Pillar 3 Disclosure 2008

Transcription

1 Pillar 3 Disclosure 2008 rbs.com

2 Pillar 3 Disclosure 03 Background 05 Scope of application 06 Capital and risk management 09 Credit risk Credit risk management 10 Credit risk by IRB approach 14 Credit risk by standard approach 24 Credit risk ABN AMRO Counterparty credit risk 31 Securitisation 35 Market risk 38 Operational risk 40 Additional disclosures Significant subsidiaries 40 Past due and impaired assets 43 Non-trading book exposures in equities 45 Interest rate risk in the banking book Appendix 1

3 Forward-looking statements This document contains certain forward-looking statements within the meaning of Section 27A of the US Securities Act of 1933 and Section 21E of the US Securities Exchange Act of 1934 with respect to the financial condition, results of operations and business of The Royal Bank of Scotland Group plc ( the Group ). Generally, words such as may, could, will, expect, intend, estimate, anticipate, believe, plan, seek, continue or similar expressions identify forward-looking statements. Any forward-looking statements set out herein represent the Group s expectations or beliefs concerning future events and involve known and unknown risks and uncertainty that could cause actual results, performance or events to differ materially from those expressed or implied in such statements. For example, certain of the market risk disclosures, some of which are only estimates and, therefore, could be materially different from actual results, are dependent on key model characteristics and assumptions and are subject to various limitations. For further risks and uncertainties that may impact the Group and the statements set out in this document, please read its Annual Report and Accounts for the year ended and any other interim or update information published by the Group, including information furnished to the SEC on Form 6-K. Any forward looking statements set out herein speak only as at the date of this document. Except as required by the FSA, the London Stock Exchange or other applicable law or regulation, the Group does not have any obligation to update or revise publicly any forward looking statement, whether as a result of new information, further events or otherwise, and expressly disclaims any obligation to do so. Basis of disclosure The Pillar 3 disclosures being made by the Group comply with the FSA Handbook (BIPRU 11). They should be read in conjunction with the 2008 Report and Accounts, published in March There are important differences between the accounting and Basel disclosures, which can be summarised as follows: The Basel II disclosures represent a regulatory, rather than an accounting consolidation. Various businesses (for example insurance) are included in the latter, but not in the former. Therefore, these disclosures may not be comparable to other external disclosures made by the Group. The definition of exposure differs between Basel II and accounting. The Basel II definition used in the Pillar 3 disclosures is exposure at default (EAD) rather than the balance sheet or drawn balance plus mark-to-market, as used in the 2008 Report and Accounts. Unlike accounting, it is not always possible to aggregate the disclosures across the different Basel II approaches to obtain a Group view. This is particularly important for the credit risk disclosures. The disclosures relate to the position through 2008, specifically the business as at. The comments relate to the business structure, governance and risk management approach at that date. Comparatives have not been shown as the first year of Basel II adoption was In future disclosures comparative data will be shown where appropriate. The information has not been subject to external audit. Whilst the Group has participated in discussions at the British Bankers Association and other trade bodies, it is likely that disclosures made by other banks, especially outside the UK, will not be directly comparable. 2

4 Background The Basel II framework was implemented in the European Union (EU) through the Capital Requirements Directive (CRD). The framework is based around three Pillars: Pillar 1 Minimum capital requirements: defines rules for the calculation of credit, market and operational risk. Pillar 2 Supervisory review process: requires banks to undertake an Individual Capital Adequacy Assessment Process (ICAAP) for other risks. Pillar 3 Market discipline: requires expanded disclosures to allow investors and other market participants to understand the risk profiles of individual banks. Banks are required to disclose all their material risks as part of the Pillar 3 framework. Some of these requirements have already been satisfied within the Group s 2008 Annual Report and Accounts, also available on the Group's website. The 2008 Report and Accounts includes a range of Group and divisional risk factors and provides in-depth analysis on the specific risks to which the Group is exposed. These Pillar 3 disclosures provide additional information over and above the Group s 2008 Report and Accounts. Specifically, Pillar 3 provides additional information on the minimum capital requirements under Pillar 1. Liquidity risk, which does not form part of the minimum capital requirements, is discussed on pages 103 to 107 of the Group s 2008 Report and Accounts. Disclosures on credit market exposures are also published as part of the 2008 Report and Accounts on pages 122 to 144. The Group adopted Basel II on 1 January 2008, in line with the EU timescales. Pillar 1 Minimum capital requirements Basel II requires risk -weighted assets (RWAs) to be calculated for credit, operational and market risk with various approaches available to banks, with differing levels of sophistication. Minimum capital requirements are calculated as 8% of RWAs. Minimum capital requirements Credit risk Market risk Operational risk Non-Retail - Standardised - Foundation IRB - Advanced IRB Retail - Standardised - Retail-IRB Counterparty Credit Risk - Mark to market - Internal models method - Standardised Asset Securitisation - Rating based approach - Internal assessment approach - Supervisory formula Enhancement to 1996 Market Risk Amendment Approaches : - Basic indicator - Standardised - Advanced measurement Application in the Group For credit risk, the majority of the Group uses the Advanced Internal Ratings Based Approach (IRB) for calculating RWAs, making the Group one of the small number of banks whose risk systems and approaches have reached the required standards. The Group manages market risk in the trading and non-trading (treasury) portfolios through the market risk management framework. The framework includes VaR limits, backtesting, stress testing, scenario analysis and position/sensitivity analysis. For operational risk the Group uses The Standardised Approach (TSA) which calculates operational risk RWAs based on gross income. The Group is considering adopting the Advanced Measurements Approach (AMA) for all or part of the business. 3

5 Background continued Pillar 2 Supervisory review process Pillar 2 focuses on risks either not adequately covered in, or excluded from, Pillar 1. The first part of Pillar 2 is the Group Board s assessment of capital requirements, over the short and long term (ICAAP). The ICAAP is followed by in-depth discussions between the Group and regulators on the appropriate capital levels (this second stage is called the Supervisory Review and Evaluation Process or SREP). For the Group, Pillar 2 currently focuses on pension fund and interest rate risk in the banking book (IRRBB), together with stress tests to assess the adequacy of capital across a range of economic scenarios and time periods. Whilst IRRBB forms part of these Pillar 3 disclosures, pension fund risk is discussed in the Group s 2008 Report and Accounts on page 121. Pillar 3 Market discipline The approach to disclosures, both internally and externally has been enhanced, with expanded Board level risk reporting providing greater focus on current and emerging issues. Externally, the Group s discussion on risk and capital management has been expanded, to reflect feedback and satisfy good market practice, as articulated by accounting standards, the Financial Stability Forum and Committee of European Banking Supervisors (CEBS) proposals on bank transparency. The Board is committed to delivering best in class risk and capital disclosures, to ensure that stakeholders understand the risks inherent within the Group. The Pillar 3 disclosures, published as part of the Basel framework, represent a further enhancement of the Group s disclosures which, in totality, are designed to encourage market transparency and stability. The Board intends to publish Pillar 3 on an annual basis, in line with the timescales required by the EU CRD. The Group s various subsidiaries in Europe will publish capital and risk weighted asset data externally through an appropriate mechanism (website, annual reporting statements etc), thereby satisfying the CEBS requirements for member state disclosures. Outside the EU, local subsidiaries may make additional disclosures under Pillar 3, as required by their local regulators. The Group has participated in the British Bankers Association drive towards consistent Pillar 3 disclosures for UK banks wherever possible. Footnotes have been added to the data tables to ensure transparency of the approaches adopted in these disclosures. At the EU and global level, different definitions and assumptions will make direct comparison difficult. ABN AMRO and Basel ABN AMRO is fully consolidated in the financial results of the Group. For further details, see the 2008 Annual Report and Accounts. With regard to Basel, ABN AMRO effectively remains on Basel I until the end of Each consortium member is currently working on their own implementation of the Basel II framework, in line with their chosen approach and philosophy. Unless explicitly stated, ABN AMRO is excluded from the data tables. Where it is disclosed, data is typically included on a Basel I basis unless otherwise stated. As part of the ABN AMRO integration process some assets have migrated to Group portfolios and are therefore included in the Basel II disclosures. Group Internal Audit undertook a review to assess the adequacy and effectiveness of the controls over the systems and processes to produce the Pillar 3 disclosures. The purpose of Group Internal Audit s review was to provide management with assurance over the Pillar 3 disclosure process controls to satisfy regulatory requirements and to prevent material misstatement. 4

6 Scope of application The Royal Bank of Scotland Group plc is the parent undertaking for all authorised firms in the Group and is subject to consolidated supervision by the Financial Services Authority (FSA). The Pillar 3 disclosure has been prepared for the Group in accordance with BIPRU Chapter 11 of the FSA handbook. A summary of the structure of the Group for regulatory reporting purposes is as follows. The Royal Bank of Scotland Group plc The Royal Bank of Scotland Group plc Deconsolidated Subsidiaries The Royal Bank of Scotland Group plc Subsidiaries ABN AMRO Bank and Subsidiaries RBS Insurance Group Limited RBS Group Insurance Services Limited (excl. Lombard Direct Home Insurance Services Limited) RBS Life Holdings Limited The Royal Bank of Scotland plc RBSG Capital Corporation ABN AMRO Bank NV Adam & Company Group PLC National Westminster Bank Plc The Royal Bank of Scotland plc Subsidiaries Overseas Authorised Banks Principal Entities: Citizens Financial Group Inc The Royal Bank of Scotland International Limited Isle of Man Bank Limited Ulster Bank Limited Coutts & Company National Westminster Bank Plc Subsidiaries National Westminster Bank Plc Subsidiaries Overseas Authorised Banks RBS Coutts Bank Limited Adam & Company PLC Adam & Company PLC Subsidiaries Ulster Bank Limited Subsidiaries Overseas Authorised Banks First Active Ulster Bank Ireland Limited Regulatory and statutory consolidations Control Inclusion of an entity in the statutory consolidation is driven by the Group s ability to exercise control over that entity. The regulatory consolidation applies the same test but is restricted to certain categories of entity non-financial companies and insurers are excluded from the regulatory consolidation. In addition, certain special purpose entities are excluded from the regulatory consolidation in accordance with FSA rules. Significant influence or joint control Where the Group does not have control of an entity but has more that 20% of the votes or capital in that entity, then it must be included in the regulatory consolidation on a pro rata basis unless it falls into one of the excluded categories or the Group has agreed a different treatment with the FSA. Such entities will only be included in the statutory consolidation on a pro rata basis where the Group has joint control. Entities where the Group has significant influence will be equity accounted in the statutory consolidation. Solo-consolidation, impediments to the transfer of capital resources and aggregate capital deficiency Individual firms within the Group apply the provisions laid down in BIPRU 2.1 (solo-consolidation waiver) in a limited number of cases only. At, The Royal Bank of Scotland plc had four soloconsolidated subsidiaries whilst National Westminster Bank Plc had eleven solo-consolidated subsidiaries. The waiver is only used where the business is an extension of the parent bank s activities undertaken through a subsidiary for commercial reasons and which requires soloconsolidation to ensure that there are no adverse consequences to the capital ratios. The Group operates on an integrated basis with all Group companies being subject to policies, governance and controls that are set centrally. Aside from the need to ensure that regulated Group subsidiaries maintain adequate capital to meet their regulatory requirements, there are no current or foreseen material, practical or legal impediments to the transfer of capital or repayments of liabilities when due. There were no capital deficiencies (defined as the amount where the actual capital resources are less than the required minimum) in respect of subsidiaries not included in the Group consolidation. 5

7 Capital and risk management Governance Risk and capital management strategy is owned and set by the Group s Board of Directors, and implemented by executive management led by the Group Chief Executive. There are a number of committees and executives that support the execution of the business plan and strategy, as set out below: Group Board of Directors Group Executive Management Committee Group Audit Committee Advances Committee Executive Risk Forum Group Credit Committee Group Asset and Liability Management Committee Group Risk Committee The role and remit of these committees is as follows: Committee Focus Membership Group Audit Committee Financial reporting and the application of accounting Independent non-executive directors (GAC) policies as part of the internal control and risk assessment process. GAC monitors the identification, evaluation and management of all significant risks throughout the Group. Advances Committee Deals with transactions that exceed the Group Credit Members of GEMC (AC) Committee s delegated authority and large exposures. Group Chief Credit Officer Group Executive Ensures implementation of strategy consistent with risk Business and function heads, as determined by the Management Committee appetite. Group Chief Executive/Board (GEMC) (1) Executive Risk Forum Acts on all strategic risk and control matters across Group Chief Executive (ERF) the Group including, but not limited to, credit risk, Group Finance Director market risk, operational risk, compliance and regulatory Group Chief Risk Officer risk, enterprise risk, treasury and liquidity risk, Chairman, Regional Markets reputational risk, insurance risk and country risk. Chief Executive, RBS UK Chief Executive, Global Banking & Markets Group Risk Committee Recommends limits and approves processes and Group Chief Risk Officer (GRC) policies to ensure the effective management of all Group head of each risk type material risks across the Group. Group Treasurer Chief Executive and Chief Risk Officer from each division Group General Counsel and Group Secretary Group Chief Economist Group Credit Committee Approves credit proposals under the authority Members as determined by GEMC (GCC) delegated to the committee by the Board and/or the Advances Committee. Group Asset and Liability Identifies, manages and controls the Group balance Group Finance Director Management Committee sheet risks. Chairman/Chief Executive from each division (GALCO) Group Treasurer Group Chief Risk Officer Heads of Group functions 6

