Managing risk

The Group has classified its exposures into eight risk types: operational, credit, market, liquidity, financial, regulatory, reputational and strategic.

As a broker, intermediating flow between trading counterparties, the Group does not take proprietary risk positions and is therefore not structurally exposed to either significant market or related credit risk. The principal risks which it identified and for which it prepared have indeed proven to be the ones it faced during the worst dislocation of financial markets in recent years. The effective management of these risks resulted in ICAP suffering no significant loss during this exceptional period.

While ICAP’s approach to risk has been proven over the past 18 months, it nevertheless constantly seeks to improve the maturity, robustness and sustainability of its Group-wide risk management framework and to promote enhanced risk management discipline across all businesses and supporting functions.

The Group-wide risk management framework of ICAP is built on four complementary and dynamically related pillars: risk governance, risk management, risk measurement and risk infrastructure. The Group aims to apply industry best practices across all aspects of its framework.

The Group is committed to maintaining a strong control environment, both geographically and across product lines. To better align its risk capabilities with its strategic objectives, the Group has made substantial progress in the past year by:

• establishing a regional risk management structure independent of the business;
• creating additional levels of business oversight and governance at the regional and legal entity levels;
• improving its risk monitoring systems and reporting infrastructure;
• expanding the reach and influence of the risk function by increasingly embedding the risk management approach in the business decision-making processes; and
• reinforcing the discipline around new business approvals.

Business managers are held accountable for the level of risk in their activity, however the risk function proactively helps ensure that activities remain within the Group’s risk tolerances at all times.

Risk appetite is the broad-based amount of risk (i.e. including all types of risk) that the Group is willing to accept in pursuit of its mission and financial objectives. At the Group level, ICAP benchmarks its actual capital base against an economic capital model to ensure that it is sufficient to absorb losses at a very high level of confidence.

The board examines the risk tolerance of the Group along multiple dimensions, combining both quantitative and qualitative indicators. The board governs the Group with the over-arching objective of maintaining an investment grade debt credit rating at the corporate level. By construction, this metric incorporates the key financial and risk drivers of the business including, in particular, earnings stability, levels of liquidity and gearing.

At the executive management level, ICAP maintains a set of principles which implicitly define how much risk the Group is ready to bear to achieve its objectives. These principles are embedded in the Group’s global policies and delegations of authorities updated and distributed at least twice a year, and include mandatory limitations to the types of business ICAP can engage in.

At the operational level, the risk appetite of the Group is translated into broad risk tolerances through credit and liquidity limits which further constrain the risks for day-to-day operations. The Group is regularly examining scenarios that could seriously reduce earnings, impair its liquidity position or create legal, regulatory or reputational damage. These scenarios are mitigated to the greatest extent possible.

ICAP has established an overall robust risk governance structure under the leadership of the global head of risk, which helps ensure the independence of risk management responsibilities from the commercial side of the Group, and strengthens the influence of the risk function in strategic and tactical decisions of the Group.

The board is responsible for setting the overall risk strategy and risk appetite of the Group. It has delegated the day-to-day risk management of the Group to the group risk committee which meets at least six times a year. Details of the committee’s responsibilities are shown in Corporate governance. The global head of risk, reporting to the Group Chief Operating Officer, is accountable for managing the risk framework of the Group across all ICAP’s entities and geographies. The main responsibilities include:

• ensuring that the risk policies of the Group are up-to-date, understood and enforced;
• ensuring that the risk limits are communicated and enforced and any breaches are quickly resolved;
• ensuring that the risks are measured and that risk mitigation actions are in place;
• enabling the risk management processes;
• reporting risks to executive management and the board; and
• maintaining and developing the business continuity plans of the Group.

The Group has classified its exposures into eight risk types: operational, credit, market, liquidity, financial, regulatory, reputational and strategic.

