Report on Risk management: Standard Bank

Description
Standard Chartered has a primary listing on the London Stock Exchange and is a constituent of the FTSE 100 Index.

Risk management report
for the six months ended 30 June 2010

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12.

Overview Risk management framework Risk categories Reporting frameworks Capital management Credit risk Country risk Liquidity risk Market risk Operational risk Reputational risk Conclusion

2 3 6 8 10 17 36 38 42 48 54 54

Standard Bank Group risk management report for the six months ended June 2010

1

Risk management

1.? Overview
1.1 Introduction
activities of the group. While we remain committed to increasing shareholder value by developing and growing our business within our board-determined risk appetite, we are mindful of achieving this objective in line with the interests of all stakeholders.  We seek to achieve an appropriate balance between risk and reward in our business, and continue to build and enhance the risk management capabilities that assist in delivering our growth plans in a controlled environment.  Risk management is at the core of the operating structure of the group. We seek to limit adverse variations in earnings and capital by managing risk exposures within agreed levels of risk appetite. Our risk management approach includes minimising undue concentrations of exposure, limiting potential losses from stress events and ensuring the continued adequacy of all our financial resources.  Our risk management processes have continued to prove effective throughout the first half of 2010, despite a The group uses the three lines of defence model: Business unit management  Effective risk management is fundamental to the business

tough economic environment. Executive management remained closely involved in important risk management initiatives, which have focused particularly on preserving appropriate levels of liquidity and capital, and effectively managing the risk portfolios.  Responsibility and accountability for risk management resides at all levels within the group, from the board down through the organisation to each business manager and risk specialist.  Risks are controlled at the level of individual exposures and at portfolio level, as well as in aggregate across all businesses and risk types.

1.2

Focus areas for 2010
areas for 2010. We continue to make good progress on these initiatives.

 In our 2009 annual report we set out specific risk focus

 The group continues to focus significant attention on the proposed changes to Basel II, and to this end we participated in the Comprehensive Impact Assessment as well as industry groups at a local and global level.

Primarily responsible for risk management. The process of assessing, evaluating and measuring risk is ongoing and is integrated into the day-to-day activities of the business. This process includes implementing the group’s risk management framework, identifying issues and taking remedial action where required. Business unit management is also accountable for reporting to the governance bodies within the group.

First line of defence
Group and business unit risk management functions which are appropriately independent of business management

Second line of defence

The group risk management function is primarily accountable for setting the group’s risk management framework and policy, providing oversight and independent reporting to executive management through the group risk oversight committee, and to the board through the group credit committee and the group risk and capital management committee. The business unit risk management functions implement the group’s risks management framework and policy in the business units, approve risk within specific mandates and provide an independent overview of the effectiveness of risk management by the first line of defence.

Third line of defence

Internal audit function

Provides an independent assessment of the adequacy and effectiveness of the overall risk management framework and risk governance structures, and reports to the board through the group audit committee.

2

Standard Bank Group risk management report for the six months ended June 2010

2.? Risk management framework
2.1 Governance structure
throughout the group.  Strong independent oversight is in place at all levels

 Various committees allow executive management and the board to evaluate the risks faced by the group, as well as the effectiveness of the group’s management of these risks. These committees are integral to the group’s risk governance structure. The senior committees are set out in figure 1.

Figure 1: Governance reporting structure
Standard Bank Group board

Management committees

Board committees

Group executive committee

Group audit committee

Group risk and capital management committee

Group credit committee

SBSA large exposure credit committee

Group risk oversight committee

Intragroup exposure committee

Group risk compliance committee

Group capital management committee

Group asset and liability committee

Group operational risk committee

Group country risk management committee

Transaction review committee

Global Personal & Business Banking credit committee1

Global Corporate & Investment Banking credit committee1

1

The board has delegated authority to these committees to act as nominated designated committees in respect of the regulations.



The group audit committee (GAC) is responsible for: ?  reviewing the group’s financial position and making recommendations to the board on all financial matters, including assessing the integrity and effectiveness of accounting, financial, compliance and other control systems; and



?  approving and monitoring the group’s risk profile and risk tendency against risk appetite for each risk type under normal and potential stress conditions.

 Executive management oversight for all risk types at group level has been delegated by the group executive committee to the group risk oversight committee (GROC). This committee considers and, to the extent required, recommends for approval by the relevant board committees: ?  levels of risk appetite and tolerance; ?  risk governance standards for each risk type; ?  actions on the risk profile; ?  risk strategy and key risk controls across the group; ?  capital planning and capital funding activities; ?  utilisation of risk appetite; and ?  usage and allocation of economic capital parameters for modelling, stress testing and scenario analysis.



?  ensuring effective communication between internal auditors, external auditors, the board, management and regulators.

 The group risk and capital management committee (GRCMC) and the group credit committee (GCC) provide, among other things, independent and objective oversight of risk and capital management across the group by: ?  reviewing and providing oversight of the adequacy and effectiveness of the group’s risk management control framework; ?  approving risk and capital management governance standards and policies; and

Standard Bank Group risk management report for the six months ended June 2010

3

Risk management continued

 The GRCMC, GCC, GAC and GROC meet at least quarterly, with additional meetings conducted when necessary. The group risk management subcommittees set out in figure  1 report directly to GROC and through GROC to the GRCMC, the GCC and GAC.

 Compliance with risk standards is controlled through annual self-assessments conducted by business units and group risk and review independently by the group internal auditors.

2.4

Risk appetite
the group is prepared to accept to deliver its business objectives. The group has developed a robust framework that is used to articulate risk appetite throughout the group and to external stakeholders.

 Risk appetite is the maximum level of residual risk that

2.2

Approach and structure
well established governance processes and relies on both individual responsibility and collective oversight, supported by comprehensive reporting. This approach balances strong corporate oversight at group level, beginning with proactive participation by the group chief executive and the group executive committee in all significant risk matters, with independent risk management structures within individual business units.

 The group’s approach to risk management is based on

 The board establishes the group’s parameters for risk appetite by: ?  providing strategic leadership and guidance; ?  reviewing and approving annual budgets and forecasts, under both normal and stressed conditions, for the group and each division; and ?  regularly reviewing and monitoring the group’s risk performance through quarterly board reports.  The board delegates the determination of risk appetite to the GRCMC and ensures that risk appetite is in line with group strategy and the group’s desired balance between risk and reward. GROC recommends to both the GRCMC and the board the level of risk appetite for the group.  The group’s risk appetite statements are defined by five broad metrics: ?  headline earnings; ?  liquidity; ?  regulatory capital; ?  economic capital; and ?  the confidence level applied to our capital adequacy to cover any unexpected losses.  These metrics are then converted into tolerance levels and limits through an analysis of the risks that impact on them.

 Business unit heads are primarily responsible for managing risk within each of their businesses and for ensuring that appropriate, adequately designed and effective risk management frameworks are in place, and that these frameworks are compliant with the group’s risk governance standards.  To ensure independence and appropriate segregation of responsibilities between business and risk management, business unit chief risk officers and chief credit risk officers report operationally to their respective business unit heads and functionally to either the group chief risk officer or the group chief credit officer.

2.3

Risk governance standards, policies and  procedures
standards for each major risk type to which it is exposed. The standards set out and ensure alignment and consistency in the way in which we deal with major risk types across the group, from identification to reporting.

 The group has developed a set of risk governance

 All standards are applied consistently across the group and are approved by the GRCMC or the GCC. It is the responsibility of executive management in each business unit to ensure that the risk governance standards, as well as supporting policies and procedures, are implemented and independently monitored by the risk management team in that particular business unit.

2.5

Stress testing
execution of stress tests at the business unit, legal entity and group levels. The group’s overall stress testing programme is a key management tool within the organisation and facilitates a forward-looking perspective on risk management and business performance. Stress testing involves identifying

 The group’s stress testing framework guides the regular

4

Standard Bank Group risk management report for the six months ended June 2010

possible events or future changes in economic conditions that could have an impact on the group.  Stress tests are used in proactively managing the group’s risk profile, capital planning and management, strategic business planning and setting of capital buffers. Stress testing is an integral component of the group’s internal capital adequacy assessment process (ICAAP), and is used to assess and manage the adequacy of regulatory and economic capital.  More specifically, stress testing may reveal a reduction in surplus capital or a shortfall in capital under specific scenarios. This may then serve as a leading indicator to the group to raise additional capital, reduce capital outflows, adjust the capital structure and/or reduce its risk appetite.  The appropriateness of the group-wide stress scenarios and the severity of the relevant scenarios are approved by the GRCMC based on GROC’s recommendations, and are reviewed at least annually.  Executive management considers the outcomes of stress testing on earnings and capital adequacy in determining an appropriate risk appetite, to ensure that these remain above the group’s minimum capital requirements. Management reviews the outcomes of stress tests and, where necessary, determines appropriate mitigating actions to minimise and manage the risks induced by potential stresses. Examples of potential mitigating actions include reviewing and changing risk limits, limiting exposures and hedging strategies. Stress tests are regularly discussed with regulators.  The objective of stress testing is to support a number of value-added business processes across the group. These processes include: ?  assessment of potential changes in the risk profile and monitoring of risk appetite; ?  strategic planning and budgeting; ?  capital planning and management, including setting capital buffers for the group; ?  communication stakeholders; ?  the assessment of the impact of stresses on earnings volatility; and with internal and external



?  ad hoc assessment of the impact of changes in short-term macroeconomic factors on the group’s performance

 During the first half of the year, the group performed group-wide stress tests across all major risk types based on a number of macroeconomic scenarios, each with different levels of severity. The outcome of these stress tests indicated that the group was well within its risk tolerance levels in all of the scenarios. In 2009, the group-wide macroeconomic stress testing process was conducted twice in line with changing economic conditions, and will continue to be conducted biannually during 2010 and for the foreseeable future.  Portfolio-specific stress tests are conducted more frequently within business units, with many executed monthly. This enables early and proactive management of the potential impact of stress scenarios on the group’s risk profile at a business unit level.  The group has also implemented reverse stress testing to complement the overarching stress testing programme. Reverse stress testing identifies those scenarios that could prevent the group from meeting its financial and strategic objectives, and serves to inform what management action should be taken to mitigate this risk. These tests are a useful risk management tool as they assist in testing assumptions about business strategy, capital planning and contingency planning.

2.6

King III
differences between current risk governance and management and the recommendations of the third King report on corporate governance (King III). No gaps which require substantial changes to current procedures and governance practices have been identified.

 The group has completed a gap analysis to identify

 The key risk workstreams set out in King III pertain to boards of directors (encompassing ethics and leadership culture), combined assurance and internal financial controls, and integrated reporting and disclosure. Project plans for appropriately implementing the recommendations of King III have been finalised.

Standard Bank Group risk management report for the six months ended June 2010

5

Risk management continued

3.? Risk categories
3.1 Credit risk
risk and concentration risk. These risk types are defined as follows: ?  Counterparty risk is the risk of credit loss to the group as a result of failure by a counterparty to meet its financial and/or contractual obligations to the group. This risk type has three components: •? primary credit risk, which is the exposure at default (EAD) arising from lending and related banking product activities including their underwriting; •? pre-settlement credit risk, which is the EAD arising from unsettled forward and derivative transactions. This risk arises from the default of the counterparty to the transaction and is measured as the cost of replacing the transaction at current market rates; and •? issuer risk, which is the EAD arising from traded credit and equity products including their primary market underwriting. ?  Settlement risk is the risk of loss to the group from settling a transaction where value is exchanged, but where it fails to receive all or part of the counter value. ?  Credit concentration risk is the risk of loss to the group as a result of excessive build-up of exposure to, among others, a single counterparty or counterparty segment, an industry, a market, a product, a financial instrument or type of security, a country or geography, or a maturity. This concentration typically exists where a number of counterparties are engaged in similar activities and have similar characteristics, which could result in their ability to meet contractual obligations being similarly affected by changes in economic or other conditions.  Credit risk comprises counterparty risk, settlement

the  host country due to political or economic conditions in the host country.

3.3

Liquidity risk
solvent, cannot maintain or generate sufficient cash resources to meet its payment obligations as they fall due, or can only do so at materially disadvantageous terms.

 Liquidity risk arises when the group, despite being

 This type of event may arise where counterparties who provide the bank with funding withdraw or do not roll over that funding, or as a result of a generalised disruption in asset markets which results in normally liquid assets becoming illiquid.

3.4

Market risk
market value or earnings of a portfolio of financial instruments caused by adverse movements in market variables such as equity, bond and commodity prices; currency exchange and interest rates; credit spreads; recovery rates and correlations; as well as implied volatilities in all of the above.

 This is the risk of a change in the actual or effective

3.5

Operational risk
inadequate or failed internal processes, people and systems or from external events. This includes information and legal risk but excludes reputational and strategic risk.

 Operational risk is the risk of loss resulting from

3.6

Business risk
compared to the cost base due to strategic and/or reputational reasons. From an economic capital perspective, business risk capital requirements are calculated as the potential loss arising over a oneyear timeframe, within a certain level of confidence, as implied by the group’s chosen target rating. The group’s ability to generate revenue is impacted by, among others, the external macroeconomic environment, its chosen strategy and its reputation in the markets in which it operates.

 Business risk relates to the potential revenue shortfall

3.2

Country risk
country risk, is the uncertainty that a client or counterparty, including the relevant sovereign, will be  able to fulfil its obligations to the group outside

 Cross-border transfer risk, herein referred to as

6

Standard Bank Group risk management report for the six months ended June 2010

3.7

Reputational risk
image among stakeholders, which may impair its ability to retain and generate business. Such damage may result from a breakdown of trust, confidence or business relationships.

 Reputational risk results from damage to the group’s

3.8

Insurance risk
expenses will exceed the allowance for expected claims and expenses, as determined through measuring policyholder liabilities and in reference to product pricing principles. Insurance risk arises due to uncertainty regarding the timing and amount of future cash flows from insurance contracts, whether due to variations in mortality, morbidity or withdrawal rate, or due to deviations from investment performance assumptions in the case of life products, and claims incidence and severity assumptions in the case of short-term insurance products. Further insurance risk disclosures are not provided in this interim report, but on an annual basis in line with International Financial Reporting Standards (IFRS) requirements.

 This is the risk that future claims and related

Standard Bank Group risk management report for the six months ended June 2010

7

Risk management continued

4.? Reporting frameworks
 This risk management report addresses the disclosure requirements of Basel II pillar 3 and is not audited.

4.1.1

Consolidated a subsidiary in the group consolidated risk-weighted exposures, for example banking and financial entities.