8 Capital and risk management continued Management responsibilities All employees have a role to play in the day to day management of capital and risk which is set and managed by specialist staff in: Risk management: credit, market, operational, regulatory, enterprise and insurance risk, together with risk analytics. Group Treasury: balance sheet, capital management, intra-group exposure, funding, liquidity and hedging policies. Independence underpins the approach to risk management, which is reinforced through the Group by appropriate reporting lines. Risk management and Group Treasury functions are independent of the revenue generating business. As part of the move toward greater functional independence, the divisional chief risk officers have a direct reporting line to the Group Chief Risk Officer. Group Internal Audit supports the Group Audit Committee in providing an independent assessment of the design, adequacy and effectiveness of the internal controls. Capital management The Group aims to maintain appropriate levels of capital, in excess of regulatory requirements, that ensures the Group`s capital position remains appropriate given the economic and competitive environment. Capital adequacy and risk management are closely aligned. The Group undertakes regular assessments of its internal capital requirement, based on a quantification of the material risks to which it is exposed. Capital allocation As part of the annual planning and budgeting cycle, each division is allocated capital based on RWAs and associated regulatory deductions. The budgeting process considers risk appetite, available capital resources, stress testing results and business strategy. The Group s capital budget is agreed by the Board and allocated to divisions to manage their allocated RWAs. Group Treasury and the Group Asset and Liability Committee monitor actual utilisation of capital by tracking availability and utilisation by divisions. GALCO also makes the necessary decisions around reallocation of budget and changes in RWA allocations. Minimum capital and RWAs Whilst disclosure of RWAs is not a requirement of Pillar 3, RWAs are included in the following table as they remain an important part of the internal management information used by the Group. The following table analyses the Group s total RWAs and minimum capital by risk type. Minimum capital RWAs requirement (1) Risk type m m Credit and counterparty risk 612,478 48,999 Market risk 46,461 3,717 Operational risk 36,851 2, ,790 55,664 Note: (1) Minimum capital requirement is defined as 8% of the RWAs. 7

9 Capital and risk management continued The following table shows the Group s capital resources under Pillar 3. This differs from Pillar 1 regulatory capital where innovative capital is shown under Tier 1 capital whereas under Pillar 3 it is part of Tier 2 capital. 31 December 2008 Composition of regulatory capital m Tier 1 Ordinary shareholders equity 45,525 Minority interests 21,619 Adjustments for: Goodwill and other intangible assets continuing (20,049) Unrealised losses on available-for-sale debt securities 3,687 Reserves arising on revaluation of property and unrealised gains on available-for-sale equities (984) Reallocation of preference shares and innovative securities (1,813) Other regulatory adjustments (362) Core Tier 1 capital 47,623 Preference shares 16,655 Tax on excess of expected losses over provisions 615 Material holdings (689) Expected loss less provisions (1,078) Securitisation positions (662) Total Tier 1 capital 62,464 Tier 2 Innovative Tier 1 securities 7,383 Reserves arising on revaluation of property and unrealised gains on available-for-sale equities 984 Collective impairment allowances 666 Perpetual subordinated debt 9,829 Term subordinated debt 23,162 Minority and other interests in Tier 2 capital 11 Less deductions from Tier 2 capital (2,429) Total Tier 2 capital 39,606 Tier Supervisory deductions Unconsolidated investments (4,044) Other deductions (111) Total deductions other than from Tier 1 capital (4,155) Total regulatory capital 98,175 The table below reconciles the Group s Pillar 1 (as shown in the 2008 Report and Accounts) and Pillar 3, Tier 1 capital as at : 31 December 2008 m Pillar 3 Tier 1 capital 62,464 Add: innovative tier 1 capital 7,383 Pillar 1 Tier 1 capital 69,847 Pillar 1 Tier 1 capital ratio 10.0% 8

10 Credit risk Credit risk is the risk arising from the possibility that the Group will incur losses from the failure of customers to meet their financial obligations to the Group. Objective The objective of credit risk management is to enable the Group to achieve a sustainable risk profile by maintaining credit risk exposure within acceptable, pre-defined parameters. The Group s credit risk function analyses credit portfolios and individual facilities across all divisions and maintains minimum standards for credit risk management throughout the Group. The application of the Group s credit risk policy standards ensure that all credit risk managers have a clear and thorough understanding of the Group s credit risk appetite and the minimum requirements that must be followed in the assessment, approval, monitoring and management of credit risk. Principles The key principles for credit risk management in the Group are as follows: A credit risk assessment of the customer and credit facilities is undertaken prior to approval of credit exposure. Typically, this includes both quantitative and qualitative elements including, the purpose of the credit and sources of repayment; compliance with affordability tests; repayment history; ability to repay; sensitivity to economic and market developments; and risk-adjusted return based on credit risk measures appropriate to the customer and facility type. Credit risk authority is specifically granted in writing to individuals involved in the granting of credit approval, whether this is individually or collectively as part of a credit committee. In exercising credit authority, individuals are required to act independently of business considerations and must declare any conflicts of interest. Credit exposures, once approved, are monitored, managed and reviewed periodically against approved limits. Lower quality exposures are subject to more frequent analysis and assessment. Customers with emerging credit problems are identified early and classified accordingly. Remedial actions are implemented promptly and are intended to restore the customer to a satisfactory status and minimise any potential loss to the Group. Stress testing of portfolios is undertaken to assess the potential credit impact of non-systemic scenarios and wider macroeconomic events on the Group s income and capital. Each division has established its own credit risk management framework consistent with that of the Group s. Divisional credit departments are responsible for maintaining their credit risk management framework and ensuring that asset quality is within agreed risk appetite. Divisional credit risk departments are independent of business management and have no direct responsibility or accountability for revenue generation. This independence is supported by the divisional head of credit having dual reporting lines to both the divisional Chief Executive Officer (by the way of the divisional Chief Risk Officer) and to the Group Chief Credit Officer. The Group Risk Committee and the Group Executive Management Committee reports on the Group s portfolios on a monthly basis. Structure and governance As at, the Group Risk Committee considers detailed reports of credit risk performance such as sector performance reports and monthly risk portfolio performance trend information. The committee also approves new credit risk policy standards which are material. The Group Credit Committee is responsible for approving material proposals to extend credit facilities in excess of those authorities delegated to divisional credit committees and will make recommendations to the Advances Committee for approval of facilities in excess of its own delegated authority. As part of their decision the committee approves the credit grade and facility LGD estimates in each proposal. Organisational changes will continue in 2009, to ensure a fully integrated approach to credit risk across the Group. Credit risk management works with business functions on the ongoing management of the credit portfolio, including decisions on mitigating actions taken against individual exposures or broader portfolios. 9

11 Credit risk continued Credit risk management Divisional Risk Management Committees focus on portfolio level decisions which drive credit quality, such as changes to policy and strategy, for example the setting of credit scorecard cut- offs, or divisional credit risk product policy standards. The divisional Risk Management Committees are also responsible for reviewing on going performance of the business and if necessary making or recommending adjustments to risk appetite. Each divisional credit department manages its own credit portfolio and maintains its own base of detailed divisional credit policy standards. Divisional Heads of Credit delegate authorisation of credit undertakings to divisional credit officers according to each individual officer s experience and capability. Credit approval process Different credit approval processes exist for each customer type which ensures that appropriate skills and resources are employed in credit assessment and approval: specialist credit risk teams within the Group Credit Risk function and divisional credit risk functions oversee the credit process independently, making credit decisions within their discretion, or recommending decisions to the appropriate credit committee. Assessments of borrower and transaction risk are undertaken using the application of credit risk models and/or credit analysis. financial market counterparties are approved by a dedicated credit function which specialises in traded market product risk. Specialist credit grading models exist for certain bank and financial institutions. Wholesale businesses Wholesale includes the following exposure classes; central governments and central banks, institutions, corporates, equities and securitisation positions. Wholesale risk limits are aggregated at the counterparty level to determine the level of credit approval required and to facilitate consolidated credit risk management. The credit approval process has two stages: assessment and decision. Credit applications for corporate customers are prepared by relationship managers in the units originating the credit exposures or by the relationship management team with lead responsibility for a counterparty, where a customer has relationships with different divisions and business units across the Group. This includes the assignment of credit grades and LGD estimates using approved models. For the more significant corporate exposures requiring credit committee approval, and where the obligor is graded using the large corporate grading model, the relationship managers are usually supported by specialist divisional counterparty analysis teams. The analysis functions are independent of the deal origination teams, and are responsible for providing a detailed financial report on the obligor group and assigning credit grades. They are staffed with accountants, ex-rating agency staff and highly experienced credit analysts. In all cases relationship managers are responsible for entering information into core credit risk systems for the calculation of LGD. Relationship managers complete data quality assertions in regard to the models used as part of their credit submission. Credit applications for banks and non bank financial institutions are prepared by the specialist teams with grading and LGD models. Credit applications are generally made in end to end credit systems. Following the approval of facilities, limits are marked approved in credit systems and, provided that conditions precedent are completed satisfactorily, the limits will be made available to front office systems. Daily monitoring of individual counterparty limits is undertaken. For certain counterparties early warning indicators are also in place to detect deteriorating trends of concern in limit utilisation or account performance. A framework is also in place to monitor changes in credit quality at the portfolio level. As a minimum, rerating is performed at annual review, as part of which the ongoing adequacy of security is assessed; and compliance with terms and conditions is examined. The credit grade and LGDs proposed as part of every credit application are reviewed by the credit department. This review considers explicitly whether the correct model has been used, whether the model inputs appear appropriate and whether the output adequately describes the risk. Retail businesses Retail includes the following exposure classes; retail secured by real estate collateral, qualifying revolving retail exposures and other retail exposures. The retail business makes a large volume of small scale credit decisions, typically involving an application for a new product or a change in facilities on an existing product. The majority of these decisions are based upon automated strategies utilising best practice credit and behaviour scoring techniques. Scores and strategies are typically segmented by product, brand and other significant drivers of credit risk. These data driven strategies utilise a wide range of credit information relating to a customer including, where appropriate, information across a customer s holdings. A small number (by volume) of credit decisions are subject to additional manual underwriting, for example higher value more complex small business transactions and some residential mortgage applications. Divisional risk management committees focus on portfolio level decisions which drive credit quality, changes to policy and strategy, and the setting of credit scorecard cut-offs. The divisional risk management committees are also responsible for reviewing on-going performance of the business and, if necessary, making or recommending adjustments to risk appetite. Definition of default The definitions of default used by the Group are as follows: wholesale businesses: the BIPRU unlikeliness to pay triggers and 90 days past due rule have been adopted within wholesale credit policy and modelling. Default is measured across all exposures to an obligor and in cases where a credit grade is cascaded to other obligor group members, the default grade will also serve to cross default those obligors. Where a cascaded grade has been applied it will serve to cross default to the parent where the grade has not been notched. 10

12 Credit risk continued retail businesses: credit risk measurement policy defines default as 90 days past due or unlikeliness to pay in full. Whilst BIPRU rules permit 180 days for non small medium sized enterprise portfolios, retail portfolios adopt a uniform 90 days past due definition. This facilitates consistency, and is closely aligned with operational default and the Group s impairment definition used in International Accounting Standards. Default is measured at the account rather than obligor level. Cross product data is shared through the behaviour score, application score or the use of credit bureau data/scores. Credit systems The Group operates a centralised risk data warehouse and reporting system. Divisional credit risk and finance data is fed through to this data warehouse on a transactional basis for wholesale exposures and on a pooled basis for retail exposures. This centralised system is used to deliver regulatory reporting, external disclosures and internal management reporting on credit risk. The scope of the data is primarily driven by RWAs, but is increasingly being enhanced to deliver additional risk management reporting on a consistent basis across the Group. Credit risk models Credit risk models are used throughout the Group to support the quantitative risk assessment part of the credit approval process, ongoing credit risk management, monitoring and reporting and portfolio analytics. Credit risk models used by the Group can be divided into three categories. Probability of default/customer credit grade (PD) These models assess the probability that a customer will fail to make full and timely repayment of their obligations. The probability of a customer failing to do so is measured over a one year period through the economic cycle, although certain retail scorecards use longer periods for business management purposes. wholesale businesses: each counterparty is assigned an internal credit grade which is in turn assigned to a default probability range. There are a number of different credit grading models in use across the Group, each of which considers risk characteristics particular to that type of customer. The credit grading models score a combination of quantitative inputs, such as recent financial performance and qualitative inputs, such as management performance or sector outlook. Scores are then mapped to grades within each model. Grades are calibrated centrally to default probabilities determined in accordance with the definition of default. Obligor grades can, under certain circumstances, be cascaded to other borrowing entities within the obligor group where there is sufficient dependence on the graded entity. Included in such models are grading models that cover customers or transactions categorised within BIPRU as specialised lending (e.g. certain categories of investment property and asset finance such as shipping and project finance). The credit grades for sovereign and central bank entities are assigned by a specialist country risk analysis team using a sovereign grading model. This team is independent of the origination function and is comprised of economists. Banking book equity transactions use the PD/LGD approach to capital calculation. Issuers are graded using the relevant corporate, financial institution or sovereign model. Where banking book equity issued by an existing borrowing customer is held, the customer s credit grade is also used to grade the equity. LGDs are fixed by BIPRU. retail businesses: each customer account is separately scored using models based on the most material drivers of default. In general, scorecards are statistically derived using customer data. Customers are assigned a score which in turn, is mapped to a probability of default. The probability of default is used for two main purposes. Firstly, within the credit approval process and ongoing credit risk management, monitoring and reporting. Secondly, customers are grouped into risk pools using the scored probability of default. Pools are then assigned a weighted average pool probability of default using regulatory default definitions. These weighted averages are used to determine regulatory capital requirements. Exposure at default (EAD) These models estimate the expected level of utilisation of a credit facility at the time of a borrower s default. For revolving and variable draw down type products the EAD will typically be higher than the current utilisation. The methodologies used in EAD modelling provide a conservative estimate of the potential exposure and recognise that customers may make more use of their existing credit facilities as they approach default. Unlike other credit risk models, the regulator has issued more direction to the industry in relation to acceptable EAD approaches for the IRB capital calculation. This includes rules that determine when exposures require an EAD, and when there is no exposure to report. counterparty credit risk exposure measurement: These models calculate the market driven credit risk exposure for products where the exposure is not based simply upon principal and interest due. These models are most commonly used for derivative and other traded instruments where the amount of credit risk exposure may be dependent upon one or more underlying market variables such as interest or foreign exchange rates. These models drive internal credit risk activities such as limit and excess management. Some are used for regulatory reporting; where this is not the case regulatory exposure calculation rules are used. Loss given default (LGD) These models estimate the economic loss that may be experienced by the Group on a credit facility in the event of default. The LGD represents the amount that cannot be recovered and is typically expressed as a percentage of the facility limit for wholesale portfolios, or as a percentage of the EAD for retail portfolios. The Group s LGD models take into account both borrower and facility characteristics for unsecured or partially unsecured facilities, as well as the quality of any risk mitigation that may be in place for secured facilities, plus the cost of collections and a time discount factor for the delay in cash recovery. Secured LGD models cover, for example, guarantees, credit derivatives, and eligible collateral (both physical and financial). 11

