UBS AG
Screenreader-optimized Version for visually impaired and blind visitors Home | Accessibility | Zoom version | Local Sitemap | Service Finder | eng deu fra ita | Search
   
Annual reporting 2008 (restated May 20, 2009)  
Strategy, perf. & resp. Divisions & Corp. Center Risk & treasury mgmt. Corp. gov. & comp. Fin. information Review
     
Risk management
Risk management and control
Risk concentrations
Market risk
Credit risk
Operational risk
Treasury management
Treasury management
Liquidity and funding management
Interest rate and currency management
Capital management
Shares and capital instruments
UBS shares in 2008
Basel II Pillar 3
Basel II Pillar 3
How to find out more
Sources of information
 

UBS Homepage > Investor Relations > Annual report 2008 (restated May 20, 2009) > Risk and treasury management > Risk management and control

Risk management and control
Risk management and control

3.
Graphs

UBS was severely affected by the financial crisis that unfolded in 2007 and worsened in 2008. UBS entered 2008 with significant legacy risk positions, particularly related to US real estate and other credit positions, which exceeded the firm's risk bearing capacity. As reported during 2008, UBS incurred significant losses on these positions. Risk reduction will remain a priority for UBS until risk exposure is commensurate with the firm's targeted risk appetite. UBS identified significant weaknesses in its risk management and control organization, as well as limitations in its traditional market risk, credit risk, liquidity risk and funding risk measures (including the interplay between these measures). As a result of these weaknesses, the firm failed to adequately assess correlated risks and risk concentrations. In order to address these weaknesses, UBS launched an extensive remediation plan, which included the overhaul of its risk governance, significant changes to risk management and control personnel, as well as improvements in risk capture, risk representation and risk monitoring. Implementation of this plan is ongoing and remains a high priority for UBS. In addition, in light of the continued dislocation in financial markets, UBS has placed less emphasis on statistical models for the identification and management of risks, and more on its stress-based measures, particularly to identify and manage those portfolios considered most at risk.

Market commentary in 2008

Market conditions deteriorated progressively in 2008 culminating with weak macroeconomic data in fourth quarter 2008 which confirmed the severe downturn in the global economy. Credit markets worsened considerably over the year with the market dislocation spreading from US real estate-related markets to broader asset-backed security and credit markets, especially after the market-wide liquidity concerns engendered following the collapse of a major US investment bank in September 2008. Levels of market volatility were high throughout the year and peaked in fourth quarter, as global deleveraging and a lack of liquidity in global markets continued to distort asset prices, reducing the effectiveness of some risk mitigation techniques. Extreme market moves throughout the year caused a breakdown in the relationship between a number of trading positions and related hedges, particularly in credit and equity markets. Hedge funds experienced significant redemptions in the second half of the year as performance suffered. In the last four months of the year, central banks and governments reacted with increasing urgency to the escalating financial crisis with a series of measures which attempted to stabilize financial markets and support specific financial institutions.

Summary of key developments in 2008

The important developments that took place in 2008 with regard to risk management and control include:

- UBS incurred substantial writedowns on its risk positions and actively reduced exposures through sales. Significant transactions included the sale in May of US residential mortgage-backed securities to a fund managed by BlackRock for proceeds of USD 15 billion and the agreement reached in October to transfer illiquid securities and other positions from UBS's balance sheet to a fund owned and controlled by the SNB. From an originally agreed USD 60 billion, the size of the transaction has been reduced to USD 38.6 billion. UBS will continue its program of active risk reduction.

- UBS strengthened the roles and responsibilities of its Board of Directors (BoD) and executive management with regard to risk management and control. The BoD has been allocated responsibility for setting the highest-level portfolio and concentration risk measures and limits, while the Group Chief Executive Officer (Group CEO) is authorized to apply these measures and limits to specific transactions, positions and exposures. A new BoD risk committee was established to take on some of the responsibilities of the former Chairman's Office.

- UBS integrated its approach to risk control by merging the market and credit risk functions of the Investment Bank into a single unit. A new Chief Risk Officer (CRO) was appointed in the Investment Bank to oversee credit risk and market risk on a combined basis as well as operational risk. Several other changes to senior personnel in the Investment Bank CRO organization were also made. The Corporate Center risk function was reorganized, resulting in the formation of a unit to focus on the control of portfolio and concentration risks and a combined function to determine methodologies to measure and assess market and credit risk. UBS also made a number of other changes to senior personnel in order to strengthen its risk management and control organization. These included the appointments in the Investment Bank of a new Chief Executive Officer and new heads of Fixed Income Currencies and Commodities.