 Includes the full risk-weighted exposure amounts of

4.1

Basel II consolidation
Relating to Banks, apply at a group level, thus disclosures related to individual banks within the group are not required. Contrary to accounting principles, banking regulations view consolidation as including only those group companies (subsidiaries, joint ventures and voluntarily consolidated minority-owned entities) that conduct banking and other financial operations. This includes credit institutions, securities firms and financial entities, but no other companies.

4.1.2

Proportionately consolidated exposure amounts of the entity in the group consolidated risk-weighted exposures, for example banking and financial entities where joint control exists.

 Pillar 3 disclosures, as set out in the Regulations

 Includes the pro rata portion of the risk-weighted

4.1.3

Deduction from the consolidated capital and reserve funds and the related assets are removed from the consolidated balance sheet, for example insurance and commercial entities or financial entities where no control exists.

 The respective investment in the entity is deducted

 Basel II information has been disclosed in accordance with the following approaches:

Table 1: Treatment of legal entities under the Basel II consolidation Type of treatment June 2010 Consolidated Proportionately consolidated Deduction Total December 2009 Consolidated Proportionately consolidated Deduction Total
1

Banks1

Securities firms2

Financial entities3

Commercial entities4

Insurance entities5

23

5

80 4

1 24

1 6

11 95

107 107

5 5

23

5

79 4

1 24

1 6

12 95

107 107

5 5

 anks – public companies registered as banks in terms of the Banks Act, 1990 or the relevant legislation if the entity is registered outside of the B Republic of South Africa. Securities firms – entities that conduct securities business as envisaged in the Securities Services Act, 2004 or the relevant legislation if the entity is  registered outside of the Republic of South Africa. 3 Financial entities – entities that conduct financial activities, for example, lending business, financial leasing, consumer credit, mortgage credit, money  transmission, portfolio management or money broking. 4 Commercial entities – entities primarily involved in the production of goods or non-financial services. 5 Insurance entities – entities that conduct insurance business including any entity registered as an insurer in terms of the Short-term Insurance Act,  1998 or Long-term Insurance Act, 1998 or the relevant legislation if the entity is registered outside the Republic of South Africa.
2

8

Standard Bank Group risk management report for the six months ended June 2010

4.2
4.2.1

Basel II approaches adopted
Credit risk Reserve Bank (SARB) to adopt the advanced internal ratings-based (AIRB) approach for its credit portfolios in The Standard Bank of South Africa (SBSA). Certain portfolios outside of SBSA, for which the standardised and foundation internal ratings-based (FIRB) 4.3.3 approaches were initially adopted, are being migrated to the AIRB approach. 4.3.2

group’s investment in financial entities and to exclude unappropriated profits in terms of the  Regulations Relating to Banks. Banking book equity exposures exclude an investment in a money market unit trust previously included in the balance. Specific impairments restated to align with the classification definitions of the Regulations Relating to Banks.  Specific impairments by asset class were restated following a refinement in the classification methodology. 4.3.4 Securitisations revised, this resulted in two restatements.

 The group obtained approval from the South African

 Banking book equity exposures were restated to

 The breakdown of specific impairments by industry was 4.2.2 Operational risk operational risk and has implemented some qualitative aspects of the advanced measurement approach (AMA) to bring the group in line with risk management best practice. The group is progressing well in developing and implementing an AMA operational risk framework by 2012. 4.2.3 Market risk  Capital deductions were restated to include the first loss provision, as reflected in the regulatory returns.  On- and off-balance sheet exposures were restated internal model approach for most of its principal trading books.  The disclosure methodology for securitisations was  The group applies the standardised approach (TSA) for

 The group obtained approval from SARB to adopt the

4.3
4.3.1

Restatements
Capital management December  2009 period to correctly reflect the

to show the Blue Titanium liquidity facility, previously reported as on-balance sheet, as off-balance sheet, in order to reflect the nature of the underlying exposure.

 Tier I and tier II capital were restated for the

Standard Bank Group risk management report for the six months ended June 2010

9

Risk management continued

5.? Capital management
 The group’s capital management framework serves to ensure that the group and its principal subsidiaries are capitalised in line with the risk profile, regulatory requirements, economic capital standards and target ratios approved by the board, at both group and subsidiary level. The group capital management objectives are to: ?  maintain sufficient capital resources to meet minimum regulatory capital requirements set by SARB in accordance with Basel II requirements; ?  ensure that the group’s foreign regulated subsidiaries meet the minimum requirements of their particular jurisdiction/s; ?  maintain sufficient capital resources to support the group’s risk appetite; ?  cover unexpected loss within the group’s target confidence levels and support the group’s credit rating; ?  allocate capital to businesses to support the group’s strategic objectives, including optimising returns on economic and regulatory capital; and ?  ensure the group holds capital in excess of minimum requirements in order to achieve the target capital adequacy ratios set by management and approved by the board, to achieve debt rating objectives and to withstand the impact of potential stress events.  The GRCMC ensures compliance with the group’s capital management objectives. The committee reviews actual and forecast capital adequacy on a quarterly basis. The processes in place for delivering the group’s capital management objectives are: ?  establishing internal targets for capital adequacy; ?  managing the sensitivity of capital ratios to foreign exchange rate movements; ?  ensuring regulatory capital adequacy requirements for foreign and local entities are met;



?  allocating capital to support the group’s strategic plans; ?  applying stress tests to assess the group’s capital adequacy under stress scenarios; ?  developing, reviewing and approving ICAAP; ?  capital planning and forecasting to ensure that capital ratios exceed the targets set by the board; and



?  capital raising on a timely basis.

 In addition to these processes, GROC and the board, through the GRCMC, review and set risk appetite annually and analyse the impacts of stress scenarios to understand and manage the group’s projected capital adequacy.

5.1

Capital adequacy
prudent balance between maintaining capital ratios to support business growth and depositor confidence, and providing competitive returns to shareholders.

 The group manages its capital base to achieve a

 The capital management process ensures that each group entity maintains sufficient capital levels for legal and regulatory compliance purposes. The group ensures that its actions do not compromise sound governance and appropriate business practices.

5.2

Regulatory capital
with all externally-imposed capital requirements to which its banking activities and insurance operations are subject. These include, but are not limited to, the relevant requirements of the Banks Act and Regulations Relating to Banks (which are broadly consistent with the Basel II guidelines issued by the Bank for International Settlements), as well as those of the Financial Services Board (FSB) in South Africa and other insurance regulatory bodies.

 During the period under review, the group complied

10

Standard Bank Group risk management report for the six months ended June 2010

  In addition to the requirements of host country regulators, the group complies with capital adequacy requirements of South African banking regulations. Regulatory capital adequacy is measured via two riskbased ratios: tier I and total capital adequacy, both of which are stated as a percentage of risk-weighted assets.  Tier I capital represents the permanent forms of capital such as share capital, share premium, retained earnings and perpetual, non-cumulative preference shares, while total capital additionally includes other items such as subordinated debt, impairments for performing loans and revaluation reserves. Risk-weighted assets are determined on a granular basis by using risk weights calculated from internally-derived risk parameters. Both on- and off-balance sheet exposures are included in the overall credit risk-weighted assets of the group.  Notional risk-weighted assets for the market and operational risk components are determined using the risk drivers that impact on regulatory capital as inputs.  The group’s tier I capital, excluding unappropriated profits, was R61,8 billion as at 30  June 2010 (31 December 2009: R60,3 billion) and total capital, excluding unappropriated profits, was R79,2 billion as

at 30 June 2010 (31 December 2009: R79,7 billion). The change in the group’s tier I capital was primarily due to an increase in retained earnings by the group.  The group maintained a well capitalised position based on core tier I, tier I and total capital ratios for the six months ending June 2010, as set out in the tables on the pages that follow.  Furthermore, the group participated in the

Comprehensive Impact Assessment (Basel III) which was submitted to the Bank Supervision Department (BSD) of the SARB in April 2010. On the basis of this assessment the group internally reviewed the impact on its capital position, taking into account the reforms in promoting a more resilient financial sector, to arrive at an appropriately-calibrated total level of riskweighted assets, qualifying capital and leverage ratio.

5.3

Capital transferability
exchange control authorities, no significant restrictions exist on the transfer of funds and regulatory capital within the banking group. The transfer of funds and regulatory capital within the group is conducted after due consideration has been given to the appropriateness of each action.

 Subject to appropriate motivation and approval by

Standard Bank Group risk management report for the six months ended June 2010

11

Risk management continued

Table 2: Basel II regulatory capital (excluding unappropriated profit) June 2010 Rm Tier I Issued primary capital and unimpaired reserve funds Ordinary share capital and premium Ordinary shareholders’ reserves Minority interest Less: regulatory deductions Goodwill and other intangible assets Investment in regulated non-banking entities Investment in banks Less: regulatory deductions – 50% deducted from tier I and tier II respectively Future expected loss exceeding eligible provisions on an incurred loss basis Investment in insurance and financial entities not consolidated Loans to Special Purpose Entities (SPEs) (first loss credit enhancement) 91 593 17 436 69 927 4 230 (18 792) (8 442) (139) (3 178) (7 033) (1 816) (4 888) (329) (16 514) (4 254) (11 693) (567) 5 495 61 782 Tier II Issued secondary capital and reserves Preference share capital and premium Subordinated debt Impairments for performing loans Less: regulatory deductions – 50% deducted from tier I and tier II respectively Future expected loss exceeding eligible provisions on an incurred loss basis Investment in insurance and financial entities not consolidated Investment in banks Loans to SPEs (first loss credit enhancement) 24 517 8 23 395 1 114 (7 563) (1 816) (4 888) (530) (329) 16 954 Tier III Subordinated debt Total eligible capital (excluding unappropriated profits) Total risk-weighted assets
1 2

December1 2009 Rm 87 195 17 197 66 279 3 719 (16 202) (7 827) (135) (2 369) (5 871) (921) (4 666) (284) (16 164) (3 631) (11 030) (1 503) 5 495 60 324 23 868 8 22 931 929 (5 871) (921) (4 666) (284) 17 997 1 361 79 682 599 822

Less: regulatory exclusions Non-qualifying entities’ ordinary shareholders’ reserves2 Unappropriated profits Other reserves3 Preference share capital and premium

491
4

79 227 620 971

 estated, refer to page 9. R Mainly insurance and commercial entities. 3 Mainly the share-based payment reserve, cash flow hedging reserve, available-for-sale revaluation reserve and negative foreign currency translation reserve, where applicable. 4 Total eligible capital, including unappropriated profits of R11 693 million (December 2009: R11 030 million), was R90 920 million (December 2009: R90 712 million).  Tier I capital, including unappropriated profits of R11 693 million (December 2009: R11 030 million), was R73 475 million (December 2009: R71 354 million).

12

Standard Bank Group risk management report for the six months ended June 2010

Table 3: Basel II capital requirements June 2010 Rm Credit risk Portfolios subject to the standardised approach Corporate Sovereign Banks Retail mortgages Retail other Securitisation exposure Portfolios subject to the FIRB approach Corporate Sovereign Banks Portfolios subject to the AIRB approach Corporate Sovereign Banks Retail mortgages Qualifying retail revolving exposure Retail other1 Securitisation exposure Other assets Equity risk in the banking book Portfolios subject to the standardised approach Listed Unlisted Portfolios subject to the market-based approach Listed Unlisted Portfolios subject to the probability of default/loss given default approach Market risk Portfolios subject to the standardised approach Portfolios subject to the internal models approach Operational risk Portfolios subject to the standardised approach Total capital requirements
1

December 2009 Rm 42 162 10 563 5 575 1 794 532 1 355 1 265 42 7 302 6 264 81 957 22 316 9 221 396 1 011 5 499 3 813 2 140 236 1981 1 531 72 3 69 615 322 293 844 4 686 2 402 2 284 10 104 58 483

44 105 11 125 6 279 2 380 486 581 1 378 21 6 725 5 499 130 1 096 24 093 8 720 904 914 7 360 3 582 2 321 292 2 162 1 494 82 1 81 723 73 650 689 4 749 2 679 2 070 10 197 60 545

Retail other includes retail small and medium enterprises (SMEs), vehicle and asset finance, and term lending exposures.

Table 4: Capital adequacy ratios (including unappropriated profit) Minimum regulatory requirement % Total capital adequacy ratio Tier I capital adequacy ratio Core tier I capital adequacy ratio
1

Target ratio % 11-12 9

June 2010 % 14,6 11,8 11,0

December1 2009 % 15,1 11,9 11,0

9,75 7,0 5,25

Restated, refer to page 9. 

Standard Bank Group risk management report for the six months ended June 2010

13

Risk management continued

Table 5: Capital adequacy ratios of banking and insurance subsidiaries June 2010 Tier I capital % Standard Bank Group South Africa The Standard Bank of South Africa (SBSA) Rest of Africa CfC Stanbic Bank Kenya Stanbic Bank Botswana Stanbic Bank Ghana Stanbic Bank Tanzania Stanbic Bank Uganda Stanbic Bank Zambia Stanbic Bank Zimbabwe Stanbic IBTC Bank Nigeria Standard Bank Malawi Standard Bank Mauritius Standard Bank Mozambique Standard Bank Namibia Standard Bank RDC Standard Bank Swaziland Standard Lesotho Bank Outside Africa Standard International Holdings, consolidated2 Standard Bank Isle of Man Standard Bank Jersey Aggregate regulatory capital requirement for banking ? operations Liberty Group (calculated in terms of the ? Long-term Insurance Act) CAR4 – times covered
Restated, please refer to page 9. 2 Standard International Holdings consists of: ? – Banco Standard de Investimentos (Brazil); ? – Standard Bank Argentina; ? – Standard Bank Asia (Hong Kong); ? – Standard Bank Plc (United Kingdom); and ? – Standard Merchant Bank (Asia) (Singapore). 3 Plus an additional USD100 million. 4 Capital adequacy requirement.
1

December 20091 Total capital % 14,6 13,5 17,0 15,4 26,0 17,5 16,4 15,7 15,5 29,6 29,2 17,4 18,0 13,7 23,2 17,8 17,1 17,0 12,9 15,8 10,1 2,8 Tier I capital % 11,9 10,6 10,6 10,8 19,4 17,4 13,1 14,1 17,5 27,6 19,8 12,0 12,0 11,2 10,1 12,0 9,1 9,9 8,8 10,0 Total capital % 15,1 14,1 16,4 18,6 22,5 18,9 16,3 18,0 18,8 28,1 25,7 18,1 14,7 14,1 16,2 17,9 10,6 16,5 12,5 13,0 10,1 2,8 Host regulatory requirement % 9,75 9,75 12 15 10 12 12 10 10 10 10 10 8 10 10 8 8 10,483 10 10

11,8 10,2 10,8 8,9 21,2 16,2 13,6 11,7 14,2 29,0 23,7 11,8 15,7 11,2 18,7 12,5 15,7 10,6 9,3 10,6

14

Standard Bank Group risk management report for the six months ended June 2010

5.4

Economic capital
reporting quantifiable economic risks faced by the group. Economic capital is the amount of permanent capital that a transaction, business unit or risk type must hold to support the economic risk.

