Pillar 3 Disclosure (2017)

1. Introduction

1.1. About Capital Com SV Investments Ltd

Capital Com SV Investments Ltd (the “Company”) is an investment firm regulated by the Cyprus Securities and Exchange Commission (the “CySEC”) under license number 319/17. The license permits the Company to operate as a Cyprus Investment Firm (“CIF”) and to provide investment and ancillary services with regards to specific financial instruments as these are defined in the Company’s operating license and stated below:

Investment Services and Activities:

1. Reception and transmission of orders in relation to one or more Financial Instruments
2. Execution of orders on behalf of clients
3. Dealing on own Account

Ancillary Services:

1. Safekeeping and administration of Financial Instruments, including custodianship and related services
2. Granting credits or loans to one or more financial instruments, where the firm granting the credit or loan is involved in the transaction
3. Foreign exchange services where these are connected to the provision of investment services

1.2. Regulatory Framework

Following the implementation of the EU Regulation 575/2013 (the “Regulation”) and the Investment Services and Activities and Regulated Markets Law of 2017 (the “Law”), the Company is required to disclose information relating to its capital as well as the risks that the Company is exposed to. Current disclosures are for the year ended 31^st of December 2017. The Company’s policy is to meet all required Pillar III disclosure requirements as detailed in the Capital Requirements Regulation (CRR).

The CRR framework comprises of three Pillars:

1. Pillar I sets the minimum capital and liquidity requirements the Company must adhere to and calculation methodology.
2. Pillar II requires an internal self-assessment and supervisory assessment of company-wide risk management and capital planning.
3. Pillar III sets external disclosure requirements in terms of frequency and format for uniform assessment of information on the capital structure, risk exposures, internal processes and capital adequacy.

The regulatory requirement is to publish the disclosures on an annual basis. Should there be a material change in approach used for the calculation of capital, business structure or regulatory requirements, the frequency of disclosure will be reviewed.

The Company’s Pillar III disclosures are subject to internal review and validation prior to being submitted to the Board of Directors (BoD) for approval. This includes approval by the Chief Executive Officer (CEO), the Head of Risk Management and the Chief Financial Officer (CFO). The Company’s Pillar III disclosures have been reviewed and approved by the BoD. The Company reports on a Solo basis and the reporting currency is USD.

This report is published on the Company’s website at https://www.capital.com/regulations.

2. Corporate Governance – Board and Committees

2.1. Board of Directors (BoD)

The BoD has overall responsibility for the business governance and risk appetite. It sets the strategic aims for the business, in line with delegated authority from the shareholder within a control framework, which is designed to enable risk to be assessed and managed. The BoD satisfies itself that financial controls and systems of risk management are robust.

The persons proposed for appointment to the Board should commit the necessary time and effort to fulfill their obligations. Main factors influencing the decision to propose the appointment of potential Directors include:

• Integrity and honesty
• High business acumen and judgement
• Knowledge and experience relevant to financial institutions
• Risk Management experience
• Specialized skills and knowledge in finance, accounting, law, or related subject.

The Board considers that it has in place adequate systems and controls with regard to the Company’s profile and strategy and an appropriate array of assurance mechanisms, properly resourced and skilled, to avoid or minimize loss.

In relation to other directorships, members of the BoD do not hold more directorships than is appropriate given the nature, scale and complexity of the Company’s business.

On 31^st of December 2017, the Board is comprised of 3 executive and 4 non-executive directors.

On 1st of February 2018, the Board formation changed to the below:

2.2. Governance Committees

The Company has formed several governance committees to achieve a level of elaborate governance oversight to adequately monitor its operational effectiveness and its potential risks. With growth in scale and complexity, the Company will form additional governance committees.

Remuneration Committee handles the preparation of decisions regarding remuneration, including those which have implications for the risk and risk management of the Company and which are to be taken by the BoD. More information on remuneration procedures can be found in part 3.1.

Risk Management Committee (RMC) advices the BoD on the overall current and future risk appetite and strategy. More information on risk governance can be found in in part 3.1.

Additional levels of assurance are provided by control functions, which are independent of the business operations – namely Finance, Risk, Compliance, Legal and Internal Audit. The control functions provide periodic reporting to the Board and Executive Committees as appropriate.