Operational risk

Operational risks are the most important source of potential unexpected losses that the Group faces across all of its businesses worldwide. Operational risks cover instances where the Group may suffer a loss directly or indirectly from inadequate or failed internal processes, people activities, systems or from external events. They are intrinsic in all the Group’s activities and comprise a wide and diverse range of risk types. In particular losses can result from:

• significant and extended failure of IT systems and applications;
• breakdown of information security, including corrupt data due to network intrusion, breach of network gateways or security systems failure;
• project risk in relation to critical IT development;
• the loss of key members from a broking desk;
• broker errors;
• external events including failure of external settlement/clearing systems;
• failure or disruption of operational or businesses process flow;
• natural or man-made business disruptions; and
• introduction of new products and markets and the related tax, legal, accounting, regulatory, settlement and technology issues.

It is a policy of the Group to ensure that the important and significant operational risks and their controls are continually reviewed and assessed using a variety of tools including risk control self assessments, key risk indicators and process maps. As a consequence of this process, corrective action plans are introduced to mitigate the impact of a risk when it occurs and reduce the probability of it occurring.

Many of the Group’s operating processes are dependent on the integrity and robustness of its information technology and operational systems and significant resources are devoted to protecting the resilience of these systems. This includes formal business continuity plans and appropriate remote data back-up and disaster recovery facilities for each of our key locations. Business continuity for our core activities is regularly tested to maintain effectiveness.

Credit risk

The Group is exposed to credit risk in the event of non-performance by counterparties in respect of its agency, matched principal and treasury operations.

To manage credit risk, the group risk function sets global limits for each counterparty based on indicators of credit quality (internal ratings) in order to limit the potential loss which the Group could suffer as a result of a counterparty default. Where appropriate, country limits are also applied to limit the exposure of the Group to that country.

In name give-up transactions, ICAP’s role is to bring together buyers and sellers and, where appropriate, to assist in the negotiation of the price and other material terms of the transaction in return for a commission.

At the point at which the parties agree to terms, ICAP leaves the buyer and the seller to clear and settle directly with one another through the appropriate market mechanism. Credit risk relating to the name give-up business is monitored by regional accounts’ receivable teams, with risk limited to non-recovery of commission income.

In certain markets, ICAP facilitates its clients by acting as the executing broker of exchange products. In these transactions, ICAP executes the client order on the exchange as principal and then novates the trade to the underlying clients’ respective clearing broker for settlement. In the vast majority of cases such trades are given up intra day, usually within a few minutes. In circumstances where novation is delayed, ICAP is left with a position facing the relevant exchange clearing house and, until subsequent give-up is achieved, may be required, in line with clearing house rules, to post margin. ICAP maintains liquidity to manage these short-term requirements.

In contrast to name give-up transactions, matched principal transactions involve ICAP acting as counterparty for identified buyers and sellers in matching, in whole or in part, reciprocal back-to-back trades. To mitigate the potential credit risk implicit in matched principal transactions, ICAP applies a disciplined approach to new client approval, undertakes transactions on a delivery-versus-payment basis and, through the group risk function, monitors limits and their utilisation on a global basis. In some cases, exceptions do occur but these are approved prior to the transaction taking place and are reported to the group risk committee.

Processes and controls are in place to limit and monitor the Group’s exposures to any of its trading partners or to concentrations of clients. In particular the risk team continuously evaluates the financial soundness, liquidity and solvency of ICAP’s counterparties. ICAP suffered only minor financial consequences from the failure of Bear Stearns and Lehman Brothers and the indirect consequences of these events on other financial organisations.

Credit risk related to the Group’s treasury activities (cash investments and derivative financial instruments) is limited by the Group’s policy of requiring its treasury transactions to be undertaken with financial institutions which have been approved by the group risk committee and which are investment grade rated.

Market risk

ICAP does not engage in proprietary trading activities. As a result, however, of providing its clients with matched principal brokerage, using debt to finance acquisitions and having a truly global franchise, it is exposed to a variety of market risks including price, interest rates and currency.