 The group’s economic capital management framework governs how economic capital is quantified, and assigns roles and responsibilities for the management and allocation of economic capital across the group.  The methodologies used to quantify the amount of economic capital required by the group have evolved rapidly over the past two years. These methodologies are subject to regular reviews to ensure that the economic capital results are a true reflection of the underlying portfolios and risk drivers that impact the group.  Economic capital is calculated for each of the following

 Economic capital is the basis for measuring and

 The group assesses its economic capital requirements by measuring its risk profile using both internally- and externally-developed models. Economic capital is used for risk management, capital management, capital planning and capital allocation.  The group has refined its ICAAP over the period under review to incorporate the impact of residual risk, risk concentrations, correlation of risk, diversification impacts and stress tests to ensure that the group is adequately capitalised on an economic basis.  A key component of ICAAP is the assessment of the group’s capital adequacy using economic capital. ICAAP was approved by the board, through the GRCMC, and forms the basis for discussion with SARB on the group’s risk profile and capital adequacy.

quantifiable risk types: ?  credit risk; ?  equity risk; ?  market risk; ?  operational risk; ?  business risk; and ?  interest rate risk in the banking book.

 The board, through the GRCMC, and senior executive management review economic capital results regularly, which facilitates improved risk management across the group.

Standard Bank Group risk management report for the six months ended June 2010

15

Risk management continued

Table 6: Economic capital by risk type June 2010 Rm Credit risk Equity risk Market risk Operational risk Business risk Interest rate risk in the banking book Banking activities – economic capital Available financial resources Capital coverage ratio 28 597 1 865 1 768 6 814 1 817 1 620 42 481 86 830 2,04 December 2009 Rm 31 336 1 293 1 747 6 965 1 504 1 917 44 762 81 503 1,82



?  Credit risk represents the largest source of risk to which the banking entities in the group are exposed and accounts for the majority of total economic capital. Credit risk reduced due to an improvement in through the cycle risk parameters.



?  Available financial resources is the capital supply as defined on an economic basis which comprises permanent capital and is broadly equivalent to equity capital. AFR of R86,8 billion covers the minimum economic capital requirement of R42,5 billion by a factor of 2,04 times, indicating substantially higher capital position relative to the risk assumed in banking activities.



?  Equity risk capital increased primarily due to the first time inclusion of the group’s investment in Troika Dialog.



?  Capital in respect of interest rate risk in the banking book reduced due to a decline in the prime interest rate.

16

Standard Bank Group risk management report for the six months ended June 2010

6.? Credit risk
6.1 Framework
managed in accordance with the group’s  Credit risk is the group’s most material risk, and is comprehensive risk management control framework. A group credit standard sets out the principles under which the group is prepared to assume credit risk. Responsibility for credit risk resides with the group’s business units, supported by the group risk function and with oversight, as with other risks, by the group risk committees and ultimately the board.  The principal executive management committee responsible for overseeing credit risk is GROC. The global credit committees for both Personal & Business Banking and Corporate & Investment Banking report directly to GROC and indirectly through GROC to the GCC.  The two global credit committees are responsible for making decisions on credit risk. They have been approved by the board as the designated committees for approving key aspects of the credit rating systems for Personal & Business Banking and Corporate & Investment Banking as required by the Banks Act, 1990 and the Regulations Relating to Banks. Figure 2: Business unit credit committees

 The GCC is the principal board committee responsible for the oversight of credit risk, with GAC having oversight responsibility for reviewing credit impairment adequacy. The structure of the business unit credit committees is shown in figure 2.  The SBSA large exposure committee approves all counterparty large exposures to the extent required by SARB regulations. All such approvals are ratified by the SBSA board.  The committees have clearly defined mandates and delegated authorities, which are regularly reviewed.  Credit committee responsibilities include governance oversight; risk appetite; model performance, development and validation; counterparty and portfolio risk limits and approvals; country, industry, market, product, obligor, customer segment and maturity concentration risk; risk mitigation; impairments; stress testing and the optimisation of regulatory and economic capital.  Intra-group exposures are monitored by the intragroup exposures committee which reports into GROC.

Global Corporate & Investment Banking credit committee

Global Personal & Business Banking credit committee

Corporate & Investment Banking SA credit committee

Corporate & Investment Banking international credit committee

Corporate & Investment Banking rest of Africa credit committee

Personal & Business Banking rest of Africa credit committee

Personal & Business Banking SA credit committee

Personal & Business Banking international credit committee

In-country international credit committees

In-country African credit committees

Standard Bank Group risk management report for the six months ended June 2010

17

Risk management continued

6.2
6.2.1

Basel II
Approaches adopted the standardised approach, the FIRB approach and the AIRB approach. The FIRB and AIRB approaches are collectively referred to as the internal ratingsbased (IRB) approaches. Figure 3: Approaches under Basel II
Credit risk approaches under Basel II

 The group has adopted the AIRB approach for most credit risk portfolios. Some subsidiaries and portfolios that are not currently on the AIRB approach are in the process of being migrated to this approach, where appropriate.

 The three approaches under Basel II for credit risk are

Graph 1: Basel II exposure by approach
Rbn 1 000 800

Standardised approach

Internal ratings based (IRB) approach

600 400 200

Advanced internal ratings based (AIRB) approach

Foundation internal ratings based (FIRB) approach

0 Standardised FIRB AIRB

? ?

December 2009 June 2010

Graph 2: Basel II exposure by approach and asset class
Rbn 300 250 200 150 100 50 0 Corporate Banks Sovereign Retail mortgages QRRE1 Other retail

?
1

Standardised 2009

?

Standardised 2010

?

FIRB 2009

?

FIRB 2010

?

AIRB 2009

?

AIRB 2010

QRRE – Qualifying revolving retail exposures

18

Standard Bank Group risk management report for the six months ended June 2010

6.2.2

Standardised approach some of its subsidiaries and portfolios for which the calculation of regulatory capital is based on net counterparty exposures after recognising a limited set of qualifying collateral. A prescribed percentage, being the risk weighting which is based on the perceived credit rating of the counterparty, is then applied to the net exposure. Table 7: External credit assessment institutions Moody’s Investor Services ? 6.2.2.1

counterparties for which there are no credit ratings available, exposures are classified as unrated for determining regulatory capital requirements.  quity exposures subject to the standardised E approach exposures are both ascribed a 100% risk weighting, unless the exposure relates to private equity and venture capital. In this case, a risk weighting of 150% is applied. Table 9: Equity exposures Fitch ? Listed Unlisted Total 836 836 June 2010 Rm December 2009 Rm 34 700 734

 The group has adopted the standardised approach for

 Under this approach unlisted and listed equity

Asset class Sovereign

 For exposures that have been rated by approved credit assessment institutions, the process prescribed by SARB is used to ascribe public issue ratings into comparable assets in the banking book. For

Table 8: Exposures subject to the standardised approach per risk weighting June 2010 Exposure after mitigation Rm December 2009 Exposure after mitigation Rm

Exposure Rm Based on risk weights 0% – 35% 50% Rated Unrated 75% 100% and above Rated Unrated Total  During the period, a mortgage type sub-portfolio was migrated from the standardised approach to the AIRB approach, accounting for the decrease in the 0 to 35% bucket. This was offset by the temporary reclassification 8 612 33 527 2 825 30 702 37 684 99 836 6 085 93 751 179 659

Mitigation Rm

1 85 85 249 8 182 49 8 133 8 517

8 611 33 442 2 825 30 617 37 435 91 654 6 036 85 618 171 142

25 328 34 449 3 656 30 793 33 096 77 004 9 167 67 837 169 877

of certain exposures from the AIRB and FIRB approaches to the standardised approach, resulting in the increase in the 100% and above bucket.

Standard Bank Group risk management report for the six months ended June 2010

19

Risk management continued

6.2.3

IRB approach the assessment of its core components: probability of default (PD), exposure at default (EAD) and loss given default (LGD). EAD is the exposure amount that the group estimates will be outstanding at the time of default. LGD is measured as a percentage of the EAD that the group estimates it will lose as a result of a default. It is based largely on the customer type, seniority of the loan, country of risk and level of collateralisation.

 The group uses an internationally-comparable 25 point master rating scale for counterparties. Each performing risk grade is mapped to a PD that is used to quantify the credit risk for each borrower. The mapping of the master rating scale to the SARB risk buckets, external credit assessment institutions’ alphanumerical rating scales and grading categories are shown in table 10.  Mapping is done through a calibration process that uses historical default rates and other data from the applicable portfolio. In low default portfolios, such as the sovereign and bank asset classes, the group uses internal data, where available, and external benchmarks and studies, particularly from rating agencies.  Under the AIRB approach, the EAD and LGD parameters are derived using approved methodologies and are based on a combination of internal and external historical default and recovery data. For the FIRB approach, these parameters are prescribed by the regulator.  The group uses internal risk estimates of PD, LGD and EAD as inputs into the following management decisions: ?  determining credit approval; ?  pricing transactions; ?  limit setting for concentration risk and counterparty limits; ?  determining portfolio impairment provisions; ?  setting risk appetite; and ?  calculating economic capital. companies,

 Measuring credit risk under the IRB approach requires

6.2.3.1

Corporates, sovereigns and banks South African and international

 Corporate, sovereign and bank borrowers include sovereigns (government entities), local and provincial government entities, pure bank financial institutions, non-bank financial institutions and public sector entities. Corporate entities include large companies as well as SMEs that are managed on a relationship basis or have a combined exposure to the group of more than R7,5 million.  A risk grade is assigned to each borrower using an appropriate rating model. Rating models are used to achieve objectivity, comparability, transparency and consistency in assigning ratings.  Rating models typically take quantitative and qualitative factors into account, which are used to produce a standalone rating. The models may also factor in geographic differences as well as support, both explicit and implicit, to determine the final risk rating.

20

Standard Bank Group risk management report for the six months ended June 2010

Table 10: Relationship between the group master rating scale and external ratings Group master rating scale 1–4 5–7 8 – 12 Moody’s Investor Services Aaa, Aa1, Aa2, Aa3 A1, A2, A3 Baa1, Baa2, Baa3 Ba1, Ba2, Ba3, B1, B2, B3 Caa1, Caa2, Caa3, Ca C

SARB risk bucket AAA to AAA+ to ABBB+ to BBB-

Standard & Poor’s AAA, AA+, AA, AAA+, A, A-

Fitch AAA, AA+, AA, AAA+, A, A-

Grading

Credit quality

Investment grade

BBB+, BBB, BBB- BBB+, BBB, BBBBB+, BB, BB-, B+, B, BCCC+, CCC, CCCD BB+, BB, BB-, B+, B, BCCC+, CCC, CCCD Subinvestment grade Default

Normal monitoring

13 – 21 BB+ to B22 – 25 Below BDefault Default

Close monitoring Default

 Other rating models have also been developed for specialised lending exposures, details of which are set out below. 6.2.3.2 Specialised lending exposures

the specialised lending exposures are treated under the PD/LGD approach. If the PD or LGD cannot be determined, the specialised lending exposure is treated under the slotting approach.

 Specialised lending includes project, object and commodity finance as well as income-producing real estate finance. Creditworthiness is assessed on a transactional level as the group relies on repayment from the cash flows generated by the underlying asset, as opposed to the financial strength of the borrower.

Figure 4: Treatment of specialised lending under  the IRB approach
IRB

Specialised lending

 Under Basel II, two approaches are available for specialised lending exposures: the PD/LGD approach and the slotting approach. Both these approaches are IRB approaches, however they vary significantly. Under the IRB approach, the treatment of specialised lending exposures depends on whether the PD and LGD can be determined. If these can be determined,
PD/LGD approach Meets the requirements to determine PD and LGD Does not meet the requirements to determine PD and LGD

Slotting approach

Standard Bank Group risk management report for the six months ended June 2010

21

Risk management continued

6.2.3.2.1 PD/LGD approach  Under the PD/LGD approach, the models used to rate project, object and commodity finance transactions are scorecards combining quantitative and qualitative factors to generate a PD and LGD for each transaction. The models used to rate income-producing real estate transactions are varied: a scorecard model is used for developer transactions and rating smaller vanilla investor transactions and a cash flow simulation model is used for larger or more complex investor transactions.
 The transaction LGD per facility is calculated per loan tranche net of collateral. Since a characteristic of specialised lending is that the financed asset (project, commodity or object) forms an essential component of the recovery calculation, a realisable value is first calculated for the underlying asset.  Additional forms of loss mitigation such as collateral, for example cash pledges, mortgages, bonds or equity, third- or related-party guarantees and insurance policies, are taken into account.  A blended scorecard approach is used to derive the credit risk grade of project, object and commodity finance transactions, which is then converted to a unique PD.

6.2.3.3  Equity exposures subject to the simple riskweighted method  The PD/LGD approach is used to model the credit risk and capital requirement for equities excluding strategic investments in the banking portfolio. The group’s standard approved risk grade models, described earlier, are used in this process together with the regulatory prescribed LGD of 90% and a maturity factor of five years. The PD/LGD approach is used for most of the group’s South African equity investment portfolios. Where no suitable model exists for the equity investment, the default capital calculation is the simple risk-weighted approach. Under this approach, listed and unlisted equity exposures are ascribed a 300% and 400% risk weighting respectively. Table 12: Equity exposures under the simple riskweighted method June 2010 Rm Listed Unlisted Total 6.2.3.4 Retail mortgages individuals and are a combination of both drawn and undrawn EADs.  Internally developed behavioural scorecards are used to measure the behavioural performance of each individual account. PDs are calculated from the behaviour scores using statistical calibration of internal historical default experience and are used to determine the portfolio distribution on the 25  point master rating scale. The individual account PDs are used to determine the overall PD for the retail mortgage portfolio.  The LGDs per product are estimated using historic recovery data. When a customer defaults, some part of the amount outstanding on the loan is recovered. The part that is not recovered, the actual loss, together with the costs associated with the recovery process are used to determine estimated cash flows and LGDs. In addition, a downturn LGD factor is applied to the estimated LGD. 910 1 163 2 073 December 2009 Rm 1 073 1 303 2 376

 Retail mortgage exposures relate to mortgage loans to

6.2.3.2.2 Slotting approach  The slotting approach has been adopted for some specialised lending asset classes. Under this approach, the assets are evaluated against a set number of criteria and based on this evaluation an appropriate risk profile and risk weighting are calculated.
Table 11: Specialised lending exposures under the slotting approach June 2010 Rm Based on ? risk weight 70% – 95% 115% – 250% Total 229 993 1 222 369 877 1 246 December 2009 Rm

22

Standard Bank Group risk management report for the six months ended June 2010

  EAD represents the expected level of usage of the facility when default occurs. During the course of a loan, the customer may not have drawn the loan fully or may have already repaid some of the principal loan amount, thus the exposure is typically less than the approved loan limit. However, by using historical data it is possible to estimate the average utilisation of limits of an account when default occurs, taking into consideration the fact that customers may make more use of their facilities as they approach default. 6.2.3.5 Qualifying revolving retail exposures (QRRE)  QRRE relates to cheque accounts, credit cards and revolving personal loans. These products include both drawn and undrawn exposures.