2.3. Information flow to Regulator and the Board of Directors (BoD)


Information of risk matters to the BoD is done through meetings with the heads of control functions and the following reports:

3. Risk Management Objectives and Policies  

The Company’s aim is to embed explicit and robust risk management practices across its entire business operations, in order to ensure that the level of risk it faces is consistent with its corporate objectives and its level of risk tolerance. This is achieved through the implementation of a comprehensive risk management framework for the identification, assessment, monitoring and control of all relevant risks. The framework also enables the Company to continually align its business objectives against a background of changing risks and uncertainty.

The risk management framework:

• Enables the Company to proactively manage its risks in a systematic manner
• Ensures that appropriate measures are in place to mitigate risks
• Creates a culture of risk awareness within the Company and
• Ensures that risk management is an integral part of the Company’s decision-making process.

The following table sets out a number of key measures used to monitor the Company’s risk profile:

3.1 Risk Management Governance

The BoD is ultimately responsible for the risk management framework of the Company. The risk management framework is the totality of systems, structures, policies, processes and people within the Company that identify, assess, mitigate and monitor all internal and external sources of risk that could have a material impact on the Company’s operations.

The Board is responsible for reviewing the effectiveness of the Company’s risk management arrangements and systems of financial and internal control. These are designed to manage rather than eliminate the risks of not achieving business objectives, and, as such, offer reasonable but not absolute assurance against fraud, material misstatement and loss.

The RMC plays a central role in ensuring compliance with the Company’s risk management strategy and policies. The ability of the RMC to carry out its responsibilities effectively and in an unbiased manner rests on its independence. Structurally, risk management is a separate unit independent of the business, with the RMC reporting directly to the BoD.

In order to ensure effective risk management, the Company has adopted the “three lines of defense model”, with clearly defined roles and responsibilities.

First line of defense: Managers are responsible for establishing an effective control framework within their area of operations and identifying and controlling all risks so that they are operating within the organizational risk appetite and are fully compliant with Company’s policies and where appropriate defined thresholds.

Second line of defense: The Risk Management Function is responsible for proposing to the Board appropriate objectives and measures to define the Company’s risk appetite and for devising the suite of policies necessary to control the business including the overarching framework and for independently monitoring the risk profile, providing additional assurance where required. Members of the Risk Management Function leverage their expertise by providing frameworks, tools and techniques and assist management in meeting their responsibilities, as well as acting as a central coordinator to identify enterprise wide risks and make recommendations to address them.

Third line of defense: Comprises the Internal Audit Function which is responsible for providing assurance to the Board and senior management on the adequacy of design and operational effectiveness of the systems of internal controls.

3.2 Risk Appetite

Risk Appetite limits the risks which the business can accept in pursuit of its strategic objectives. It is formally reviewed annually and is monitored on an ongoing basis for adherence. Risk Appetite is formally formulated in the Company’s business plan. The Company’s strategic, capital and liquidity plans are set with reference to Risk Appetite.

The Board approves the Risk Appetite, which defines the level of risk that the Company is prepared to accept to achieve its strategic objectives and is translated into specific risk measures that are tracked, monitored and reported to the Board. The Risk Appetite framework has been designed to create clear links to the strategic long-term plan, capital planning, stress testing and the Company’s risk management framework. The review and approval processes are undertaken at least annually. The Company’s Risk Appetite covers three core areas, financial risk, reputational risk and operational risk.

3.3 Stress Testing

This is an important risk management tool used by the Risk Management function to test the Company’s response in various scenarios. Stress tests are used for both internal as well as regulatory purposes and assist in developing the risk profile of the Company. Also, stress testing allows the BoD and Senior Management to determine if the Company’s exposure is within the accepted risk limits.

The Company is required to prepare and make available upon request periodic Internal Capital Adequacy Assessment Process (ICAAP) reports which set out future plans, their impact on capital availability and requirements and the risks to capital adequacy under potential stress scenarios.

4. Principal Business Risks

4.1 Credit Risk

Credit risk is the risk associated with a financial loss or potential financial loss from counterparties failing to fulfil their financial obligations. Generally, credit risk can be derived from the following areas:

1. Cash deposits
2. Other Assets

The Company’s objective in managing credit risk exposures is to maintain them within parameters that reflect the strategic objectives and risk tolerance. Sources of credit risk are assessed and monitored, and the Company has policies to manage the specific risks within the various subcategories of credit risk. To assess counterparty credit risk, the Company performs Due Diligence in addition to using available ratings assigned by external rating agencies. General market reputation is also taken into account.

