MANAGEMENT RISK INTEGRAL UNIT (UAIR) INTRODUCTION The main risks that Shinhan bank México, SA, will deal with are Credit, Market, Liquidity and Operational; that s why the board of directors working aside with Risk Committee and the UAIR, has settled down methodologies for the management and control of risks in order to optimize the creation of value for shareholders, guaranteeing an adequate level of solvency. For this, the management and control of risks will configure as a large framework of principles, policies, procedures and valuation methodologies integrated into an efficient decision structure. PRINCIPLES Solvency Shinhan bank México, SA opts for a prudent and balanced policy of risks that ensure sustained growth and online profitability with the strategic objectives of the Directors Board, in order to maximize the creation of value. Therefore, it must be ensured within the structure of limits, that there are not concentration levels that could compromise a significant portion of own resources. Responsibility The board of directors are committed with the processes from management and control of the risk being their responsibility the approval of policies, limits, models of management and procedures, measurement methodologies, monitoring and control. Which they review at least once a year. In the executive sphere, exists a clear segregation from functions between business units and the units from management and control of it.
Monitoring and control Risk management are based on control procedures to adapt the pre-set limits, with responsibilities well defined on the identification and monitoring of indicators and early alerts as well as methodologies for risk assessment. SYSTEMS OF MANAGEMENT AND CONTROL RISKS Shinhan Bank México, SA, have a Management Risk Integral Unit (UAIR) with an accurate delimitation of responsibilities. This Unit reports to Risk Committee and this in turn to the Board of Directors. The UAIR tasks consist on ID, measure, watch over, limit, control, inform and reveal about the different types of Risks that the Institution is exposed to.
ADMINISTRATION BY TYPES OF RISK 1. Quantifiable risks Are those for which it is possible to measure their potential losses and financial impact in Shinhan Bank of Mexico. 1.1. Discretionary Risk Are derived from taking of a risk position: 1.1.1. Credit Risk It refers to the risk that comes from the debtor s failure to comply with the terms of the contract with the Bank to pay and/or liquidate in a timely manner the commitments assumed. The risk comes in the moment in which funds from the Bank undertake, expand, invested or otherwise are exposed through express or implied, contractual agreements, which are normally disclosed in the balance sheet. To manage this risk SBM classifies it in two: Counterparty risk, is derived of the participation in the financial markets of debt and includes the issuer risk. It is associated to the probability of banking institutions, private and government debt default, as the direct operations with financial partners, such as promissory notes of window and interbank lending. Risk of credit portfolio, associated with the deterioration of the portfolio by changes of the accredited qualifications, derived by its credit quality. 1.1.2. Market Risk It is the potential loss due to changes in risk factors that have an impact on the valuation or the expected results of active or passive operations. The main types of risk are: Interest rate risk, it is the result of movements in interest rates that have an effect on the holdings of financial assets and liabilities of the institution. The Economic Outlook focuses on the value of SBM with reference to the environment of the current interest rate and the sensitivity of that value with respect to changes in this indicator. Results from differences between the time that sets the interest rate and the time in which there are flows of cash (risk of adjustment); relations of exchange between different yield curves that affect banking activities (basis risk), from the change of relations of exchange rate according to the spectrum of maturities (risk of yield curve), and options related interest incorporated banking products (risk of options).
The risk of interest rates considered all those instruments and operations that can be impacted by movements in prices (INPC and actions); Exchange rate; rates of interest, etc. Exchange rate risk, it is the risk associated with variation in currency prices taken when negotiating or maintaining positions in different local currencies. 1.1.3. Liquidity Risk It is the risk resulting from the inability of the Bank to meet its obligations at the time of your payment, without incurring unacceptable losses. It includes the inability to handle unplanned reductions or changes in sources of funding. Also it is caused by the inability of SBM to recognize or deal with changes in the market conditions that affect the ability to liquidate assets quickly and without losses in value. For its administration it is classified into two types: Risk of liquidity of financial instruments, It is defined as the potential loss by the impossibility or difficulty of renewing liabilities or hire others in similar conditions for SBM; by the early or forced sale of assets to unusual discounts to meet their obligations; or by the fact that a position may not be timely sold, acquired or cover through the establishment of an equivalent contrary position. Risk of liquidity of the balance sheet (ALM)). It is generated by the difference in size and time, between the assets and liabilities of the Shinhan Bank of Mexico. In case that the assets turn out to be lower than the liabilities, a gap is created that must be funded in the market; this situation creates liquidity and interest rate risk. When otherwise, i.e., when the liabilities are less than the assets, you have an excess of resources that must be invested; this situation does not generate liquidity risk, only rate risk. 1.2. Non-discretionary Risk They are those resulting from the operation of its own business, but are not taking a position of risk product. Refer to: 1.2.1. Operative Risk Defined as the potential loss due to failures or deficiencies in internal controls, by human error in processing and registration of operations, by administrative and judicial decisions adverse. Operational risk includes among others, technological and legal risk.