- In the third quarter, the Swiss Financial Market Supervisory Authority (FINMA, until 31 December 2008 Swiss Federal Banking Commission) concluded its investigation into the causes of the significant writedowns incurred by UBS. It confirmed UBS's own conclusions in all material aspects. UBS developed a comprehensive and detailed plan to eliminate the weaknesses it identified, including those related to risk management and control (for example UBS's market and credit risk functions had failed to identify certain significant portfolio and concentration risks, and there were weaknesses identified in risk systems and infrastructure). Delivery against this plan remains broadly in line with expectations and is a high priority for UBS.

Risk management and control principles

Five key principles underpin UBS's risk management and control framework. These principles are intended to allow the firm to achieve an appropriate balance between risk and return. The five key principles are:

- Business management is accountable for risk. Business management throughout the firm is accountable for all the risks assumed or incurred by its business operations. This means that each business is responsible for the continuous and active management of its risk exposures, as well as for ensuring an appropriate balance between risk and return.

- Independent control of risk. A control process independent of the businesses is an integral part of UBS's risk management and control framework. Independent risk control aims to provide an objective assessment of risk-taking activities, helping senior management align the interests of all stakeholders, including shareholders, clients and employees.

- Disclosure of risk. Comprehensive, transparent and objective risk disclosure is an essential component of the risk control process. This includes disclosure and periodic reporting to senior management, the BoD, shareholders, regulators, rating agencies and other stakeholders.

- Earnings protection. UBS aims to protect earnings by limiting the scope for losses and exposure to stress events. Controls and limits are applied to individual exposures and portfolios in each business, to aggregate risks across all businesses, and to major risk types relative to the firm's risk capacity (the level of risk UBS is capable of absorbing, based on its anticipated earnings power).

- Reputation protection. Protection of UBS's reputation depends, among other things, on the effective management and control of the risks incurred in the course of its business. All employees should make the protection of UBS's reputation an overriding concern.

The risk assessment and management performed by the BoD is in line with the statutory requirements and so is the related disclosure in this section.

Risk management and control responsibilities

Key roles and responsibilities related to risk management and control are outlined below:

- The BoD has a strategic and supervisory function and is responsible for determining UBS's fundamental approach to risk. The firm's risk principles, risk appetite and risk capacity are also determined by the BoD. A newly established BoD risk committee oversees the firm's risk profile and the implementation of risk management and control principles.

- The GEB is responsible for the implementation of risk management and control principles. Its newly established Executive Committee (EC) allocates the Group's total risk capacity amongst the business divisions, controls the firm's overall risk profile and approves the core risk policies.

- In line with UBS's dual board structure, the authority to control risk is split between the BoD and the Group CEO. The BoD has risk control authority for portfolio and concentration limits, while the Group CEO has risk control authority for the firm's transactions, positions and exposures. These risk control authorities, however, are partially delegated to the Group CRO and the CEOs of each business division. Risk officers in the business divisions may also be delegated certain risk control authorities depending on their experience and portfolio responsibility.

- The CEO of each business division is accountable for the results and risks of his or her division as well as maintaining an appropriate risk management structure.

- The Group CRO is responsible for the development and implementation of appropriate control frameworks for credit, market and operational risks with support from the business divisions through their CROs. In addition, risk functions within the Corporate Center support the control of portfolio and concentration risks, the determination of methodologies to measure and assess risk, and the development and operation of appropriate risk infrastructure (including reporting).

- The CROs of the business divisions are responsible for the independent control of risk in their respective business divisions.

- The Group CFO is responsible for ensuring that UBS and its business divisions disclose their financial performance in a clear and transparent way, and that this reporting and disclosure meets all regulatory requirements and corporate governance standards. The Group CFO is also responsible for the implementation of UBS's risk management and control frameworks in the areas of capital management, liquidity, funding and tax.

- The Group General Counsel is responsible for implementing UBS's risk management and control principles in the areas of legal and compliance.

Risk management and control framework

UBS's risk management and control principles are implemented via a detailed risk management and control framework. The framework comprises both qualitative elements such as policies and authorities, and quantitative components including limits. With the risk management and controls principles as its basis, the framework is continually adapted and enhanced as UBS's businesses and the market environment evolve.

There are five key components in the independent risk control framework:

- Risk policies and authorities to implement the firm's risk management and control principles (see above). These reflect UBS's risk capacity and risk appetite, and may be adapted to accommodate the firm's evolving business requirements.

- Risk identification through continuous monitoring of portfolios, assessment of risks in new businesses and complex or unusual transactions, and ongoing review of the overall risk profile in the light of market developments and external events and trends.

