Risk Committee Update: September 2023

ESG scoring of Global Custodians 

The Risk Committee met on 24 August to discuss the ESG scoring of Global Custodians (GCs). The Committee bases its GC scores on Association for Financial Markets in Europe (AFME) questionnaire responses, and the scores are run automatically.  

Sometimes there is a local market specificity. Last year ESG questions were added to the AFME, and autoscoring was created to represent the responses. Some market-specific items were introduced – for example, where a market doesn’t have anti-discrimination policies on a country level, there may be varied scoring among local entities despite global policies. 

Global scores have been compared to a local entity score (previously approved by the Committee). 

Slovakia 

A nation of just over 5 million people, Slovakia remains a small market (c. €100bn) with low activity; 98% of its transactions are in bonds and there are fewer than 10,000 transactions each year.  

The stock exchange is trying to boost activity and is lobbying the government for privatisation. However, Slovakia is currently governed by a caretaker coalition government so little progress has been made. 

The fraught political situation in Slovakia remains a cause of underlying concern for the Committee. In June, the country’s first female president, Zuzana Čaputová, announced she would not be seeking re-election, in part because of the increasing number of death threats she’s receiving. 

Slovakia has had four prime ministers in the last four years. Its next parliamentary election is at the end of September, and on current polling could mark the return to power of the pro-Moscow populist Robert Fico.  

Although Slovakia is an EU-member state that currently supports Ukraine, under Fico’s leadership the country would likely switch its allegiance to Russia.  

The operational risk levels of Slovakia’s financial sector are already high. It was hit by a wave of cyber attacks in March, allegedly by Russian hackers, which disabled the websites of several Slovak state institutions and departments.  

The same month, a Slovakian bank suffered a cyber attack that affected its retail banking activity. The bank itself was unaware of the attack until much of the damage was already done. This was viewed by the Committee as a sign of poor cybersecurity across Slovakia’s banking sector as a whole, given that retail banks often follow similar cybersecurity policies. 

Kenya 

The Risk Committee’s last meeting of the month focused on Kenya, where the banking industry has had an eventful few years. 

The merger of the NIC Group and Commercial Bank of Africa Group (CBA) in 2018 created Kenya's third-biggest bank (by assets).  

In 2019, the merged group gained regulatory approval from the Kenyan central bank to merge its two sets of banks in Kenya, Uganda and Tanzania. The merged non-banking holding company became NCBA Group Plc and the Kenyan subsidiary of the merged entity became NCBA Bank Kenya Plc. There are plans to rebrand and rename the operations of the merged entity in Tanzania, Rwanda, Uganda and Côte d’Ivoire. 

The Committee discussed NCBA’s grades as a sub-custodian, its digital capabilities and progress against its stated plans for development and improvements. 

In case you missed it: 

On 30 August, the Financial Times published an exclusive. It reported that Goldman Sachs has made seven deals using cash from a US$2.5bn private equity “partnership fund” it set up in 2017 with the sovereign wealth fund China Investment Corporation. The fund was established with Chinese state money to buy a series of US and UK companies, including one that provides cybersecurity services to the UK government.