Annual report 2025
Ícone Download
en
pt
Menu
Foto How we operate

How we operate

How we fund our activities

We are currently one of only four banks in Brazil with an international investment grade rating, according to Moody’s

Our funding strategy combines qualified management of asset origination and structuring with the unremitting pursuit of diversified sources of funds. Using our knowledge of the Brazilian and global markets, we identify competitive cost and maturity conditions in all transactions, assuring efficiency and preserving our financial soundness.

Our Funding team is responsible for structuring and trading fixed-income securities and bilateral transactions with institutional clients, such as banks, asset managers, investment platforms and insurers.

Through this structure and a commitment to strict compliance, we make sure to strengthen the security and transparency of our processes, both in Brazil and abroad.

Our processes are organized
into two main groups:

Brazilian market: we mainly work with instruments such as LCAs (agribusiness credit bills) and LFs (financial bills).

Global markets: here we focus on expanding our network of relationships with banks in Asia, the Middle East, North America and Europe, among other markets.

Credit ratings

The consistency of this strategy is recognized by the world’s leading credit rating agencies.

In September 2025, Moody’s reaffirmed BOCOM BBM’s global-scale local- and foreign-currency deposit ratings of Baa3. With this assessment, the Bank consolidated its 2024 achievement of investment grade.

In May 2025, Moody’s reaffirmed AAA.br rating with a stable outlook, the best possible credit rating in this category.

Fitch also reaffirmed its ratings in 2025. In June, it assigned global-scale long-term issuer default ratings (IDR) BB+ and BBB- in foreign currency and local currency respectively; both were better than Brazil’s sovereign rating. Its national-scale rating remained AAA (bra).

We are currently one of only four banks in Brazil with an international investment grade rating, according to Moody’s

Icone Gráfico
Funding | Type of investor
Funding | Sources

Type of investor

Icone Gráfico
Funding | Type of investor
Funding | Sources

Sources

Icone Gráfico
Funding | Type of investor
Funding | Sources

Type of investor

Icone Gráfico
Funding | Type of investor
Funding | Sources

Sources

Imagem Paralax

How we control risk

We continuously improve our processes in order to stay at the cutting edge of the financial services industry in Brazil

We have a long tradition of excellence in risk management based on the highest standards of corporate governance, and on the development and continuous improvement of methodologies and proprietary models adapted to the business environment in Brazil.

We operate at the cutting edge of the financial services industry, always prioritizing transparency and security in our processes. Above all, we aim to contribute to the development of sustainable businesses and assure a strong long-term performance for the Bank.

This approach enables us to extend credit securely and responsibly, and to manage liquidity in a proper, efficient and transparent manner, contributing directly to value creation in our business operations.

More details of our model are set out below.

 

Through our risk management model, we monitor and manage the following risks in an agile and efficient manner:

Credit risk
Market risk
Liquidity Risk
Operational risk
Social, environmental and
climate-related risks
Information security risk
Country risk
Reputational risk
Close

Credit risk

Market risk

Liquidity Risk

Operational risk

Information security risk

Country risk

Reputational risk

Credit risk

Definition

Credit risk is the possibility of losses associated with failure by borrowers to honor their financial commitments on time and in accordance with their contractual obligations.

How we manage it

Our credit risk management framework comprises seven agents:

Credit Committee

Sets credit limits for business groups; tracks and assesses the portfolio and levels of concentration and risk; executes the Bank’s credit policies; and establishes deadlines for solutions to issues relating to past-due loans or to deteriorating loan guarantees. If debt collection via the courts is necessary, for example, it decides when to file suit.

Board of Directors

Oversees and approves risk management policies and limits at least once a year.

Credit Risk

Monitors the credit risk associated with operations in accordance with the Bank’s rules and goals. Its responsibilities include monitoring, identifying, measuring, controlling and reporting credit risk, and assuring compliance with the limits set by the Bank. It also analyzes the information relating to individual risk per transaction and consolidated credit portfolio risk, and produces reports used by the Credit Committee. In our organizational structure, it reports to the Chief Risk Officer (CRO).

Credit Analysis

Analyzes the credit risk of business groups with which the Bank has or plans to have credit relationships.

Legal

Drafts or approves all contracts signed by the Bank with clients; analyzes and coordinates action to collect debts and protect the Bank’s judicial rights.

Contract Control

Analyzes credit transactions in two ways: ensuring that they comply with the terms and conditions stipulated in the Credit Limit Proposal (CLP), and that loan security is in order; and issuing the contracts signed by the Bank with clients.

Internal Auditing

Assesses and continuously monitors all business units and credit facility extension processes to ensure they are implemented in accordance with the Bank’s governance and risk management policies.

Market risk

Definition

Market risk is the possibility of losses to the market value of portfolios, instruments or investments due to price, interest-rate or exchange-rate changes. Inflation and fluctuations in stock and commodity prices are some of the key market risk factors.

How we manage it

We have a team and specialized tools to identify, measure and monitor the risks we assume in this segment. The unit reports to the CRO and shares its analyses with the Risk Committee and Executive Committee. Our framework comprises the following:

Risk Committee

Holds quarterly meetings, reviews our risk policies, and sets operational limits for market risk, which are approved by the Board of Directors.