13 Credit risk continued Model review governance The Group Risk Analytics Model Review Team is responsible for independent oversight of wholesale and retail models and approaches. Two committees, the Wholesale Credit Model Committee and the Retail Credit Model Committee, have been established to review and challenge high, medium and low materiality models before approval by the appropriate Risk Committee and to approve low materiality models. These Committees comprise members of Group Risk and senior managers from within divisional credit risk. Models with high materiality are agreed by the Group Risk Committee and those of medium materiality are approved by the Group Models Committee, a sub committee of Group Risk Committee. The internal model process and governance arrangements are detailed below: Group Risk Committee Approve high materiality models Group Model Committee Approve medium materiality models Wholesale Credit Model Committee Retail Credit Model Committee Technical review of all models Approve low materiality models Model validation The performance and accuracy of credit models is critical, both in terms of effective risk management and also the calculation of risk parameters (PD, LGD and EAD) used by the Group to calculate RWAs. The models are subject to frequent validation internally and, if used as part of the IRB Basel II framework, have been reviewed and approved for use by the FSA. Independent model validation is performed by the Group. This includes an evaluation of the model development and validation for the data set used, logic and assumptions, and performance of the model analysis. Where required, the Group has engaged external risk management consultants to undertake independent reviews and report their findings to the Wholesale or Retail Credit Model Committee. This provides a benchmark against industry practices. The validation results are a key factor in deciding whether a model is recommended for ongoing use. The frequency, depth and extent of the valuation are consistent with the materiality and complexity of the risk being managed. The Group s validation processes include: Developmental evidence: to ensure that the credit risk model adequately discriminates between different levels of risk and delivers accurate risk estimates. Process verification: whether the methods used in the credit risk models are being used, monitored and updated in the way intended in the design of the model. Initial testing and validation is performed when the model is developed with the performance of models being assessed on an ongoing basis. Credit risk mitigation The Group employs a number of structures and techniques to mitigate credit risk. Netting of debtor and creditor balances is utilised under regulatory and internal policy and requires a formal agreement with the customer to net the balances and a legal right of set-off. Under market standard documentation net exposure on over the counter (OTC) derivative and secured financing transactions is further mitigated by the exchange of financial collateral. The Group enhances its position as a lender in a range of transactions, from retail mortgage lending to large wholesale financings by structuring a security interest in a physical or financial asset. Credit derivatives, including credit default swaps, credit linked debt instruments, and securitisation structures are used to mitigate the credit risk in its loan portfolio. Guarantees and similar instruments (e.g. credit insurance) from related and third parties are used in the management of credit portfolios typically to mitigate credit concentrations in relation to an individual obligor, a borrower group or a collection of related borrowers. 12

14 Credit risk continued Collateral valuation and management The use and approach to credit risk mitigation varies by product type, customer, and business strategy and reflects the risk appetite of the Group. To ensure that credit risk mitigation is effective it must be in place prior to the drawdown of facilities and actively monitored and reported. Minimum standards cover: general requirements including acceptable credit risk mitigation types and any conditions or restrictions applicable to those mitigants; the maximum loan to value percentages, minimum haircuts or other volatility adjustments applicable to each type of mitigant including, where appropriate, adjustments for currency mismatch, obsolescence and any time sensitivities on asset values; the means by which legal certainty is to be established, including required documentation and all necessary steps required to establish legal rights; acceptable methodologies for the initial and any subsequent valuations of collateral and the frequency with which they are to be re-valued (e.g. daily in the trading book); actions to be taken in the event the current value of mitigation falls below required levels; management of the risk of correlation between changes in the credit risk of the customer and the value of credit risk mitigation e.g. any situations where customer default materially impacts the value of a mitigant and applying a haircut or recovery value adjustment which reflects the potential correlation risk; management of concentration risks e.g. setting thresholds and controls on the acceptability of credit risk mitigants and in particular specialised businesses financing specific asset classes e.g. aircraft, shipping; and collateral management to ensure that credit risk mitigation is legally effective and enforceable. Primary types of collateral taken The following table outlines how different risk mitigants are incorporated into IRB risk parameters across both wholesale and consumer businesses. Credit risk mitigants LGD PD EAD/E* Real estate (commercial and residential) Other physical collateral Third party guarantee Credit derivative Parental guarantee (connected parties) Financial collateral (trading book) Financial collateral (non-trading book) Netting (on and off balance sheet) Receivables Life policies Credit insurance Real estate: the most common form of security held with the consumer and wholesale businesses. Financial collateral: is taken to support credit exposures in the nontrading book. Financial collateral is also taken to support trading book exposures and is incorporated in E* (adjustment to the exposure value) calculations. Other physical collateral: the Group takes a wide range of other physical collateral including; business assets (stock and inventory, plant and machinery, equipment), project assets, intangible assets which provide a future cashflow and real value, commodities, vehicles, rail stock, aircraft, ships and receivables (not purchased). Guarantees: third party guarantees are taken from banks, government entities, export credit agencies, and corporate entities. The Group s recovery value estimation methodology is sensitive to the variations in the credit quality of guarantors. Standby letters of credit are also given value in LGD models. Conditional guarantees are accepted, in accordance with internal requirements, and are included as appropriate in PD and LGD estimates (e.g. small firms loan guarantee schemes, completion guarantees). Personal guarantees are considered in the normal credit process where there is a change over specific assets. While personal guarantees may be called for and are always accepted, no value is given to unsupported personal guarantees in any credit models. Credit derivatives: all credit derivative activity is conducted through designated units to ensure consistency and appropriate control. Group policies are designed to ensure that the credit protection is appropriate to support offset for an underlying trading book asset or improvement to the LGD of a banking book asset. Within the banking book, credit derivatives are used as risk and capital management tools. The principal counterparties are banks, investment firms and other market participants, with the majority subject to collateralisation under a credit support annex. In accordance with internal policy, stress testing is conducted on the counterparty credit risk created by the purchase of credit protection. 13

15 Credit risk continued The following table analyses credit risk exposure and RWAs by approach. Minimum Credit RWAs capital post CRM(1) requirement Credit risk approach m m Advanced IRB 237,578 19,006 Standardised 107,596 8,609 Counterparty credit risk 61,087 4, ,261 32,502 ABN AMRO Basel I 206,217 16, ,478 48,999 Note: (1) Credit risk RWAs include both intra-group and non-customer assets. A detailed analysis of the Advanced IRB, standardised and Basel I approaches follows. The counterparty credit risk is analysed on page 29. Exposure as shown in these credit disclosures is defined as exposure at default (EAD). This is an estimate of the expected level of utilisation of a credit facility at the time of default and will be equal to or greater than the drawn exposure. Credit risk by IRB approach The following table shows the Group s RWAs and capital requirements by IRB exposure class. These balances include non-customer assets. Minimum Credit RWAs capital post CRM requirement IRB exposure class and sub-class m m Central governments and central banks Institutions 3, Corporates 153,287 12,263 Retail 57,907 4,632 Retail SME 14,837 1,187 Retail secured by real estate collateral 18,930 1,514 Qualifying revolving retail exposures 11, Other retail exposures 12, Equities 7, Exchange traded exposures 4, Private equity exposures 2, Other exposures 1, Securitisation positions 8, Non-credit obligation assets 5, ,578 19,006 14

16 Credit risk continued Gross IRB customer credit risk The following tables detail the Group s gross customer IRB credit risk by exposure class, geographic area, industry sector and residual maturity band. The gross customer exposure is shown as the exposure at default (EAD) before the application of credit risk mitigation (CRM), excluding products calculated under the counterparty credit risk approach. IRB gross average exposure at default Average EAD IRB exposure class EAD pre CRM (1, 2) pre CRM(3) m m Central governments and central banks 16,019 16,170 Institutions 16,683 21,247 Corporates 365, ,882 Retail 172, ,179 Equities 5,425 5,564 Securitisation positions 64,010 46,850 Non-credit obligation assets (4) 3,670 2, , ,043 Notes: (1) EAD pre CRM is before the application of on-balance sheet netting. (2) EAD excludes non-customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) Average is based on the last six months of (4) Non-credit obligation assets above refers to residual value of leases only. IRB gross exposure at default by geographic area (1, 2, 3) Western North Europe Asia Latin CEE Middle East IRB exposure class UK America (excl. UK) Pacific America Central Asia & Africa Total m m m m m m m m Central governments and central banks 8, ,458 1, ,019 Institutions 3,606 1,822 6,923 2, ,683 Corporates 175,870 46,151 99,444 18,875 11,742 3,429 10, ,900 Retail 145, , ,212 Equities 1, , ,425 Securitisation positions 14,832 23,943 13,584 3,791 7, ,010 Non-credit obligation assets (4) , , ,699 73, ,948 31,314 21,017 4,059 11, ,919 Notes: (1) EAD pre CRM is before the application of on-balance sheet netting. (2) EAD excludes non-customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) The geographic area is determined by the country of incorporation for companies and for individuals as the country of residence. (4) Non-credit obligation assets above refers to residual value of leases only. 15

17 Credit risk continued IRB gross exposure at default by industry sector (1, 2) Central Non governments credit and central Securitisation obligation(4) Industry sector (3) banks Institutions Corporates Retail Equities positions assets Total m m m m m m m m Agriculture and fisheries 2,340 1,655 3,995 Building and construction 63 20,243 1, ,037 Business services 11, ,883 Banks and building societies 2,986 16,589 1, , ,872 Financial intermediaries 1, , , ,792 Manufacturing 38, , ,738 Natural resources and nuclear 19 15, ,141 Personal 3, , ,950 Power, water and waste 20, ,941 Property 101,408 5, , ,454 Public sector and quasi government 10,674 11,213 2, ,247 Technology, media and telecommunications 20, ,676 Tourism and leisure 19 16,059 3,750 1, ,277 Transport and storage 53 36, ,612 40,468 Wholesale and retail trade ,247 3, , ,448 16,019 16, , ,212 5,425 64,010 3, ,919 Notes: (1) EAD pre CRM is before the application of on-balance sheet netting. (2) EAD excludes non-customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) Industry sectors are determined using Standard Industrial Classification (SIC) codes of the counterparty. (4) Non-credit obligation assets above refers to residual value of leases only. IRB gross exposure at default by residual maturity (1, 2, 3) Within(5) After 1 but After IRB exposure class 1 year within 5 years(5) 5 years Total m m m m Central governments and central banks 7,089 5,192 3,738 16,019 Institutions 12,431 3, ,683 Corporates 78, ,800 96, ,900 Retail 40,045 12, , ,212 Equities 5,425 5,425 Securitisation positions 34,198 11,171 18,641 64,010 Non-credit obligation assets (4) ,564 3, , , , ,919 Notes: (1) EAD pre CRM is before the application of on-balance sheet netting. (2) EAD excludes non-customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) The maturity bandings represent the residual contractual maturity. (4) Non-credit obligation assets above refers to residual value of leases only. (5) Revolving facilities are included in the within 1 year category. 16

18 Credit risk continued Asset quality of IRB customer credit risk The Group has adopted, as part of the move to Basel II, a new master grading scale for wholesale exposures which comprises 27 grades. These in turn map to ten asset quality (AQ) bands used for both wholesale and retail exposures. The relationship between these measures is shown below. PD Range Asset quality Master grading scale Lower Upper bands 1 0% 0.006% % 0.012% % 0.017% AQ % 0.024% % 0.034% % 0.048% AQ % 0.067% % 0.095% AQ % 0.135% % 0.190% % 0.269% AQ % 0.381% % 0.538% % 0.761% AQ % 1.076% % 1.522% AQ % 2.153% % 3.044% % 4.305% AQ % 6.089% % 8.611% % % AQ % % % % % % AQ % 100% % 100% AQ10 The following tables show the key parameters of the IRB RWA calculation for each of the exposure classes. They include over the counter derivatives and repo products which are also detailed in the counterparty credit risk disclosure, but exclude products where no PD exists such as securitisation positions and non-customer assets. Grouping of internal grades into AQ bands is undertaken for external reporting purposes only. Central governments and central banks by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 69, % 0.6% 14, % AQ % 390.1% AQ % 95.2% % AQ % 83.8% % AQ % 101.0% % AQ % 215.4% % AQ % 137.3% % AQ8 AQ9 AQ10/default 70, % 1.4% 14, % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. 17

19 Credit risk continued Institutions by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 84, % 17.3% 29, % AQ2 1, % 102.0% % AQ3 1, % 334.0% % AQ % 346.2% % AQ % 250.5% % AQ % 898.0% % AQ % 219.8% % AQ % 345.1% % AQ % 720.6% % AQ10/default (5) % 89, % 27.7% 31, % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. (5) Low risk weight in AQ10 caused by Best Estimate of Expected Loss (BEEL) methodology on defaulted assets, based on downturn LGD. This may result in a nil RWA for defaulted assets as we take a capital deduction equal to the difference in expected loss and provisions. (6) Conservatism added to institutional exposures to rebase RWAs, increasing exposure weighted average risk weights. Corporates by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 116, % 10.7% 64, % AQ2 24, % 14.4% 15, % AQ3 34, % 19.3% 17, % AQ4 68, % 31.9% 25, % AQ5 85, % 62.1% 18, % AQ6 61, % 78.3% 12, % AQ7 26, % 87.6% 5, % AQ8 6, % 129.2% 1, % AQ9 5, % 178.5% % AQ10/default (5) 9, % 3.2% % 439, % 42.9% 162, % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. (5) The low risk weight in AQ10 is caused by the BEEL methodology. 18

