Objective and Approach
The objective of risk management is to put in place effective policies, mechanisms, systems, and processes for investment and operations to maximize the returns for the shareholder within an acceptable risk tolerance.
Risk management is a company-wide effort involving every business line, department, and individual. It is embedded throughout the investment life cycle, from the overall portfolio to general asset classes and to specific investment strategies and sub-strategies.
System and Mechanism
CIC has a comprehensive risk classification and management system involving the Executive Committee, Risk Management Committee, and relevant departments to manage all kinds of risks: market, credit, operational, liquidity, strategy, legal, reputational, and country risks.
In line with policies set by the Board of Directors and the Executive Committee, the Risk Management Committee oversees CIC's risk management strategies and approaches. Its key responsibilities include the following: Reviewing risk management strategies, policies and procedures; Determining the risk budgeting and allocation plan; Reviewing risk management and assessment reports; Reviewing assessment standards, management schemes, and internal control mechanisms for major risk drivers and events as well as key business processes; Conducting periodic reviews of the risk profile of asset allocations and the execution of the allocated risk budgets; Reviewing the risk management strategy and contingency plans for major risk events; Reviewing other risk-related issues under the authorization of the Executive Committee.
The Risk Management Committee, which oversees the risks in CIC's investment and operation activities, is comprised of the Chairman and CEO, President, related Executive Vice Presidents, Chief Risk Officer, and the Heads of the Department of Risk Management, the Department of Law and Compliance, the Department of Public Relations and International Cooperation, the Department of Asset Allocation, the Department of Investment Operations, the Department of Finance and Accounting, the Department of Internal Audit, the General Office, and the Department of Research. Other members of senior management and the heads of the investment departments attend Risk Management Committee meetings as needed. The Operational Risk Management Committee and the Valuation Committee are two subcommittees established under the Risk Management Committee.
CIC's comprehensive risk management system comprises the following pillars:
Three lines of defense:
For the first line of defense, investment departments remain well informed of the risks associated with the investment products within their mandate and follow CIC's risk management rules in their investment activities.
For the second line of defense, the Department of Risk Management sets risk limits on various asset classes based on the risk budget; formulates the risk management framework, mechanism and processes; works with the Department of Law and Compliance and the Department of Public Relations and International Cooperation to monitor and manage risks across the Committee.
For the third line of defense, the Department of Internal Audit and the Department of Institutional Integrity audit, supervise, and evaluate company-wide risk management to ensure procedural compliance and effectiveness in risk management and internal controls and make recommendations to redress inadequacies if these arise.
Management of Multiple Types of Risks
In 2017, CIC intensified its comprehensive risk management.
Market Risk Management
CIC invests according to an underlying principle of gaining investment returns within acceptable risk tolerance as set out in its overall business objectives. The comprehensive risk monitoring system monitored risks from the macro level, to the market and to the portfolio. At the macro level, the company monitored the macroeconomic conditions of the key economies and drew up a risk heat map, showing the company changes in macroeconomic factors and transmission mechanisms. At the market level, CIC constantly monitored the relevant systemic indices and volatility index constantly and improved its stress-testing analysis. At the portfolio level, it used the Fengye System to monitor the risks and performance of the overall portfolio in a multi-dimensional and multi-perspective approach.
Credit Risk Management
The major credit risks faced by CIC's investments include sovereign credit risk, counterparty credit risk, and the risk associated with invested assets.
Based on the portfolio's risk exposure, CIC regularly publishes the "Sovereign Credit Risk Report" covering 110 countries and regions. It prospectively analyzes the key factors driving macro risks for sovereign credit in the current year. CIC also publishes specific thematic reports on market movements to assess risks for sovereign credit and to give early warning. The company also strengthened counterparty risk management, evaluating the dynamic risks of counterparties based on the risk exposure of different products.
CIC constantly tracked the credit risk profile of the invested assets and improved early warning and response. It urged investment departments to enhance post-investment management and adjust or exit projects in a timely manner.
Internal Control and Operational Risk Management
We improved our policies and procedures and refined our operational risk management capabilities by setting up a tailored internal control and operational risk management framework to support business.
We improved the risk management and internal control systems, and long-term mechanisms for resolving different risk categories have become more robust. In 2017, CIC developed and revised 12 risk management guidelines and proposed specific opinions for 17 rules.
CIC buttressed operational risk management by optimizing mechanisms, developing a manual, and studying the possibility of building an operational risk tolerance system. It organized regular assessments of operational risks; inspected the points of risk and relevant control measures; and intensified the collection, analysis, and control of incidents. The company also stepped up monitoring operational risks in key business areas such as trading and investment processes. It developed a management system to ensure business continuity, with the first exercise improving emergency response capabilities.
CIC values the prevention and management of reputational risks, and has continued to do well in information disclosure and tracking public opinion to assess reputational risks. In selecting investment projects and partners, CIC always considers reputational risk as a major factor in decision-making. CIC also seeks to fulfill its corporate social responsibility and create a favorable image of a responsible corporate citizen and respectable partner.