The Group’s matched principal brokerage business involves ICAP acting as counterparty for identified buyers and sellers in matching, in whole or in part, reciprocal back-to-back trades. In order to facilitate customer transactions and provide liquidity, the Group may, however, participate in certain marketplaces by posting quotations. The act of posting quotations in pursuit of customer orders can result in ICAP becoming principal to an unmatched trade. In such situations, or where one or both counterparties in an OTC matched principal transaction fail to fulfil their obligations (e.g. an unsettled transaction) or through trade mismatches or errors, ICAP is exposed to market risk. In these circumstances, to mitigate risk, ICAP’s policy is to liquidate or hedge and liquidate these principal positions as soon as reasonably practicable.

A similar risk exists for exchange traded transactions which are entered to facilitate client orders. While trades are normally taken up by the underlying clients’ clearing brokers within a few minutes, if take-up is delayed or ultimately does not happen, ICAP is left with a position facing the exchange and is exposed to short-term price movements in the underlying asset temporarily held by the Group. Policies and procedures are in place to reduce the likelihood of such trade mismatches or failed give-ups and, in the event that they arise, the Group’s policy is to liquidate these principal positions as soon as reasonably practicable.

In certain parts of its businesses, the Group, acting in its interdealer broker capacity, occasionally engages in complex (and sometimes very substantial) structured matched principal transactions developed by its highly-rated counterparties. The Group undertakes significant tax, legal and regulatory due diligence before entering these transactions. These transactions do not involve the Group taking proprietary positions.

Only a very small proportion of ICAP’s transactions result in any exposure to market risk and compliance with ICAP’s policies is monitored by the risk and compliance functions and by senior management.

Liquidity risk

The ongoing financial crisis has seriously disrupted the flow of capital and the ability and willingness of banks to lend money even to companies with strong balance sheets and solid revenue and cash generating businesses. As a result, capital continues to be scarce and more expensive and unsecured funding more constrained.

ICAP seeks to ensure that it has constant access, even in periods of corporate or market turmoil, to an appropriate level of cash, other forms of marketable securities and committed funding lines to enable it to finance its ongoing operations, proposed acquisitions and other reasonable unanticipated events on cost-effective and attractive terms. The Group strives to continuously improve its access to diversified funding sources and maintains an investment grade rating from Moody’s and Fitch. The Group’s liquidity could however be impaired due to circumstances beyond its control, such as a worsening of credit markets or a perception that ICAP or similar market participants are subject to greater uncertainties. Details of ICAP’s borrowing arrangements are set out in note 21 to the financial statements.

When investing its cash balances, the Group considers the protection of principal instruments’ liquidity characteristics and bank counterparty risk, as well as the optimisation of return. With the exception of small, local cash management balances, surplus cash is invested with financial institutions which have an equivalent credit rating of A or better. The Group invests cash balances in a range of instruments including money market deposits, AAA liquidity funds, government bonds and other more structured, capital protected instruments.

Counterparty limits are set and monitored by the group risk committee and, through the recent financial market turmoil, a number of changes have been made to reduce further the Group’s exposure to institutions perceived as higher risk.

Financial risk

Interest rate risk

The Group finances itself through a combination of fixed and floating rate debt obligations and maintains cash on its balance sheet to meet a combination of local regulatory capital rules, clearing house deposits and other commercial requirements, including margin calls which arise through the provision of certain markets of clearing services to brokerage clients. The existence of these cash and debt positions exposes the Group to interest rate risk which, from time to time, it manages with derivative instruments with the objective of minimising interest cost and the impact of interest volatility on the Group’s income statement. Details of the Group’s sensitivity to changes in interest rates are set out in note 23(e) of the financial statements.

Currency risk

The Group publishes its consolidated financial statements in sterling and conducts business in a number of other currencies, principally the dollar and the euro. As a result the Group is exposed to FX risk due to exchange rate movements which affect the Group’s transactional revenues, and the translation of the earnings and net assets of its overseas operations.