20 Credit risk continued Equities by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 AQ2 AQ3 3, % 106.0% AQ % 167.8% AQ5 AQ % 359.5% AQ % 325.3% AQ8 AQ % 555.4% AQ10/default (5) % 4, % 132.5% Equities calculated using simple risk weight approach Private equity exposures % % Other equity exposures % % 1, % % 5,425 Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. (5) The low risk weight in AQ10 is caused by BEEL methodology. Retail SME by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 AQ2 AQ3 AQ4 1, % 31.9% % AQ5 1, % 56.6% % AQ6 7, % 55.2% % AQ7 4, % 60.4% % AQ8 4, % 73.0% % AQ9 2, % 113.6% % AQ10/default 1, % 58.0% 23, % 64.3% 2, % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. 19

21 Credit risk continued Retail secured by real estate by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 1, % 0.2% % AQ2 3, % 0.2% 1, % AQ % 3.2% AQ4 47, % 6.1% 1, % AQ5 31, % 12.1% 1, % AQ6 13, % 31.3% 1, % AQ7 5, % 45.5% % AQ8 2, % 77.6% % AQ9 1, % 105.5% AQ10/default 1, % 123.3% % 107, % 17.6% 7, % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. Qualifying revolving retail exposures by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ % 0.5% 3, % AQ2 1, % 2.2% 1, % AQ3 6, % 3.9% 4, % AQ4 2, % 10.6% 9, % AQ5 6, % 19.7% 14, % AQ6 2, % 38.9% 4, % AQ7 3, % 79.1% 1, % AQ8 3, % 144.9% % AQ % 260.2% % AQ10/default 1, % 11.2% % 27, % 43.0% 39, % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. 20

22 Credit risk continued Other retail by asset quality band EAD Exposure Exposure Undrawn post weighted weighted Undrawn weighted Asset quality band CRM (1) average (2) average (2) commitments (3) average (4) m LGD risk-weight m CCF AQ1 AQ2 AQ % 19.2% % AQ % 43.3% % AQ5 2, % 67.9% % AQ6 3, % 90.9% % AQ7 2, % 111.8% % AQ8 2, % 129.3% AQ % 196.8% AQ10/default 2, % 6.7% 13, % 88.8% % Notes: (1) EAD post CRM is exposure at default after the application of on balance sheet netting and includes the IRB element of counterparty credit risk but excludes non-customer assets. (2) Exposure weighted averages have been weighted by the sum of EAD within each of the PD bands. (3) Undrawn commitments are defined as the difference between the drawn balance and the limit. (4) Undrawn weighted average has been weighted by the sum of undrawn commitments within each of the PD bands. IRB exposures covered by guarantees and credit derivatives The Group utilises a number of different types of collateral. The following table shows the total IRB exposure covered by guarantees and credit derivatives. However this only represents certain elements of collateral taken into consideration by the Group when calculating RWAs. For other types of collateral taken, refer to the credit risk section on page 13. (1,2) IRB exposure class m Central governments and central banks 17 Institutions 103 Corporates 22,169 Non-credit obligation assets 92 22,381 Notes: (1) Guarantees or credit derivatives represents the value of the guarantee or credit derivative applied in the LGD models. Guarantees disclosed do not include parental guarantees where the PD substitution approach is applied. (2) Excludes counterparty credit risk. 21

23 Credit risk continued Expected loss and impairment Expected loss is the forecast credit loss on a potential default over a one year period. The table shows the expected loss as at 31 December 2007 predicted by the Group models which incorporate LGDs and EADs that reflect downturn economic conditions and PDs calculated on a through-the-cycle basis. The impairment charge for the year ended is also shown in the table. The impairment charge is a point in time estimate and reflects actual provision change and direct write-offs during the year to the income statement. There are a number of significant differences between the methodology for calculating an expected loss under regulatory rules and raising impairments under accounting standards. Accounting standards require observable data that provides evidence of events occurring to recognise the loan losses while similar evidence is not necessarily required in the calculation of expected loss. Expected loss is also calculated on a one year time horizon which is different to the provision charge that represents a point in time event. In addition, the impairment charge excludes 5.8 billion of trading asset write-downs. For further details see to page 37 of the 2008 Report and Accounts. Any comparison between these two numbers should not be made without taking into consideration these key differences. Impairment Expected charge for loss as at year ended 31 December 31 December IRB exposure class m m Central governments and central banks 5 Institutions Corporates 2,470 2,307 Retail SME Retail secured by real estate collateral Qualifying revolving retail exposures 1, Other retail exposures 2, Equities 14 7,624 3,648 The Group experienced a pronounced deterioration in impairments in the second half of 2008, as financial stress spread to a broad range of customers. Further details of the Group s impairment charge are shown on page 37 of the 2008 Report and Accounts. Probability of default Wholesale credit grading models are hybrid models; the probabilities of default have been calibrated to each grade using sufficiently long historic data, and are expected to remain stable in their mapping to each grade over a cycle. However, the grade assignments to individual customers take into account current economic conditions and the customer s credit quality. The customer grade is therefore expected to change over a cycle, and as a result the models are regarded as being closer to point in time. As an economic cycle deteriorates our portfolio credit quality is expected to be reflected in the grades assigned, resulting in an increase in capital (all other things being equal). Retail PD models adopt a point in time methodology to facilitate pricing, setting of risk appetite and loss estimation. Models are regularly calibrated to produce robust estimates incorporating a degree of conservatism. 22

24 Credit risk continued The following table shows the PD estimated at the end of 2007, together with the actual defaults experienced in Neither is weighted by loss, limit or exposure at default. Defaults include all cases which meet the Basel II definition of unlikeliness to pay or 90 days past due. There are two exposure classes where the difference between the predicted and actual is most marked: The Group s corporate PD models utilise historical data based on a long run average of 25 years of default data. The market conditions witnessed in 2008 have resulted in a default experience which falls outside the range predicted by these historical data. Retail SME: The default rates in December 2007 were point in time and were not forward looking to the economic conditions experienced during Corporates: the actual default experience diverges from that suggested by the average PD rates forecast at the end of December Actual Probability of defaults for default as at year ended 31 December 31 December IRB exposure class % % Central governments and central banks 0.83 Institutions Corporates Retail SME Retail secured by real estate collateral Qualifying revolving retail exposure Other retail exposures Equities The actual default rate for corporates is higher than the predicted default rate. This was expected given the hybrid nature of the models, for which an economic downturn can result in actual defaults exceeding predicted defaults. For retail, model observed PD rates are broadly in line with forecast with the exception of retail small and medium sized enterprises where observed PD slightly exceeds forecast. This reflects modest deterioration in this market which has now been incorporated in to revised estimates through the regular model calibration process. 23

25 Credit risk continued Credit risk by standardised approach Several of the Group s portfolios are currently managed under the standardised approach, including: US Retail & Commercial: retained on standardised for FSA reporting, pending migration to IRB approach (the US timetable for Basel implementation is subject to different timescales). Wealth: given the low level of loss experience the FSA has approved the use of standardised in all cases, as required by BIPRU. Exposures are allocated to specific standardised exposure classes as determined by the FSA s BIPRU 3 and it is these classes that determine the risk weight used. For exposures to corporates, sovereigns and institutions the Group uses the external credit assessments of recognised credit rating agencies (principally Moody s, but also Standard & Poor s and Fitch, where appropriate). All other exposures are unrated with the risk weights determined by the BIPRU rules. The following table shows the Group s RWAs and capital requirements by standardised exposure class. The balances include non-customer and intra-group assets. (1) Minimum Credit RWAs capital Standardised exposure class post CRM requirement m m Central governments and central banks 1 Regional governments and local authorities 21 2 Administrative bodies and non commercial undertakings 97 8 Multilateral development banks Institutions Corporates 54,070 4,326 Retail 31,258 2,501 Secured by real estate property 5, Past due items 1, Securitisation positions Other items 13,750 1, ,596 8,609 Note: (1) Values include intra-group assets under exposure class corporates. Gross standardised customer credit risk The following tables detail the Group s gross standardised customer credit risks by exposure class, geographic area, industry sector, and residual maturity band. The gross customer exposure is shown before the application of credit risk mitigation (CRM), excluding products calculated under the counterparty credit risk approach (CCR). (1, 2) Exposure Average Standardised exposure class pre CRM exposure CRM(3) m m Central governments and central banks 19,199 9,840 Regional governments or local authorities Administrative bodies and non-commercial undertakings Multilateral development banks Institutions 2,963 2,360 Corporates 64,815 58,658 Retail 48,453 43,339 Secured by real estate property 16,305 14,695 Past due items 1, Securitisation positions 1,582 2,952 Other items (4) 6,477 2, , ,384 Notes: (1) Exposure pre CRM is before the application of on-balance sheet netting and financial collateral. (2) Exposure excludes intra-group and non-customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) Average is based on the last six months of (4) Other items include customer assets only. 24

26 Credit risk continued Standardised gross exposure by geographic area (1, 2, 3) Western North Europe Asia Latin CEE Middle East Standardised exposure class UK America (excl. UK) Pacific America Central Asia & Africa Total m m m m m m m m Central governments and central banks 11,062 7, ,199 Regional governments or local authorities Administrative bodies and non-commercial undertakings Multilateral development banks Institutions , ,963 Corporates 11,861 47,649 3, , ,815 Retail 6,766 39,583 1, ,453 Secured by real estate property 5,118 10, ,305 Past due items ,008 Securitisation positions 1,582 1,582 Other items (4) 4,994 1,483 6,477 40, ,304 7,406 1,244 1, ,477 Notes: (1) Exposure pre CRM is before the application of on balance sheet netting and financial collateral. (2) Exposure excludes intra-group and non-customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) The geographic area is determined by the country of incorporation for companies and for individuals as the country of residence. (4) Other items include customer assets only. Standardised gross exposure by industry sector (1, 2, 3) Administrative Central Regional bodies Secured governments governments and non- Multilateral by real Past and central or local commercial development estate due Securitisation Other Industry sector banks authorities undertakings banks Institutions Corporates Retail property items positions items (4) Total m m m m m m m m m m m m Agriculture and fisheries Building and construction 1, ,348 Business services ,030 1, ,810 Banks and building societies 8, ,616 1, ,144 13,094 Financial intermediaries 5, , ,530 5,323 32,604 Manufacturing 7, ,371 Natural resources and nuclear 1, ,149 Personal 2,586 41,108 15, ,786 Power, water and waste ,049 Property 9, ,858 Public sector and quasi government 5, , ,950 Technology, media and telecommunications 1, ,361 Tourism and leisure 2,369 1, ,435 Transport and storage 23 1, ,219 Wholesale and retail trade 33 8,509 2, ,359 19, ,963 64,815 48,453 16,305 1,008 1,582 6, ,477 Notes: (1) Exposure pre CRM is before the application of on balance sheet netting and financial collateral. (2) Exposure excludes intra-group and non customer assets along with OTC and repo products which are shown separately in the counterparty credit risk disclosures. (3) Industry sectors are based on the standard industry classification (SIC) code of the counterparty. (4) Other items include customer assets only. 25

27 Credit risk continued Standardised gross exposure by residual maturity (1, 2, 3) Within After 1 but After Standardised exposure class 1 year within 5 years 5 years Total m m m m Central governments and central banks 11,135 1,357 6,707 19,199 Regional governments or local authorities Administrative bodies and non-commercial undertakings Multilateral development banks Institutions 2, ,963 Corporates 16,907 28,745 19,163 64,815 Retail 5,399 19,204 23,850 48,453 Secured by real estate property 609 2,860 12,836 16,305 Past due items ,008 Securitisation positions 1,582 1,582 Other items (4) 536 4,858 1,083 6,477 37,035 58,415 66, ,477 Notes: (1) Exposure pre credit risk mitigation is before the application of on balance sheet netting and financial collateral. (2) Exposure excludes intra-group, non-customer assets, OTC derivatives and repo products which are shown separately in the counterparty credit risk disclosures. (3) Maturity bands represent the residual contractual maturity. (4) Other items include customer assets only. (5) Revolving facilities are included in the within 1 year category. 26

28 Credit risk continued The table below details the mappings between the main external credit assessment institutions used by the Group and the credit quality steps used to determine the risk-weight. Where no external rating is used in the RWA calculation, the unrated credit quality step applies. Credit quality step Fitch s assessments Moody s assessments Standard & Poor s assessments Step 1 AAA to AA- Aaa to Aa3 AAA to AA- Step 2 A+ to A- A1 to A3 A+ to A- Step 3 BBB+ to BBB- Baa1 to Baa3 BBB+ to BBB- Step 4 BB+ to BB- Ba1 to Ba3 BB+ to BB- Step 5 B+ to B- B1 to B3 B+ to B- Step 6 CCC+ and below Caa1 and below CCC+ and below The table below details the standardised portfolio exposure (including OTC derivatives and repos) pre and post CRM by the credit quality steps. (1, 2) Credit Credit Credit Credit Credit Credit quality quality quality quality quality quality Unrated Standardised exposure class step 1 step 2 step 3 step 4 step 5 step 6 exposure Total m m m m m m m m Central governments and central banks (3) Exposure pre CRM 12, ,294 19,199 Exposure post CRM 12, ,294 19,199 Regional governments or local authorities Exposure pre CRM Exposure post CRM Administrative bodies and non-commercial undertakings Exposure pre CRM Exposure post CRM Multilateral development banks Exposure pre CRM Exposure post CRM Institutions Exposure pre CRM 1, ,202 2,963 Exposure post CRM 1, ,202 2,963 Corporates (4) Exposure pre CRM 12, , ,024 64,815 Exposure post CRM 12, , ,310 64,101 Retail Exposure pre CRM 48,453 48,453 Exposure post CRM 48,108 48,108 Secured by real estate property Exposure pre CRM 16,305 16,305 Exposure post CRM 16,305 16,305 Past due items Exposure pre CRM 1,008 1,008 Exposure post CRM 1,008 1,008 Securitisation positions Exposure pre CRM 1, ,582 Exposure post CRM 1, ,582 Other items (5) Exposure pre CRM ,906 6,477 Exposure post CRM ,906 6,477 Total Exposure pre CRM 29, , , ,477 Total Exposure post CRM 29, , , ,418 Notes: (1) Credit quality steps are a combination of the counterparty exposure class and the external rating applied. Where no external rating is used in the RWA calculation a credit quality step of unrated is shown. For the mapping of credit quality steps to external ratings refer to the table above. (2) Exposure excludes intra-group and non-customer assets. (3) Moody s ratings are used for central governments and central banks. Unrated relate to exposures where Moody s do not provide a rating. These exposures still receive a zero risk weight where applicable in line with BIPRU requirements. (4) Corporate exposures relate to unrated SME exposures. (5) Other items include customer assets only. (6) Not all CRM is taken through exposure as some is applied directly to the RWA. 27