 Separate LGD models are used for each product portfolio and are based on historic recovery data.  EAD is measured as a percentage of the credit facility limit, based on historical averages. EAD is estimated per portfolio and per portfolio-specific segments using internal historic data on limit utilisation. 6.2.3.6 Other retail  Other retail refers to other branch lending and vehicle finance for retail and retail SME portfolios. Branch lending includes both drawn and undrawn exposures, while vehicle and asset finance only has drawn exposures.  The credit behaviour of each portfolio is measured

 Internally developed behavioural scorecards for cheque and credit card accounts and revolving personal loans are used to measure the anticipated performance for each account. The behaviour score is mapped to a PD for each portfolio using a statistical calibration of portfolio-specific historical default experience. The behavioural scorecard PDs are used to determine the portfolio distribution on the master rating scale.

using internally developed scorecards specific to each portfolio. The behaviour score is mapped to a PD for each portfolio using a statistical calibration of portfolio-specific historical default experience.  As with QRRE portfolios, the LGDs are estimated for portfolio-specific segments using historic recovery data, and the EAD is estimated per portfolio and per portfolio-specific segment using internal historic data on limit utilisation.

Standard Bank Group risk management report for the six months ended June 2010

23

Risk management continued

Table 13: Analysis of PDs, EADs and LGDs by risk grade under the IRB approach Corporate Exposure weighted average risk LGD weight % % Sovereign Exposure weighted average risk LGD weight % % Banks Exposure weighted average risk LGD weight % %

Average PD % June 2010 Non-default 1–4 5–7 8–12 13–21 22–25 Default Total December 2009 Non-default 1–4 5–7 8–12 13–21 22–25 Default Total 0,03 0,06 0,27 2,13 32,93 100,00 0,03 0,05 0,25 2,29 31,77 100,00

EAD Rm

EAD Rm

EAD Rm

216 791 5 308 10 800 76 981 120 325 3 377 9 353 226 144 35,84 42,85 34,38 36,46 33,24 43,08 36,27 9,25 19,35 38,42 75,91 130,24 77,40

79 703 5 835 215 70 522 3 130 1 513 80 216 29,77 21,68 20,96 29,99 44,19 45,00 22,11 0,85 19,75 14,34 55,25 6,40 1,46

104 102 24 142 37 176 38 007 4 547 230 442 104 544 39,41 37,34 34,84 43,19 45,00 43,88 37,21 10,86 13,03 21,27 98,63 248,78

236 235 4 682 8 187 92 468 127 072 3 826 8 872 245 107 35,82 42,83 35,50 36,78 26,22 39,80 36,43 8,78 21,28 43,09 83,35 82,10 20,61

59 981 4 989 31,18 1,37

120 244 47 215 38 114 37,18 36,63 36,57 44,05 9,72 12,25 24,07 90,37

52 183 2 809

13,73 26,39

8,95 52,67

31 007 3 908

561 60 542

45,00 16,05

3,17

532 120 776

43,14 37,10

As at 30 June 2010 42,1% (31 December 2009: 43,6%) of the asset class exposures are investment grade. As per the group master rating scale, investment grade is represented by risk grades 1 to 12. Challenging economic conditions persisted during the first six months of 2010. The movement in the retail mortgage portfolio is largely due to the migration of a sub-portfolio from the

standardised approach to AIRB as well as increasing demand for mortgage finance. Bank exposures decreased due to increased placements of surplus liquidity with sovereign counterparties. The decrease in corporate exposures is attributable to net repayments of drawn down facilities and the temporary reclassification of certain exposures from the AIRB and FIRB approaches to the standardised approach.

24

Standard Bank Group risk management report for the six months ended June 2010

Retail mortgages Exposure weighted average risk LGD weight % %

QRRE Exposure weighted average risk LGD weight % %

Retail other Exposure weighted average risk LGD weight % %

Equity

EAD Rm

EAD Rm

EAD Rm

Exposure Rm

PD %

230 594 32 43 917 163 416 23 229 25 897 256 491 16,31 16,21 16,39 16,57 16,49 16,39 5,04 18,77 2,67 2,98

45 829 3 1 356 6 122 33 717 4 631 4 597 50 426 62,82 50,57 54,45 65,93 68,07 67,65 64,47 1,96 8,85 48,72 6,69 6,64

70 201 1 566 2 621 9 241 51 774 4 999 4 298 74 499 11,88 16,26 24,24 30,29 28,42 32,81 28,68 0,68 1,14 4,02 22,52 2,17 1,87

3 301 948 2 178 175 3 301 0,35 1,47 14,48

204 987 1 137 1 366 37 740 145 237 19 507 22 500 227 487 15,25 15,17 15,23 15,52 15,69 15,66 15,50 0,12 0,15 4,12 15,85 2,13 2,46

46 180 114 1 308 6 719 33 162 4 877 4 542 50 722 41,39 45,41 50,02 64,98 68,56 67,44 63,01 0,17 1,99 10,21 50,40 7,41 6,90

72 065 2 329 2 756 8 267 54 136 4 577 4 107 76 172 12,23 17,91 24,45 28,86 26,11 31,65 27,45 0,90 1,06 3,19 20,82 1,76 1,58

3 409

978 2 431

0,40 1,56

3 409

Standard Bank Group risk management report for the six months ended June 2010

25

Risk management continued

6.2.4

Credit portfolio analysis follow in terms of Basel II approach as well as asset class, industry and geography. Table 14: Asset class exposure by Basel II approach and class On-balance sheet Standardised Rm June 2010 Corporate Sovereign Banks Retail exposure Retail mortgages QRRE Other retail Total December 2009 Corporate Sovereign Banks Retail exposure Retail mortgages QRRE Other retail Total
1 2

 The credit portfolio is analysed in the tables that

Off-balance sheet AIRB Rm Standardised Rm FIRB Rm AIRB Rm

Repurchase and resale agreements Standardised Rm FIRB Rm AIRB Rm

FIRB Rm

64 842 29 025 30 342 26 724 7 729 2 349 16 646 150 933

55 084 3 891 17 347 76 322

107 703 71 809 46 367 329 418 239 361 32 745 57 312 555 297

9 911 1 018 153 12 807 4 081 8 726 23 889

5 831 61 1 658 7 550

62 130 4 848 6 170 77 804 33 368 27 081 17 355 150 952

869 603 317 1 789

20 958 53 493 74 451

18 785 2 829 16 542 38 156

51 849 21 338 31 631 45 104 7 663 1 714 35 727 149 922

64 800 3 594 17 426

118 942 54 166 66 459 300 622 210 260 32 432 57 930

9 550 877 212 10 389

6 290 108 2 335

57 562 3 203 6 055 78 685 33 338 736 34

14 861

24 932 2 000

37 773

15 352

3 382 7 007 21 028 8 733

26 975 18 372 145 505 770 52 634 42 284

85 820

540 189

Amount before the application of any offset, mitigation or netting. Restated, please refer to page 9. Specific impairments include impairments relating to securitisations.

 The two most significant asset classes, corporate and retail mortgages, have significant levels of collateralisation in place.  Changes in underlying asset classes were as a result of the following: ?? During the period, a mortgage type sub-portfolio was migrated from the standardised approach, where it was included under other retail, to the AIRB approach, where it was included under

retail mortgages. This was the primary reason for a R17,4 billion decrease in standardised other retail exposure, which together with increased demand for mortgage finance, resulted in a R29,1 billion increase to AIRB approach retail mortgages. ?? Standardised corporate and sovereign exposures increased by R15,3 and R7,7 billion respectively due to asset growth as well as the temporary reclassification of certain exposures from the

26

Standard Bank Group risk management report for the six months ended June 2010

Derivative instruments Standardised Rm FIRB Rm AIRB Rm

Total by approach Standardised Rm FIRB Rm AIRB Rm Total Rm FIRB Rm

EAD AIRB Rm

Gross Impairment of defaulted exposures exposures1 Specific2 Portfolio Rm Rm Rm

2 341 1 706 3 048

21 726 849 29 052 51 627

14 611 1 283 59 774 75 668

77 963 103 599 30 647 4 801

203 229 80 769 128 853 407 222 272 729 59 826 74 667

384 791 116 217 261 921 446 753 280 458 66 256 100 039

74 042 5 078 37 509

153 324 75 138 67 035 381 416 256 491 50 426 74 499 676 913

10 611 425 443 36 266 26 171 4 721 5 374 47 745

2 274 35 246 10 643 5 099 2 461 3 083 13 198 5 266

31 518 101 550 39 531 7 729 6 430 25 372

179 659 209 950

820 073 1 209 682 116 629

1 233

22 426 618

13 484 886 54 164

62 632 22 951 31 990 55 493 7 663 5 096 42 734

108 377 4 320 85 318

214 920 60 255 142 030 379 307 243 598 59 407 76 302

385 929 87 526 259 338 434 800 251 261 64 503 119 036

85 164 4 310 35 416

161 188 56 232 85 360 354 381 227 487 50 722 76 172 657 161

10 970 560 590 34 027 22 704 4 657 6 666 46 147

2 924 82 358 9 714 4 438 2 258 3 018 13 078 5 588

113

27 784

1 346

50 828

68 534

173 066

198 015

796 512

1 167 593 124 890

AIRB and FIRB approaches to the standardised approach. ?? Repurchase and resale agreements subject to the FIRB approach increased by R21,8 billion mainly due to an overall increase in activity with major banking counterparties. ?? On-balance sheet bank exposures subject to the AIRB approach decreased by R20,1 billion due

to increased placements of surplus liquidity with sovereign counterparties. ?? The decrease in AIRB corporate exposures of R11,7 billion is attributable to net repayments of drawn down facilities and the previously mentioned temporary reclassification of exposures from the AIRB and FIRB approaches to the standardised approach.

Standard Bank Group risk management report for the six months ended June 2010

27

Risk management continued

Table 15: Basel II exposures by type of asset and industry Onbalance sheet Rm June 2010 Agriculture Mining Manufacturing Electricity Construction Wholesale Transport Finance, real estate and ? other business services Private households Other Total December 2009 Agriculture Mining Manufacturing Electricity Construction Wholesale Transport Finance, real estate and ? other business services Private households Other Total
1 2

Off- Repurchase balance and resale Derivative sheet agreements instruments Rm Rm Rm 5 824 20 143 17 779 2 272 5 005 14 336 11 020 29 022 68 439 8 551 182 391 4 387 41 71 512 113 381 114 396 43 3 046 2 892 2 110 221 9 478 1 265 109 409 8 1 871 130 343

Total gross exposure Rm 17 349 49 054 56 745 11 694 10 915 58 133 42 154 501 157 377 337 85 144 1 209 682

Gross defaulted exposures1 Rm 804 1 400 3 627 287 323 711 356 6 853 32 290 1 094 47 745

Impairment of exposures Specific2 Portfolio Rm Rm 396 342 698 27 119 276 159 2 376 8 422 383 13 198 5 266

11 478 25 478 36 033 7 241 5 689 33 807 29 869 249 345 308 890 74 722 782 552

10 321 27 606 35 238 5 406 5 561 32 316 35 681 273 421 297 528 52 853 775 931

5 857 16 732 18 019 1 954 4 739 14 123 8 425 29 725 65 846 9 846 175 266

402 122

692

122 3 829 3 060 1 733 188 8 195 1 622 101 672 2 285 120 708

16 300 48 569 56 439 9 093 10 488 55 326 45 728 499 290 363 376 62 984 1 167 593

1 040 1 306 1 523 355 312 1 781 433 7 405 30 459 1 533 46 147

400 369 831 30 118 253 131 2 700 7 794 452 13 078 5 588

94 472

95 688

Amount before the application of any offset, mitigation or netting. Restated, please refer to page 9. Specific impairments include impairments relating to securitisations.

Graph 3: Basel II exposures by industry
Rbn 700 600 500 400 300 200 100 Finance, real estate and other business services Electricity Construction Private households Agriculture Mining Manufacturing Wholesale Transport Other 0

Graph 4: Basel II total gross exposure by geographic region
Rbn 800 700 600 500 400 300 200 100 0 South Africa Rest of Africa Outside Africa

? ?

December 2009 June 2010

? ?

December 2009 June 2010

28

Standard Bank Group risk management report for the six months ended June 2010

Table 16: Basel II exposures by type of asset and geographic region Onbalance sheet Rm June 2010 South Africa Other African countries Europe Asia North America South America Other Total December 2009 South Africa Other African countries Europe Asia North America South America Other Total
1 2

Offbalance sheet Rm

Repurchase and resale Derivative agreeinstruments ments Rm Rm

Total gross exposure Rm

Gross defaulted Impairment of exposures exposures1 Specific2 Portfolio Rm Rm Rm

550 125 107 214 44 765 34 208 11 807 34 072 361 782 552

151 446 11 054 5 801 6 089 417 7 534 50 182 391

40 058 465 55 233 6 661 3 321 8 628 30 114 396

21 650 2 170 68 644 5 445 29 572 2 621 241

763 279 120 903 174 443 52 403 45 117 52 855 682

37 787 2 575 4 252 1 380 90 1 535 126 47 745

10 987 759 421 222 82 599 128 13 198

5 266

130 343 1 209 682

535 548 86 967 70 360 31 086 20 907 28 919 2 144 775 931

144 370 12 946 4 505 6 119 1 205 6 045 76 175 266

43 752 939 37 085 2 553 1 449 9 910 95 688

19 924 2 381 63 233 5 762 25 926 3 141 341

743 594 103 233 175 183 45 520 49 487 48 015 2 561

36 248 2 834 2 517 2 642 412 1 369 125 46 147

10 297 1 000 524 536 47 595 79 13 078 5 588

120 708 1 167 593

Amount before the application of any offset, mitigation or netting. Specific impairments include impairments relating to securitisations.

