place to manage the investment properly. The process and risk assessments must be documented. All unlisted investments shall be subject to formal approval.
4. Risk classes
NBIM shall apply an effective framework for enterprise risk management. Enterprise risk is defined as all risks affecting NBIM’s organisation and business. Enterprise risk management (ERM) is defined as the culture, capabilities, and practices, integrated with strategy-setting and its execution, that the organisation relies on to manage risk in creating, preserving, and realizing value.
The framework for enterprise risk management shall include strategic risk, investment risk and operational risk as the main risk classes. Each risk class is further defined below.
Reputational impact shall be considered as a consequence applied across all risk classes.
Reputational impact shall be considered for strategic risks, investment risks and operational risks, as defined by NBIM’s risk matrix with the set probability/frequency and consequence scales. In addition, financial impact shall be considered for investment risks and operational risks.
5. Strategic risk
Strategic risk is defined as the risk of not achieving strategic objectives as set out in the strategy plan. Through enterprise risk management, NBIM shall evaluate both risks and opportunities related to the strategic objectives.
Strategic risks shall be identified, and the implications for the overall risk profile shall be considered. Risks related to executing the strategy shall be reflected in identified, assessed and managed investment risks and operational risks according to specified limits and thresholds.
The identification and assessment of strategic risks shall be an integrated part of the enterprise risk management framework, and strategic risks shall be assessed and updated through the ongoing monitoring of the strategy plan.
6. Investment risk
Investment risk is defined as the risk of events affecting the return of our investments. Investment risk includes market risk, credit risk and counterparty credit risk. Assessment of environmental, social and corporate governance (ESG) risks shall be integrated into the investment management process. ESG risks are to be considered in accordance with the Principles for responsible investment management in NBIM.
Specific risk limits and requirements for each investment risk category are laid down by the Executive Board.
Market risk is defined as the risk of change in market value of the fund as a result of movements in financial market variables.
Market risk shall be managed through the establishment of specified limits allocated to investment strategies through the issuance of investment mandates.
NBIM shall apply complementary market risk measurement methods to capture relevant market risk. The main dimensions of market risk are: benchmark deviation and concentration risk, volatility/correlation risk, factor risk and liquidity risk.
To the extent possible, similar methods and principles should be applied across all asset classes and be in accordance with internationally recognized standards. Within each market risk dimension the measurement methodology applied should decompose the risk to adequate levels of detail and be measured at regular intervals.
For ex-ante volatility and correlation measurement, NBIM shall apply methods, parameters and confidence intervals according to the investment strategies and risk prediction horizon. The ex-ante tracking error estimate reported to the Ministry of Finance shall be calculated by using weekly price observations over a 3 year period with equal weight. Instruments not appropriately modelled by risk measurement systems shall be limited and documented. NBIM shall compare risk predictions with the realized portfolio returns and/or portfolio losses (back testing).
NBIM shall perform stress testing from a market risk perspective. Such tests shall constitute both historic market events as well as scenarios for market risk factors. The expected shortfall estimate reported to the Executive Board shall be calculated using weekly price observations starting in January 2007 with a confidence level of 97.5 percent.
NBIM must document that the market risk is within the risk limits laid down by the Executive Board.
Credit risk is defined as the risk that the issuer of a security may default on interest and/or principal payments or become bankrupt.
To the extent possible, the risk principles apply equally to the absolute and the relative credit risks of the portfolios.
Credit risk shall be managed through establishment of specified limits allocated to investment strategies through the issuance of investment mandates.
NBIM shall establish complementary credit risk measurement methods to capture relevant credit risk in the management of the portfolios. The two main dimensions of credit risk are: single issuer credit risk and portfolio credit risk.
Credit risk shall be measured in accordance with internationally recognized standards. Within each credit risk dimension the measurement methodology applied should decompose the risk to adequate levels of detail and be measured at regular intervals.
Instruments not appropriately modelled by credit risk measurement systems shall be limited and documented.
NBIM shall perform stress testing on the fixed income portfolios from a credit risk perspective.
NBIM shall document that the credit risk is within the risk limits laid down by the Executive Board.
Counterparty credit risk
A counterparty is defined as a financial institution or company that transacts with or is approved by NBIM for transacting in financial instruments or unlisted investments. The definition includes custodian and sub-custodian banks as well as third parties that hold cash for NBIM deriving from unlisted investments.
Counterparty credit exposure is defined as the cost of replacing the value of a transaction or a number of transactions entered into with a counterparty due to the counterparty’s non-payment or default under its obligation towards Norges Bank. NBIM shall perform stress testing of counterparty exposure.
Counterparty credit risk is defined as the risk of financial loss if a counterparty defaults. Counterparty credit risk is managed through limits in investment mandates.
Counterparty credit risk shall be measured in accordance with internationally recognized standards. The measurement methodology applied shall calculate counterparty risk exposure, and shall be measured on instrument group, legal entity and counterparty group level. Counterparty risk exposure shall be measured and reported at regular intervals.
NBIM shall have in place routines and systems for selection and evaluation of counterparties. Furthermore, NBIM shall have documented processes for handling of collateral and netting arrangements.
