Top and emerging risks

The Board and senior management drive a robust process to identify and monitor our top and emerging risks.

As the global economy started to recover post pandemic, new challenges arose from the Russia-Ukraine conflict, escalating US-China tensions, and headwinds from elevated inflation and rising interest rates. We stayed vigilant and our portfolios remained resilient and asset quality stable.

In 2022, we continued to identify and monitor top and emerging risks across various areas, including (i) credit and portfolio management, (ii) environmental, social and governance (ESG) risks, (iii) market and liquidity risks, (iv) new business risks, (v) technology risk, (vi) financial crime risk, (vii) data governance risk, and (viii) cyber security and data protection.

Our robust risk management efforts were recognised when DBS was awarded the “Best Risk Management” award at the 2022 Singapore Corporate Awards.

Credit risk and portfolio management

In 2022, the Russia-Ukraine conflict resulted in a slowdown of economic growth and increased inflationary pressures across the commodities complex, including oil, gas, and food. Portfolio reviews were conducted in light of these developments. Many sectors, especially for industries with inelastic demand, were able to pass on the higher costs to their customers. While there were no immediate concerns, DBS continued to monitor for potential downstream effects.

As inflationary pressures persisted, central banks began raising interest rates in response. We evaluated our portfolios taking into account the potential impacts of higher interest rates, slower economic growth, and depreciation of multiple currencies against the USD. While the SMEs were assessed to be the most vulnerable, our SME portfolio had been well-tested in previous years and was mostly on a secured basis. Notwithstanding these headwinds, DBS’ overall consumer credit quality remained stable. Residential mortgages, which were primarily in Singapore and Hong Kong, were mainly for owner-occupation and well-secured with low loan-to-value ratios. Unsecured consumer credit loans represented less than 2% of the bank’s total loan exposure.

Despite the challenges posed by China’s zero- Covid policy and liquidity issues in the Chinese real estate market, our portfolio remained resilient as our corporate exposure was mainly to top industry players, and consumer exposure was limited. Our Chinese real estate exposures were mainly to larger and investment-grade names, with the remaining exposure generally well-secured. As contagion risks stayed elevated, we remained cautious and closely monitored our exposures.

We saw heightened US-China tensions with increasing military activity, trade restrictions, and the US chip ban. While there was no immediate impact to our portfolio, we continued to closely monitor the situation as it evolved.

We closely monitored our portfolios in Indonesia and India, which primarily consisted of lending to large corporates, to ensure that there was no deterioration in the portfolio amid rising interest rates and currency depreciation.

As headwinds in the macroeconomic and geopolitical environment are expected to persist, we will maintain a prudent approach in client selection and credit underwriting criteria to mitigate potential challenges.

To improve the quality of our risk management, we also made investments in our internal tools, such as the credit risk data infrastructure and workflow management system for our Institutional Banking business. This has brought our relationship and risk managers together on a common platform, allowing us to continue to refine and streamline our end-to-end credit processes.

We also used artificial intelligence (AI)/ machine learning (ML) techniques to enhance our credit underwriting and early warning capabilities for our consumer and SME businesses. This was achieved by training and deploying our credit models, emphasising increasing efficiency and speed, and incorporating external data from our partnerships. By doing so, we were able to expand our customer base, improve customer experience and increase model predictiveness to drive business success and strengthen risk management.

Environmental, social and governance (ESG) risks

We recognise that climate change has risk implications on our portfolio and lending to high-risk sectors will in turn have an impact on the pace of climate change. Enhancing ESG risk capabilities and in particular integrating climate risk into our risk identification, assessment and management therefore continues to be a top priority.

In 2022, we incorporated environmental risk into our Risk Appetite Statement, focusing on managing portfolio exposures to material climate transition and physical risks, and decarbonisation strategies. To further strengthen our ESG risk management, we developed (i) quantitative methodologies to assess climate-related transition and physical risks for our Institutional Banking Group lending portfolio, and (ii) a counterparty ESG risk scoring mechanism which forms part of our credit risk management framework.