Table 17: Movement in group loans and advances impairment as at June 2010 June 2010 Corporate Rm Impaired loans – Impairments Balance at beginning of the period Net impairment raised and released Impaired accounts written off Discount element recognised in interest income Exchange and other movements Balance at end of the period Performing loans – Impairments Balance at beginning of the period Net impairment raised and released Impaired accounts written off Exchange and other movements Balance at end of the period Total 13 2 150 4 061 (3) 1 709 8 828 1 1 407 5 575 11 5 266 18 464 2 343 (206) 1 805 (93) 1 440 (34) 5 588 (333) 5 422 318 (4) (148) 5 588 18 666 2 839 56 (992) (16) 24 1 911 6 498 2 572 (1 198) (760) 7 7 119 3 741 1 812 (1 272) (144) 31 4 168 13 078 4 440 (3 462) (920) 62 13 198 8 596 12 291 (5 323) (1 785) (701) 13 078 Retail secured Rm Retail unsecured Rm Total Rm December 2009 Total Rm

Standard Bank Group risk management report for the six months ended June 2010

29

Risk management continued

Table 18: Basel II exposures by residual contractual maturity Less than 1 year Rm June 2010 Corporate Sovereign Banks Retail exposure Retail mortgages QRRE Other retail Total December 2009 Corporate Sovereign Banks Retail exposure Retail mortgages QRRE Other retail Total 156 261 58 308 180 887 59 069 7 317 13 875 37 877 454 525 186 020 24 028 54 659 109 716 4 322 50 381 55 013 374 423 43 648 5 190 23 792 266 015 239 622 247 26 146 338 645 385 929 87 526 259 338 434 800 251 261 64 503 119 036 1 167 593 172 266 74 206 173 792 61 243 7 067 13 325 40 851 481 507 170 791 29 254 59 087 109 241 3 844 52 686 52 711 368 373 41 734 12 757 29 042 276 269 269 547 245 6 477 359 802 384 791 116 217 261 921 446 753 280 458 66 256 100 039 1 209 682 1 to 5 years Rm Greater than 5 years Rm Total gross exposure Rm

6.2.5

Credit risk mitigation  Guarantees and related legal contracts are often required, particularly in support of credit extension to groups of companies and weaker counterparties. Guarantor counterparties include banks, parent companies, shareholders and associated counterparties. Creditworthiness is established for the guarantor as for other counterparty credit approvals.  For derivative transactions, the group typically requires the use of internationally recognised and enforceable Institute of Swap Dealers Association (ISDA) agreements with a credit support annexure, where necessary. Exposures are generally marked-to-market daily, netting is applied to the full extent contractually agreed by the parties, and cash or near cash collateral is posted where contractually provided for.  Since the counterparty credit risk of derivatives can vary over time in line with market factors, exposures to counterparty credit risk are calculated by either adding increases in future potential exposure to the balance of present exposure, or modelling the change in expected future exposure using Monte Carlo simulation techniques. credit hedging and on- and off-balance sheet netting are widely used by the group to mitigate credit risk. The amount and type of credit risk mitigation depends on the circumstances of each case.

 Collateral, guarantees, credit derivatives, contingent

 Credit risk mitigation policy and procedure ensure that credit risk mitigation techniques are acceptable, used consistently, valued appropriately and regularly, and meet the risk requirements of operational management for legal, practical and timely enforceability. Detailed processes and procedures are in place to guide each type of mitigation used.  The main types of collateral taken are mortgage bonds over residential, commercial and industrial properties, cession of book debts, bonds over plant and equipment and, for leases and instalment sales, the underlying moveable assets financed. Security values are reviewed on a regular basis and are revalued at the time of default if it is found that the existing value could have shifted materially from the time of valuation. Reverse repurchase agreements are underpinned by the assets being financed, which are mostly liquid, tradeable financial instruments.

30

Standard Bank Group risk management report for the six months ended June 2010

  To

manage

actual

or

potential

portfolio

risk

where this may arise include reverse repurchase and collateralised forward sale transactions. This risk is addressed by considering the higher than normal correlation between the default event and exposure to a counterparty when calculating the potential exposure on these transactions, as well as limiting the concentration risk by setting caps on the type and liquidity profile of collateral taken. 6.2.5.3  Collateral required in the event of a credit rating downgrade  The group enters into derivative contracts with rated and unrated counterparties. To mitigate counterparty credit risk, the group stipulates credit protection terms such as limitations on the amount of unsecured credit exposure it will accept, collateralisation if mark-tomarket credit exposure exceeds those amounts and collateralisation and/or termination of the contract if certain credit events occur, including but not limited to a downgrade of the counterparty’s public credit rating.  Some counterparties require that the group provide similar credit protection terms. From time to time, the group may agree to provide those terms on a restrictive

concentrations in areas of higher credit risk and credit portfolio growth, the group implements hedging and other strategies from time to time. This is typically done at individual counterparty, sub-portfolio and portfolio levels.  Syndication, distribution and sale of assets; asset and portfolio limit management; credit derivatives and credit protection are used. Implementation and performance are measured regularly and reporting tools are in place to ensure effective monitoring. Graph 5: Basel II exposure and mitigation by asset class
Rbn 500 450 400 350 300 250 200 150 100 50 0 Corporate Sovereign Banks Retail1

? ?
1

Gross exposure December 2009 Credit risk mitigation December 2009

? ?

basis. Rating downgrades as a collateralisation or termination event are generally conceded only to highly-rated counterparties and, whenever possible, on a bilateral reciprocal basis. In exceptional cases, the group might concede such rating downgrades to unrated counterparties when their size, credit strength and business potential are deemed acceptable.  The impact on the group with respect to the amount of collateral it would have to provide given a credit downgrade is determined by the negative markto-market on derivative contracts where such a collateralisation trigger has been conceded.  Where the impact on the group’s liquidity of a collateral call linked to downgrading is deemed to be material, the potential exposure is taken into account in model stress testing. However, the extent of legal commitments that could result in collateral calls triggered by a rating downgrade is not material and would not have an adverse effect on the group’s financial position.

Gross exposure June 2010 Credit risk mitigation June 2010

Retail includes retail mortgages, QRRE and other retail.

6.2.5.1 Collateral  Specialised legal practitioners within risk functions and business units are responsible for ensuring that legally valid, binding and enforceable loan agreements and amendments to standard security documents are in place, where required. Security is provided to the group by counterparties accepting lending facilities. In some instances, further counsel is sought from external attorneys with respect to unusual forms of security or where security is provided by foreign companies, or where the security is domiciled in jurisdictions with untested or uncertain legal frameworks. 6.2.5.2 Wrong way risk exposures  Wrong way risk arises where there is a positive correlation transaction between exposure. counterparty Examples of default and transactions

Standard Bank Group risk management report for the six months ended June 2010

31

Risk management continued

Table 19: Basel II credit risk mitigation for portfolios under the IRB approach Eligible financial collateral Rm June 2010 Corporate Sovereign Banks Retail exposures Retail mortgages QRRE Other retail Total December 2009 Corporate Sovereign Banks Retail exposures Retail mortgages QRRE Other retail Total 3 125 337 60 902 4 778 59 654 3 271 682 236 653 252 34 777 308 523 37 628 91 217 35 688 1 153 28 741 3 539 5 348 21 081 34 70 102 146 412 9 504 135 104 271 685 236 653 252 34 780 562 705 61 520 5 601 75 537 3 3 142 661 301 620 264 670 276 36 674 337 372 34 717 1 035 33 944 4 591 5 160 43 695 21 423 139 78 436 99 998 151 604 11 366 159 133 301 623 264 670 276 36 677 623 726 Other eligible IRB collateral Rm Guarantees and credit derivatives Rm Effects of netting agreements Rm Total credit risk mitigation Rm

Table 20: Basel II credit risk mitigation for portfolios under the standardised approach Effects of netting agreements Rm June 2010 Corporate Sovereign Banks Retail Total December 2009 Corporate Sovereign Banks Retail Total
.

Eligible financial collateral Rm

Guarantees and credit derivatives Rm

Total credit risk mitigation Rm

537 613 1 150

6 759 1 179 6 939

2 074 30 130 119 2 353

9 370 30 744 298 10 442

54

1 780 44 30 229

1 472 2 11 218 1 703

3 306 46 41 447 3 840

54

2 083

32

Standard Bank Group risk management report for the six months ended June 2010

6.2.6

Counterparty credit risk transactions and the over-the-counter (OTC) derivatives represents the group’s exposure to counterparty credit risk.

6.2.6.2 Analysis of OTC derivatives  Included in the total credit risk exposure is exposure to counterparty credit risk. The details of this counterparty credit risk are disclosed in table 22. Derivative transactions traded on a recognised exchange or with a central counterparty, for example a clearing house, have been excluded as such exposures are not subject to capital requirements with respect to counterparty credit risk. Table 22: Basel II OTC derivatives exposure June 2010 Rm Notional principal Interest rate products Forex and gold Equities 61 686 52 710 114 396 41 295 54 394 95 689 Precious metals Other commodities Credit derivatives Protection bought Protection sold 28 337 75 626 7 097 111 060 12 528 30 140 830 50 169 10 621 91 760 13 810 Total Gross positive fair ? value Interest rate products Forex and gold Equities Precious metals Other commodities Credit derivatives Protection bought Protection sold Netting benefits Netted current ? credit exposure ? (ie net fair value) Exposure at default Collateral Cash Debt securities Total 7 110 49 7 159 9 310 44 9 354 7 570 532 1 169 670 36 939 76 935 252 836 211 250 100 426 110 824 9 318 162 130 244 77 633 26 793 1 929 3 087 16 320 4 482 3 556 926 (101 148) 6 053 618 835 946 50 333 83 802 232 257 155 082 73 477 81 605 7 411 038 120 567 59 019 31 650 3 407 3 482 19 283 3 726 2 532 1 194 (91 271) December 2009 Rm

 The analysis that follows regarding securities financing

6.2.6.1 Analysis of securities financing transactions  Securities financing transactions include repurchase agreements, resale agreements, securities lending and securities borrowing agreements for all relevant Basel II asset classes and collateral held. Table 21: Basel II securities financing transactions June 2010 Rm Exposure With master netting ? agreement Without master netting ? agreement Total Collateral Cash Commodities Debt securities Equities Total Exposure at default December 2009 Rm

29 096 65 808

29 296 60 252

Standard Bank Group risk management report for the six months ended June 2010

33

Risk management continued

6.2.7

Securitisation its funding strategy for its South African operations to provide added flexibility in mitigating structural liquidity risk and diversifying the funding base. Credit risk transfer and capital relief are factored in when deciding the economic merits of each new securitisation issue.

adopted the ratings-based approach under the AIRB approach.  An impairment of R60 million (on subordinated loans provided to SPEs) was recognised at the end of the 2009  financial year. For the period ended 30  June  2010, based on updated credit risk assessments, no further provisions were recognised.

 The group has used securitisation primarily as part of

 The group has entered into securitisation transactions in the normal course of business in which it transferred recognised financial assets directly to third parties or special purpose entities (SPEs), or in the secondary role as an investor in securitisation vehicles.  The group complies with IFRS in recognising and accounting for securitisation transactions. SPEs are consolidated into the group when required by IFRS.  In accordance with IAS 39, no gain or loss on sale is recognised as these assets are sold at carrying value. Securitised assets are derecognised when required to reflect the element of risk and reward transfer.  For local securitisations in South Africa, Moody’s Investor Services and/or Fitch were appointed as ratings agencies. For securitisation issues outside Africa, Standard & Poor’s has previously been appointed.  The group fulfils a number of roles in the process of securitising assets including, among others, sponsor, hedge counterparty, commercial paper dealer, liquidity facility provider of asset-backed commercial paper conduits (special purpose legal entities), subordinated lender and calculating agent.  The credit granting, monitoring and debt management processes followed for securitised assets are the same as for similar assets in the group. Performing loans, non-performing loans and related provisions are included in the group’s results.  To calculate the regulatory capital on securitised assets that are retained by the group, both the AIRB and standardised approaches are used and the group has  In terms of instalment sale securitisation vehicles, Accelerator Fund 2 exercised its clean-up call option during June 2010 in accordance with the transaction documents and the securitisation regulations promulgated under the Banks Act, 1990. All note holders and the subordinated lender were repaid in full which amounted to R260,3 million.  All the notes issued by the retail mortgage securitisations under the Blue Granite programme (Blue Granite 1, 2, 3 and 4) are currently amortising. The Siyakha Fund (a securitisation of low income housing loans) is scheduled to commence amortisation in November 2010. As originator As investor Total activity ? for the period
1

Table 23: Analysis of securitisation activity for the period December June 2010 Total1 Rm 2009 Total Rm

280 280

1 567 1 567

Relates to retail mortgages. 

 The securitisation activity for 2010 comprises a loan facility of R280  million to Thekwini Warehousing Conduit that was effective at 1 March 2010.  The group did not use securitisations as an alternative source of funding for the six months ending June 2010, due to the severe contraction in local and international securitisation markets.

34

Standard Bank Group risk management report for the six months ended June 2010

Table 24: Basel II securitised on-balance sheet exposures June 2010 Retail mortgages Rm IRB Personal & Business Banking Investment grade Sub-investment grade Corporate & Investment Banking Investment grade Total Standardised Personal & Business Banking Investment grade Total
1 2

December 20092 Total Rm Total Rm

Retail loans1 Rm

1 072 804 268 2 553 3 625 1 266 1 266

1 072 804 268 3 819 4 891

772 552 220 4 252 5 024

318 318

Retail loans consist of retail instalment sales and leasing, and retail revolving products. Restated, refer to page 9.

Table 25: Basel II securitised off-balance sheet exposures June 2010 Corporate Rm Corporate & Investment Banking Unrated Investment grade Total IRB exposures
1

December 20091 Retail loans Rm Total Rm Total Rm

Retail mortgages Rm

2 750 1 368
2

2 750 323 323 4 363 7 113 7 349 7 349

2 672 5 422

1 368



2

Restated, refer to page 9. Comprise investment-grade exposures, under the IRB approach, in Corporate & Investment Banking.