Market Risk

This team is responsible for calculating and managing market risk metrics.

Pricing

Establishes the pricing models and sources used to mark products to market, independently of management areas, among other responsibilities.

Internal Auditing

Ensures that our market risk management policies are consistent and fit for purpose.

Monitoring of VaR

We use Value at Risk (VaR) as one of the main statistical tools to monitor the Bank’s risk. The aim is to measure the level of the institution’s exposure and the potential loss of financial value for a given confidence level and timeframe.

VaR is calculated on a daily basis, taking into account the Bank’s exposure to different market risks. To enhance reliability, the VaR calculation model is regularly backtested (tested against historical data).

The Chief Treasury Officer may allocate the VaR limit among several risk factors. The Risk Committee establishes stress scenarios every quarter, independently of management areas, and these scenarios are analyzed on a daily basis by our team.

 

Liquidity Risk

Definition

Liquidity risk is the possibility of mismatching of maturities, indexation mechanisms, currencies and/or values of possible payments and receivables. In other words, it is the risk that the institution is unable to honor its financial obligations, expected and unexpected, without affecting day-to-day operations and without incurring significant losses.

How we manage it

The Bank’s liquidity risk management strategy is oriented by its liquidity goals, in accordance with guidelines predefined by the Risk Committee and approved by the Board of Directors.

The aim is to guarantee business continuity by ensuring that there will always be  sufficient funds to honor all liabilities and commitments, even in adverse situations.

Our team analyzes the information needed for liquidity risk management on the basis of calculations performed to anticipate possible future issues. All actions are planned considering projected cash flow in expected scenarios and situations of financial stress.

We also monitor implicit risk for each client, additional funds required to settle debts, operating losses, marking to market of derivatives, and other obligations.

The main remit of Liquidity Risk, which reports to the CRO, is to assure compliance with the operational limits set. It is also responsible for distributing internal reports to support decision making.

In this context, Internal Auditing has three principal tasks:

  • Guaranteeing the adequacy of procedures;

  • Assuring consistency across policies;

  • Verifying the framework as implemented.

Operational risk

Definition

Operational risk is the possibility of losses resulting from external events or failure, deficiency or inadequacy of internal processes, systems or people. It also includes the legal risk associated with inadequacy or deficiency in contracts entered into by the Bank, sanctions due to failure to comply with legal requirements, and third-party damages arising from the institution’s activities.

How we manage it

Our Operational Risk Management Policy formalizes the methodology, processes, roles and responsibilities in procedures for document registration and storage of the information used to manage operational risk. The document is accessible to all members of our staff.

Operational Risk is segregated from Internal Auditing and reports to the CRO. It is responsible for ensuring that the Bank’s risk management activities are transparent, follow industry best practices, and comply with the applicable rules and regulations.

Information security risk

Definition

Potential damage due to unauthorized access to digital information, and/or its unauthorized use, disclosure, disruption, alteration or destruction. This risk can have a variety of origins, including cyberthreats, data breaches, malware, and other security incidents that compromise the confidentiality, integrity and availability of information.

How we manage it

Our mitigation strategy is threefold:

Governance

We have an Information Security Policy in line with National Monetary Council (CMN) Resolution No. 4,893, dated April 26, 2018. Its key requirements are as follows:

• Assuring the confidentiality, integrity, security and availability of the data and information systems used by the Bank;

• Recording, analyzing the causes and assessing the impact of events relating to the security of BOCOM BBM’s information, and controlling for incidents that impact the institution’s activities.

Tools

We continuously invest in new technologies that seek to prevent, detect and reduce our vulnerability to cyberattacks. We also implement specific controls, including those relating to information traceability, that seek to guarantee the security of sensitive information and monitoring of our data.

Team training

The Information Security team is responsible for designing, overseeing and monitoring information protection measures at all levels. It interacts with other teams responsible for assuring compliance with the applicable rules and regulations, and with technology teams to implement improvements to existing controls, processes and technologies.

As part of our strategy, we also invest in Information Security team training and in awareness raising for all employees and stakeholders.

 

Country risk

Definition

Country risk refers to economic, political and social events and changes in a country or region that result in the inability or refusal to pay debts or cause losses to creditors. It has several components, including sovereign risk, transfer risk, contagion risk, currency risk, macroeconomic risk, political risk, and indirect country risk.

How we manage it

We identify, measure, monitor and control for country risk by means of procedures compatible with our strategic objectives, our exposure to risk, and the complexity of our business.

Reputational risk

Definition

Reputational risk refers to the possibility of internal or external events that may damage BOCOM BBM’s reputation with stakeholders, including clients and staff, as well as the media and general public.

How we manage it

We use a classification mechanism that helps us assess events potentially affecting reputational risk based on factors including the nature and severity of such events, as well as their dissemination, speed, impact and development. We prepare response plans accordingly and have also implemented a reporting mechanism with timelines that vary depending on the significance of the event.

