Navigation and service of the Landwirtschaftlichen Rentenbank

jump directly to:

Logo der Rentenbank

open the mobile menu

Organisation of risk management

Overall responsibility for the RMS lies with the Management Board. It is informed regularly and on an ad hoc basis about the risk situation.

As part of its regular meetings, the Supervisory Board is informed by the Management Board about the risk situation; if material risk-relevant events occur, ad hoc information is provided.

The Supervisory Board has established various committees to address specific topics. In the Risk Committee, the Management Board reports on the risk situation. In addition to discussing the risk situation, the Risk Committee addresses the risk strategy and material risk-related matters. The Audit Committee focuses in particular on the audit report and the annual financial statements. Both committees, as well as the competent supervisory authorities, receive the risk report on a quarterly basis.Graphical representation of the organisation of risk management.

Rentenbank has established various bodies for business and risk management. The central body for risk management is the Risk Board, which meets at least quarterly. It discusses key questions and topics relating to risk management and advises the Management Board on these matters. In addition to the Management Board, its members are the heads of the Risk Controlling Department and the Cyber Security & Non-Financial Risk Department, as well as the heads of the Credit, Finance, Treasury and Promotional activity divisions. The Financial Board addresses Rentenbank’s financial position, while the Market Board deals with promotional activity topics and treasury topics. The Sustainability Board addresses the requirements and the operational and strategic implications of sustainability for Rentenbank.

To ensure a robust RMS, Rentenbank has organised its Internal Control System (ICS) within a clear three-lines-of-defence structure. The first line of defence consists of primary and key controls in the operational units. The second line of defence comprises the Regulatory Working Group (Arbeitskreis Regulatorische Themen; ART), the special MaRisk functions Risk Controlling and Compliance, the ICT risk control function under the Digital Operational Resilience Act (DORA), the Chief Information Security Officer (CISO), the Central Outsourcing Officer, the officers responsible for anti-money laundering and other criminal offences, and the Data Protection Officer. Internal Audit constitutes the third line of defence.

Responsibility for the Risk Controlling function under MaRisk (Mindestanforderungen an das Risikomanagement; minimum requirements for risk management) lies with the Chief Risk Officer (CRO). The Risk Controlling Department performs key tasks of the Risk Controlling function. These include supporting senior management in all matters of risk policy, in particular in the development and implementation of the risk strategy, regularly monitoring limits within risk-bearing capacity, risk reporting, the daily valuation of financial instruments and market conformity checks, as well as risk assessment in the New Products Process (NPP). The Cyber Security & Non-Financial Risks (CNR) Department, newly established in 2025, performs a substantial part of these tasks in relation to non-financial risks.

In accordance with the requirements of MaRisk, risk monitoring and reporting are carried out independently of the Promotional activity and Treasury market divisions.

The back-office function is performed by the Credit division, which provides the independent second vote for lending decisions. In addition, this division monitors compliance with counterparty risk limits as part of credit portfolio management.
Rentenbank’s Compliance function reports directly to, and is directly subordinate to, the Management Board. In addition, a central office has been established for the prevention of money laundering, terrorist financing and other criminal offences. The Anti-Money Laundering Officer is organisationally directly subordinate to the Management Board and reports directly to it.

The CNR Department is also responsible for performing and ensuring all matters relating to information security. The head of the CNR Department performs the roles of ICT risk control function, Central Outsourcing Officer and Chief Information Security Officer.

Internal Audit reviews and evaluates, on a risk-oriented and process-independent basis, the propriety of activities and processes as well as the adequacy and effectiveness of the RMS and the ICS. It reports directly to the Management Board and performs its duties autonomously and independently.

Previous chapter Management report - Risk report (Overview)
Next chapter Risk report - Business and risk strategy