Table 26: Basel II securitisation capital deductions by approach Riskweighted assets Rm June 2010 IRB Total December 2009 IRB Standardised Total
1

Primary capital and reserve funds Rm

Secondary capital and reserve funds Rm

2 999 2 999
1

329 329

329 329

2 418 193 2 611

284 1 285

284 1 285

Restated, refer to page 9.

Standard Bank Group risk management report for the six months ended June 2010

35

Risk management continued

7.? Country risk
 The management of country risk is delegated by the GCC to the group country risk management committee (GCRC), a subcommittee of GROC. The GCRC recommends country risk appetite for individual countries and ensures, through compliance with the country risk standard, that country risk is effectively governed, identified, measured, managed, controlled and reported in the group.  An internal rating model is used to determine the rating of each country in which the group has an exposure. The model inputs are continually updated to reflect economic and political changes in countries. The country risk model output provides an internal risk grade which is calibrated to a 1 to 25 rating scale. Reviews of all countries to which the group is exposed are conducted annually. In determining ratings, the group’s network of operations, country visits and external sources of information are used extensively.  The country risk model also rates sovereigns. Sovereign ratings are distinct from country risk ratings in that they focus on sovereign counterparty creditworthiness, whereas country risk ratings provide a more holistic

view, covering transfer and convertibility risk, economic (or credit portfolio risk), as well as sovereign risk. As with country risk ratings, an internal rating model is used to determine sovereign ratings. The sovereign model is an extension of the country model, with sovereign inputs updated in tandem with updates to the country model. Like the country risk model, the sovereign risk model provides an internal risk grade which is calibrated to a 1 to 25 rating scale. Sovereign risk reviews occur in tandem with country reviews, with the research process underpinning sovereign reviews comparable with the country risk process.  Countries and sovereigns rated 8 and higher, referred to as medium and high risk countries and sovereigns, are subject to increased central monitoring. For those with an internal risk grade of 7 and lower, referred to as low risk countries and sovereigns, a lesser degree of analysis is generally performed.  Total medium and high risk country risk exposures as at 30 June 2010 were USD14,6 billion (December 2009: USD14,0 billion).  Country concentration risk is managed and monitored by geographic region and country.

Graph 6: Top five high risk cross-border country exposures EAD
USDm 2 500 2 000 1 500 1 000 500 0 China

Nigeria

Russian Federation

Brazil

Botswana

? ?

December 2009 June 2010

36

Standard Bank Group risk management report for the six months ended June 2010

Graph 7: Medium and high risk country risk exposures by region
% 100 80 60 40 20 20 0 December 2009 June 2010 34 32 11 12 17 28

14 13 19

? ? ?

Sub-Saharan Africa South America Middle East and North Africa

? ?

Emerging Europe Emerging Asia

 Emerging European exposures were reduced due to the deterioration of economic conditions in the region. The decrease in exposures to sub-Saharan Africa resulted from a drop in trading exposure. The increase in Emerging Asia exposures is due to increased placement of spare liquidity with banks in the regions as well as an increase in trade finance and base metals trading flows. The decreased concentration in South America is a reflection of a drop in trading exposure.

Standard Bank Group risk management report for the six months ended June 2010

37

Risk management continued

8.? Liquidity risk
8.1 Framework and governance
continuous exposure to liquidity risk. The group’s liquidity management framework, which is largely unchanged from the previous financial reporting period, is designed to measure and manage liquidity positions in such a way as to ensure that payment obligations can be met at all times, under both normal and considerably stressed conditions.  On an annual basis, and in accordance with regulatory requirements and international best practice, the liquidity risk standards are reviewed and approved by both GROC and the GRCMC. This ensures that a comprehensive and consistent governance framework for liquidity risk management is followed across the group. Each banking entity in the group has an asset and liability management committee (ALCO) or similar committee responsible for ensuring compliance with liquidity risk policies. Both the Africa ALCO and international capital committee report into the group ALCO, chaired by a group deputy chief executive.  The nature of banking and trading results in

application of purpose-built technology, documented processes and procedures, independent oversight and regular independent reviews and evaluations of system effectiveness.  In periods of stable market conditions, the group’s consolidated liquidity risk position is monitored on at least a monthly basis by ALCO. In periods of increased volatility, the frequency of meetings is increased significantly to facilitate appropriate management action.  The group remains cognisant of the potential liquidity risk-related regulatory reforms proposed by various regulating entities and continues to monitor developments closely.

8.3

Liquidity buffer
maintained as protection against unforeseen

 Portfolios of highly marketable securities are disruptions in cash flows, over and above prudential requirements. These portfolios are managed within ALCO-defined limits on the basis of diversification and liquidity.  Table 27 provides a breakdown of the group’s surplus marketable securities and foreign currency placements as at June 2010, compared to the 2009 closing position. These portfolios are highly liquid and can be readily sold to meet liquidity requirements. Table 27: Group unencumbered surplus liquidity June 2010 Rbn Marketable assets Short-term foreign ? currency placements Total unencumbered ? marketable assets Other readily accessible ? liquidity Total group ? unencumbered ? surplus liquidity 72,8 27,4 100,2 4,8 December 2009 Rbn 65,4 47,0 112,4 6,2

8.2

Liquidity and funding management
applicable regulations and international best practice.

 The group manages liquidity in accordance with

 As part of a consistent liquidity management process, the group is required to: ?? maintain a sufficiently large liquidity buffer; ?? ensure a structurally sound statement of financial position; ?? manage short- and long-term cash flow; ?? manage foreign currency liquidity; ?? preserve a diversified funding base; ?? undertake regular liquidity stress testing and scenario analysis; and ?? maintain adequate contingency funding plans.

 The cumulative impact of these elements is monitored by group ALCO and the process is underpinned by a system of extensive controls. These include the

105,0

118,6

38

Standard Bank Group risk management report for the six months ended June 2010

  In addition to minimum requirements, surplus liquidity holdings are informed by the results from liquidity stress testing as per Basel principles and in certain instances, in-country regulations. Group unencumbered surplus liquidity decreased to

Graph 8: Group behaviourally adjusted cumulative liquidity mismatch
% 20 % of funding-related liabilities 15 10 5 0 -5 -10 -15

R105,0  billion as at 30 June 2010 (R118,6 billion as at 31 December 2009), reflecting the group’s proactive liquidity management approach as informed by stress testing requirements and prevailing market conditions.

8.4

Structural requirements
from the contractual position, behavioural profiling is applied to assets, liabilities and off-balance sheet commitments with an indeterminable maturity or drawdown period, as well as to certain liquid assets. Behavioural profiling assigns probable maturities based on actual customer behaviour.

-20 0-7 days 0-1 month 0-3 months 0-6 months 0-12 months

 With actual cash flows typically varying significantly
?

December 2009

?

June 2010

Internal limit

One of the mechanisms employed to ensure adherence to these limits is the active management of the long-term funding ratio. The ratio is defined as those funding-related liabilities with a remaining maturity of greater than six months as a percentage of total funding-related liabilities. The graph below illustrates the group’s long-term funding ratio for the period January 2008 to June 2010. The increase in the ratio is attributed to the increased percentage of term funding raised to support term lending.

 This is used to identify significant additional sources of structural liquidity in the form of liquid assets and core deposits, such as current and savings accounts that exhibit stable behaviour, although these are repayable on demand or at short notice.  Graph 8 shows the group’s cumulative maturity mismatch between assets and liabilities for the 0 to 12 months bucket, after applying behavioural profiling. Limits are set internally to restrict the cumulative liquidity mismatch between expected inflows and outflows of funds in different time buckets. These mismatches are monitored on a regular basis with active management intervention if potential limit breaches become apparent. The structural mismatch is comfortably within the stated mismatch risk appetite.

Graph 9: Long-term funding ratio
% 30

27

24

21

18

15 January 2008 June 2010

Standard Bank Group risk management report for the six months ended June 2010

39

Risk management continued

8.5

Cash flow management
integrated effort across a number of functional areas. Short-term cash flow projections are used to plan for and meet the day-to-day requirements of the business, including adherence to prudential and internal requirements.

Table 28: Depositor concentration – South Africa June 2010 % Single depositor Top-ten depositors 2,5 10,7 December 2009 % 1,8 8,5

 Active liquidity and funding management is an

 Primary sources of funding are in the form of deposits across a spectrum of retail and wholesale clients, as well as long-term capital market funding. The group remains committed to increasing its core deposits and accessing domestic and foreign capital markets when favourable to meet its evolving funding requirements. Graph 10: Funding-related liabilities composition – SBSA
Rbn 180

 The group’s wholesale funding strategy is derived from the projected net asset growth which includes consideration of Personal & Business Banking and Corporate & Investment Banking asset classes, capital requirements, the maturity profile of existing wholesale funding and anticipated changes in the retail deposit base. Funding requirements and initiatives are assessed in accordance with ALCO requirements for diversification, tenor and currency exposure, as well as the availability and pricing of alternative liquidity sources.  An active presence is maintained in professional markets, supported by relationship management efforts among corporate and institutional clients.

135

90

45

0 Other rand and foreign currency deposits Senior and subordinated debt Government and parastatals Corporate funding Interbank funding Retail Foreign currency funding

 A number of parameters are observed to monitor changes in either market liquidity or exchange rates. A key parameter monitored is the foreign currency loans and advances extended in relation to foreign currency deposits raised.

? ?

December 2009 June 2010

8.8 8.7 Diversified funding base
sourcing liquidity in domestic and offshore markets.  Concentration risk limits are used to ensure that funding diversification is maintained across products, sectors, geographic regions and counterparties. In terms of the latter, limits are set internally to restrict single and top-ten depositor exposures, within the sight to three-month tenors, to below 10% for a single depositor and 20% for top-ten depositors of total funding-related liabilities respectively.  The group employs a diversified funding strategy,

 iquidity stress testing and scenario L analysis
part of the group’s liquidity management process. Anticipated on- and off-balance sheet cash flows are subjected to a variety of bank-specific and systemic stresses and scenarios to evaluate the impact of unlikely but plausible events on liquidity positions. Stresses and scenarios are based on hypothetical events as well as historical events.

 Stress testing and scenario analysis form an important

 This analysis is fully integrated into the group’s existing liquidity risk management framework. It provides assurance as to the group’s ability to generate sufficient liquidity under adverse conditions and provides meaningful input in defining target liquidity risk positions.

40

Standard Bank Group risk management report for the six months ended June 2010

Other liabilities to the public

Financial institutions

8.6

Foreign currency liquidity management

8.9

Contingency funding plans
possible, protect stakeholder interests and maintain market confidence, to ensure a positive outcome in the event of a liquidity crisis. The plans incorporate an extensive early warning indicator methodology supported by clear and decisive crisis response strategies. Early warning indicators cover bank-specific and systemic crises and are monitored according to assigned frequencies and tolerance levels. Crisis response strategies are formulated for the relevant crisis management structures and address internal and external communications, liquidity generation and operations, as well as heightened and supplementary information requirements.

 Contingency funding plans are designed to, as far as

Standard Bank Group risk management report for the six months ended June 2010

41

Risk management continued

9.? Market risk
9.1 Introduction
identification, management, control, measurement and reporting of market risk, which is consistent with the previous financial reporting period, has been categorised as follows: 9.1.1 Trading book market risk acts as a principal for clients in the market. The group’s policy is that all trading activities are contained in the group’s trading operations. 9.1.2 Interest rate risk in the banking book 9.3.1  The

and banking activities. Exposures and excesses are monitored daily, and reported monthly to the business unit ALCOs and quarterly to the group ALCO, GROC and the GRCMC.

9.3

Market risk measurement
risk include:

 The techniques used to measure and control market ?  value-at-risk (VaR); ?  stress tests and sensitivity analysis; ?  other market risk mitigants; ?  annual net interest income at risk; ?  economic value of equity; and ?  economic capital. Daily VaR to derive quantitative measures, specifically for market risk under normal conditions. Normal VaR is based on a holding period of one day and a confidence interval of 95%. Daily losses exceeding the VaR are likely to occur, on average, 13 times every 250 days.  The use of historic VaR has limitations as it is based on historical correlations and volatilities in market prices, and assumes that future prices will follow the observed historical distribution.  The group back-tests its VaR models to verify the predictive ability of the VaR calculations and ensure the appropriateness of the models. Back-testing compares the daily hypothetical profit and losses under the one-day buy and hold assumption to the prior day’s VaR. Where the bank has received internal model approval, a VaR using a confidence level of 99% is used to determine market risk regulatory capital.  Although VaR is a valuable guide to risk, it should always be viewed in the context of its limitations. These limitations can include: ?  the use of historical data as a proxy for estimating future events, which may not encompass all potential events, particularly those which are extreme in nature;

 These risks arise in trading activities where the group

 These risks arise from the structural interest rate risk caused by the differing repricing characteristics of banking assets and liabilities. 9.1.3 Equity investments and unlisted investments, which are approved by the appropriate equity governance committees across the group. 9.1.4 Foreign currency risk risk arise as a result of the translation effect on the group’s net assets in foreign operations, intra-group foreign-denominated debt and foreign-denominated cash exposures.

 The group generally uses the historical VaR approach

 These risks arise from equity price changes in listed

 The group’s primary exposures to foreign currency

9.2

Framework and governance
market risk exposure to GROC, which delegates this authority to group ALCO. Group ALCO sets market risk standards which are approved by the GRCMC to ensure that the measurement, reporting, monitoring and management of market risk across the group follows a common governance framework. The Africa ALCO and international capital committee report into the group ALCO, which is chaired by a deputy group chief executive.

 The board grants general authority to take on

 Market risk management units, independent of trading operations and accountable to business unit ALCOs, monitor market risk exposures due to trading

42

Standard Bank Group risk management report for the six months ended June 2010



?  the use of a one-day holding period, which assumes that all positions can be liquidated or the risk offset in one day. This may not fully reflect the market risk arising at times of severe illiquidity, when a one-day holding period may be insufficient to liquidate or hedge all positions fully;

on a daily basis to verify the accuracy of the model. In addition, back-testing is conducted using various methods, including testing VaR against hypothetical losses and testing VaR by changing various parameters, such as confidence intervals and observation periods used in the model.  In this manner, characteristics of the VaR model are captured to ensure the accuracy and appropriateness of the VaR measurement.  Graph 11 plots the results of back-testing for trading activities over six months and shows that the group’s model provided reasonably accurate measurements of market risk. 9.3.4 Other market risk mitigants business units include permissible instruments, concentration of exposures, gap limits, maximum tenor and stop loss triggers. In addition, most approved products that can be independently priced and properly processed are permitted to be traded. All VaR limits require prior approval from their respective ALCOs.  The market risk departments independently validate



?  the use of a 99% confidence level which, by definition, does not take into account losses that might occur beyond this level of confidence;



?  as VaR is calculated on the basis of exposures outstanding at the close of business, it does not necessarily reflect intra-day exposures; and



?  the fact that VaR is unlikely to reflect loss potential on exposures that only arise under significant market moves.

