Risk management

This chapter provides an overview of FMO's risk governance and risk management approach. The sections describe the risk domains relevant to FMO and developments throughout 2025. Together with the quantitative Pillar 3 disclosures-available on FMO's website-it constitutes FMO's Pillar 3 disclosure.

Risk governance

FMO defines risk as the effect of uncertainty on objectives. FMO maintains a comprehensive risk management framework, aligned with its banking license, State Support Agreement and mandate to conduct business in jurisdictions with elevated risk profiles. The risk management framework helps FMO realize its ambitions and safeguard its viability. Risk management practices are integrated across the organization, from day-to-day activities to strategic planning, to ensure both compliance with relevant regulations and adherence to the risk appetite. 

The Management Board defines and promotes the desired corporate culture and high ethical and professional standards. Employees are encouraged to take measured risks thoughtfully, acting with integrity and careful considering the interests of all stakeholders.

The risk management framework is based on the 'three lines model', where the first line (Investment departments and supporting functions) is challenged and advised by the second line (Risk department, Compliance department and Credit department), and the third line (Internal Audit) that performs independent assessments of the functioning of the first and second line.

The organizational structure is shown below.

The Management Board has established Risk Committees to assist in oversight FMO's risk appetite, risk management framework, and the supporting governance structure.  The Risk Committees and their responsibilities are described below:

The Financial Risk Committee (FRC) is appointed by the Management Board for the purpose of monitoring, challenging and deciding upon the execution of financial risk management within FMO.

The Non-Financial Risk Committee (NFRC) is appointed by the Management Board for the purpose of monitoring, challenging and deciding upon the execution of non-financial risk and strategic risk management within FMO.

Both the FRC and NFRC are chaired by the Chief Risk Officer (or Director Risk in Chief Risk Officer's absence). Several sub-committees report into the FRC and NFRC, such as the Investment Committee, the Integrity and Issue Management Committee, the Corporate Information Security Office, and the Regulatory Monitoring Group. These sub-committees are chaired by directors.

Risk appetite and taxonomy

The risk taxonomy defines the main risk types and subtypes FMO is exposed to in the pursuit of its objectives. This common set of risk categories facilitates the structuring of other elements of the risk management framework, such as the risk appetite and risk policies.

The risk appetite includes reporting metrics with target, alert and breach levels for the main risk types and subtypes. The Risk Appetite Framework (RAF) is reviewed by the Management Board and approved by the Supervisory Board on an annual basis. If necessary, it can be revised during the year in the event of material developments or a change in the strategic goals.

The risk appetite of FMO is summarized as follows:

"FMO actively takes Credit risk, Equity risk and risks inherent to the realization of our impact objectives, because the potential rewards contribute directly to our mission and objectives. FMO’s risk appetite for other risk categories in general can be expressed as cautious, which means that we prefer safe options and do not tolerate high levels of residual risk. FMO operates in low and middle-income countries (including fragile states) where the inherent risk of financial crime is high. FMO accepts that even with sound and compliant customer onboarding and monitoring procedures in place, financial crime related events can occur".

The risk appetite, governance and monitoring metrics for each risk domain are described in more detail in the sections below.

Pillar 3 disclosure

FMO publishes the required Pillar 3 disclosures on an annual basis alongside the publication of the annual report. These documents fulfil the Pillar 3 disclosure requirements of the Capital Requirements Directive (CRD) and Capital Requirements Regulation (CRR).

The objective of FMO’s disclosure policies is to ensure maximum transparency in a practical manner. The consolidation scope for prudential reporting is equal to the accounting scope for FMO. FMO was granted the solo waiver for prudential reporting based on Article 7(3)- Regulation (EU) No 575/2013-CRR and therefore only reports figures related to CRR/CRD on a consolidated basis.

Climate-related and environmental financial risk

Climate-related and environmental (C&E) financial risk is not a separate risk type but an external causal factor of FMO’s existing risk types. FMO defines C&E financial risk as the risk of any negative financial impact on FMO stemming from the current or prospective impact of climate-related and environmental factors on FMO directly (e.g. on FMO’s own operations and policies regarding its aggregate investment portfolio) or indirectly, (e.g. through FMO’s customers and invested assets).

Since 2021, FMO has been embedding C&E financial risks within the organization, based on the European Central Bank (ECB) Guide on Climate-Related and Environmental Risks. Throughout 2024 and into 2025, FMO has consistently reported quarterly portfolio scans to its Financial Risk Committee. These portfolio scans provide an aggregated overview of C&E financial risks in FMO’s investment portfolio (i.e. all loans and private equity exposures) and offer an initial assessment of climate-related risk exposures in industries and geographies, as well as a view of risk concentrations in the portfolio. In Q3 2025, FMO upgraded its approach with respect to the quarterly portfolio scans, which are now directly connected to the climate risk assessments that are being performed on an individual customer level both during origination and review phase. Moreover, the upgrade included an expansion of physical hazard types that are being covered, from eight to 14 hazard types that are currently being assessed.

Since 2023, FMO has been developing an application to operationalize climate risk assessments as part of the investment process, which supports FMO's investment teams in carrying out the climate risk assessments step by step. As of the beginning of 2024, the application had been rolled out to investment departments, enabling improved data collection and granular identification of climate-related and environmental financial risks. After a gradual rollout, the requirement of performing climate risk assessments became mandatory for all new investments in 2025, whilst climate risk assessments are now also periodically updated as part of the Customer Credit Review (CCR) process. FMO continues to work on improving the application using an iterative approach, enhancing data collection and enabling more granular identification of C&E financial risks.

As part of supervisory discussions, De Nederlandsche Bank (DNB) has been assessing FMO’s progress in managing C&E financial risks. FMO is among others expected to periodically review, update, and improve the C&E materiality assessment and to include the outcomes in its Internal Capital Adequacy Assessment Process (ICAAP) and Internal Liquidity Adequacy Assessment Process (ILAAP). In early 2025, FMO updated its materiality assessment and concluded that C&E financial risks are material to FMO’s investment risk (credit and equity), liquidity risk, strategic/business model risk and reputation risk over the short, medium and long term. Based on current insights and the profile of FMO, it also concluded that C&E financial risks do not pose a material risk for FMO’s market risk, business continuity risk or litigation risk across the different time horizons. FMO has mitigants in place for all its risk types to manage the risks within appetite. For further information, please refer to the 'Sustainability Statement' chapter.

IFRS Reporting Requirement

Certain disclosures in this ‘Risk Management’ section are an integral part of the 'Consolidated Financial Statements’. These sections include risk disclosures of financial instruments (IFRS 7) and capital disclosures (IAS 1). The specific sections include this introductory section, and sections labelled 'Climate-related and environmental financial risk', ‘Capital adequacy', 'Credit Risk', 'Equity risk', 'Concentration risk', 'Counterparty credit risk', 'Liquidity risk' and 'Market risk'.