For the purpose of risk management in Rabitabank, a risk management strategy and a risk policy, a risk appetite statement, an emergency plan for financial risks, as well as a risk map has been developed. Based on the mentioned documents, the bank’s internal rules and procedures have been developed, an analytical system has been established based on stress scenarios, and an emergency plan for Business sustainability has been developed.

All structures of the bank carry out their work in accordance with the bank’s existing internal risk rules and procedures.

Rabitabank pays special attention to the measures carried out for risk management. Thus, the risks are identified based on the advanced experience of foreign banks, regulatory acts of the regulatory body, the recommendations of the Basel Committee and classified into the following categories:

Potential threats to the bank’s software, systems and information infrastructure are characterized by events that could result in financial and non-financial losses to the bank.

The following methods are applied by risk management to manage IT risks:

-To evaluate IT operations and environment and analyze their impact on business;

-To develop IT risk register based on risk assessments;

-To analyze existing security systems, make changes or improvements;

-To monitor implementation of security policies, standards, rules and procedures;

-To prepare reports on the status of information security, carry out documentation and determine the degree   of damage;

Shortcomings when making decisions that determine the Bank’s operations and development strategy, as well as the risk of loss as a result of incomplete consideration of the possible risks that could threaten the Bank’s operations.

The following methods are applied by risk management to manage image risks:
- To constantly investigate the deteriorating elements of the image of the sector in which the bank operates

- To analyze the deterioration of the image of the partners of the bank

- To take informational measures against the spread of false information and rumours about the bank

- To improve communication channels and promptly deliver permanent information to the public

- To inform bank employees and constantly develop customer relations

It is the risk of damage resulting from inadequate or failed internal processes, people or systems, or external events.

The following methods are applied by risk management to manage operational risks:
- Business units, organizational activities and processes exposed to risk are identified

- Information about risks and losses on human factor, technology, etc. is collected during bank operations, classified on the basis of Basel standards and managed

- Business processes (as well as new products) are evaluated

- Monitoring is carried out on the application of the bank’s internal rules and procedures in banking

Liquidity risk is the risk arising related to maintaining liquidity at proper level to meet both operational requirements and strategic goals.
The following methods are applied by risk management to manage liquidity risks:

- Risk indicators reflecting the internal and external causes of the risk are analyzed:

- Liquidity Stress Tests and Analysis of Shock Events

- Determining the concentration in financing - Liquidity coverage, Calculation and analysis of instant liquidity and other indicators

- Distribution of payment terms and analysis of liquidity gaps

- Analysis of liquidity and payments on currencies, etc.

It is a risk arising related to the adverse change in interest rates: The Bank’s risk management identifies the causes of interest rate risk and then analyzes them.

The following methods are applied by risk management to manage interest rate risks:

To classify financial instruments according to sensitivity to changes in interest rates.

To compile the scenario of the structure of assets and liabilities for the next year;

To prepare quarterly reports(other periodic, if required) to assess the Bank’s exposure to interest rate risks;

Changes in interest rates and measurement of probable changeability

Repricing Gap Analysis  

It is the probability of causing loss because of the change in the market value of the bank’s asset as a result of volatility in foreign exchange rates, interest rates and capital (as well as market securities).

The following methods are applied by risk management to manage market risks:

Potential changes in the economy and the banking sector are investigated, and possible impacts on lending and asset-liability management are identified.

Security Risks: Changes in the value of stocks and bonds, profitability

Risk indicators reflecting internal and external causes of the risk are analyzed:

Liquidity Stress Tests and Analysis of Shock Events

Determining the concentration in financing - Liquidity coverage, Calculation and analysis of instant liquidity and other indicators

Distribution of payment terms and analysis of liquidity gaps

Analysis of liquidity and payments on currencies, etc.

It is the probability of loss due to the borrower’s failure to fulfil the obligations he/she undertook before the bank, which led to the loss of the value or depreciation of the asset.

The following methods are applied by risk management to manage credit risks:

Analysis and evaluation of the credit portfolio

Limiting and diversifying the credit portfolio based on certain factors (field, term, associated persons, region, etc.),

Application of rating and scoring models,

Classification of credits by risk rates and creation of appropriate reserves for probable losses

Portfolio exposed to risk

Expected Loss and application of its components: Probability of

Default, Loss Given Default, Recovery Rate, Roll Rate.

Conducting vintage analyzes

Application of stress test models

Conducting scenario analyzes

Construction of migration matrices and conducting analyzes

Analysis of the tracking system

Retrospective modelling and forecasts

```