Table with credit exposure per credit quality step as at 31/12/2017:

Table with credit exposure per class as at 31/12/2017 in $000:

4.2 Operational Risk

Operational risk is the risk of loss resulting from inadequate or failed internal processes, people and systems, or from external events. In general, operational risk can be derived from the following areas:

• Internal Procedures & Controls
• Business Disruption and System Failure due to acts of God, External or Internal causes
• Legal Risk from fraud (internal/external) or other criminal activity
• Employee error or omission
• Regulatory changes
• Conflicts of interest

The Company’s exposure to operational risk is limited to the extent of its current scale and complexity. The Company has a comprehensive framework with a common approach to identify, assess, quantify, mitigate, monitor and report operational risk. Overall planning, coordination, and monitoring is centralized however, most operational risks are managed within the departments in which they arise.

In addition to its overall framework, in order to mitigate operational risks, the Company has specific processes and systems in place to focus continuously on high priority operational matters such as information security, managing business continuity and combating fraud.

The Company uses the Basic Indicator Approach for measuring its minimum capital requirements for Operational Risk. As at 31^st of December 2017, the capital requirement for operational risk amounted to $400,905.

4.3 Market Risk

Market risk is the risk stemming from adverse movements in several drivers which may relate to the Company’s trading book and balance sheet positions. Such fluctuating risk drivers resulting in market risk include:

1. Changes in Financial instruments prices
2. Changes in Interest rates
3. Changes in Currency exchange rates

The Company employs a Risk Manager and highly skilled Dealing on Own Account and Trading Departments are established, who are continuously monitoring the market movements and act accordingly to hedge the excessive exposure and maintain risk within acceptance limits.

4.3.1 Financial Instrument Prices

Risks arising from changes in financial instruments prices could affect the Company’s liquidity, reported income, surplus and regulatory capital position. Such exposure includes, but is not limited to, equities and commodities.

Presently, the Company is exposed to market risk coming from changes in financial instrument prices due to its business model, that of a market maker. The Company is authorized to Deal on Own Account, thus, it acts as counterparty to its clients’ trading. Limits of maximum risk tolerated are set and honored. Any excess risk above tolerance levels is hedged with the Company’s Liquidity providers.

4.3.2 Interest rates

Interest rate risk is the risk that the value of financial instruments will fluctuate due to changes in market interest rates. The Company’s exposure is mainly stemming of own cash deposited in Credit Institutions which bear interest at normal commercial rates.

The Company’s Finance Department monitors the interest rate fluctuations on a continuous basis despite the lack of interest rate risk given the deposit only nature of its exposure. Under the current conditions, the Company places greater emphasis on diversifying its exposure to more than one institution (credit risk) than dealing with the potential effects of interest rate fluctuations (market risk).

4.3.3 Currency exchange rates

The Company is exposed to currency risk, the risk of loss resulting from changes in exchange rates. The Company is exposed to the financial impact arising from changes in the exchange rates of various currencies in three ways. Firstly, the Company may receive income in a currency other than USD, which is the reporting currency of the Company. Secondly, the Company maintains deposit balances in currencies other than USD. Thirdly, the Company is exposed due to being the counterparty to clients’ trading in Contracts For Difference (CFDs) in Foreign exchange pairs.

Findings: The Company continues to regularly monitor the impact of exchange rate risks and if deemed necessary corrective actions will be taken to minimize the effect. The said risk is deemed significant and maximum tolerance limits are set. The Company acts to hedge excess exposure.

The Company uses the standardized approach for measuring market risk. The table below shows the capital requirements for market risk as at 31/12/2017:

4.4 Capital Risk

Capital risk is the risk that the Company will not comply with capital adequacy requirements as instructed by CySEC Directives.

The BoD will safeguard the Company’s ability to continue as a going concern and is testing Company’s capital against regulatory requirements. The Company is required to keep a minimum capital adequacy ratio and to report on this quarterly. Daily monitoring of the capital adequacy ratio is in effect.

4.5 Liquidity Risk

Liquidity risk is the risk that the Company may not have sufficient liquid financial resources to meet its obligations when they fall due or would have to incur excessive costs to do so.

The Company’s policy is to maintain adequate liquidity and contingent liquidity to meet its liquidity needs under both normal and stressed conditions. To achieve this, the Company monitors and manages its liquidity needs on an ongoing basis. The Company also ensures that it has sufficient cash on demand to meet expected operational expenses. This excludes the potential impact of extreme circumstances that cannot reasonably be predicted, such as natural disasters.

4.6 Strategic Risk

Strategic risk corresponds to the unintended risk that can result as a by-product of planning or executing the strategy. A strategy is a long-term plan of action designed to allow the Company to achieve its goals and aspirations. Strategic risks can arise from:

• Inadequate assessment of strategic plans
• Improper implementation of strategic plans and
• Unexpected changes to assumptions underlying strategic plans.