29 Credit risk continued Standardised exposures covered by eligible financial collateral (1) Standardised exposure class m Corporates 714 Retail 345 1,059 Note: (1) Exposure covered by eligible financial collateral represents the value of the financial collateral applied in the credit RWA calculation after volatility adjustments. Standardised exposures covered by guarantees and credit derivatives (1) Standardised exposure class m Central governments or central banks 5,913 Corporates 28 Retail 1,570 Secured on real estate property 2,213 Past due items 16 9,740 Note: (1) Exposure covered by guarantees and credit derivatives represents the value of the guarantees and credit derivatives applied in the credit RWA calculation. Credit risk ABN AMRO ABN AMRO effectively remains on Basel I but will be transitioned to the Basel II approaches by the end of The consortium members are currently rolling out their own Basel II methodologies across their businesses. The following table sets out the credit RWAs and minimum capital requirement by exposure class, using Basel I data. (1) Minimum Credit capital Exposure class Exposure RWAs requirement m m m Central governments and central banks 60,552 2, Institutions 22,437 11, Corporates 238, ,732 10,139 Retail 28,768 15,893 1,271 Secured by real estate property 63,531 27,900 2,232 Other 79,724 14,099 1,128 Securitisation 11,239 7, , ,217 16,497 Note: (1) Represents total ABN AMRO including consortium partners. 28

30 Counterparty credit risk Counterparty credit risk (CCR) is the risk that a counterparty defaults prior to the maturity of a derivative contract. The risk may result from derivative transactions in either the trading or banking book and is subject to credit limit setting like other credit exposures. A number of specific policies govern how the Group manages such risk i.e. documentation requirements, equity/futures and securities lending products, hedge fund counterparties, pension fund counterparties, issuer risks, margin trading, collateral acceptability and custodians. The following tables summarise the total counterparty credit risk capital component and the current counterparty credit risk exposure, post credit risk mitigation by product type. Minimum capital requirement m Counterparty credit risk capital component 4,887 EAD post CRM Product type m OTC derivatives 171,056 Repos 52, ,986 Counterparty credit limit setting Once commercial support/sponsorship is confirmed, counterparty credit limits are established through credit risk approval channels. These limits are established based on the credit quality of the counterparty and the projected maximum potential future exposure of anticipated derivative transactions, which are typically based on 95th percentile worse case exposure assumptions. Credit limits are set by product or reflect documentation held for netting or collateral management purposes. Outstanding exposures are calculated as the mark to market position of outstanding contracts plus an additional potential future exposure based on the transactions characteristics and governing documentation. For external capital purposes, some counterparty risk is calculated using expected positive exposure methodology. It is expected that over time additional derivative exposures, not currently measured under the expected positive exposure methodology, will also be captured in this way. The Group uses 1.6 Alpha. The following table analyses the EAD by method. Exposure at Default Method m CCR mark-to-market 144,975 Expected positive exposure 68,556 Value-at-Risk 10, ,986 Counterparty risk mitigation To mitigate counterparty credit risk, it is Group policy to execute netting and collateral agreements where legally enforceable. Additionally, dynamic credit risk reserving is adopted as a further discipline to manage counterparty credit risk. Netting and collateralisation It is Group policy to ensure that appropriate swaps and derivative documentation is executed for clients prior to trading. Exceptions to this require specific approval from a senior risk officer. A formal documentation policy governs all derivative counterparties deemed suitable in terms of their legal and administrative capacity to enter into collateral agreements. Where netting and/or collateral enforceability criteria are not fulfiled, exposure is assumed to be uncollateralised. The policy framework establishes minimum documentation requirements and preferred credit terms under collateral agreements including: unsecured thresholds; minimum transfer amounts; independent amounts; minimum haircuts; collateral eligibility criteria, and collateral call frequency. The framework also includes a formal escalation process for counterparty collateral disputes and unpaid collateral calls. 29

31 Counterparty credit risk continued The table below highlights the risk mitigating impact of netting and collateralisation on counterparty credit risk for mark to market derivatives only. Counterparty credit risk m Gross positive fair value of contracts (1) 445,021 Netting benefits (333,775) Netted current credit exposure 111,246 Collateral held (8,747) Exposure at default post CRM 102,499 Note: (1) Gross positive fair value includes the potential future credit exposure. On a daily basis, for treasury and liquidity management purposes, the Group calculates its additional requirements to post collateral by counterparty and, in aggregate, upon a one and two notch downgrade in its external credit rating. Credit valuation adjustments Credit valuation adjustments (CVAs) represent an estimate of the adjustment to the fair value that a market participant would make to incorporate the credit risk inherent in counterparty derivative exposures. CVAs for monoline insurance companies are calculated on a trade by trade basis, using market observable monoline credit spreads. The methodology used for credit derivative product companies is similar albeit in the absence of market observable credit spreads, the cost of hedging expected default losses in excess of the capital available in each vehicle. For all other counterparties CVA is calculated either on a trade by trade basis reflecting the estimated cost of hedging the risk through credit derivatives, or on a portfolio basis reflecting an estimate of the amount the third party would have to pay to assume the risk. Credit derivatives As part of its credit risk strategy to mitigate portfolio risk concentrations, the Group buys credit derivative products from market counterparties which incur counterparty credit risk. Such counterparties are subject to the Group s standard credit risk analysis criteria. Over and above this, additional restrictions apply with respect to eligibility and suitability, (e.g. credit protection bought from the same corporate group as the reference entity is not considered eligible credit protection). A summary of notional credit derivative products is outlined below, split between protection bought for portfolio management purposes and that relating to intermediation in the credit derivative markets. Credit Total default return Notional principal amount of credit derivative transactions swaps swaps Other m m m Used for own credit portfolio protection bought 31,766 Used for intermediation activities protection bought 922,082 7, Used for intermediation activities protection sold 577,461 5,891 1,531,309 13, Management of negative risk correlations The Group has a formal risk framework governing negative risk correlations or wrong way risks. Wrong way risks arise when the risk factors driving the exposure to a counterparty are adversely correlated with the credit quality of that counterparty. There is a tendency for the exposure to increase as the creditworthiness decreases. This framework: defines the three different types of wrong way risks; identifies scenarios whereby the Group may be exposed to this risk; establishes the credit treatment; proposes mechanisms of control and monitoring by implementing reporting and escalation processes; and recommends risk mitigants. 30

32 Securitisation The industry good practice guidelines have been used as the basis for preparing these securitisation disclosures. Objectives, roles and involvement The Group arranges securitisations to facilitate client transactions and to sell financial assets or to fund specific portfolios of assets. The Group also acts as an underwriter and depositor in securitisation transactions involving both client and proprietary transactions. In a securitisation, assets, or an interest in a pool of assets, are transferred to a special purpose entity which then issues liabilities to third party investors. Special purpose entities, vehicles set up for a specific, limited purpose, usually do not carry out a business or trade and typically have no employees. They take a variety of legal forms e.g. trusts, partnerships and companies, and fulfil many different functions. As well as being a key element of securitisations, special purpose entities are also used in fund management activities to segregate custodial duties from the fund management advice provided by the Group. Securitisations may, depending on the individual arrangement, result in continued recognition of the securitised assets; continued recognition of the assets to the extent of the Group s continuing involvement in those assets; or derecognition of the assets and the separate recognition, as assets or liabilities, of any rights and obligations created or retained in the transfer (see accounting policy within the 2008 Report and Accounts). The Group has securitisations in each of these categories. The regulatory treatment may differ from the accounting treatment. For the purpose of these disclosures: traditional securitisations: are defined as where an originating bank transfers a pool of assets that it owns to an arm s length special purpose entity. synthetic securitisations: are those where the originating bank transfers only the credit risk associated with an underlying pool of assets through the use of credit linked notes or credit derivatives, whilst retaining legal ownership of the pool of assets. The Group s objectives in relation to securitisation activity are as follows: increase the availability of different sources of funding; diversify the funding the Group uses; facilitate prudential balance sheet management; and The types of transactions entered into by the Group are as follows: residential mortgages securitisations: the Group has securitised portfolios of residential mortgages. Mortgages have been transferred to special purpose entities, held ultimately by charitable trusts and funded principally through the issue of floating rate notes. The Group has entered into arm s length fixed/floating interest rate swaps and cross-currency swaps with the securitisation special purpose entities and provides mortgage management and agency services to them. On repayment of the financing, any further amounts generated by the mortgages will be paid to the Group. The special purpose entities are consolidated for accounting purposes and the mortgages remain on the Group s balance sheet. credit card securitisations: credit card receivables in the UK have been securitised with notes that have been issued by special purpose entities. The note holders have a proportionate interest in a pool of credit card receivables that have been equitably assigned by the Group to a receivables trust. The Group continues to receive excess spread (after charge-offs), and so the special purpose entities are consolidated for accounting purposes and the credit card receivables remain on the Group s balance sheet. other securitisations: other loans originated by the Group have been transferred to special purpose entities, funded through the issue of notes. Any proceeds from the loans in excess of the amounts required to service and repay the notes, are payable to the Group after deduction of expenses. The special purpose entities are consolidated for accounting purposes and the loans remain on the Group s balance sheet. commercial paper conduits: the Group sponsors commercial paper conduits. Customer assets are transferred into special purpose entities which issue notes in the commercial paper market. The Group supplies certain services and contingent liquidity support to these special purpose entities on an arm s length basis as well as programme credit enhancement. The special purpose entities are consolidated for accounting purposes. finance lease receivables: certain finance lease receivables (leveraged leases) in the US involve the Group as lessor obtaining non-recourse funding from third parties. This financing is secured on the underlying leases and the provider of the finance has no recourse whatsoever to the other assets of the Group. The transactions are recorded gross of third-party financing. earn management fees on assets under management. 31

33 Securitisation continued During 2008, the Group was able to pledge AAA-rated asset-backed securities as collateral for repurchase agreements with major central banks under schemes such as the Bank of England s Special Liquidity Scheme, launched in April 2008, which allowed banks to temporarily swap high quality mortgage-backed and other securities for liquid UK treasury bills. The practice has contributed to the Group s sources of funding during 2008 in the face of the contraction in the UK market for interbank lending and the investor base for securitisations. The results of the above transactions are not included in the quantitative disclosures as credit risk transfer with regard to the exposures securitised has not been recognised for the purposes of Pillar 1 capital requirements. The roles played by the Group in the securitisation process are: originator: for own assets securitised whereby the bank originates directly or indirectly the exposures included in the securitisation. arranger: deal structuring, legal framework, marketing, and distribution to the market. sponsor: establishes and manages an asset backed commercial paper programme or other scheme that purchases exposures from third parties i.e. acting as conduit. contractual party: deposit account holder, manager of the securitisation (including monitoring of the underlying assets on behalf of investors), investor reporting. The bank may also act as investor wherein it holds a position in a securitisation transaction for which it is neither originator nor sponsor. This includes providing swaps and liquidity facilities to securitisation transactions. The extent of the Group s involvement in transactions is: pre-close: to follow established business processes to enable the bank to meet its obligations. post-close: to perform contractual roles as appropriate. Calculation of risk-weighted exposure amounts When calculating the RWAs for securitisation transactions the significant risk transfer test is applied. Significant risk transfer tests are conducted regularly in order that the risk associated with the original securitised assets can be derecognised and accordingly the exposures are recognised. If significant risk transfer is not achieved, the risks associated with the original assets are retained and the exposure to the securitisation is ignored. The Group uses either the IRB approach or the standardised approach for calculating capital requirements on securitisation positions. Within the IRB approach the Group applies the ratings based approach to rated positions and the internal assessment approach to unrated asset backed commercial paper programme positions where the Group is the sponsor. Summary of accounting policies Treatment of transactions as sales or financings and the recognition of gains on sales A securitisation transaction is first assessed for any potential requirement to consolidate any of the various vehicles used. The assessment is made considering the requirements of IAS 27 Consolidated and Separate Financial Statements and SIC 12 Consolidation Special Purpose Entities. Both IAS 27 and SIC 12 require consolidation of entities that are controlled by the Group. Whether a securitisation transaction is treated as a sale or financing depends on whether the de-recognition tests of IAS 39 Financial Instruments: Recognition and Measurement, are met. The Group s accounting policy on de-recognition is as follows: A financial asset is derecognised when it has been transferred and the transfer qualifies for derecognition. A transfer requires that the Group either transfers the contractual rights to receive the asset's cash flows or retains the right to the asset's cash flows but assumes a contractual obligation to pay those cash flows to a third party. After a transfer, the Group assesses the extent to which it has retained the risks and rewards of ownership of the transferred asset. Where substantially all the risks and rewards have been retained, the asset remains on the balance sheet, however where they have been transferred, the asset is derecognised. If substantially all the risks and rewards have not been retained or transferred, the Group assesses whether it has retained control of the asset. If it has not retained control, the asset is derecognised, if it has, it continues to recognise the asset to the extent of its continuing involvement. A financial liability is removed from the balance sheet when the obligation is discharged, cancelled, or expires. Sales and gains on sales are recognised only to the extent that derecognition is achieved. In a traditional securitisation, assets are sold to a special purpose entity at book value and no gain or loss on sale is recognised at inception. Key assumptions for valuing retained interests Retained interests are valued with reference to similar portfolios in the market. Treatment of synthetic securitisations Synthetic securitisations are assessed under the same policies as nonsynthetic securitisations. Any derivatives are treated in accordance with the requirements of IAS 39. External credit assessment institutions The Group uses Moody s, Standard & Poor s or Fitch to rate deal structures in their entirety. Usually the services of two or more agencies are used in a transaction. Additional information is contained in the 2008 Annual Report and Accounts, pages 139 and

