BPCE_PILLAR_III_2017

5 CREDIT RISK

Internal ratings and risk measurements

Rating system Internal rating systemmodels are developedbased on historical data for observed defaults and losses. They are used to measure the credit risks to which Groupe BPCE is exposed, expressed as a one-year probabilityof default(PD), as a Loss Given Default(LGD) and as Credit Conversion Factors (CCF), depending on the characteristics of the transactions. The models are generally built and validated based on internal historical data from as far back as possible, in accordance with prudence and representativenessconstraints(affected portfolios and economic conditions). Internal rating systemgovernance The internal governance of rating systems is centered on the development, validation, monitoring and modification of these systems. The DRCCP is completely independent from the rest of the Group (Banque Populaire and Caisse d’Epargne networks, Natixis, Crédit Foncier and the other subsidiaries)in conductingperformance and adequacy reviews of models for credit risks, counterparty risks, and structuralALM and market risks. This role assigned to the DRCCP is based on governancedefined in a model validationcharter, and on a map of models used throughouthe Group. The validation charter for the Group’s models encompassesall types of quantitative models, and defines and specifies the duties and responsibilitiesof those involvedthroughoutthe models’life cycles. It also specifies the conditions for delegating validation, within a specific scope, to another entity besides the DRCCP validation team: the entity in question must have the necessary expertise, be independentof the team developingthe model, and have appropriate validation governance. Under these rules, the validation of certain specific PD and LGD models, IMM models for counterpartyrisk, IMA and standard models for market risk and cautious valuation models has been delegated to the independent validation team at Natixis. Developing amodel The DRCCP relies on a formalized process describing the main steps taken in developingany new model. This document,which serves as a guide for the entire documentationand validation process, is based on: a literary and general descriptionof the model, indicatingits scope ● of application (type of counterparty, type of product, business line, etc.), the main assumptions on which it is based, and any aspects not covered; a descriptive diagram summarizing how the ultimately chosen ● model works, indicating the various inputs, processes and outputs; a detailed description of themodelingsteps and approach: ●

These internal rating systems are also applied to risk supervision, authorizationsystems,internallimits on counterparties, etc., and may also serve as a basis for other processes, such as statistical provisioning. The resulting risk metrics are then used to calculate capital requirements, once they have been validated by the supervisor in compliance withregulatory requirements.

The internal validation process for new models or for changes to existing models is broken down into three steps: a review of the model and its adequacy, conducted independently ● of the entities havingworkedon the model; a review by the Group Modeling Committee, comprised of ● quantitative experts (modeling specialists and validators) and business line expertswho issuea technical opinion onthe model; validationby the DRCCP Standardsand Methods Committee,based ● on the technicalopinion issued by the Group ModelingCommittee, which decides to implement the necessary changes, particularly in terms of processes and operational adaptation. These changes are submitted,where applicable,to the European supervisoryauthority for prior approval, in accordance with Commission Delegated regulationNo. 529/2014 on changes of the Internal Ratings Based Approach used indetermining capitalrequirements. After the completion of this governance process, internal control reports and statements of decisions are made available to Group management(and supervisors for internal models used to determine capital requirements).Each year, a summaryof the performancesand adequacy of internal models is presented to the Risk Management Committee of the Group Supervisory Board. setting up the workingenvironment, - building amodelingsample, - creating samples, out-of-sample tests and out-of-time tests, - where applicable, comparing proposed models, where applicable, - justifying the choice of model (expert opinions, level of - discrimination, stability, consistency, robustness, etc.); a literary description of the model’s main risk factors. ● The internal models developed must meet strict risk discrimination and qualification criteria.

82

Risk Report Pillar III 2017