NATIXIS_REGISTRATION_DOCUMENT_2017

RISKS AND CAPITAL ADEQUACY Credit and counterparty risks

Credit and counterparty risks 3.5

The risk control frameworkis overseenby the Risk divisionwith the strong involvementof all the bank’s businessesand support functions.All the internal standards,policies and proceduresare consistentwith BPCE’s frameworkand are reviewedperiodically to take into account the results of internal controls, regulatory changesand the bank’srisk appetite. Credit risk managementand control are performedin accordance with the segregation of duties. Accordingly, together with the other divisions,the Risk division is in charge of monitoringcredit risk throughvarioussectionsthat: definethe creditrisk policiesand internalcreditriskmanagement a procedures; set credit risk limits and exposurethresholds; a issue transactionauthorizationsafter a counter-analysisof the a credit risk and the counterpartyrisk in line with the processes for credit approvaland limit authorization; monitorexposuresand report to Natixis'SeniorManagement. a Workingwith the businesses,the main duty of the Risk division is to provide an opinion, based on all relevant and useful information,on the risks taken by the bank. Credit decisionsare made within the limit authorizationsgranted jointly to the business lines and to certain members of the Risk function, and are approved personally by the Chief Executive Officer or any other person he authorizes to that end. They are sized by counterpartycategory and internal credit rating, and by the nature and duration of the commitment.Furthermore,these authorizations can be exercised only when the transaction satisfies the different criteria set out in the risk policy of each sectorand activity. In conjunctionwith BPCE, Natixishas definedthe ratingmethods applicableto the asset classesheld jointly. definemethodologiesand internalratingmodels; a implementsecond-levelpermanentcontrols; a

finance, project finance, commoditiesfinance, banks, Insurance, etc.) and the subsidiaries’ various activities (e.g. leasing for NatixisLeaseand factoringfor NatixisFactor, etc.). The framework these risk policies set out makes a distinction between recommendationsbased on good practices, and strict (qualitative or quantitative) supervisory criteria, any deviation from which affects the decision-makingprocess and the usual systemof limit authorizations. The quantitativeframeworkis generallybasedon: commitmentceilingsby businessline or sector; a commitment sub-limits by type of counterparty, type of a product,or sometimesby geographicregion. This frameworkhelps to monitor the concentrationof the banks’ commitmentsin relationto a given sectoror type of risk. The qualitative framework is for its part structured around the followingcriteria: businesssectors:preferredsectors,bannedsectors; a targets: customers to be targeted or excluded based on a variouscriteria(size, rating,countryof operation, etc.); structuring: maximum durations, financial ratios, contractual a clauses,collateralarrangement, etc. products. a Checks are carried out as required during the individual processing of loan applications to ensure that the risk policy is being correctly applied. Overall monitoringalso takes place on a quarterlybasis (checkingof compliancewith ceilingsand number of deviations)and is presentedto the GlobalRisk Committees. (Data certified by the Statutory Auditors in accordance with IFRS7) Natixis’ credit risk measurement and management procedures are basedon: a standardizedrisk-taking process, structured via a system of a limit authorizationsand decision-makingCommittees; independent analyses carried out by the Risk division during a the loan approvalreviewprocess; rating tools and methodologies providing standardized and a tailored assessments of counterparty risk, thereby making it possible to evaluate the probability of default within one year and the loss given default; information systems that give an overview of outstanding a loans and credit limits. GENERAL PRINCIPLES OF APPROVAL 3.5.2

3

TARGETS AND POLICY 3.5.1

Natixis’ risk policies have been defined as a component of the bank’s overall risk appetite and credit risk control and management framework. The policies are the product of consultation between the Risk division and the bank’s various business lines, and are intended to establish a framework for risk-taking while outlining risk appetite and Natixis’ strategic vision for each businessline or sector. Natixis now has some 20 risk policies, which are regularly revised and cover the various Corporate & Investment Banking business lines (corporate, LBO, aircraft finance, real estate

127

Natixis Registration Document 2017