34 Securitisation continued Exposures securitised by transaction and type exposure type Outstanding amounts of exposures securitised (1) Traditional Synthetic Underlying portfolio Originator Sponsor Originator Sponsor m m m m Residential mortgages 1,474 4,003 Commercial mortgages 5,424 1,576 2,587 Credit card receivables 1,504 5,632 Leasing 1,231 Loans to corporate or SMEs 4, Consumer loans 4,926 Trade receivables 2,706 Auto receivables 10,053 Other assets ,385 31,473 2,587 Note: (1) Exposure values are on the basis of financial statement values as of the date of disclosure. Where this is not available, the current amount of outstanding notes has been used. Impaired and past due exposures securitised by exposure type and losses Outstanding amounts of exposures securitised (1) Impaired/past due Losses Underlying portfolio Originator Sponsor Originator Sponsor m m m m Residential mortgages 38 2 Commercial mortgages 57 Credit card receivables Loans to corporate or SMEs Note: (1) Exposure values are on the basis of financial statement values as of the date of disclosure. Where this is not available, current amount of outstanding notes has been used. Securitisation positions, retained or purchased, by exposure type Aggregate amount of securitisation positions retained or purchased Underlying asset type m Residential mortgages 15,983 Commercial mortgages 5,297 Credit card receivables 6,255 Leasing 3,249 Loans to corporates or SMEs 3,809 Consumer loans 8,972 Trade receivables 11,506 Securitisations/re-securitisations 247 Auto receivables 6,448 Other assets 6,330 68,096 Geographic breakdowns for banking book securitisation positions (excluding deductions and counterparty credit risk) have been provided in the credit risk analysis section of this document. 33

35 Securitisation continued Securitisation positions, retained or purchased, by risk weightings Aggregate amount of securitisation positions retained or purchased Capital Capital charges, charges Exposure standardised IRB Risk weight bands amount approach approach m m m 10% 44, > 10% 20% 14, > 20% 50% 5, > 50% 100% 2, > 100% 650% > 650% < 1250% 1250%/deduction (1) , ,362 Note: (1) The securitisation positions deduction in the regulatory capital table on page 8 includes trading book assets, while the table above is limited to banking book assets only. Exposures to securitisations of revolving assets (1) Aggregate outstanding amounts Originator s Investor s interest interest Underlying portfolio m m Retail committed 2,934 1,504 Notes: (1) Exposure values are on the basis of financial statement values as of the date of disclosure. (2) Retail committed balances include drawn credit card receivable balances relating to the transaction. Securitisation activity during the year Securitisation in the current year (exposures securitised) Traditional Synthetic Realised gains/ losses on traditional Underlying portfolio Originator Sponsor securitisations Originator Sponsor m m m m m Residential mortgages 126 Credit card receivables 1,818 Consumer loans 2,514 Auto receivables 277 Other assets 256 4,991 Notes: (1) Exposure values are as of the date of inception, where this is not available, current amount of outstanding notes has been used. (2) ABN AMRO asset migration to the Group is not included as activity. 34

36 Market risk Market risk is the risk that the value of an asset or liability may change as a result of a change in the market rates. Structure and organisation The Group Executive Management Committee approves the trading book market risk appetite, expressed in value-at-risk (VaR) and stress testing limits. These limits are delegated to individual trading businesses within the Group. The market risk function is independent of the Group s trading businesses and is responsible for: effective application and compliance with the Group s market risk policy statement, aligning the market risk taken by the Group with the risk limits set by the Group Executive Management Committee; identification, measurement, monitoring, analysis and reporting of the market risk generated by the various businesses; and determination of appropriate policies and methodologies to measure and control market risk. The Group manages market risk in its trading and treasury portfolios through its market risk management framework. This expresses limits based on, but not limited to, VaR stress testing scenario analysis and position/sensitivity analysis. Reports to management committees The Board, the Group Executive Management Committee and the Group Risk Committee review monthly reports which provide summary information on VaR, trading positions and stress tests. Breaches of Group VaR limits are reported to the next daily Group Chief Executive Advisory Group, to the FSA within two days and monthly to the next Group Risk Committee meeting. Scope, nature and measurement systems The principal trading book market risk factors for the Group are interest rates, credit spreads, foreign exchange, equities and commodities. The primary focus of the Group s trading activities is client facilitation and providing products to the Group s client base at competitive prices. The Group also undertakes: market making: quoting firm bid (buy) and offer (sell) prices with the intention of profiting from the spread between the quotes; arbitrage: entering into offsetting positions in different but closely related markets in order to profit from market imperfections; and proprietary activity: taking positions in financial instruments as principal in order to take advantage of anticipated market conditions. Financial instruments held in the Group s trading portfolios include, but are not limited to: debt securities, loans, deposits, equities, securities sale and repurchase agreements and derivative financial instruments (futures, forwards, swaps and options). Measurement systems The VaR measure is generated using a historical simulation methodology. Position risk and sensitivity analysis In addition to the VaR and stress testing measures discussed below, the Group calculates a wide range of sensitivity and position risk measures, for example interest rate ladders or option revaluation matrices. These measures provide valuable additional controls, often at individual desk or strategy level. Trading book default risk Trading book positions are subject to a default risk measure at least weekly. This measure is calculated on the basis of a modelled charge, together with an override to assess concentration risk. Risk control The main practical tools to affect hedging and mitigating risk are the delegated authorities, the limits and discussion triggers, independent model valuation, a robust and efficient risk system and timely and accurate management information. Limits form part of the dealing authorities and constitute one of the cornerstones of the market risk management framework. Their breach must be followed by appropriate action, as specified in detail in the market risk policy statement. Upon notification of a limit breach, the appropriate body must take one of the following actions: instructions can be given to reduce positions to bring the Group within the agreed limits. a temporary increase in the limit (for instance, in order to allow orderly unwinding of positions) can be granted. a permanent increase in the limit can be granted. Use of the VaR model Characteristics of sub-portfolio models For internal risk management purposes, the Group s VaR assumes a time horizon of one trading day and a confidence level of 95%. The Group uses historical simulation models in computing VaR and the Group typically uses 500 trading days of market data. Stress testing The Group calculates a range of market risk stress tests each day. The objective of stress testing is to identify the loss that the Group s current portfolio of trading book exposures would generate in plausible but adverse market events. The Group undertakes hypothetical and historical stress tests on a consolidated as well as a significant strategy level. Historical stress tests calculate the loss that would be generated if the market movements that occurred during a historical market event were to be repeated. Hypothetical stress tests calculate the loss that would be generated if a specific set of adverse market movements were to occur. Additional stress tests are undertaken for those strategies where the associated market risks are not adequately captured by VaR. 35

37 Market risk continued Stress test exposures are discussed with senior management and are reported to the Group Risk Committee, the Group Executive Management Committee and the Board. Breaches in the Group s market risk stress testing limits are reported to the Group Executive Management Committee, who are also responsible for approving the limit for the Group. Backtesting and validation approach The VaR measure is backtested daily. Days on which a loss occurs which is greater than the 99% 1-day risk are known as exceptions, and the cause of such losses are investigated by the business unit risk managers. A risks not in VaR framework has been developed to address those market risks not adequately captured in the VaR model. Where risks are not included in the model, various non-var controls (e.g. position monitoring, sensitivity limits, triggers or stress limits) are in place. Application of the VaR model The FSA has approved the use of VaR data produced by the VaR calculation engine, as inputs for the calculation of market risk regulatory capital, for those legal entities under their regulatory jurisdiction. These legal entities are currently The Royal Bank of Scotland plc; National Westminster Bank Plc; Greenwich Capital Derivatives Inc; Greenwich International Ltd and Greenwich Capital Financial Products Inc. Additional disclosures Marking to market/model/reserving To ensure that the risks associated with dealing activity are reflected in the financial and management statements, assets and liabilities in the trading book are measured at their fair value. Any profits or losses on the revaluation of positions are recognised in the profit and loss account on a daily basis. Fair value is the amount at which the instrument could be exchanged in a current transaction between willing parties. The fair values are determined following the guidance in IAS39 paragraphs AG69-AG82 and related implementation guidance. This requires using quoted market prices or the use of valuation techniques (models) that make maximum use of observable inputs. When marking to market using a model, the valuation methodologies are reviewed and approved either by the market risk function in the business or at Group level. An independent evaluation of the model is undertaken for transactions deemed to be large, complex and/or innovative. Accounting and regulatory rules require that trading book positions on the balance sheet are held at fair value including appropriate reserving. In addition there is a regulatory requirement that trading book positions are marked to market on a daily basis. Traders are responsible for marking to market their trading book positions on a daily basis. Traders can either: directly mark a position with a price (e.g. spot FX); or indirectly mark a position through the marking of inputs of an approved model which will in turn generate a price. Independent price verification Independent price verification is a key additional control over front office marking of positions and operates to assist the validation of: the balance sheet at key reporting dates; and book level daily profit and loss used for management reporting and regulatory back-testing. All positions held within trading books require independent price verification. Independent price verification for this purpose is the independent review and validation of trader marks and may be achieved by: independently testing prices for specific positions; or independently testing all variable model inputs to the relevant approved valuation model. The key management factors include: appropriate financial controls: financial controllers are responsible for ensuring that independent price verification processes are in place covering all trading book positions held by their business. Daily independent price verification is performed for positions where prices/model inputs are readily available on a daily basis. For positions where prices/model inputs are available on a less regular basis, verification may occur on a frequency that is less than daily. Where practical, verification is performed to a frequency that matches the availability of this independent price information. 36

38 Market risk continued compliance statements: financial control is required to prepare and maintain compliance statements that benchmark price verification procedures against the independent pricing policy. Each compliance statement requires review and sign off from market risk, front office management and the relevant financial controller on a minimum six monthly basis. independent validation: there is a minimum requirement that independent price verification is carried out monthly. It is a regulatory requirement that all trading book positions are marked to market on a daily basis. If the use of finance's independent valuations would lead to a markdown in excess of the profit and loss adjustment trigger for an individual desk, then the books are re-marked to independent prices. Individual desks and the trigger over which escalation will occur are defined within the compliance statement for that business area. (1) Market risk: trading book and other business minimum capital requirement m Trading book business interest rate position risk requirement 145 Business activities commodity position risk requirement 3 Total (standard method) 148 Capital requirement for aggregation entities 1,976 VaR model based position risk requirement (2) 1,593 Total position risk requirement 3,717 Notes: (1) Market risk numbers include the minimum capital requirement for ABN AMRO. (2) Other position risk requirements are included in the VaR line. The Turner review recommends that The quality and quantity of overall capital in the global banking system should be increased, resulting in minimum regulatory requirements significantly above existing Basel rules... Capital requirements against trading book activities should be increased significantly. This may increase total regulatory capital requirements moving forward. 37

39 Operational risk Strategy and process The Group is committed to maintaining high standards of operational risk management. Operational risks are inherent in the Group s business and although the Group has implemented risk controls and loss mitigation actions, it is only possible to be reasonably, but not absolutely certain, that such procedures will be effective in controlling each of the operational risks faced by the Group. Operational risk is the risk of financial loss or reputational impact resulting from fraud, human error, ineffective or inadequately designed processes or systems, improper behaviour, legal events or from external events. The Group s Operational Risk Policy and Principles (ORPP) provides the direction for delivering effective operational risk management. It comprises principles, minimum standards and processes that enable the consistent identification, assessment, management, monitoring and reporting of operational risk across the Group. The objectives of the ORPP are to protect the Group from financial loss or damage to its reputation, and to ensure that it meets all necessary regulatory and legal requirements. Key processes within the ORPP are: Risk and control assessments; Scenario analysis; Loss data management including event escalation; Key risk indicators; New products approval process; and Self certification process. These Group processes ensure that the adequacy and effectiveness of internal controls for managing risks inherent in the business processes, are regularly monitored and shortcomings are addressed on a timely basis. Structure and organisation Ultimate accountability for setting the operational risk strategy and appetite rests with the Board which has delegated authority to key Group-level committees. The committees that support the Board in the effective management of operational risk include: Group Audit Committee; Group Executive Management Committee; Group Risk Committee; Executive Risk Forum; and Divisional Risk Committees or equivalent. The implementation of the ORPP is facilitated and overseen by divisional operational risk teams, with Group Internal Audit providing independent evaluation of the control framework. Scope and nature of reporting and measurement systems Reporting forms an integral part of operational risk management. The Group s risk management processes are designed to ensure that operational risk issues are identified quickly, escalated and managed on a timely basis. Operational risk exposures for each division are reported through monthly risk and control reports, which provide detail on the risk exposures and action plans for each significant business process. Operational risk loss events that have a financial impact in excess of 1 million, or which have a significant impact on the Group s reputation or customers, are escalated and reported. Measurement systems Key elements used for the measurement of operational risk include: risk and control assessments: business units identify and assess operational risks to ensure that they are effectively managed, prioritised, documented and aligned to risk appetite. scenario analysis: scenarios are used to assess the possible impact of extreme but plausible operational risk loss events, scenario assessments and provide a forward-looking basis for managing exposures that are beyond the Group s risk appetite. loss data management: each business unit s internal loss data management process captures all operational risk loss events above 10,000. This is used to enhance the adequacy and effectiveness of controls, identify opportunities to prevent or reduce the impact of reoccurrence, identify emerging themes, enable formal loss event reporting and inform risk and control assessments and scenario analysis. Escalation of individual events to senior management is determined by the seriousness of the event. key risk indicators: business units are required to identify key risk indicators against their material risks. These indicators are used to monitor a business operational risk profile and exposure to losses, and are linked to thresholds which trigger risk management actions. There is a central Group Operational Risk department, which is an independent function reporting to the Group Chief Risk Officer and is responsible for the design and maintenance of the ORPP. It is the responsibility of each business unit to implement the ORPP and each business unit is required to identify where and how the business is exposed to the risk of loss; assess the extent of the risk exposure; control and mitigate the risk and monitor and report the operational risk exposure, highlighting any action required. 38