The table below shows the anticipated impact for the year ended March 2010 on operating profit* of a 10 cent movement in the dollar and euro on ICAP in terms of transactional and translational exposure.

Operating profit*	Dollar £m	Euro £m	Total £m
Transactional	6	13	19
Translational	12	1	13

Further details of the Group’s hedging strategy and the level of cover in place at 31 March 2009 are contained in note 23(d) to the financial statements.

*Excludes amortisation and impairment of intangible arising on consolidation and exceptional items.

Regulatory risk

Regulatory risk is the risk of a financial loss or opportunity cost arising from either the failure to meet the requirements set by the Group’s regulators or the impact that legislation has on the markets in which the Group carries out its business.

Since the market disruption leading up to and following the collapse of Lehman Brothers, regulators worldwide have been under substantially greater pressure to increase both active tactical level scrutiny and macro-prudential oversight. Compounding the pressure, the effect of the huge market dislocations of recent months has been to reveal the conduct, or misconduct, of businesses, such as the allegations levelled at certain hedge funds. This, in turn, has led to intense criticism of even the most experienced regulatory agencies, and has precipitated government level rethinks on the methodology of regulation, which perhaps finds their most coherent expression in the statement of collective intent issued by the G20 after its meeting in London in April 2009.

The Group is supervised by the FSA and is required to meet the systems and controls requirements of the CRD and has, during the past year, reviewed these and where necessary taken action to ensure compliance. The FSA adopts a risk-based approach to supervision and does this in various ways including the review of prudential returns, visits to the Group and meetings with senior management.

In the US, the Group’s activities are primarily regulated by FINRA and the SEC. The Group’s operations in other countries are subject to relevant local regulatory requirements. Adherence to these regulations is monitored, where applicable, via the group general counsel who reports regularly to the board.

Although much of the recent scrutiny has been aimed at banks, it is with this background that the Group anticipates a general increase in both the burden of regulation and the activism of regulators. The risk that the current environment therefore presents to the Group is one in which greater scrutiny over the whole industry, at a time when rules and regulatory approach are in flux, increases the likelihood and probable impact of regulatory enquiries and the potential for fines or censure.

Longer term, regulatory changes could present a risk to the Group’s business, making it more difficult to expand into new markets and services and could limit flexibility regarding capital structure. To mitigate this risk, the Group maintains an active dialogue with each of its regulators and monitors proposed changes.

Reputational risk

As the world leader in financial intermediation and post-trade services, ICAP relies on its reputation to maintain its market standing and pursue its strategic objectives for growth. A number of initiatives are dedicated to the avoidance of reputational damage by ensuring ethical and transparent corporate behaviour, fair and consistent conduct of business and corporate and social responsibility. These initiatives include, for example, the proactive management of conflict of interest, anti-money laundering, and data security. These processes are embedded in the day-today management of the Group through education, training and Group policies and delegated authorities. Despite the specific steps taken by the Group, ICAP remains exposed to the general perception of the financial industry. In times of market uncertainty, a single large negative event at one of our clients or competitors may be widely advertised and commented on and, as a result, create the impression of wider operational or organisational deficiencies in the industry. This risk of “reputational contagion” is acute in the markets in which ICAP operates due to increased regulatory and press scrutiny following the turmoil of the past 18 months. ICAP is well aware of this situation and routinely monitors events at other companies and constantly upgrades its preparedness.

Strategic risk

Strategic risks, as set out below, are inherent for companies operating in the financial markets and constitute a key element of the growth engine of the Group. The potential downside of growth is mitigated through the overall management processes of the Group including, in particular, the new business initiative process:

• increasing competition/disintermediation: existing or potential competitors might be able to exploit their size, expertise, access to better funding, superior technology or other types of leverage to change the economics or the mechanics of our business to their advantage and hence reduce ICAP’s market share or profitability;
• significant change in the structure of markets as a result of operational changes imposed by regulation and/or legislation;
• variability in economic and financial markets: the volume of business flow transacted by the Group is affected directly by conditions in the global financial markets. Factors influencing ICAP’s daily volumes include levels, volatility and correlations of asset prices, credit quality of counterparties, changes in economic activity, political and market events, product innovation and indicators of market confidence; and
• diversification into new markets, with performance risk characteristics different to plan.