Risk considerations are a key element in the strategic decision-making process. The Company assesses the implications of strategic decisions on risk-based return measures and risk-based capital to optimize the risk-return profile and to take advantage of economically profitable growth opportunities as they arise.

4.7 Reputational Risk

Reputational risk can arise from direct Company actions or from actions of third parties that it may or may not have a relationship with. Such Company actions may include internal security breaches, employee fraud, client misinformation, mistakes in handling client requests and any other actions that can lead to significant negative public opinion and subsequently loss of business and income. Third party actions can include problems with the provision of the outsourced services that can lead to operational interruptions, database hosting and security, spreading of rumors and unsubstantiated information.

The Company strives to preserve its reputation by adhering to applicable laws and regulations, and by following the core values and principles of the Company, which include integrity and good business practice. The Company centrally manages certain aspects of reputation risk, for example communications, through functions with the appropriate expertise. It also places great emphasis on the information technology security which is one of the main causes of such reputational risk manifestation.

4.8 Business Risk

Business risk is the risk of financial loss due to business cycles and conditions fluctuations over time. Possible deterioration in business or economic conditions.

Business risk in the brokerage business is particularly significant due to the lack of predictability of financial markets in a reliable manner. The uncertainty surrounding events and factors which affect financial markets is substantial and due to the effect, these have on the behaviour of brokerage clients, it makes business risk particularly significant and unpredictable.

The Company will project forward its financial position taking into account this risk. Adequate margin of safety will be employed at all times in order to address the lack of predictability of business cycles in the brokerage business.

5. Remuneration Policy

The purpose of the Company’s Remuneration Policy is to ensure the consistent implementation of the Regulatory conflicts of interest and conduct of business requirements in the area of remuneration.

The remuneration policy and practices of the Company are designed in such a way to avoid exposing the Company into excessive or undue risks. Moreover, they are targeted to avoid creating incentives that may lead relevant persons to favor their own interest, or the firm’s interests, to the potential detriment of clients. The Company has set up adequate controls for compliance with the regulatory requirements on the remuneration policy and practices. The controls are implemented throughout the Company and are subject to periodic review. These address all relevant factors such as:

• the role performed by relevant persons
• the type of products offered
• the methods of distribution
• the balance between fixed and variable components of the total remuneration
• appropriate qualitative and quantitative criteria to assess the performance of relevant persons

The Remuneration Committee is responsible for determining and approving the Company’s remuneration policy and practices. The Committee is also responsible to monitor the Company’s compliance towards the approved policy and to identify and work towards any deficiencies. The Committee meets at least once a year, and whenever the need arises, to discuss issues and to reformulate the policy where this is necessary on account of changes and developments, whether internal to the Company or external in its market environment. Any changes in the Company’s remuneration policy can be brought about only as a result of a decision of its Remuneration Committee.

The Company’s annual remuneration to senior management and staff members for 2017 was as follows:

6. Leverage Ratio

The leverage ratio is a new monitoring tool which will allow the competent authorities to assess the risk of excessive leverage in their respective institutions. According to the CRR, the investment firms have to report all necessary information on the leverage ratio and its components.

As at 31/12/2017 the Company has a leverage ratio of 41.3%.

7. Capital Base

At 31^st of December 2017 the Capital base of the Company was as follows:

8. Capital Adequacy

Based on the Company’s authorization, quarterly Capital Adequacy Reports are prepared and submitted to the CySEC. The Capital Adequacy Reports are prepared on a solo basis and the reporting currency is USD.

The primary objective of the Company’s capital management is to ensure that the Company complies with regulatory imposed capital requirements and that the Company maintains healthy capital ratios in order to support its business and maximize shareholders’ value.

According to the CRR, the minimum capital adequacy ratio is 8% and the minimum initial capital requirement is €730,000. As at 31 December 2017, the Company’s total risk exposure amount was $15,031,300 resulting in a capital adequacy ratio of 10.28%, higher than the minimum required of 8%. The Company’s total eligible capital was $1,545,289 well above the minimum threshold.

Additionally, the Company is required to keep a capital conservation buffer of 1.25% of the total risk weighted exposures and an Institution-specific countercyclical capital buffer which depends on geographical distribution of credit exposures.

9. Further Information

Questions to this Report should be addressed to the Compliance Department.
Compliance department:
compliance@capital.com

Pillar 3 Disclosure V 2.0

31.05.2018