40 Operational risk continued Policies for hedging and mitigating Operational risk is an integral and unavoidable part of the Group s business as it is inherent in the processes, to provide services to the Group s customers and generate profit for shareholders. An objective of operational risk management is not to remove operational risk altogether, but to manage the risk to an acceptable level, taking into account the cost of minimising the risk with the resultant reduction in exposure. Strategies to manage operational risk include avoidance, transfer, and mitigation by controls or risk acceptance. The ORPP requires each business unit to determine appropriate mitigation techniques to reduce its risk exposure to an acceptable level, and that the adequacy and effectiveness of controls and other risk mitigants (e.g. insurance) are tested regularly and the results documented. Where unacceptable control weaknesses are identified, action plans must be produced and tracked to completion. The Group purchases insurance to provide the business with financial protection against specific losses and to comply with statutory or contractual requirements. Insurance is primarily used as an additional risk mitigation tool in controlling the Group s exposures however, as insurance only provides protection against financial loss once a risk has occurred, it is used as a complement to controls. The self certification process requires management to regularly monitor and report on the internal control framework and to regularly review and confirm the adequacy and effectiveness of the internal control framework for which they are responsible. This includes certifying compliance with the requirements of Group policies. The Group currently uses The Standard Approach (TSA) for the calculation of operational risk capital across all its business (with the exception of ABN AMRO). The capital requirements are as follows. Operational risk capital requirement m Capital requirement TSA 2,948 Further information on the Group s operational risk framework can be found in the 2008 Report and Accounts on pages 118 to

41 Additional disclosures Significant subsidiaries The following diagram represents a simplified regulatory heirarchy of the Group, specifically highlighting those subsidiaries and regions which are of significance. The Group s has considered the requirements of the significant subsidiary disclosures and concluded that the following entities are within scope; The Royal Bank of Scotland plc Consolidated, National Westminster Bank Plc Consolidated, Ulster Bank Ireland Limited, ABN AMRO Holdings N.V. and Citizens Financial Group, Inc. The Royal Bank of Scotland Group plc Consolidated RFS Holdings B.V. The Royal Bank of Scotland plc Consolidated Other entities ABN AMRO Holdings N.V. National Westminster Bank Plc Consolidated Other entities Citizens Financial Group, Inc. Other entities Ulster Bank Ireland Limited Significant subsidiaries. Shown for completeness, includes deconsolidated subsidiaries. As highlighted by the diagram, data for these five significant subsidiaries does not aggregate to the overall Group position. Minimum capital requirements RBS NatWest Ulster Bank Risk type Consolidated Consolidated Group ABN AMRO Citizens m m m m m Credit risk 33,188 8,042 2,218 16,497 5,818 Market risk 2, ,299 Operational risk 2,932 1, ,538 9,500 2,371 17,796 6,236 Risk-weighted assets RBS NatWest Ulster Bank Risk type Consolidated Consolidated Group ABN AMRO Citizens m m m m m Credit risk 414, ,527 27, ,217 72,719 Market risk 30,226 3, ,235 Operational risk 36,644 14,962 1,809 5, , ,765 29, ,452 77,944 Credit risk minimum capital requirements summary RBS NatWest Ulster Bank Credit risk approach Consolidated Consolidated Group ABN AMRO Citizens m m m m m Advanced IRB 18,673 6,972 2,153 Standardised 8, ,716 Counterparty credit risk 5, Concentration risk 340 ABN AMRO Basel I 16,497 33,188 8,042 2,218 16,497 5,818 Note: (1) Credit risk capital requirements include both intra-group and non-customer assets. 40

42 Additional disclosures continued Credit risk advanced IRB minimum capital requirement (1) RBS NatWest Ulster Bank IRB exposure class and sub-class Consolidated Consolidated Group ABN AMRO (2) Citizens (3) m m m m m Central governments and central banks Institutions Corporates 12,263 4,073 1,403 Retail 4,632 2, Retail SME 1, Retail secured by real estate collateral 1, Qualifying revolving retail exposures Other retail exposures Equities Exchange traded exposures 1 Private equity exposures Other exposures Securitisation positions Non-credit obligation assets ,673 6,972 2,153 Notes: (1) Excludes counterparty credit risk assets. (2) ABN AMRO is Basel I in transition. (3) Citizens capital requirements are calculated under the standardised approach. Credit risk standardised minimum capital requirement RBS NatWest Ulster Bank Standardised exposure class Consolidated Consolidated Group ABN AMRO Citizens m m m m m Regional governments or local authorities 2 2 Administrative bodies and non-commercial undertakings 8 8 Institutions Corporates 4, ,100 Retail 2, ,988 Secured by real estate property Past due items Securitised positions Other items 1, , ,716 RBS NatWest Ulster Bank Credit risk counterparty credit risk and concentration requirement Consolidated Consolidated Group ABN AMRO Citizens m m m m m Counterparty risk capital component 5, Concentration risk capital component

43 Additional disclosures continued RBS NatWest Ulster Bank Market risk trading book and other business minimum capital requirement Consolidated Consolidated Group ABN AMRO Citizens m m m m m Trading book business Interest rate position risk requirement Business activities Commodity position risk requirement 3 Foreign exchange position risk requirement 1 Total (standard method) Capital requirement for aggregation entities ,299 VaR model based position risk requirement 1, Grand total position risk requirement 2, ,299 RBS NatWest Ulster Bank Capital resources Consolidated Consolidated Group ABN AMRO Citizens m m m m m Tier 1 Ordinary shareholders equity 36,711 12,135 1,467 18,026 13,662 Minority interests 1,292 1, Adjustments for: Goodwill and other intangible assets continuing (12,591) (815) (11) (296) (8,164) Unrealised losses on available-for-sale debt securities 1, (970) 298 Reserves arising on revaluation of property and unrealised gains on available-for-sale equities (154) (14) (57) (143) Reallocation of preference shares and innovative securities (1,246) (559) Other regulatory adjustments (56) ,367 Core Tier 1 capital 27,057 11,432 1,507 16,987 7,166 Preference shares 10,896 1,591 1, Tax on excess of expected losses over provisions Material holdings (85) (330) Expected loss less provisions (1,079) (1,379) (392) Securitisation positions (561) (112) (9) Less deductions from Tier 1 capital (1,857) Total Tier 1 capital 36,843 11,988 2,847 15,130 7,512 Tier 2 Innovative Tier 1 securities 4,177 3,171 Reserves arising on revaluation of property and unrealised gains on available-for-sale equities Collective impairment allowances ,028 Perpetual subordinated debt 12,085 3, Term subordinated debt 16,488 4,234 1,161 7, Minority and other interests in Tier 2 capital 11 Less deductions from Tier 2 capital (1,725) (1,821) (401) (1,857) Total Tier 2 capital 31,856 5, ,886 1,692 Tier Supervisory deductions Unconsolidated investments (119) (119) Other deductions (111) (171) Total deductions other than from Tier 1 capital (230) (290) Total regulatory capital 68,469 17,173 3,782 24,276 9,204 Note: (1) RBS consolidated had additional capital requirements under the Basel I transitional floor rules of 3.3 billion. RBS consolidated had capital resources which exceeded this floor of 26.6 billion. 42

44 Additional disclosures continued Past due and impaired assets Definition A credit exposure is past due when its contractual repayment is overdue by 90 days or more. A loan is impaired when there is objective evidence that events since the loan was granted have affected expected cash flows from the loan. The impairment loss is the difference between the carrying value of the loan and the present value of estimated future cash flows at the loan s original effective interest rate. Impairment loss provision methodology Provisions for impairment losses are assessed under three categories: (i) Individually assessed provisions: provisions required for individually significant impaired assets which are assessed on a case by case basis, taking into account the financial condition of the counterparty and any guarantor and collateral held after being stressed for downside risk. This incorporates an estimate of the discounted value of any recoveries and realisation of security or collateral. The asset continues to be assessed on an individual basis until it is repaid in full, transferred to the performing portfolio or written-off. (ii) Collectively assessed provisions: provisions on impaired credits below an agreed threshold which are assessed on a portfolio basis, to reflect the homogeneous nature of the assets, such as credit cards or personal loans. The provision is determined from a quantative review of the relevant portfolio, taking account of the level of arrears, security and average loss experience over the recovery period. (iii) Latent loss provisions: provisions held against the estimated impairment in the performing portfolio which have yet to be identified as at the balance sheet date. To assess the latent loss within the portfolios, the Group has developed methodologies to estimate the time that an asset can remain impaired within a performing portfolio before it is identified and reported as such. Provision analysis The Group s consumer portfolios, which consist of high volume, small value credits, have highly efficient largely automated processes for identifying problem credits in short timescales, typically three months, before resolution or adoption of various recovery methods. Corporate portfolios consist of higher value, lower volume credits, which tend to be structured to meet individual customer requirements. Provisions are assessed on a case-by-case basis by experienced specialists with input from professional valuers and accountants. The Group operates a clear provisions governance framework which sets thresholds whereby suitable oversight and challenge is undertaken and significant cases will be presented to a committee chaired by the Group Chief Executive or the Group Finance Director. Disclosure basis The following tables detailing past due and impaired assets and provisions, are presented on an IFRS basis rather than on a regulatory basis. These tables include ABN AMRO on the same basis as the 2008 Report and Accounts. Impaired exposures, past due exposures and provisions by industry sector Individual and Charge Past collective Latent to income Industry sector Impaired assets (2) due assets provisions provisions statement (1) m m m m m Agriculture and fisheries Building and construction 1, Business services Financial services 1, Manufacturing 3, ,169 1,592 Individuals 6, ,115 2,223 Power and water Property 4, ,012 1,031 Public sector and quasi government Technology, media and telecommunications Tourism and leisure Transport and storage Wholesale and retail trade 1, Latent 1, ,479 1,782 9,072 1,944 7,091 Notes: (1) Impairment losses on debt securities and equity shares totalling 981 million are excluded from above. (2) Impaired assets exclude debt securities and equity shares totalling 312 million. 43

45 Additional disclosures continued Impaired exposures, past due exposures and provisions by geographic area Individual and Charge Impaired Past collective Latent to income Geographic area (1) assets(2) due assets provisions provisions statement(3) m m m m m UK 8,733 1,201 4,360 2,641 Europe 8, ,619 2,365 North America 1, Rest of World Latent 1, ,479 1,782 9,072 1,944 7,091 Notes: (1) The analysis by geographic area is based on the location of the lender. This analysis is used for financial reporting and differs from the disclosure in the credit risk section of this document which is based on the country of incorporation of the counterparty. (2) Impaired assets exclude debt securities and equity shares totalling 312 million. (3) The charge to the income statement for debt securities and equity shares totalling 981 million is excluded from the above. Individually Collectively assessed assessed Latent Changes in the value adjustments and provisions for impaired and past due exposures provisions provisions provisions Total m m m m At 1 January 1,568 3,834 1,050 6,452 Currency translation and other adjustments 1, ,441 Disposal of subsidiaries (149) (29) (178) Transfer to disposal groups (222) (351) (194) (767) Amounts written-off (1,165) (1,983) (3,148) Recovery of amounts previously written-off Charged to the income statement (1) 3,663 2, ,091 Unwind of discount (52) (142) (194) At 31 December 4,970 4,102 1,944 11,016 Note: (1) Impairment losses on debt securities and equity shares totalling 981 million are excluded from the above. 44

46 Additional disclosures continued Non-trading book exposures in equities Definition Non-trading equity risk (NTER) is defined as the potential variation in the Group s non-trading income and reserves arising from changes in equity prices/income. This risk may crystallise during the course of normal business activities or in stressed market conditions. Objective Equity positions in the non-trading book are retained to achieve strategic objectives, support venture capital transactions, or in respect of restructuring arrangements. From an economic perspective, it is the Group s policy to ensure that equity exposures in the Group s banking book are identified, monitored and controlled, with the aim of maximising their potential strategic or business value. The risk arising from these holdings is mitigated by proper controls and identification of risk prior to investing. Policy statement The Group s high level controls report and credit risk policy manual set out the framework within which NTER is managed throughout the Group. Identification, measurement, monitoring and control Exposures are monitored and reported quarterly by Group Treasury to GALCO and the control framework is assessed on a regular basis by Group Internal Audit. Equity positions are measured at fair value. Fair value calculations are based on available market prices wherever possible. In the event that market prices are not available, fair value is based on appropriate valuation techniques or management estimates. The table below sets out the balance sheet value of the Group s non-traded equity exposures (excluding ABN AMRO and insurance/assurance companies) at December 2008, which is also fair value. Risk control framework The commercial decision to invest in equity holdings is taken by the Group Executive Management Committee, Group Credit Committee or an appropriate sub-committee within delegated authority. Investments of a strategic nature are referred to the Group Executive Management Committee for approval; those involving the purchase or sale by the Group of subsidiary companies will also require Board approval, after consideration by the Group Executive Management Committee. Balance sheet and fair value (2) Equity exposure type m Exchange-traded equity exposures 4,001 Other (3) 2,034 6,035 Notes: (1) Market price is not materially different from fair value on exchange-traded equity exposures. (2) Exposure values provided include both the standardised and IRB equities. (3) Other includes private equity. The types, nature and amounts of exchange-traded exposures, private equity exposures, and other exposures vary significantly. Such exposures may take the form of listed and unlisted equity shares, linked equity fund investments, private equity and venture capital investments, preference shares classified as equity and Federal Home Loan Stock. The following table shows the net realised and unrealised gains or losses from equities: Year ended m Net realised gains arising from disposals 62 Unrealised gains and losses included in Tier 1, 2 or 3 capital 1,447 45

