Article 2: Credit Risk Governance

C 3/2024-STD يسري تنفيذه من تاريخ 30/11/2024

Board of Directors

2.1

The Board must regularly review, and approve, the Credit Risk management strategy, framework, significant policies, tolerances/limits and processes for identifying, measuring, evaluating, monitoring, reporting and controlling or mitigating Credit Risk. The Board must also ensure these are consistent with the Risk Appetite and capital strength and other relevant parameters that they set. At a minimum, it must approve the organisation of the LFI’s Credit Risk Management Functions, including the credit underwriting process, the independent review of such underwriting, the portfolio management of credit exposures and the management of distressed assets.

2.2

The Board must oversee and ensure that Senior Management is fully capable of managing the Credit Risk bearing activities conducted by the LFI and that such activities are within the Risk Appetite, strategy, policies and tolerances reviewed and approved by the Board. In addition, the Board must oversee and ensure that policies and processes are implemented effectively and fully integrated into the LFI’s overall risk management process.

2.3

The Board must ensure the comprehensive inclusion of Credit Risk and credit concentration risk in the stress testing programme for risk management purposes of the LFI.

2.4

For LFIs incorporated in the UAE, the aforementioned includes policies and processes that provide a comprehensive group-wide view of significant sources of Credit Risk and concentration risk with appropriate consideration of the LFI’s Risk Profile, nature, and size as well as the complexity of its business and structure.

2.5

The Board is responsible for ensuring that the LFI has appropriate processes, methods and systems to identify problem assets and to determine adequate provisions and reserves in accordance with the LFI’s stated policies and procedures, with the applicable accounting framework and in compliance with relevant supervisory regulations and standards.

2.6

The Board, not a Board sub-committee, must approve material Facilities including any subsequent write offs. Material Credit Facilities must be approved by the Board at least every three years. The materiality thresholds must be defined by each LFI based on its Risk Appetite and the size and creditworthiness of the facility. At a minimum, material Facilities must include the following:

a.	Any Facility leading to an exposure greater than 10% of the LFI’s Tier 1 Capital, and
b.	Any Facility granted towards a Related Party, a Related Party’s spouse, and their Group of Connected Counterparties. Board members or other members of staff must be excluded from the approval process of granting and managing transactions for which they have a conflict of interest.

2.7

For Credit Facilities below the materiality threshold defined in Article 2.6.a, the Board may assume the approval authority as outlined below or alternatively, delegate to a Board Credit Committee, which must be distinct and independent from a Board Risk Committee and Board Audit Committee. Such a committee must set appropriate thresholds and criteria for the purpose of identifying and reviewing significant Facilities that may generate a higher level of risk and may not be consistent with the Risk Appetite of the LFI. At a minimum, the approval authority for this committee must include any Credit Facility computed as the lower of the following:

a.	Any Credit Facility resulting in an exposure to an Obligor greater than 5% of the LFI’s Tier 1 Capital, or
b.	Any Credit Facility resulting in an exposure to an Obligor greater than AED 1 billion.

2.8

For branches of foreign LFIs operating in the UAE, the requirements in 2.6 and 2.7 must be fulfilled with formal approval from Senior Management or the Board outside of UAE to which the UAE based Senior Management have a formal reporting responsibility.

2.9

For Credit Facilities that do not require Board approval, the Board must define and approve a formal delegation matrix that articulates the roles and responsibilities of Senior Management for the approval of these Facilities.

2.10

In order to fulfil its oversight role, the Board and Board credit committee, if any, must regularly receive timely and appropriate information on:

a.	The credit worthiness of the LFI’s asset portfolio, material concentrations, the restructured portfolio, as well as significant individual credits, including classification of assets,
b.	The level of provisions and reserves and major problem assets.
c.	The classification of Credit Facilities, their associated provision level, the expected trend of credit quality and potential losses.
d.	The key drivers and the actions taken by the management to mitigate Credit Risk.

2.11

The information must include, at a minimum, summary results of the latest asset review process, trends related to problem assets, and measurements of existing or anticipated deterioration in asset quality and expected losses.

Senior Management

2.12

The business line heads and their direct reports are responsible to ensure robust credit underwriting consistent with the Risk Appetite of the LFI. They must act as the first line of defence against Credit Risk, which requires appropriate identification, allocation and pricing of Credit Risk.

2.13

The LFI must ensure that Credit Risk is adequately mitigated by robust underwriting, provisions, reserves and, when possible, by collateral. LFIs must have appropriate policies and processes to ensure that provisions and write-offs are timely and reflect realistic Repayment and recovery expectations, taking into account market and macroeconomic conditions and computed in compliance with the regulations, standards and generally accepted accounting principles. The CRO must form an independent opinion on the appropriateness of provisions and regularly report their view to the Board.

2.14

The Senior Management team is responsible and accountable for the implementation of the Board approved strategy and Risk Appetite and is also responsible for the day-to-day management of the LFI. Regarding Credit Risk, this includes:

a.	The robust implementation and communication of the strategic direction and principles set by the Board regarding the management of Credit Risk throughout the LFI and documented in the Credit Risk framework.
b.	The robust implementation of the Risk Appetite of the LFI within the Credit Risk framework.
c.	The acquisition, administration, underwriting and mitigation of Credit Risk within the Credit Risk framework.

2.15

The Senior Management, including the CEO, the CCO and the CRO are collectively responsible for:

a.	The development and implementation of sound and effective processes, policies, procedures and systems designed to manage Credit Risk in accordance with the Credit Risk framework approved by the Board, across the LFI’s portfolios and geographies.
b.	Ensuring that credit exposures are within levels consistent with prudential standards and internal limits.
c.	The establishment and enforcement of internal controls to ensure that exceptions to policies, procedures and limits are reported in a timely manner to the appropriate level of management for action.
d.	Additional responsibilities and roles as included in Article 4.

Control and Oversight

2.16

Internal Audit: The internal audit function is responsible to review and report on the suitability and efficiency of the implementation of the Credit Risk framework across the entire LFI, in accordance with the strategic direction set by the Board. At a minimum the scope must include the following:

a.	Material Credit Facilities (based on thresholds as formally determined by each LFI).
b.	All Wholesale Restructured Credit Facilities.
c.	The Credit Facilities for which it has been determined that no SICR has occurred, as per Article 7 of these standards. Evidence supporting the decision must be reviewed in light of relevant regulations and policies/Risk Appetite of the LFI.
d.	Material Credit Facilities classified in Stage 3, as defined in Article 9 on classification and provisioning.
e.	Any breach of this regulation and these standards.

2.17

Compliance: The compliance function must ensure that this regulation and these standards are understood, communicated and correctly followed for Credit Risk underwriting and management throughout the LFI. For this purpose, it must implement a process to review the compliance of all the internal parties involved in Credit Risk acquisition and management.

2.18

External Audit: External auditors are responsible to review and verify that classifications and provisions are accurate and comply with accounting and regulatory standards.

2.19

The LFI must at all times provide full access to all information in the credit and investment portfolios to the LFI officers involved in assuming, managing, controlling and reporting on Credit Risk.