NATIXIS -2020 Universal Registration Document

RISK FACTORS, RISK MANAGEMENT AND PILLAR III Risk management

The framework defined by these risk policies distinguishesbetween recommendationsbased on best practices, and strict (qualitativeor quantitative) supervisory criteria, any deviation from which affects the decision-making process and the usual system of limit authorizations. The quantitative framework is generally based on: commitment ceilings by business line or sector; V commitment sub-limits by type of counterparty, type of product, V or sometimes by geographic region. This framework helps monitor the concentration of the bank’s commitments in relation to a given sector or type of risk. The qualitative framework is, for its part, built on the following criteria: business sectors: preferred sectors, banned sectors; V targets: customers to be targeted or excluded based on various V criteria (size, rating, country of operation, etc.); structuring: maximum durations, financial ratios, contractual V clauses, collateral arrangement, etc.; products. V Checks are carried out as required during the individual processing of loan applications to ensure the correct application of the risk policy. Overall monitoring also takes place on a quarterly basis (checking compliance with ceilings and the number of deviations) and is presented to the Global Risk Committees. General principles for granting 3.2.3.3 loans and managing credit risk (Data certified by the Statutory Auditors in accordancewith IFRS 7) Natixis’ credit risk measurement and management procedures are based on: a standardizedrisk-taking process, structuredvia a systemof limit V authorizations and decision-making Committees; independent analyses carried out by the risk division during the V loan application review process; rating tools and methodologies providing standardized and V tailored assessments of counterparty risk, thereby making it possible to evaluate the probability of default within one year and the loss given default; information systems that give an overview of outstanding loans V and credit limits. risk management (Data certified by the Statutory Auditors in accordancewith IFRS 7) The principles of counterparty risk management are based on: measurement of exposure to counterparty risk; V counterparty risk limits and allocation procedures; V a value adjustment in respect of counterpartyrisk (credit valuation V adjustment); counterparty risk mitigation; V incorporation of wrong-way risk. V Counterparty 3.2.3.4

Credit 3.2.3

and counterparty risks Organization 3.2.3.1 The risk control framework is overseen by the risk division with the active involvement of all the bank’s businesses and support functions. All the internal standards, policies and procedures are consistent with BPCE’s framework and are reviewed periodically to take into account the results of internal controls, regulatorychanges and the bank’s risk appetite. Credit risk management and control are performed in accordance with the segregation of duties. Accordingly, together with the other divisions, the risk division is in charge of monitoring credit risk through various departments that: define the credit risks policies and internal credit risk V management procedures; set credit risk limits and exposure thresholds; V issue transaction authorizations after a counter-analysis of the V credit risk and the counterparty risk in line with the processes for credit approval and limit authorization; monitor exposures and report to Natixis’ senior management. V Working with the businesses, the main duty of the risk division is to provide an opinion, based on all relevant and useful information, on the risks taken by the bank. Credit decisions are made within the limit authorizations granted jointly to the business lines and to certain members of the risk function, and are approved personally by the Chief Executive Officer or any other person he authorizes to that end. They are sized by counterparty category and internal credit rating, and by the nature and duration of the commitment.Furthermore, these authorizations can be exercised only when the transaction satisfies the criteria set out in the risk policy of each sector and activity. In conjunction with BPCE, Natixis has defined the rating methods applicable to the asset classes held jointly. Objectives and policy 3.2.3.2 Natixis’ risk policies have been defined as a component of the bank’s overall risk appetite and credit risk control and management framework.The policies are the product of consultationbetween the risk division and the bank’s various business lines, and are intended to establish a framework for risk-taking while applying risk appetite and Natixis’ strategic vision by business line or by sector. Natixis now has some 20 risk policies, which are regularly revised and cover the various Corporate & Investment Banking businesses (corporates, LBO, aircraft finance, real estate finance, project finance, commodities finance, banks, insurance, etc.) and those of the subsidiaries. define internal rating methodologies and models; V implement second-level permanent controls; V

3

129

www.natixis.com

NATIXIS UNIVERSAL REGISTRATION DOCUMENT 2020