Management of risks that can significantly impact business

Risk management has a direct and positive impact in the bank and its stakeholders for identifying and preventing possible security and privacy breaches to employees’ data and consequently customer data. A proper risk management ensures the institution’s soundness and the role it plays in society.

Material topics


Impacted stakeholders:

  • Shareholders/investors
  • Customers
  • Employees
  • Community/society
  • Suppliers and partners
  • Government
  • Environment
  • Banrisul Operations



Management of risks that can significantly impact business​

Banrisul carries out the continuous and integrated management of capital and credit, market, interest rate variation risks for the instruments classified in the banking portfolio – IRRBB; as well as liquidity, operational, social, environmental, climate and other risks considered relevant. Social, Environmental and Climate Risks (RSAC, in Portuguese) are some of the various types of risk to which the Institution in exposed and must be managed in an integrated manner with the other corporate risks.

The Social, Environmental and Climate Risk management structure includes the assessment of Stress Testing results, the monitoring of the risk indicators defined in the Risk Appetite Statement (RAS) and the periodic preparation of reports. In regard to Stress Testing, the Social, Environmental and Climate Risk is included in the other corporate risks since its impacts are mostly observed in credit and in civil and labor lawsuits.

Geared towards meeting the new requirements, Banrisul has developed action plans, which are being implemented and will improve the governance, analysis, management and reporting of social, environmental and climate risks.

When offering a new product, service, or solution, the Bank carried out an analysis to verify potential risks to public health, the environment, infringement of laws and regulations for social and environmental protection, contributing to or being affected by changes in climate patterns.

Through any of its members, the Fiscal Council is responsible for overseeing the Management’s acts and verifying compliance with their legal and statutory duties, according to the Fiscal Council’s Internal Regulation. Some risks are identified, managed and monitored focused on Operational Risk which, consequently, has its control compliance assessed by the Controls and Compliance department.

Even though Banrisul does not have a tax policy approved by the Board or validated by its committees, the Bank adheres to principles to always achieve excellence in adopting good practices to mitigate and reduce tax and fiscal risks. It relies on the internal and external audits as partners in the pursuit of excellence in the management of the institution’s tax matters.

In a broader sense, the responsibilities of the Fiscal and Tax Corporate Department include calculating the institution’s taxes and monitoring all the impacts on the related accessory obligations; supporting the other corporate departments responsible for tax-generating events, whether direct or as tax substitutes, in order to identify possible situations of risk that must be dealt with at the source of the information; in addition to the continuous monitoring of communication with the regulatory and oversight agencies, so as not to generate any burden, whether financial or reputational.

In 2021, Banrisul collected and provisioned R$1,010.9 million in own taxes and contributions. Taxes withheld and passed on, directly levied on financial intermediation and other payments, totaled R$915.2 million in the same period.

Banrisul’s organizational structure includes the Internal Audit department, subordinated to the Board of Directors, whose scope of activities considers all duties of Banrisul and the other companies in the conglomerate, in compliance with CMN Resolution 4,879/2020. Therefore, as of the publication of CMN Resolution No. 4,945, of September 15, 2021, an audit forecast was included in the Internal Audit planning for 2022.

The Board of Directors (BoD) is responsible for acting on behalf of the Institution in the Risk Appetite Statement (RAS) supported by the Risk Committee (RC), the Executive Board and the CRO. The Disclosure Policy is considered in assessing RWA amount and adequacy to PR. The Board of Directors mainly focuses on the review and approval of:

  • Capital management policies, strategies and limits;
  • Stress Testing Program;
  • Policies for Business Continuity Management;
  • Liquidity Contingency Plan;
  • Internal Simplified Assessment Process for Capital Adequacy (ICAAPSIMP) and Capital Plan; and
  • Capital Contingency Plan.

The Board of Directors (BoD) ensures that the institution complies with the policies, strategies and its own limits, considering possible timely corrections to structural deficiencies. Its responsibilities also include the capacity to approve significant changes to policies and strategies as well as systems, routines and procedures, such as:

  • Products and services;
  • Hedging strategies and risk-taking initiatives;
  • Significant corporate reorganizations; and
  • Changes to the macroeconomic outlook.

Another responsibility of the Board is the capacity to ensure the appropriate and sufficient culture and resources to carry out the activities in an independent, objective and effective manner, based on the legislation in force. It is necessary to approve the appointment and removal of the officer in charge and the organizational structure for capital and corporate risk management.