There are certain investment activities that cut across risk categories where additional considerations are required. NBIM shall define the purpose and objectives of such activities and establish limits in investment mandates. The list of approved counterparties shall identify counterparties permitted to be used by NBIM in relation to each of the activities. The activities are:
NBIM shall measure and manage leverage. Leverage beyond what is necessary to minimise transaction costs or is a natural part of normal investment management, is not permitted for management of the listed portfolio. The debt ratios of the unlisted portfolios and investments shall be managed through limits in investment mandates.
Use of derivatives
Derivatives shall be integrated in market, credit and counterparty credit risk measurement and management. NBIM shall establish specific monitoring of the use of derivatives in the management of the fund, in particular for short positions in non-linear instruments;
Securities lending shall be managed through agreements that ensure adequate handling of collateral. NBIM shall establish collateral criteria as well as reinvestment guidelines for cash collateral. NBIM shall measure and monitor both the lent portfolio and the collateral portfolio on a regular basis;
Sale of securities that the funds do not own (short selling) may take place only in cases where NBIM has access to an established borrowing arrangement. NBIM shall establish special monitoring of shorting.
7. Operational risk
Operational risk is defined as the risk of an unwanted operational event with financial or reputational impact. The unwanted event may arise from breakdown of internal processes, human error, system failure or other events caused by third parties or other external factors.
Operational risk management in NBIM shall be systematic and structured. Operational risk management shall address uncertainty and be part of the decision-making processes in NBIM. Operational risk management shall create value as an integral part of NBIM’s processes and support continual improvement of all processes.
NBIM shall establish a policy statement for operational risk management, supported by a framework for operational risk management. The framework shall be based on internationally recognised standards and frameworks.
Operational risk tolerance for NBIM shall be defined with respect to financial and reputational risk management objectives. There shall be less than 20 per cent probability that operational risks result in gains and losses totalling 750 million kroner or more for NBIM over a 12-month period. The operational risk tolerance level shall be reviewed periodically by the Executive Board. The risk tolerance for individual financial (quantitative) and reputational (qualitative) risks shall be defined by the risk matrix and probability/frequency and consequence scales. Critical operational risks are outside NBIM’s operational risk tolerance. The Chief Executive Officer of NBIM may accept significant operational risks without further mitigating actions. However, the Executive Board shall be informed of all significant operational risks.
NBIM shall periodically measure the total financial exposure for operational risks and maintain separate scales for probability and consequence of individual risk factors.
Critical and significant risks shall be targeted by NBIM with relevant internal controls and/or actions to reduce the risk level. This shall be done through reducing the probability of the event occurring and / or reducing the expected consequence. Risks with very high consequence and very low probability shall be targeted by business continuity plans and procedures. Critical and significant operational risks together with risk mitigation actions and controls shall be monitored and followed-up.
An operational incident is defined as an unwanted operational event that has occurred.
Operational incidents shall be recorded and followed-up in a structured manner. The severity of operational incidents shall be assessed for financial and reputational impact.
8. Tax Management
As part of the obligation to seek the highest possible return for the fund after costs, NBIM shall manage risks associated with tax and in doing so NBIM shall:
- Comply with applicable local laws, consider standards published by international organisations such as the OECD and other appropriate bodies, and seek to follow prudent market practice.
- Be transparent regarding tax matters, support developments in international standards and consider global tax trends.
- Have in place processes that ensure tax risks associated with the investments are assessed and managed appropriately in accordance with the wider risk management framework.
- Ensure that in accordance with local laws and administrative procedures taxes properly due are paid and taxes not properly due are relieved.
- Protect the tax position that the fund is entitled to obtain as a sovereign Norwegian investor.
The fund’s unlisted investments require bespoke structures to address the need for operational efficiency and liability management as well as regulatory, tax and commercial factors. When investing by means of such structures, NBIM shall:
- Ensure a high degree of certainty with respect to the tax position of the fund, its subsidiaries and its investments.
- Determine whether pre-existing structures into which NBIM invests should be aligned more closely with our tax expectations.
9. Internal control
Internal control in NBIM is defined as all measures and processes, effected by the Executive Board, administration and employees, designed to provide reasonable assurance that NBIM’s objectives related to operations, compliance, and reporting will be achieved. NBIM’s processes for risk reviews and internal control activities shall be based on the Regulation on risk management and internal control in Norges Bank, as issued by the Ministry of Finance 17 December 2009.
NBIM shall at all times have processes in place to ensure that control activities, including regular monitoring, are performed on an ongoing basis. All control measures shall be subject to appropriate documentation and filing. Such documentation shall contain references to applicable principles, policies, guidelines and procedures.
NBIM shall periodically carry out an evaluation of its risk management and internal control framework to identify and document necessary improvements.
The Executive Board’s review of the processes for internal control in NBIM will be carried out in accordance with NBIM’s framework for risk management and internal control.
10. Risk reporting
The Executive Board shall receive reports on the management of risk in NBIM, in line with the reporting requirements laid down by the Executive Board. Assessment of reputational impact from all three risk classes shall be reported to the Executive Board.
Critical and significant operational incidents shall be reported to the Executive Board. Breaches of Ministry of Finance and Executive Board mandates shall be recorded as incidents, and reported to the Executive Board.