Daily risk management and mitigation is the responsibility of the Group’s business and desk leaders. The risk function provides support to the businesses with a wide range of tools adapted to the size and complexity of the Group. These tools include:

• credit risk limits based on an internal scoring system;
• group and risk policies;
• controls;
• procedures;
• process maps;
• risk and control self assessments; and
• insurance contracts.

The risk team monitors an array of qualitative and quantitative measures to ensure that the business risks remain within acceptable parameters. More emphasis is given to the relevance of these measures than to their mathematical sophistication. Metrics that are robust, easy to explain to the businesses and directly related to their risk profiles are preferred. Examples include key risk indicators and credit exposure metrics. Using these measures, the Group produces a number of market, credit and operational risk and intelligence reports which are disseminated widely among the Group’s managers and up to executive management level and the board.

The board is responsible for the Group’s system of internal control and for reviewing its effectiveness. Such a system of internal control is designed to manage rather than eliminate the risk of failure to achieve business objectives, and can only provide reasonable and not absolute assurance against material misstatement or loss.

On a regular basis, ICAP’s global head of risk reports directly to the audit committee his assessment of the Group’s risk management capabilities. The assessment is one of the tools used by the board to exercise its duty of risk supervision and to provide executive management with directions on improvements. These target improvements are in turn delegated to the group risk committee acting on behalf of the board for day-to-day responsibilities.

The effectiveness of the internal control system is also reviewed regularly by an independent internal audit function. Internal audit reports to the audit committee of the board (and functionally to the Group Finance Director) and provides assurance to executive management and the board that the system of internal control achieves its objectives and highlights gaps and areas for improvement. The internal audit function is outsourced to Ernst & Young. Internal audit establishes an annual plan of desks and functions to be examined based on discussions with management and the perception of the level of risk in the Group’s activities.

Following audits, internal audit provides management and the board (via the audit committee) with conclusions of their analysis and with a monthly report of internal audit activity. The monthly report includes the current year plan progress, updated activity schedule, outstanding issues, issues overdue, as well as issues added and closed during the month.

The key elements of the internal control system are:

• the establishment of an organisational structure with clearly defined levels of authority and division of responsibility;
• a comprehensive budgetary process, with both annual and regular forecasts being considered and approved by the board;
• the formulation of policies and approval procedures in key areas;
• daily monitoring of revenue as well as frequent reviews of balance sheet and cash flow against budget and prior periods with significant variances being investigated and appropriate action taken;
• formulation and review of specific policy covering credit, market, operational and treasury risks faced by the business;
• regular visits to Group operating companies by executive board members and senior management;
• all transactions authorised in accordance with delegated authority limits approved by the board;
• regular internal audit visits to Group operating companies to carry out reviews of systems and procedures and compliance with Group policies;
• accountability of senior management within each region for the establishment of appropriate control frameworks within their operations to ensure compliance with Group policies, procedures and standards. They are also responsible for ensuring that risks within their businesses are identified, assessed, controlled and monitored on an ongoing basis; and
• regular reports from both the external and internal auditors on the internal control systems operating within the Group.

The board, through the audit committee, has conducted an annual review of the effectiveness of the system of internal control covering all controls including financial, operational and compliance controls and risk management systems.

The Group has investments in a number of joint ventures and associates. Where the Group is not directly involved in the management of the investment it can influence, through board representation, but not control the internal control systems present in those entities. The board’s review of the effectiveness of the system of internal controls in those entities is consequently less comprehensive than in its directly-owned subsidiaries.