9.3.2

Stress tests losses that could occur in extreme market conditions. The stress tests carried out by the group include individual market risk factor testing, combinations of market factors per trading desk and combinations of trading desks. Stress tests include a combination of historical, hypothetical and Monte Carlo-type simulations.

 Other market risk mitigants specific to individual

 Stress testing provides an indication of the potential

9.3.3

Back-testing VaR, calculated using the VaR measurement model, is compared to actual realised and unrealised losses

and document new pricing models and perform an annual review of existing models to ensure they are still relevant and behaving within expectations.

 The group conducts back-testing in which estimated

Graph 11: Income of trading units and VaR
Rm

150

100

50

0

-50

-100

-150 January 2010 June 2010 99% VaR (including diversification benefits) 95% VaR (including diversification benefits)

?

Income of trading units

Standard Bank Group risk management report for the six months ended June 2010

43

Risk management continued

9.3.5

Annual net interest income at risk used to quantify the group’s anticipated interest rate exposure. This approach involves forecasting of the changing statement of financial position structures and interest rate scenarios, to determine the effect that these changes may have on future earnings. The analysis is completed under normal and stressed market conditions.

allocations as well as to determine each business’s capital charge.

 A dynamic annual net interest income forecast is

9.4

Trading book market risk positions
trading book market risk exposures arise mainly from client transactions with limited trading for the group’s own account. Table 29 shows the aggregated historical VaR for the group’s trading positions. The maximum and minimum VaR amounts show the bands in which the values at risk fluctuated during the periods specified.

 In line with the strategy and structure of the group,

9.3.6

Economic value of equity economic value of equity is the preferred measure for determining long-term sensitivity to interest rate changes. However, the cash flows of certain asset and liability classes, in particular those associated with ambiguous maturity behaviour, are highly dependent on the underlying assumptions. To reduce the margin for error, the sensitivity of equity is calculated as the expected change in net interest income over a five?year horizon, given a considered rate shock, and is stated in present value terms.

 By capturing all expected future cash flows,

 VaR models have been approved by the regulators for all South African trading units except exotics and specific risk on interest rates. Standard Bank Plc has regulatory model approval for its resource banking, local markets and credit trading businesses and applications for its remaining businesses have been submitted.  For the six months ended 30 June 2010, trading desks ran relatively low levels of market risk, resulting in low VaR utilisation, despite a spike in market volatility in early May 2010.

9.3.7

Economic capital all categories of market risk-sensitive capital Table 29: Trading book VaR analysis by market variable

 Economic capital methodologies are used to calculate

Nominal VaR Maximum Rm June 2010 Commodities Forex Equities Debt securities Diversification benefits Aggregate December 2009 Commodities Forex Equities Debt securities Diversification benefits2 Aggregate
1

1

Minimum1 Rm

Average Rm

Closing Rm

42,1 17,2 18,7 63,9
2

22,8 6,6 11,2 40,4 50,9

30,1 9,6 15,6 48,7 (40,1) 63,9

22,8 9,1 11,2 45,3 (32,6) 55,8

78,8

38,5 17,4 18,3 82,8 110,7

13,2 4,2 3,7 46,4 50,7

24,9 8,0 9,1 60,3 (31,9) 70,4

30,5 6,8 9,6 55,0 (18,8) 83,1

 he maximum and minimum VaR figures reported for each market variable do not necessarily occur on the same days. As a result, the aggregate VaR T will not equal the sum of the individual market VaR values, and it is inappropriate to ascribe a diversification effect to VaR when these values may occur on different dates. 2 Diversification benefit is the benefit of measuring the VaR of the trading portfolio as a whole, that is, the difference between the sum of the individual  VaRs and the VaR of the whole trading portfolio.

44

Standard Bank Group risk management report for the six months ended June 2010

9.4.1

Analysis of trading revenue losses in 2009 and 2010. It captures trading volatility and shows the number of days in which the group’s trading-related revenues fell within particular ranges. The distribution is positively skewed with no material negative outliers. In the six months ended 30 June 2010, the daily trading profit or loss was positive for 115 out of 127 days, whereas in 2009, the daily trading profit or loss was positive for 121 out of 128 days. Graph 12: Distribution of daily trading units
Frequency of trading days

calculates and maintains economic capital in support thereof. 9.5.2 Interest rate risk measurement book interest rate risk include both earnings and valuation-based measures. Results are monitored on at least a monthly basis by the relevant ALCOs. The analysis takes cognisance of embedded optionality such as loan prepayments and in respect of other accounts where the behaviour differs from the contractual position.  The results obtained from forward-looking dynamic scenario analyses, as well as Monte Carlo simulations, assist in developing optimal hedging strategies on a risk-adjusted return basis. Desired changes to a particular interest rate risk profile are achieved through the restructuring of on-balance sheet repricing and/or maturity profiles and, where appropriate, the use of derivative instruments. 9.5.3 Interest rate risk limits in forecast net interest income and the economic value of equity. Economic value of equity sensitivity is calculated as the net present value of aggregate asset cash flows less the net present value of aggregate liability cash flows. 9.5.4 Economic capital economic capital required to absorb an unexpected

 Graph 12 shows the distribution of daily income and

 The analytical techniques used to quantify banking

60 50 40 30 20 10 0

 Interest rate risk limits are set in respect of changes
<-30 -30 to 0 0 to 30 30 to 60 60 to 90 >90 Daily trading revenue (Rm)

? June 2009

? June 2010

9.5

Interest rate risk in the banking book
involves managing the potential adverse effect of interest rate movements on net interest income and the economic value of equity.

 Banking book-related market risk exposure principally

 Earnings at risk forms the basis for calculating the reduction in earnings, as a result of interest rate changes. 9.5.5 Analysis of banking book interest rate sensitivity equivalent sensitivity of the group’s net interest income and equity in response to a parallel yield curve shock, before tax. Hedging transactions are taken into account while other variables are kept constant.

9.5.1

Framework and governance risk is governed by applicable laws and regulations, and is guided by international best practice and the competitive environment in which the group operates. Banking book interest rate risk is managed centrally by the group’s treasury operations under supervision of the local ALCO. Each banking entity in the group manages this risk on a stand-alone basis and also

 The group’s approach to managing interest rate

 Table 30, on the following page, indicates the rand

Standard Bank Group risk management report for the six months ended June 2010

45

Risk management continued

Table 30: Interest rate sensitivity analysis Rand June 2010 Increase in basis points Sensitivity of annual net interest income Sensitivity of equity Decrease in basis points Sensitivity of annual net interest income Sensitivity of equity December 2009 Increase in basis points Sensitivity of annual net interest income Sensitivity of equity Decrease in basis points Sensitivity of annual net interest income Sensitivity of equity Rm Rm Rm Rm 200 1 463 159 200 (1 532) (159) 100 62 (65) 100 (36) 65 100 3 100 (2) 100 (3) 100 2 100 61 21 100 (68) (21) (1 635) (115) 1 585 115 Rm Rm Rm Rm 200 1 516 98 200 (1 627) (98) 100 14 (56) 100 52 56 100 (3) 100 2 100 3 100 (1) 100 90 35 100 (97) (35) (1 673) (77) 1 622 77 US dollar Sterling Euro Other Total

9.5.6

Hedging of the endowment risk turn in the economic cycle is hedged as and when it is considered opportune. Instruments including fixed-rate assets and interest rate swaps may be used to partially hedge and manage the endowment exposure.

investment and alliance committee approve investments in listed and unlisted entities, in accordance with delegated authority limits and allocated risk appetites. Periodic reviews and reassessments are undertaken on the performance of the investments. Accounting techniques and valuation methodologies are detailed in accounting policy 5 – financial instruments, in the December 2009 annual report. 9.6.2 Analysis of banking book equity exposures unlisted investments are approved by the appropriate equity governance committees in accordance with delegated authority limits. Market risk on investments is managed in accordance with the purpose and strategic benefits of such investments, rather than purely on mark?to-market considerations. Reviews and reassessments on the performance of the investments are undertaken periodically.

 The endowment risk emanating from the anticipated

9.5.7

Group risk diversification into account the fact that interest rate changes across currencies are unlikely to be perfectly correlated, is calculated quarterly. This consolidated view is used to obtain a strategic view of the group’s interest rate exposure.

 The group risk diversification benefit, which takes  As with trading book equity investments, listed and

9.6
9.6.1

Equity investments
Market risk on equity investments committees and Personal & Business Banking’s strategic

 Corporate & Investment Banking’s equity investment

46

Standard Bank Group risk management report for the six months ended June 2010

Table 31: Basel II equity positions in the banking book June 2010 Rm Fair value Listed Unlisted Total2
1 2

asset value currency risk management committee. This committee manages the risk according to existing legislation, South African exchange control regulations and accounting parameters. It takes into account naturally offsetting risk positions and manages the group’s residual risk by means of forward exchange contracts, currency swaps and option contracts. Hedging is undertaken in such a way that it does not interfere with or constrain normal operational activities. In particular, cognisance is taken of the need for capital held in offshore banking entities to fluctuate in accordance with risk-weighted assets, thereby preserving the capital adequacy in-country. The net asset value currency risk management committee meets regularly to reassess the hedging or diversification strategy in the event of changes in currency views.  Due to South African exchange control limitations, hedging activities are restricted to ensuring a diversified mix of foreign currency exposures in the group’s foreign subsidiaries.  Hedging of rand/foreign currency exposure is limited

December 20091 Rm

941 2 550 3 491

1 062 2 738 3 800

 estated, refer to page 9. R Banking book equity exposures are equity investments which  comprise listed and unlisted private equity and strategic investments, and do not form part of the trading book.

9.6.3

Accounting techniques and valuation  methodologies

 Financial instruments include all financial assets and liabilities held for liquidity, investment, trading or hedging purposes. Financial instruments are accounted for and valued in terms of accounting policy 5 – financial instruments in the December 2009 annual report.  Cumulative gains realised during the period from the sale or liquidation of equity positions in the banking book were R100,3 million (December 2009: R248,1 million).  Unrealised gains recognised directly into the balance sheet, from equity positions in the banking book, were R40,1 million (December 2009: R6 million loss).

and permitted only for planned and specific future investment-related cash flows.  The repositioning of the currency profile, which is

9.7

Foreign currency risk
risk arise as a result of the translation effect on the group’s net assets in foreign operations, intra-group and external foreign?denominated debt and foreigndenominated cash exposures.

coordinated at group level, is a controlled process based on underlying economic views of the relative strength of currencies. In terms of the foreign currency risk governance process outlined previously, the group does not ordinarily hold open exposures of any significance in respect of the banking book. Gains or losses on derivatives that have been designated in terms of either net investment or cash flow hedging relationships are reported directly in equity, with all other gains and losses on derivatives being reported in profit or loss.

 The group’s primary exposures to foreign currency

9.7.1

Framework and governance the management of foreign currency risk to the net

 The group capital management committee delegates

Standard Bank Group risk management report for the six months ended June 2010

47

Risk management continued

10.? Operational risk
10.1  esponsibility and approach to R operational risk management
which the group manages within acceptable levels through sound operational risk management practices. The group’s approach to managing operational risk is to adopt practices that are fit for purpose to suit the organisational maturity and particular business environments.  Executive management defines the operational risk appetite at a business unit and group level. This operational risk appetite supports effective decision making and is central to embedding risk management in business decisions and reporting.  The objective in managing operational risk is to establish sound control practices to increase the efficiency and effectiveness of the group’s resources, minimise losses and utilise opportunities. The group continues to manage operational risk on The Standardised Approach (TSA) in accordance with SARB approval granted in 2008. In addition to TSA, the group has implemented certain advanced practices, ensuring that it is in line with leading risk management practice. The intention is to migrate to the Advanced Measurement Approach (AMA) by 2012 and a project to make the transition from TSA to AMA was formalised at the beginning of 2009.  In accordance with leading practice, our comprehensive risk management approach involves identifying, assessing, managing, mitigating, monitoring and measuring the risks associated with our operations. The group framework defines the minimum requirements for operational risk management and is supported by specific policies and procedures. Business units implement the group framework, policies and procedures but may customise these to better suit their unique environments.  Both centralised and decentralised operational risk management functions are independent from business line management and work in partnership as 10.1.1  Operational risk is recognised as a distinct risk category

the second line of defence. Their role is to monitor, manage and report on risks to ensure operational risk exposure remains within the stated risk appetite as mandated by senior management and the board. These independent functions are also responsible for developing and implementing the operational risk management framework and for promoting sound risk management practices across the group. Business unit line management, as the first line of defence, is ultimately responsible for managing risks that arise.  The primary oversight body for operational risk is the group operational risk committee (GORC) which reports to GROC, the GRCMC and ultimately the board. The GORC is chaired by the group’s chief risk officer and includes representation from group functions and business units. The GORC is also responsible for the approval of group-level operational risk policies and methodologies.  Group internal audit is the group’s third line of defence and performs an independent review of the operational risk management framework, policies and practices to ensure that operational risk practices are implemented consistently across the group as operational risk management matures. Managing operational risk through a number of functions within the group’s risk divisions, including business continuity management, legal, information risk services, forensic services and operational risk governance. Operational risk management forms part of the day-to-day responsibilities of management at all levels. Qualitative and quantitative methodologies and tools are applied to identify and assess operational risks and to provide management with information for determining appropriate mitigating measures. These tools include: ?  a loss database of operational risk events categorised according to the Basel II business lines and operational risk event types;

 Independent monitoring of operational risk occurs

48

Standard Bank Group risk management report for the six months ended June 2010



?  a risk and control self-assessment process to analyse business activities and identify operational risks that could affect the achievement of business objectives. An effective risk and control self-assessment process is a key component of developing a risk profile and understanding the residual risk; and

entrenched governance process. The group continues to ensure that business continuity is managed in an effective manner through a framework of policies, procedures and tools to identify, assess, monitor, control and report such risks.  In 2009, the H1N1 influenza pandemic presented a new risk to the group, which warranted a swift response in mitigating exposure to threats posed by the pandemic. This focus continued well into 2010 as the risk remained relevant due to the influx of visitors to the country. Business units have now incorporated the effects of pandemic spread into their respective continuity plans.  Awareness campaigns remain a critical tool in driving a business continuity culture across the group. The group will continue to enhance and develop operational resilience to meet evolving business priorities. 10.1.3 Information risk management intentional unauthorised use, modification, disclosure or destruction of information resources, resulting in compromised confidentiality, integrity or availability of information. Information risk management deals with all aspects of information in its physical and electronic forms. It focuses on the creation, use, transmission, storage, disposal and destruction of information.  The growing dependence on information and the systems that carry it, coupled with the risks, benefits and opportunities these resources present, have made information risk an increasingly critical facet of overall risk management for the group.