47 Additional disclosures continued Interest rate risk in the banking book Definition Interest rate risk in the banking book (IRRBB) represents exposures to instruments whose values vary with the level or volatility of interest rates. These instruments include, but are not limited to, loans, debt securities, equity shares, deposits, certificates of deposits and other debt securities issued, loan capital and derivatives. Hedging instruments used to mitigate these risks include related derivatives such as options, futures, forwards and swaps. Sources Interest rate risk in the banking book arises from the Group s nontrading activities in four principal forms: (i) repricing risk: arises from differences in the repricing terms of the Group s assets and liabilities. (ii) optionality: arises where a customer has an option to exit a deal early. (iii) basis risk: arises for example where one month LIBOR is used to fund base rate assets. (iv) yield curve risk: arises as a result of non-parallel changes in the yield curve. Control framework Group Treasury is responsible for setting and monitoring the adequacy and effectiveness of the Group s IRRBB management process, using a framework that identifies, measures, monitors and controls the underlying risk. GALCO approves the Group s IRRBB appetite, expressed as statistical and non-statistical risk limits, which are delegated to the businesses responsible. The Group manages market risk in its treasury portfolios through its market risk management framework. This expresses limits based on, but not limited to, VaR, stress testing, scenario analysis and position/sensitivity analysis. Policy statement The Group s IRRBB policy statement sets out how IRRBB must be managed throughout the Group, with the aim of establishing a consistent approach to assessing IRRBB within the Group s overall control environment. From an economic perspective, it is the Group s policy to minimise the sensitivity of net accrual earnings to changes in interest rates in its retail and commercial businesses and, where interest rate risk is retained, to ensure that appropriate resources, measures and limits are applied. The scope of the policy statement is Group-wide and all business units are required to endorse and comply with the policy statement. All businesses are required to have local sub-policies that conform to the spirit of the policy statement. Such policies must be approved at local business unit asset and liability committee or equivalent and duly communicated across each business. Identification Non-trading interest rate risk is calculated in each business on the basis of establishing the repricing behaviour of each asset, liability and off balance sheet product. For many retail and commercial products, the actual interest rate repricing characteristics differ from the contractual repricing. In most cases, the repricing maturity is determined by the market interest rate that most closely fits the historical behaviour of the product. For example, residential mortgage and commercial and personal loan balances are modelled, recognising that the level of prepayment experienced is both a function of age and refinance incentive. For non-interest rate bearing current accounts, the repricing maturity is determined by the stability of the portfolio. The repricing maturities used are approved by Group Treasury and divisional asset and liability committees at least annually. Key conventions are reviewed annually by the Group Asset and Liability Committee. Measurement, monitoring and control A static maturity gap report is produced as at the month-end for each business, in each functional currency based on the behavioural repricing for each product. It is Group policy to include in the gap report, non-financial assets and liabilities, mainly property, plant and equipment and the Group s capital and reserves, spread over medium and longer term maturities. The report includes hedge transactions, principally derivatives. Any residual non-trading interest rate exposures are controlled by limiting repricing mismatches in the individual business balance sheets. Potential exposures to interest rate movements in the medium to long term are measured and controlled using a version of the same Value at Risk (VaR) methodology that is used for the Group s trading portfolios. Net accrual income exposures are measured and controlled in terms of sensitivity over time to movements in interest rates. Risk is managed within VaR limits approved by GALCO, through the execution of cash and derivative instruments. Execution of the hedging is carried out by the relevant division through the Group`s treasury functions. The residual risk position is reported to divisional asset and liability committees, GALCO and the Board. The control framework is assessed on a regular basis by Group Internal Audit. From an accounting perspective, it is the Group s policy to ensure that hedging is undertaken in such a way that minimises the profit and loss impact of having to fair value derivatives under International Financial Reporting Standards. 46

48 Additional disclosures continued The following table details interest rate VaR for the Group s non-trading activities (inclusive of ABN AMRO). Non-trading interest rate VaR m Total VaR at 70.6 Maximum VaR for the year ended Minimum VaR for the year ended 53.9 Average VaR for the year ended 75.1 A breakdown of the Group s total VaR by currency is shown below: 31 December 2008 Currency m EUR 19.0 GBP 18.3 USD 64.8 Other 4.5 Citizens Financial Group (CFG) was the main contributor to non-trading interest rate VaR. CFG manages non-trading interest rate risk with the objective of minimising accrual accounted earnings volatility. To do so it uses a variety of income simulation and valuation risk measures that more effectively capture the risk to earnings due to mortgage prepayment and competitive deposit pricing behaviour than a VaRbased methodology would. This balance sheet management approach is common for US retail banks. Interest rate risk in the banking book is managed by a professional treasury function which optimises the yield, whilst staying within approved limits on interest rate risk, liquidity and capitalisation. Mortgages, home equity loans and mortgage-backed securities comprise a large portion of CFG s assets. In the US, mortgage and home equity customers may prepay loans without penalty. However, under the requirements of FAS 133, the risk that they may do so cannot be hedged in a cost effective manner and must be born by the lender. Prepayment risk is a primary component of interest rate risk in the banking book at CFG. In addition to VaR, the following measures are reported to Citizens Asset and Liability Committee, Group Treasury, Group Asset and Liability Management Committee and the Board: The sensitivity of net accrual earnings to a variety of parallel and non-parallel movements in interest rates. Economic value of equity (EVE) sensitivity to a series of parallel movements in interest rates. EVE is only used within CFG and to meet the FSA prescribed standard shock test of +/- 200bp parallel shock. Citizens EVE is shown in the table below. Percentage increase/(decrease) in Citizens EVE 2% parallel downward 2% parallel upward movement in US movement in US interest rates (No interest rates negative rates allowed) Period end (0.7%) (19.0%) Maximum (18.2%) (20.8%) Minimum (0.7%) (4.4%) Average (12.2%) (12.6%) Note: (1) Economic value of equity (EVE) is the net present value of assets and liabilities calculated by discounting expected cash flows of each instrument over its expected life. Risk to EVE is quantified by calculating the impact of interest rate changes on the net present value of Citizens equity and is expressed as a percentage of Citizens regulatory capital. 47

49 Appendix Glossary of key terms Term Description Advanced measurement approach (AMA) In the most advanced approach to operational risk the use of internal models is permitted to calculate the operational risk minimum capital requirement. Asset Quality (AQ) Band PD banding for all counterparties on a scale of 1 to 10. Basic indicator approach (BIA) The most simplistic of the three approaches to the measurement of operational risk. Under this method a bank calculates its operational risk regulatory capital requirements by taking a single risk-weighted multiple of a three-year average of gross income to produce their regulatory capital requirements. BIPRU The Prudential Sourcebook for Banks, Building Societies and Investment Firms. Collateralised transaction A transaction for which the borrower provides assets (physical or financial) as security against part, or the whole value, of a loan. Counterparty credit risk (CCR) Counterparty credit risk (CCR) is the risk that a counterparty defaults prior to the maturity of a derivative contract. The risk may result from derivative transactions in either the trading or banking book and is subject to credit limit setting like other credit exposures. Credit grade The rating that is linked to the probability of default of a customer. Credit Grades represent points of a Grading Scale. Credit risk Potential to incur losses from the failure of a customer to meet its obligation to settle outstanding amounts. Credit risk mitigation (CRM) A means to reduce the potential loss in the event that a customer fails to settle all or part of its obligations. This includes the taking of financial or physical security, the assignment of receivables or the use of credit derivatives, guarantees, risk participations, credit insurance, set off or netting. Equity risk Risk arising from holding equity positions for investment or strategic purposes. Expected loss (EL) The product of PD, LGD and EAD. Exposure at default (EAD) An estimate of the credit utilisation, expressed in monetary terms, to a customer in the event of default within the next twelve months. It is calculated as credit utilisation plus the undrawn portion of the credit limit multiplied by a credit conversion factor. This estimate must not be lower than the current credit utilisation. E* The comprehensive (own estimates) approach used to measure adjusted exposure for cases where financial collateral is used for qualifying exposures. Guarantees An agreement by a third party to cover the potential loss to a credit institution should a specified counterparty default on their commitments. Interest rate risk (IRR) Interest rate risk is the exposure of a bank's financial condition to adverse movements in interest rates. Accepting this risk is a normal part of banking and can be an important source of profitability and shareholder value. Internal Models Method (IMM) The internal models method for calculating exposure for counterparty credit risk. IRB Approach to credit risk under which a bank may use internal estimates to generate risk components for use in their credit risk regulatory capital requirements. There are two approaches: Foundation and Advanced (including Retail). Latent loss provision Estimates the amount of good book loans meeting a loss event that have not yet been identified and reported. This provision covers the emergence period between the point of impairment, the subsequent identification of an observable impairment trigger and the raising of an impairment provision. The provision is based on a divisional incurred loss model and is not an estimate of expected future losses. Leverage The use of credit facilities, options, futures, margin trading or other financial instruments to increase the potential rate of return from an investment e.g. providing only 10% deposit and using 90% borrowed funds to purchase a property. Loss given default (LGD) An estimate of the amount that will be lost in the event that the customer defaults. The difference between exposure at default and the net amount of the expected recovery, taking into account the time value of money, when expressed as a percentage of exposure at default represents loss given default. 48

50 Appendix continued Market risk The risk of losses to on and off balance sheet positions arising from changes in market price. For instance if any individual buys shares at the current market price, the risk that they may fall in price. Mark-to-market The daily adjustment of an account to reflect profits and losses. Maturity The remaining time in years that a borrower is permitted to take to fully discharge their contractual obligation (principal, interest and fees) under the terms of a loan agreement. Minimum capital requirement The minimum amount of regulatory capital that a financial institution must hold to meet the Pillar 1 requirements for credit, market and operational risk. Model validation The process of assessing how well a credit risk model performs using a predefined set of criteria including the discriminatory power of the model, the appropriateness of the inputs and expert opinion. Netting The ability of a bank to reduce its credit risk exposures, by offsetting the value of any deposits against loans to the same counterparty. Off-balance sheet Assets/liabilities that have been committed but not yet transacted. In terms of credit risk, off balance sheet items are obligations to make loans or other payments in the future. On-balance sheet Items that appear within the bank's balance sheet e.g. loans which have actually been made. Operational risk Operational risk is the risk of financial loss or reputational impact resulting from fraud, human error, ineffective or inadequately designed processes or systems, improper behaviour, legal events or from external events. Pillar 1 Minimum capital requirements The part of the new Basel Accord, which sets out the calculations of regulatory capital requirements for credit, market and operational risk. Pillar 2 The supervisory review process The part of the new Basel Accord which sets out the process by which a bank should review its overall capital adequacy and the processes under which the supervisors evaluate how well financial institutions are assessing their risks and take appropriate actions in response to the assessments. Pillar 3 Market discipline See also Market Discipline and Disclosure. The part of the new Basel Accord, which sets out the disclosure requirements for banks to publish certain details of their risks, capital and risk management, with the aim of strengthening market discipline. Potential future exposure (PFE) An add-on to the current mark-to-market replacement cost (if positive) of a given contract to allow for future volatility in interest and/or foreign exchange rates over a specified timeframe, such as the life of the trade, or the close out period if collateralised, to a given confidence level, typically the 95th percentile. Probability of default (PD) An estimate of the likelihood, expressed as a percentage that a customer will default on their credit obligations during the next twelve month period. Qualifying Revolving Retail Exposure Facilities to retail customers that provide a revolving facility i.e. credit cards. Provision A liability where the company is uncertain as to the amount or timing of the expected future costs. Repo Repurchase agreements are agreements whereby one party to the transaction agrees to sell securities to the other and at the same time agrees to repurchase the securities at a future date for a specified price. The repurchase price will be fixed at the outset, usually being the original sale price plus an amount representing interest for the period from the sale to the repurchase. Risk weighted assets (RWA) The total of on-balance sheet assets, off-balance sheet instruments and credit utilisations calculated using an exposure measurement methodology multiplied by a risk weight. Securitisation A transaction or scheme (other than 'specialised lending') where the credit risk is tranched and payments depend upon the performance of the underlying credit exposure. Share premium account A balance sheet account represented by the difference between the price received by a company when it sells shares and the par value of those shares. SME Small and medium sized enterprises. Special purpose vehicle (SPV) Also known as special purpose entity, a company created for the sole purpose of acquiring certain assets or derivative exposures and issuing liabilities that are thereby linked solely to those assets or exposures. An SPV is designed to be 'bankruptcy remote' that is, unlikely to be subject to bankruptcy proceedings. SPVs are used to issue all kinds of asset-backed securities, as well as cash collateralised debt obligations and credit linked notes. 49

51 Appendix continued Standard industrial classification (SIC) Standardised approach Stress testing The standardised approach (TSA) Trading book Value at risk (VaR) Wrong way risks (WWR) A classification of businesses by type of economic activity. The standard method used to calculate credit risk capital requirements under Pillar 1 of Basel II. In this approach the risk weights used in the capital calculation are determined by regulators. Term describing various techniques used to gauge the potential vulnerability to exceptional but plausible events. The standardised approach to operational risk, calculated using three year historical gross income multiplied by a factor of between 12-18%, depending on the underlying business being considered. A trading book consists of positions in financial instruments and commodities held either with intent to trade, or in order to hedge other elements of the trading book. To be eligible for trading book capital treatment, financial instruments must either be free of any restrictive covenants on their tradability, or able to be hedged completely. A statistical technique designed to give an estimate of the maximum loss that could be made for a given factor of confidence over a set time horizon under normal market conditions. This type of risk occurs when exposure to a counterparty is adversely correlated with the credit quality of that counterparty. 50