1.2.2. Technological Risk Is defined as the potential loss from damage, disruption, alteration or failures resulting from the use or dependence on hardware, software, systems, applications, networks and any other channel processing and/or distribution of information on the Administration and control of Shinhan Bank of Mexico operations, and in the provision of banking services to their customers. 1.2.3. Legal Risk It is defined as the potential loss caused by the breach of applicable legal and administrative provisions, the issuance of administrative and judicial resolutions unfavorable and application of sanctions in relation to operations that Shinhan Bank of Mexico takes place. 2. Non-quantifiable Risk They are those derived from unforeseen events for which estimates cannot be made to measure potential, stand out: 2.1. Reputational Risk Reputation risk is associated with a negative perception about SBM by customers, partners, shareholders, investors, debt holders, market analysts and other relevant participants of the market that adversely affect the ability of SBM to maintain existing relationships and establish new continue accessing sources of funding such as the interbank market or securitization. In this matter, SBM defines the risk of reputation as the risk that an action, situation, transaction, or investment can reduce confidence in the integrity and competence of customers, shareholders, employees or the public in general.
MAIN ELEMENTS OF THE METHODOLOGIES USED IN THE ADMINISTRATION OF THE RISKS 1. Credit Risk The methodology is based on the calculation from the expected and not expected losses, a certain level of trust and performing 10,000 iterations. 2. Market Risk The methodology that we use is Value at Risk (VaR), represents the maximum loss of the bank s position as a result of movements in the risk factors in which the position is exposed, under normal market conditions, with a certain time horizon and a given probability. In order to verify that the VaR model is consistent, validity tests called back testing are performed. Additionally, we used scenarios of Sensitivity and Stress to get results in which the financial markets cannot develop under normal conditions. 3. Liquidity Risk The methodology consists of quantifying the potential loss derived from the anticipated or forced sale of assets at unusual discounts from face the bank's obligations, for this the VaR of Liquidity and Liquidity Gaps are used; the first consists in considering the loss by market risk, but at a 10-day horizon, and for the liquidity gaps we evaluated the differences between the flows, for which, we consider the active balances and the liabilities expressed in book value. 4. Operative Risk It is making through the mapping of the events adverse in the operational processes and in the identification of losses due to these events registered in the accounting information. There is a process for the management of operational risks, which consists in establish a context, identify the risks, analyze the risks identified, evaluate the risks and establish limits, define the treatments, communicate and finally, review and constant monitoring of identified risks. 5. Technological Risk The circumstances that in terms of technological risk could influence its ordinary operation are evaluated, and which are in permanent surveillance.
6. Legal Risk The institution has policies and procedures for minimize the legal risks and at the same time, the Bank's legal risk is analyzed, for which we consider the amount demanded, guarantees, expenses, probability of favorable resolution and the Legal Risk factor. Wallets and portfolios to which they are applied. Position of the Exchange Board Position of the Money Board Treasury Credit portfolio 7. Reputational Risk This will be carried out at least once a year, under the coordination of the UAIR, workshops of identification of risk reputation in which senior management will participate. In these workshops will be identified, classified and documented the risk factors to which the institution is exposed and could create a risk of reputation. For each of the factors identified an analysis will be conducted to establish whether there is mitigating risk (institutional manuals, policies and controls) or whether it is necessary to establish a prevention strategy. This case will determine a plan for the required implementation of prevention strategies.