We use additional controls and procedures to identify and prevent potential threats to our reputation:

• Monitoring publications and the media to ensure that any mention of BOCOM BBM is noted and appropriately dealt with;

• Due diligence of parties with which the Bank has relationships, as required by our AML policy and procedures;

• Measures and controls based on regulatory requirements and industry best practices to assure information security and business continuity;

• Ombudsman and whistleblower channels to respond to staff and user complaints;

• Routine monitoring to detect the issuance of regulations that may impact the Bank’s activities and processes;

• Continuous monitoring and tracking of operational risk events reported by business areas.

ico-catraca

ico-catraca
Integrated collective participation

Our risk management is conducted in an integrated manner by the Bank’s senior executives and all our staff. This approach ensures that everyone actively participates in risk monitoring, assessment and control, further strengthening our governance and decision-making processes.

The Board of Directors is responsible for establishing the Bank’s risk management guidelines, responsibilities and models. It also approves the Risk Appetite Statement (RAS), which serves as a basis for our control policies and practices.

Our teams take care of implementing and following processes in accordance with the guidelines set by the Board of Directors. To this end they use risk models and parameters in such activities as calculations of economic capital, funding policy, origination, and credit portfolio management.

ico-compliance

ico-compliance
Compliance

Our Compliance team is one of the pillars of the Bank’s corporate governance structure. Its role is to ensure that all employees, managers and senior executives of BOCOM BBM follow the highest standards of integrity and responsible conduct, in conformity with our internal policies and the applicable laws and regulations.

The Compliance team is supported by top management, which is also directly involved in the respective activities. The Compliance Committee reports to the Board of Directors via the Executive Committee.

Our Code of Ethics and Conduct establishes the four basic principles that guide our activities: transparency, integrity, responsibility and excellence.

Our compliance culture is disseminated by means of periodical training sessions, close monitoring, and the production of internal normative documents.

These initiatives also help prevent money laundering, thwart terrorism financing and combat corrupt practices, strengthening the integrity and sustainability of our business day after day.

ico-denuncias

ico-denuncias
Whistleblower channel

We provide a whistleblower channel for employees, contractors, users, partners and suppliers to report, anonymously if they wish, situations relating to BOCOM BBM’s activities that involve evidence that laws have been broken or guidelines established in our Code of Ethics and Conduct have been flouted.

E-mail: hotline@bocombbm.com.br

Tel: (21) 2514–7788/ (11) 3704–0511

Postal address: Av. Barão de Tefé, 34 – 20° andar – CEP: 20220–460 – Rio de Janeiro – RJ

C/O: Gerente de Compliance

How we decide

Our governance structure comprises the Shareholders’ Meeting, the Board of Directors, the Executive Committee, and 14 specialized committees, including the Diversity Committee.

All decisions taken by these bodies reflect our commitment to transparency, agility, effectiveness and security.

BOCOM BBM’s guidelines are periodically updated to ensure they are in line with best practices in the financial services industry.

The responsibilities of these bodies are detailed below.

Click
imagem-decidimos-en
Ícone Download
Corporate governance
imagem-decidimos-en

Our people

Valorizing all members of our staff is a fundamental premise of our organizational culture. At BOCOM BBM, we work continuously to identify professionals with high potential and offer the necessary conditions for them to develop their competencies fully in a collaborative environment that permits constant sharing of experiences and knowledge.

Attracting and retaining talent

Our talent attraction strategy calls for action on various fronts to identify and select the professionals most qualified to join our team.

We are proud to partner with the best universities and research centers in Brazil, offering scholarships for monitors and undergraduates, as well as graduates who are studying for MBAs and doctorates in economics.

We also support and sponsor conferences, career fairs, trade shows and marathons to build a bridge between academia and the job market, stimulate an exchange of knowledge, and facilitate networking with the corporate world.

Our people management team strives to motivate and retain the most talented professionals, offering a dynamic and intellectually challenging workplace, a continuous pursuit of excellence, and competitive compensation based on meritocracy.

Professional development

We are strongly committed to the development of our professionals and invest consistently in the creation of opportunities for everyone to be able to achieve their full potential. This strategy directly affects the formation of leaders in our organization: around 88% of our senior executives and 70% of our managers began their careers at BOCOM BBM (see chart).

Our processes are dynamic and meritocratic, enabling each and every member of staff to develop a well-structured career aligned with the institution’s strategic objectives. We aim to foster an inclusive, diverse and safe workplace with opportunities accessible to all and practices governed by our Code of Ethics and Conduct, which grounds our actions in the principles of fairness and transparency.

Managers keep a close eye on the progress of each team member, and compensation includes a semiannual variable bonus based on an assessment process that takes into account both individual contributions and collective performance, ensuring that each person’s results are aligned with the Bank’s long-term goals.

Icone Gráfico
Professional growth
Academic profile

Icone Gráfico
Professional growth
Academic profile

Icone Gráfico
Professional growth
Academic profile

Icone Gráfico
Professional growth
Academic profile

To Up

This website uses cookies that record your access and interaction data in order to improve your experience using the site. By continuing to browse, you agree to the use of all cookies as outlined in our Privacy Policy.

Accept