Additionally, we launched comprehensive training programmes with climate risk specific modules to build bank-wide expertise and deepen knowledge in the field.

Market and liquidity risks amidst market volatility

2022 was a year of heightened macroeconomic uncertainty and volatility. We actively adjusted our market risk exposures and rebalanced hedges during the year. Regular and adhoc stress tests were conducted to evaluate the potential implications to our portfolios in the face of elevated interest rates.

As interest rates rose to levels not seen in the past decade, customer funds shifted from our current and savings accounts to fixed deposits and other investments, including government securities. We took measures to maintain our deposit base and continued to do so through active re-pricing and customer engagement. Our liquidity profile remains healthy and well-diversified, with multiple avenues to access further wholesale funding whenever necessary.

New business risks

In January 2022, DBS announced the acquisition of Citi's consumer banking business in Taiwan. The integration process is in progress and is expected to be completed in 2023. We do not anticipate any significant impact on the consumer banking portfolio with the acquisition.

The integration of Lakshmi Vilas Bank has proceeded as expected. To effectively manage the risks associated with the new products and expanded network, we have deepened the expertise of our risk management team. We have also strengthened processes for existing products to ensure effective management over a larger footprint. The final stage of system integration into DBS India Limited was successfully completed in December 2022.

Technology risks

Our technology risk management framework is based on a three-pronged approach of risk evaluation, response and governance. As part of risk evaluation, we identify and analyse the risks, define the risk metrics and monitor the issues, risk events and key risk indicators. Responses are made through risk-based decisions taking into account risk control and mitigation measures. Updates on our technology risk profiles are provided regularly to the various risk committees. Following an independent review on the November 2021 digital disruption in Singapore, we have taken remedial measures to improve the resilience of our services and incident response.

As the bank continues with the pace of technology advancement, we instituted initiatives and measures with focus on change management.

Financial crime risks

As part of our ongoing efforts to combat financial crime, we have enhanced our risk mitigation programme by utilising technology and data analytics. We implemented a variety of AI/ ML tools to enhance our surveillance capabilities at the transaction, customer, and country level. Our customer due diligence process was further refined with dynamic analytical reviews based on changes in static data or transactional behaviour. We continued to place strong emphasis on public-private sector collaboration, actively participating in initiatives between financial institutions and law enforcement agencies, including the planned Project COSMIC (Collaborative Sharing of Money Laundering / Terrorism Financing Information & Cases) to be launched in Singapore.

In 2022, we intensified our efforts to address the risks posed by geopolitical developments, particularly those related to sanctions and attempts to evade them. We also enhanced controls to combat digital payment scams, which have been successful in protecting potential victims. In addition, we have been deploying new capabilities to detect money laundering and sanctions risks related to digital assets, such as blockchain-based tokens. Such capabilities allow us to better identify and mitigate risks across a wider range of digital assets.

Data governance risks

We recognise that responsible practices around data governance are key for customer and stakeholder trust. Our data governance framework was developed along the following three prisms: (i) a baseline prism encompassing data security, data quality, and legal and regulatory compliance, (ii) an ethical prism – PURE (Purposeful, Unsurprising, Respectful and Explainable) – for the responsible use of data, and (iii) a model governance prism, covering regulated and AI models and their performance over time.

Cyber security and data protection

We faced a deteriorating cyber threat environment as geopolitical tensions escalated and cyber criminals and threat actors sought to target our customers and staff. To combat these threats, we strengthened our control environment to protect our people, information, network, equipment and applications. We stepped up security awareness campaigns and alerted our customers to emerging frauds and scams through timely security advisories. Despite these threats, we made significant progress in addressing phishing scams in partnership with the regulators and authorities. Amid rising geopolitical tensions, we will remain vigilant and continue to enhance our control environment to stay ahead of the cyber threat curve.