Risk management

Doing business means taking risks. Looking at FMO's strategy and activities, it could be said that our primary target is to maximize development impact, while being profitable in a sustainable way, and that taking risks is inherent to our core business. In order to do sustainable, profitable business, however, our challenge is how to take calculated risks. FMO's Management Board defines the risk profile and risk appetite, under supervision of the Audit & Risk Committee and the Supervisory Board. Within our risk appetite, FMO has a comprehensive, integrated 'In Control Framework' to enable us to take and control these calculated risks.

This 'In Control Framework' plays a pivotal role in the thorough analysis of risks. FMO has identified risks in the following categories: strategic, operational, financial reporting and compliance risks. Important drivers for our risk universe are FMO's strategy, objectives and laws and regulations (such as the Dutch Banking Code, Corporate Governance Code, Financial Supervision Act, Law against Money Laundering and Financing of Terrorism, Basel II and III and International Financial Reporting Standards). To mitigate the risks we have implemented controls, whose effectiveness we continuously monitor.

Within FMO this monitoring is conducted by three 'lines of defense'. Business management reviews processes and reports and performs self-assessments. In the second line of defense there are specialized risk departments and committees. The third line consists of the internal audit function and external auditors.

We paid special attention to a number of key risks in 2011, based on the market situation, regulations or internal circumstances.