- Risk measurement using methodologies and models which are independently verified and approved by specialists in the CRO organization. Appropriate risk measures are applied to portfolios and risk concentrations. Risks that are not well reflected by standard measures are subject to additional controls, which may include pre-approval of transactions and specific risk limits. Models to quantify risk are generally developed by dedicated units within the business divisions and the Corporate Center. UBS requires that models addressing risks which could impact its books and records be subjected to independent verification and ongoing monitoring and control by the CRO organization.

- Risk control by monitoring and enforcing compliance with risk principles, policies and limits, as well as with regulatory requirements.

- Transparent riskreporting to stakeholders and to management at all levels, on all relevant aspects of the approved risk control framework, including limits. This includes daily reports on certain portfolio risk measures to senior management. Monthly and quarterly reports are also prepared by the business divisions and provide the basis for consolidated reports to the Group CRO, EC, BoD risk committee and the BoD as a whole. Periodic reporting is made publicly available for the benefit of other stakeholders.

UBS has control processes to deal with the establishment of new businesses or significant changes to existing businesses, and the execution of complex or unusual transactions. These processes are designed to subject the business or transaction in question to all the necessary control functions - risk control, legal, compliance, treasury, finance, tax and logistics - as necessary. A key aspect of this process is to ensure that transactions are booked in a way that permits appropriate ongoing risk management, measurement, control and reporting.

Risk categories

The risks faced by UBS's businesses can be broken down into different categories.

On the most fundamental level there are business risks arising from the commercial and economic risks inherent in any business activity. It is business management's responsibility to respond to changes in the economic environment and competitive landscape. Business risks are not subject to independent risk control but are factored into the firm's strategic planning process and the assessment of UBS's risk appetite and overall risk exposure.

Primary and operational risks which result from particular business activities are, on the other hand, subject to independent risk control.

Primary risks are:

- Credit risk - the risk of loss resulting from the failure of a client or counterparty to meet its contractual obligations.

- Market risk - the risk of loss resulting from changes in market variables. These can be categorized as overall changes in market levels and rates (the "general" market risk component), or relative changes with respect to specific companies or instruments (often referred to as the "idiosyncratic" market risk component).

- Liquidity and funding risk - the risk that UBS might be unable to meet its payment obligations when due or to borrow funds in the market at an acceptable price to fund actual or proposed commitments.

Operational risk is the risk of loss resulting from inadequate or failed internal processes, people and systems (for example failed IT systems, or fraud perpetrated by a UBS employee), or from external causes, whether deliberate, accidental or natural.

Refer to the "Market risk", "Credit risk", "Operational risk" and " Liquidity and funding management" sections of this report for a description of the control frameworks for these risk categories

Quantitative controls

UBS quantifies potential future losses using three complementary risk measures: expected loss, statistical loss and stress loss.

Expected loss is the loss that is expected to arise on average over time in connection with an activity (for example, expected number of loan defaults under normal economic conditions). It is an inherent cost of such activity, and must be factored into business plans.

Statistical loss measures, such as Value at Risk ("VaR"), estimate the amount by which actual losses in a portfolio could exceed the expected loss over a specified time horizon, measured to a specified level of confidence (probability).

Stress loss is the loss that could arise from extreme events, typically beyond the confidence level of the statistical loss estimate, and is normally a scenario-based measure.

These risk measures are typically applied at a portfolio level. They are complemented by controls such as targeted stress measures for concentrated exposures and vulnerable portfolios, sub-portfolios or positions. Concentration risk controls are generally applied where UBS identifies that positions in different financial instruments or different portfolios are affected by changes in the same risk factor or group of correlated factors. Such concentrations can have the potential for significant loss in the event of extreme but plausible adverse developments. Identifying such developments and assessing their potential impact - in particular the danger of aggregated losses from a single event through concentrated exposures - is a critical component of the risk control process.

Refer to the "Risk concentrations", section of this report for more information on risk exposures and identified risk concentrations

Qualitative controls

Although measurement of risk is clearly important, not all risks are quantifiable. Due diligence, sound judgment, common sense and an appreciation of a wide range of potential outcomes, including a willingness to challenge assumptions, are key components of a strong risk culture for both risk management and risk control. UBS has reinforced its qualitative risk controls through changes to its risk management and control organization, as described above in the summary of key developments in 2008 section, as well as through education programs.

Earnings-at-risk and capital-at-risk

To complement its day-to-day operating controls, UBS has developed the concepts of "earnings-at-risk" and "capital-at-risk". These are general measures designed to assess the firm's overall ability to absorb the potential losses inherent across all its business lines and from all major sources in the current economic cycle.

Earnings-at-risk focuses on UBS's ability to absorb losses through its current earnings. It is an integral part of the risk control process and is monitored by the BoD, the BoD risk committee and the GEB as part of UBS's monthly risk reporting. The concept reflects UBS's view that the primary resource to absorb losses should be a firm's earnings stream. Earnings-at-risk has three elements - risk capacity, risk exposure and risk appetite.

