+632 9481108


Risk Management Overview

EG’s enterprise risk management system is built on the concepts of an internationally-accepted model and a range of best practices to ensure continued business growth through an objective approach to risk-taking. The Bank applies risk management across the entire organization from the Board of Directors, Senior Management, Business Segments and Groups, Business Centers, support units, and to individual employees; as well as in specific functions, programs, projects and activities. The implementation of the Enterprise Risk Management Framework contributes to strengthening the Bank’s management practices, decision making and resource allocation, and increasing shareholder value; while protecting the interest of its clients, maintaining trust and confidence, and ensuring compliance with regulations. The Framework is composed of Risk Governance, Enterprise Risk Management Process and the Bank’s Risk Culture.

Governance, Risk and Compliance Control (GRC)

GRC is the general term encompassing EG’s approach to corporate governance, enterprise risk management and corporate compliance with applicable laws and regulations.

• Corporate Governance – The system whereby shareholders, creditors, and other stakeholders of EG ensure that Management enhances the value of the Bank as it competes in an increasingly global market place. It is the framework of rules, systems and processes in and of EG that governs the performance by the Board of Directors and Management of their respective duties and responsibilities to the stakeholders.

• Risk Management – The process, effected by EG’s Board of Directors, Management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the Bank, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of the Bank’s objectives. It also refers to the architecture that is used to manage risk; that includes risk management principles, a risk management framework and a risk management process.

• Compliance – Adherence to applicable laws, regulations, directives, rules of professional conduct and related or similar matters.

The interrelated functions primarily involved in the implementation of the EG’s Governance, Risk and Control system are Compliance Group, Internal Audit Group and Enterprise Risk Management Group.

ERM Objectives

Identify, measure, manage and control risks inherent in EG’s activities or embedded in its portfolio. • Define and disseminate risk management philosophy and policies.
• Assist risk
-taking business and operating units in understanding and measuring risk/return profiles. • Develop a risk management infrastructure that includes policies and procedures, organization, limits and approval authorities, MIS and reporting, systems and risk models.

• Promote a risk awareness and strong “control culture” in EG.


ERM Structure

EG’s ERM structure starts from the tone-setting Board of Directors, through its Risk Oversight Committee (ROC), and down to the business lines. The Enterprise Risk Management Group (ERMG) is the arm of the ROC which facilitates the design and implementation of the risk management system. The ERMG itself is organized into units, supported by risk management sub- frameworks, which coordinate with all banking units through its main operating segments.

The Risk Oversight Committee (ROC) assists the Board of Directors in the effective discharge of its function in overseeing the enterprise risk management program of the Bank.
The Risk Oversight Committee has the responsibility to:
A. Review and recommend for approval by the Board of Directors EG’s written enterprise risk management program to identify, measure, monitor and control its risks.

B. Review reports on risk exposures, recommend necessary actions and communicate enterprise risk management plans to concerned segments and groups to address or reduce the risks;
C. Report to the Board of Directors significant matters concerning EG
’s risk exposures including any BSP examination findings on unsafe and unsound banking practices; and actions taken to manage those risks;

D. Recommend a system of risk limits and authorities for approval by the Board, and any necessary changes to these limits and authorities;
E. Establish a monitoring system to ensure that limits set are observed and that immediate corrective actions are taken whenever limits are breached;

F. Evaluate the magnitude, direction and distribution of risks across the Bank and its subsidiary;
G. Ensure that business units provide for ongoing review and validation of the adequacy and soundness of risk management policies and practices;
H. Create and promote an enterprise risk culture that requires and encourages the highest standards of ethical behavior by risk managers and risk-taking personnel.


1. Have its board oversee the company’s risk management function.

2. Have a formal risk management policy that guides the company’s risk management and compliance processes and procedures.

3. Design and undertake its Enterprise Risk Management (ERM) activities on the basis of, or in accordance with, internationally recognized frameworks such as but not limited to, COSO (The Committee of Sponsoring Organizations of the Treadway Commission) I and II.

4. Have a unit at the management level, headed by the Risk Management Officer (RMO).

5. Disclose sufficient information about its risk management procedures and processes as well as the key risks the company is currently facing including how these are being managed.

6. Seek external technical support in risk management when such competence is not available internally.

Contact Us

5 + 4 =


1003 10th Floor Centerpoint Condominium
Garnet Road cor. Doña Julia Vargas Ave.
Ortigas Center 1605, Pasig City
Metro Manila, Philippines


Head Office

1003 10th Floor Centerpoint Condominium
Garnet Road cor. Doña Julia Vargas Ave.
Ortigas Center 1605, Pasig City
Metro Manila, Philippines