?  key risk indicators which are used to manage operational risk on an ongoing basis. Key risk indicators contribute to an assessment of the operational risk profile. The main purpose is to assist management by providing an early-warning indicator of potential risk exposures and/or a potential breakdown of controls.

 Our insurance process and requirements are the responsibility of the group insurance committee. An insurance framework guides the organisation on the optimal use of insurance as a risk transfer mechanism. 10.1.2 Business continuity management component of the group’s risk management

 Information risk is defined as the risk of accidental or

 Business continuity management is an integral framework. The various business units are continually exposed to deployment of updated methodologies as well as testing and training to ensure increased capability to deal with interruptions to business. This is achieved through active assessment of the changing business environment, reference to and incorporation of updated and emerging best practice standards worldwide, pre-planned simulation and desktop assessments and interrogation of identified risks and threats to the operational continuity of the group.  Contingency and recovery plans for core services, key systems and priority business processes have been developed and are revisited as part of existing management processes to ensure that continuity strategies and plans remain relevant.  The group’s business continuity strategy is structured to ensure strong central monitoring and reporting and decentralised execution, and is supported by an

 Group information risk management proactively scans the regulatory landscape for developments that warrant specific initiatives to meet minimum legal requirements. A number of projects executed over the last year assisted in ensuring information risk practices were embedded in the group and informationrelated risks were mitigated. Some of the information risk?related initiatives conducted include:

Standard Bank Group risk management report for the six months ended June 2010

49

Risk management continued



?  developing

a

comprehensive

group-aligned

 Although the group has processes and controls in place to manage its legal risk, failure to manage risks effectively could result in legal proceedings impacting the group adversely, both financially and reputationally.

strategy and tactical plan to drive the information risk management programme throughout the group; ?  establishing metrics and processes to ensure compliance programmes; ?  business impact analysis of the impending Protection of Personal Information Bill; ?  information risk management and, in particular, information security awareness, education and training programmes; and ?  developing and reviewing information risk management policies, standards and procedures. 10.1.4 Financial crime control approach to fraud and corruption. As such the group has recognised the need to treat financial crime holistically and has established a group financial crime control unit to ensure the proactive prevention, detection and reporting of all financial crime to mitigate economic loss, reputational risk and regulatory sanction in the group.  Financial crime includes fraud, money laundering, violent crime and misconduct by staff, customers, suppliers, business partners and third parties. The financial crime control unit aims to continue leveraging relationships with internal and external partners to further strengthen the control environment and effectively combat financial crime. and provide feedback on the

10.3

Environmental risk
management programme, which aims to create a consistent approach to environmental and social risk management within the group’s operations and indirectly through responsible lending. Many of our environmental risks and opportunities arise from lending and transaction processes.

effectiveness of information risk management

 Environmental risk falls within the group sustainability

 Environmental risk is governed by the safety, health and environmental risk oversight committees which comprise executive representation from various divisions across the group. Group sustainability management sets the strategic direction, oversees implementation and reviews and assesses performance and compliance.  The group formally adopted and integrated the Equator Principles in 2009 into its project finance deal assessment processes and conducted staff training on the principles across the investment banking business. The Equator Principles are based on the International Finance Corporation performance standards on social and environmental sustainability, and on the World Bank Group’s environmental, health and safety general guidelines. The group applies the Equator Principles’ screening, assessment and monitoring procedures to all new project finance deals above USD10 million. Over time, environmental and social risk management approaches will be applied across a wider set of financial transactions.  Raising awareness and training will be an ongoing element of managing environmental risk and identifying opportunities and business solutions to global environmental and social concerns.

 The group remains committed to a zero tolerance

10.2


Legal risk
Legal risk arises where: ?  the group’s businesses or functions may not be conducted in accordance with applicable laws in the countries in which it operates;



?  incorrect application of regulatory requirements takes place; ?  the group may be liable for damages to third parties; and ?  contractual obligations may be enforced against the group in an adverse way, resulting from legal proceedings being instituted against it.

10.4

Taxation risk
loss, financial or otherwise, as a result of the application of tax systems, whether in legislative systems, rulings

 Taxation risk is the possibility of suffering unexpected

50

Standard Bank Group risk management report for the six months ended June 2010

or practices, applicable to the entire spectrum of taxes and other fiscal imposts to which the group is subject.  In terms of the group tax policy the group will fulfil its responsibilities under tax law in each of the jurisdictions in which it operates, whether in relation to compliance, planning or client service matters. Tax law includes all responsibilities which the group may have in relation to company taxes, personal taxes, capital gains taxes, indirect taxes and tax administration.  Compliance with this policy is aimed at ensuring that the group: ?  pays neither more nor less tax than tax law requires, in the context of the group’s operations; ?  continually reviews its existing operations and planned operations in this context; and ?  ensures that, where clients participate in group products, these clients are either aware of the probable tax consequences, or are advised to consult with independent professionals to assess these consequences, or both.  The framework to achieve compliance with the group tax policy comprises four elements: ?  tax risk – identification and management of tax risk; ?  human resources – an optimal mix of staffing and outsourcing; ?  skills development – methods to maintain and improve managerial and technical competency; and ?  communication – communication of information affecting tax within the group.  Good corporate governance in terms of tax requires that each of these framework elements be in place. The absence of any one of these elements would seriously undermine all others.

10.5

Occupational health and safety
other stakeholders is a priority and the group aims to identify and reduce the potential for accidents or injuries in all its operations. Training of health and safety officers and staff awareness is an ongoing endeavour. Standards that support uniform health and safety requirements across all group operations are being developed. The focus on health and safety is closely linked to employee wellbeing and the group’s efforts to attract, retain and develop skilled and talented employees.

 The health and safety of employees, customers and

 Comprehensive information on the group’s initiatives in this regard is available in the sustainability report on the group’s website.

10.6
10.6.1

Compliance risk
Definition sanctions, financial loss or loss to reputation that the group may suffer as a result of its failure to comply with all laws, regulations, codes of conduct and standards of good practice applicable to its financial services activities.

 Compliance risk is the risk of legal or regulatory

10.6.2

Approach to compliance risk management risk is proactive and premised on internationallyaccepted principles of risk management. It is also aligned with other group risk type methodologies. Group compliance supports business in complying with current and emerging regulatory developments, including money laundering and terrorist financing control, identifying and managing market abuse and mitigating reputational risk.

 The group’s approach to managing compliance

10.6.3  Identifying and managing tax risk is the primary objective of the group tax function, and this objective is achieved through the application of a tax risk matrix approach which measures the fulfilment of tax responsibilities against the specific requirements of each category of tax to which the group is exposed, in the context of the various types of activity the group conducts.

Framework and governance risk management activity overseen by the group chief compliance officer, who has unrestricted access to the chief executive of the group and to the chairman of GAC. The group chief compliance officer reports independently to the GAC.

 Compliance risk management is an independent core

Standard Bank Group risk management report for the six months ended June 2010

51

Risk management continued

 The group’s compliance framework is based on the principles of effective compliance risk management as required by the South African Banks Act, 1990, as well as international policy-making bodies. Group compliance is responsible for assisting the group in mitigating compliance risk by maintaining an effective compliance risk management framework, while business unit compliance functions are responsible for assisting senior management in effectively managing the compliance risks faced by the respective business units. Business unit compliance heads have reporting responsibilities to the group chief compliance officer.  Heads of compliance have a duty to report compliance issues to the group compliance committee, a subcommittee of the GROC. Significant or material issues are also escalated to the GAC and the GRCMC, as appropriate. To support legislative requirements and the group’s approach to compliance risk management, ongoing monitoring is undertaken to ensure adherence to the group compliance policy and standards. 10.6.4 Regulation and supervision across multiple jurisdictions. Supervision is undertaken by host country regulators as well as various regulatory bodies in South Africa. The group’s primary regulator is the BSD of SARB which supervises the group on a consolidated basis. The group chief compliance officer engages with the BSD on a regular basis, as well as with regulators in other jurisdictions on a targeted basis.  South African financial services supervisory bodies include the Financial Services Board which regulates the non-banking aspects of the financial services industry in South Africa, the Financial Intelligence Centre which oversees money laundering and terrorist financing control, and various regulatory bodies relating to financial markets. The National Credit Regulator is responsible for the regulation of the South African credit industry.  Key international regulators include the United Kingdom Financial Services Authority, the Hong Kong Monetary Authority and the central banks of Argentina 10.6.5

and Nigeria, as well as the regulators in each African jurisdiction in which we operate.  The details of relevant South African and host country regulators, including key legislation impacting our business, are available in the Standard Bank Group sustainability report which can be accessed on the group’s website.  Regulatory developments are critical to our business planning processes. To support open and positive engagement with regulators in South Africa, an oversight committee comprising senior executives has been established to ensure a coordinated strategic approach to the regulatory and legal environment, as well as to interfacing with regulators, industry bodies, policy and law makers and other relevant stakeholders with regard to current and upcoming legislation.  Key regulatory developments during the first half of 2010 included those relating to the fair treatment of customers. Major developments in this regard are the implementation of the Consumer Protection Act, 2008, in the fourth quarter of 2010. The Financial Advisory and Intermediary Services Act has resulted in the implementation of new Fit and Proper requirements for those providing financial advice, and preparation for the Protection of Personal Information Bill is underway. The amended Companies Act is likely to be promulgated by the end of 2010. The recommendations of King III, published in the first quarter, are also being considered.  In line with market practice and targeted supervisory focus, the compliance function focuses on market conduct issues including, but not limited to, market abuse, personal account trading and conflicts of interest. A key focus area is the development of automated systems, as appropriate. Money laundering and terrorist financing control laundering and terrorist financing control imposes significant requirements in terms of customer identification, record keeping and training, as well

 The group operates in a highly regulated industry and

 Legislation across the group pertaining to money

52

Standard Bank Group risk management report for the six months ended June 2010

as obligations to detect, prevent and report money laundering and terrorist financing. The group is committed to continually improving its control measures, including customer monitoring tools. The group’s money laundering and terrorist financing control policy continues to be updated to reflect best practice expectations. 10.6.6 Compliance risk management training of current and emerging legislative and regulatory requirements and developments through induction programmes and ongoing training and awareness initiatives. These cover diverse topics such as treating customers fairly, money laundering and terrorist financing, market conduct and health and safety requirements, among others. A programme has also been put in place to enhance senior executives’ awareness of their roles and responsibilities with regard to regulatory expectations.  Staff are made aware of their responsibilities in terms

distribution for each business unit using historical management accounting data. This is based on a Monte Carlo simulation with the objective of deriving a net revenue or loss distribution from which economic capital may be determined at the 99,925% confidence level. Business units have a clear understanding of their value drivers that impact on their profitability. These are modelled as part of the planning and forecasting processes to assess sensitivity of changes in these value drivers on their business performance.  Business risk is governed by the group executive committee which is ultimately responsible for managing the costs and revenues of the group. In addition, mitigation of business risk is undertaken in a number of ways including: ?  comprehensive acquisitions); ?  stakeholder engagement to ensure positive outcomes from external factors beyond the group’s control; ?  consistently monitoring the profitability of product lines and customer segments; ?  maintaining tight control over the cost base of the group, including the management of its costto-income ratio. This allows for early intervention and management action to reduce costs where necessary; and ?  being alert and responsive to changes in market forces. due diligence during the investment appraisal process (in particular new

10.7

Business risk
compared to the cost base due to strategic and/or reputational reasons.

 Business risk relates to the potential revenue shortfall

 The group’s ability to generate revenue is impacted by, among others, the external macroeconomic environment, its chosen strategy and its reputation in the markets in which it operates.  The approach followed by the group in quantifying business risk is to estimate a net revenue or loss

Standard Bank Group risk management report for the six months ended June 2010

53

Risk management continued

11.? Reputational risk
 Reputational risk results from damage to the group’s image which may impair its ability to retain and generate business. Such damage may result from a breakdown of trust, confidence or business relationships. Safeguarding the group’s reputation is of paramount importance to its continued success and is the responsibility of every member of staff. The group will at all times strive to minimise reputational damage.  The group’s agreed values provide guidance on acceptable behaviours for all staff members, and provide structure and guidance for non-quantifiable decision making, thereby assisting in the management of the group’s reputation. The Standard Bank Code of Ethics defines the values in greater detail.  Each business unit, legal entity or support function executive is responsible for identifying, assessing and determining all reputational risks that may arise within their respective areas of business. Risks to reputation can be evaluated by considering the likelihood of the risk occurring and the likely impact. The impact of such risks is considered explicitly alongside financial or other impacts.  Matters identified as a reputational risk to the group will be reported to the group chief risk officer, who if required will escalate these matters to GROC.

12. Conclusion
 The global economy continues to be volatile and under stress, and our continued commitment to sound risk management has proved to be effective as reflected in our strong capital and liquidity position. We recognise that maintaining and continually enhancing our risk management capabilities will be critical in the months ahead to ensure that the group’s financial and strategic objectives are achieved within approved levels of risk appetite.

54

Standard Bank Group risk management report for the six months ended June 2010

Acronyms and abbreviations
AIRB ALCO AMA Basel BSD EAD FIRB FSB GAC GCC GCRC GORC GROC Group ICAAP IFRS IRB King III LGD ORM PD QRRE SARB SBSA SME SPE Tier I Tier II Tier III TSA VaR Advanced internal ratings-based approach Asset and liability committee Advanced Measurement Approach Basel Capital Accord Bank supervision department Exposure at default Foundation internal ratings based approach Financial Services Board Group audit committee Group credit committee Group country risk management committee Group operational risk committee Group risk oversight committee Standard Bank Group Internal capital adequacy assessment process International Financial Reporting Standards Internal ratings-based approach The third King report on corporate governance Loss given default Operational risk management Probability of default Qualifying revolving retail exposure South African Reserve Bank The Standard Bank of South Africa Small and medium enterprise Special purpose entity Primary capital Secondary capital Tertiary capital The standardised approach Value-at-risk

GRCMC Group risk and capital management committee

Standard Bank Group risk management report for the six months ended June 2010

55



doc_197773931.pdf