Limit framework

From Open Risk Manual


A Limit Framework (also Risk Limit Framework) is a set of policies used by financial institutions (or other firms that actively assume quantifiable risks) to govern in a quantitative manner the maximum risk Exposure permitted for an individual, trading desk, business line etc.

A limit framework is expressing the Risk Appetite of an institution to assume certain risks. The operational assumption is that staying within the risk limits defined by the framework is consistent with the degree of risk the firm is willing to accept while pursuing its business model

Best Practice

A number of recommendations for organizing a limit framework are presented in[1]

  • Risk limits should be specific and sensitive to the shape of actual portfolios, measurable, frequency-based, reportable, and based on forward looking assumptions. Having risk limits that are measurable can prevent a financial institution from unknowingly exceeding its risk capacity as market conditions change and be an effective defence against excessive risk-taking.
  • In setting risk limits, financial institutions need to consider the interaction between risks within and across business lines, and their correlated or compounding impact on exposures and outcomes.
  • The number of chosen limits should balance the trade-off between comprehensiveness, and the monitoring costs and effectiveness.
  • Risk limits must be established for business lines and legal entities as relevant and generally expressed relative to earnings, capital, liquidity or other relevant measures (e.g. growth, volatility);
  • Must include material risk concentrations at the institution or group-wide, business line and legal entity levels as relevant (e.g. counterparty, industry, country/region, collateral type, product);
  • Although referenced to market best practices and benchmarks, should not be strictly based on comparison to peers or default to regulatory limits;
  • Should not be overly complicated, ambiguous, or subjective;
  • Should be monitored regularly.


An institution should set top-down and group-wide concentration risk limit structures (including appropriate sub-limits across business units or entities and across risk types) for exposures to counterparties or groups of related counterparties, sectors or industries, as well as exposures to specific products or markets.[2]

  • The Hierarchical Limit Structure will be reflecting the precise business of the organization and will be reflecting an adopted Credit Risk Hierarchy. As an example, from highest to most granular:
    • Total Limit
    • By Legal Entity
    • By Business Sector
    • By Region / Country
    • By Single Obligor Exposure etc.
    • By Business Line
    • By Trading Desk
  • The limit framework will typically specify the frequency of review of Limit Utilization and the escalation procedure in case of Limit Breach
  • Stress Testing will typically involve the limit framework and incorporate the impact of adverse scenarios on risk limits

Regulatory Expectations

Most supervisors require limits to be monitored by the Risk Management Function, and breaches to be reported to the respective risk committees and taken into account in the performance measurement of the respective business lines.

With regard to the risk limit setting process, most supervisors consider not only limits on individual risks but also the correlation among them. Supervisors then verify if limits are

  • closely related to the bank’s capital plans
  • based on forward-looking assumptions
  • are comprehensive; and
  • easily monitored.

Some supervisors require banks to define action points or activate warning lights in terms of Capital adequacy (based on indicators such as Economic Capital, Value-at-Risk and Expected Shortfall). Other supervisors require that these limits reflect the importance of the bank for the financi al system and be defined in terms of its equity, total assets, profits or level of total risk.


An example of a formally established regulatory limit framework is the Large Exposures Framework

Incorporating Diversification

A hierarchy of limits may not be consistent as one considers various segmentations. For example consideration of the Diversification Benefit will typically be a require feature, in the sense that in a Hierarchical Limit Structure higher (more aggregated) nodes will have limits that are lower than the sum of the sub-units (otherwise the limit structure may become overly and unintentionally restrictive)

This challenge of distributing a consistent diversification benefit is one contributing factor for the popularity of Value at Risk and Economic Capital type quantitative risk frameworks as they enable a consistent allocation of risk (and enforcement of risk limits)

Issues and Challenges

A limit framework inherits all the issues and challenges of individual risk limits as documented in the Risk Limit entry. In addition there are challenges related to the operation of a collection of such limits

  • It may be difficult to translate a high level and potentially purely qualitative Risk Appetite statement into unique, quantitative and granular limit framework
  • The defined risk limits as defined at granular level may be misaligned in the aggregate with the firm's strategy as expressed e.g. in business targets
  • There may be inadequate capability to properly aggregate and enforce limits across diverse business lines and products

See Also


  1. FSB, Principles for An Effective Risk Appetite Framework, 2013
  2. CEBS Guidelines on the management of concentration risk under the supervisory review process (GL31), 2010