Risk capacity is the level of risk UBS considers itself capable of absorbing, based on its earnings power, without damage to its dividend paying ability, its strategic plans and, ultimately, its reputation and ongoing business viability. It is based on a combination of budgeted, forecast and historical revenues and costs, adjusted for variable compensation, dividends and related taxes.

Risk exposure is an estimate of potential loss based on current and prospective risk positions across major risk categories - primary risks, operational risk and business risk. It builds as far as possible on the statistical loss measures used in the day-to-day operating controls, extending their time horizons where necessary, with adjustments and supplements determined by management to reflect known coverage gaps. Correlations are taken into account when aggregating potential losses from risk positions in the various risk categories to obtain an overall estimate of the risk exposure. The risk exposure is assessed against a severe but plausible constellation of events over a one-year time horizon to a 95% confidence level - in effect to assess the impact of a "once in 20 years" event.

Risk appetite is established by the BoD, who set an upper boundary on aggregate risk exposure. A comparison of risk exposure with risk capacity serves as a basis for determining if current or proposed risk limits are appropriate, and is one of the tools available to management to guide decisions on adjustments to the risk profile. It also provides an indication of UBS's ability to pay a cash dividend out of its current year earnings.

UBS's risk exposure should not normally exceed its risk capacity but in the extremely difficult market conditions that persisted throughout 2008, this relationship has not held. For 2008 as a whole, UBS recorded a large net loss, showing that the risk exposures remained greater than UBS's risk capacity.

Risk exposure remained high as a result of a lack of liquidity in the markets for securitized assets to which UBS had significant exposures during a large part of the year, and due to significantly increased volatility levels in global markets. The reduction in risk exposure that was achieved through sales (including transactions with BlackRock and the SNB) in addition to the significant writedowns incurred on risk positions, was offset by a simultaneous decrease of risk capacity due to downward revisions of earnings expectations as a consequence of the deteriorating economic outlook.

Measured risk exposure is neither an expected nor a worst case scenario and it can be significantly affected by many external factors. Based on UBS's assessment of the various dimensions of its portfolio of risks and their potential development, management has and will continue to reduce the firm's risk exposure to achieve an appropriate level relative to its risk capacity. However, liquidity has been and remains poor in many markets. As with any model, earnings-at-risk is heavily dependent on assumptions and estimates. Measured risk exposure must be understood in this context. During the extremely difficult market conditions that prevailed in 2008, a number of supplementary measures were added to the statistical assessment of risk exposure. For example, observable data were supplemented by judgments in several areas including residential and commercial real estate, US municipal and student loan markets, and potential defaults by monoline insurers and certain corporate loan portfolios. These supplementary measures were a result of extensive consultation between risk management and control professionals and contributed materially to the overall risk exposure that UBS recognized in 2008.

Capital-at-risk considers more extreme losses and their potential to lead to a breach of minimum regulatory capital requirements or even insolvency. Capital-at-risk is an input to the capital management process, building on the earnings-at-risk concept but assessing the potential for losses to exceed earnings capacity and erode capital. For capital-at-risk, the analysis parallels that for earnings-at-risk but is measured at two higher confidence levels. The first is in relation to UBS's minimum regulatory capital requirement and is set at a 99% confidence level or a "once in 100 years event". The second is in relation to the solvency of UBS and is set at a confidence level exceeding 99.9%.

The capital-at-risk measures of aggregate risk exposure are important considerations in the assessment of capital adequacy. Like earnings-at-risk, capital-at-risk also relies on day-to-day risk control measures.

TopTop

Audited information according to IFRS 7 and IAS 1
Risk disclosures provided in line with the requirements of the International Financial Reporting Standard 7 (IFRS 7) Financial Instruments: Disclosures, and disclosures on capital required by the International Accounting Standard 1 (IAS 1) Financial Statements: Presentation form part of the financial statements audited by UBS’s independent registered public accounting firm Ernst & Young Ltd., Basel. This information (the audited texts, tables and graphs) is written in normal font throughout the report "Risk and treasury management 2008" and is incorporated by cross-reference into UBS’s Financial information 2008. Non-audited content is written in italic font.

¯¯¯¯

Terms of Use | Privacy Statement

Products and services in these webpages may not be available for residents of certain nations. Please consult the sales restrictions relating to the service in question for further information.

© UBS 2009. All rights reserved.

  
Important notice 

UBS has restated its annual report for 2008 on May 20, 2009, including the financial statements and other information.

Downloads 
Order documents 
AR 2008